diff --git a/pkg/cloud/aws/assets/deployment.yaml b/pkg/cloud/aws/assets/deployment.yaml index c66a25171..1cab67a22 100644 --- a/pkg/cloud/aws/assets/deployment.yaml +++ b/pkg/cloud/aws/assets/deployment.yaml @@ -42,6 +42,8 @@ spec: --leader-elect-lease-duration=137s \ --leader-elect-renew-deadline=107s \ --leader-elect-retry-period=26s \ + --webhooks=* \ + --feature-gates=CloudControllerManagerWebhook=true \ --leader-elect-resource-namespace=openshift-cloud-controller-manager \ {{- if .tlsCipherSuites }} --tls-cipher-suites={{ .tlsCipherSuites }} \ @@ -49,7 +51,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 \ + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} \ + {{- end }} -v=2 env: - name: CLOUD_CONFIG diff --git a/pkg/cloud/azure/assets/cloud-controller-manager-deployment.yaml b/pkg/cloud/azure/assets/cloud-controller-manager-deployment.yaml index 23cd657e9..6df2dea8a 100644 --- a/pkg/cloud/azure/assets/cloud-controller-manager-deployment.yaml +++ b/pkg/cloud/azure/assets/cloud-controller-manager-deployment.yaml @@ -128,7 +128,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: host-etc-kube diff --git a/pkg/cloud/azurestack/assets/cloud-controller-manager-deployment.yaml b/pkg/cloud/azurestack/assets/cloud-controller-manager-deployment.yaml index 6639c0395..ec4668f15 100644 --- a/pkg/cloud/azurestack/assets/cloud-controller-manager-deployment.yaml +++ b/pkg/cloud/azurestack/assets/cloud-controller-manager-deployment.yaml @@ -120,7 +120,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: host-etc-kube diff --git a/pkg/cloud/gcp/assets/cloud-controller-manager.yaml b/pkg/cloud/gcp/assets/cloud-controller-manager.yaml index f28ce5ec8..97344f821 100644 --- a/pkg/cloud/gcp/assets/cloud-controller-manager.yaml +++ b/pkg/cloud/gcp/assets/cloud-controller-manager.yaml @@ -102,7 +102,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: host-etc-kube diff --git a/pkg/cloud/ibm/assets/deployment.yaml b/pkg/cloud/ibm/assets/deployment.yaml index 508078e58..7df25d52f 100644 --- a/pkg/cloud/ibm/assets/deployment.yaml +++ b/pkg/cloud/ibm/assets/deployment.yaml @@ -90,6 +90,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} \ + {{- end }} --v=2 livenessProbe: failureThreshold: 3 diff --git a/pkg/cloud/nutanix/assets/cloud-controller-manager-deployment.yaml b/pkg/cloud/nutanix/assets/cloud-controller-manager-deployment.yaml index fd44d2f9e..e837de05f 100644 --- a/pkg/cloud/nutanix/assets/cloud-controller-manager-deployment.yaml +++ b/pkg/cloud/nutanix/assets/cloud-controller-manager-deployment.yaml @@ -104,7 +104,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: nutanix-config diff --git a/pkg/cloud/openstack/assets/deployment.yaml b/pkg/cloud/openstack/assets/deployment.yaml index 9ca468fbc..307091185 100644 --- a/pkg/cloud/openstack/assets/deployment.yaml +++ b/pkg/cloud/openstack/assets/deployment.yaml @@ -85,7 +85,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} ports: - containerPort: 10258 name: https diff --git a/pkg/cloud/powervs/assets/deployment.yaml b/pkg/cloud/powervs/assets/deployment.yaml index b56a23cd2..0442d61cd 100644 --- a/pkg/cloud/powervs/assets/deployment.yaml +++ b/pkg/cloud/powervs/assets/deployment.yaml @@ -89,6 +89,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} \ + {{- end }} --v=2 livenessProbe: httpGet: diff --git a/pkg/cloud/vsphere/assets/cloud-controller-manager-deployment.yaml b/pkg/cloud/vsphere/assets/cloud-controller-manager-deployment.yaml index 3da0b41fc..508008599 100644 --- a/pkg/cloud/vsphere/assets/cloud-controller-manager-deployment.yaml +++ b/pkg/cloud/vsphere/assets/cloud-controller-manager-deployment.yaml @@ -111,7 +111,12 @@ spec: {{- if .tlsMinVersion }} --tls-min-version={{ .tlsMinVersion }} \ {{- end }} - --secure-port=0 + {{- if .tlsCipherSuites }} + --webhook-tls-cipher-suites={{ .tlsCipherSuites }} \ + {{- end }} + {{- if .tlsMinVersion }} + --webhook-tls-min-version={{ .tlsMinVersion }} + {{- end }} terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: host-etc-kube