diff --git a/pkg/karmadactl/register.go b/pkg/karmadactl/register.go index 873d4c6d6623..fb68f1bda94d 100644 --- a/pkg/karmadactl/register.go +++ b/pkg/karmadactl/register.go @@ -163,6 +163,7 @@ func NewCmdRegister(parentCommand string) *cobra.Command { flags.StringVar(&opts.ClusterNamespace, "cluster-namespace", options.DefaultKarmadaClusterNamespace, "Namespace in the control plane where member cluster secrets are stored.") flags.StringVar(&opts.ClusterProvider, "cluster-provider", "", "Provider of the joining cluster. The Karmada scheduler can use this information to spread workloads across providers for higher availability.") flags.StringVar(&opts.ClusterRegion, "cluster-region", "", "The region of the joining cluster. The Karmada scheduler can use this information to spread workloads across regions for higher availability.") + flags.BoolVar(&opts.EnableCertRotation, "enable-cert-rotation", true, "Enable means controller would rotatie certificate for karmada-agent when the certificate is about to expire.") flags.StringVar(&opts.CACertPath, "ca-cert-path", CACertPath, "The path to the SSL certificate authority used to secure comunications between member cluster and karmada-control-plane.") flags.StringVar(&opts.BootstrapToken.Token, "token", "", "For token-based discovery, the token used to validate cluster information fetched from the API server.") flags.StringSliceVar(&opts.BootstrapToken.CACertHashes, "discovery-token-ca-cert-hash", []string{}, "For token-based discovery, validate that the root CA public key matches this hash (format: \":\").") @@ -200,6 +201,8 @@ type CommandRegisterOption struct { // ClusterRegion represents the region of the cluster locate in. ClusterRegion string + EnableCertRotation bool + // CACertPath is the path to the SSL certificate authority used to // secure comunications between member cluster and karmada-control-plane. // Defaults to "/etc/karmada/pki/ca.crt". @@ -655,6 +658,7 @@ func (o *CommandRegisterOption) makeKarmadaAgentDeployment() *appsv1.Deployment fmt.Sprintf("--cluster-api-endpoint=%s", o.memberClusterEndpoint), fmt.Sprintf("--cluster-provider=%s", o.ClusterProvider), fmt.Sprintf("--cluster-region=%s", o.ClusterRegion), + fmt.Sprintf("--enable-cert-rotation=%v", o.EnableCertRotation), "--cluster-status-update-frequency=10s", "--bind-address=0.0.0.0", "--secure-port=10357",