External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-16 02:30:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

Fixup kubelet.conf to point to kubelet-client-current.pem (#7347)

Browse Source 
c9c0c01de0 only fix the problem for new clusters

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
This commit is contained in:
Etienne Champetier
2021-03-09 02:55:00 -05:00
committed by GitHub
parent b07c5966a6
commit 14b63ede8c
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
roles/kubernetes/control-plane/tasks/kubelet-fix-client-cert-rotation.yml Normal file
View File

@@ -0,0 +1,18 @@
---
- name: Fixup kubelet client cert rotation 1/2
lineinfile:
path: "{{ kube_config_dir }}/kubelet.conf"
regexp: '^ client-certificate-data: '
line: ' client-certificate: /var/lib/kubelet/pki/kubelet-client-current.pem'
backup: yes
notify:
- "Master | reload kubelet"
- name: Fixup kubelet client cert rotation 2/2
lineinfile:
path: "{{ kube_config_dir }}/kubelet.conf"
regexp: '^ client-key-data: '
line: ' client-key: /var/lib/kubelet/pki/kubelet-client-current.pem'
backup: yes
notify:
- "Master | reload kubelet"

4
roles/kubernetes/control-plane/tasks/main.yml
View File

@@ -62,3 +62,7 @@
- name: Include kubeadm secondary server apiserver fixes - name: Include kubeadm secondary server apiserver fixes
include_tasks: kubeadm-fix-apiserver.yml include_tasks: kubeadm-fix-apiserver.yml
- name: Include kubelet client cert rotation fixes
include_tasks: kubelet-fix-client-cert-rotation.yml
when: kubelet_rotate_certificates