Fix calico-rr to use etcd certs instead of kube certs

2026-02-22 13:36:06 -03:30 · 2016-12-23 19:25:37 +03:00
parent 36a5143478
commit 6d9cd2d720
5 changed files with 16 additions and 17 deletions
--- a/roles/kubernetes/secrets/tasks/gen_certs.yml
+++ b/roles/kubernetes/secrets/tasks/gen_certs.yml
@@ -51,10 +51,9 @@
 - name: Gen_certs | Copy certs on nodes
  shell: "echo '{{node_cert_data.stdout|quote}}' | base64 -d | tar xz -C {{ kube_cert_dir }}"
  changed_when: false
-  when: (inventory_hostname in groups['kube-node'] or
-           (peer_with_calico_rr and inventory_hostname in groups['calico-rr'])) and
-         sync_certs|default(false) and
-         inventory_hostname != groups['kube-master'][0]
+  when: inventory_hostname in groups['kube-node'] and
+        sync_certs|default(false) and
+        inventory_hostname != groups['kube-master'][0]

 - name: Gen_certs | check certificate permissions
  file: