External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-02 10:08:13 -03:30
Code Issues Packages Projects Releases Wiki Activity

Auto renew control plane certificates (#7358)

Browse Source 
While at it remove force_certificate_regeneration
This boolean only forced the renewal of the apiserver certs
Either manually use k8s-certs-renew.sh or set auto_renew_certificates

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
(cherry picked from commit efa180392b)

Conflicts:
	roles/kubernetes/master/templates/k8s-certs-renew.service.j2
	roles/kubernetes/master/templates/k8s-certs-renew.sh.j2
	roles/kubernetes/master/templates/k8s-certs-renew.timer.j2
This commit is contained in:
Etienne Champetier
2021-03-22 14:22:48 -04:00
committed by Kubernetes Prow Robot
parent 4e52da6a35
commit b19d109a12
8 changed files with 73 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
View File

@@ -310,5 +310,6 @@ persistent_volumes_enabled: false
## Amount of time to retain events. (default 1h0m0s)
event_ttl_duration: "1h0m0s"
## Force regeneration of kubernetes control plane certificates without the need of bumping the cluster version
force_certificate_regeneration: false
## Automatically renew K8S control plane certificates on first Monday of each month
auto_renew_certificates: false