External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-17 17:07:36 -02:30
Code Issues Packages Projects Releases Wiki Activity

Fix etcd ssl for canal

Browse Source 
- Move CNI configuration from `kubernetes/node` role to
`network_plugin/canal`
- Create SSL dir for Canal and symlink etcd SSL files
- Add needed options to `canal-config` configmap
- Run flannel and calico-node containers with proper configuration
This commit is contained in:
Aleksandr Didenko
2016-11-14 13:03:54 +01:00
parent f6233ffc9a
commit caa81f3ac2
6 changed files with 73 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
roles/network_plugin/canal/tasks/main.yml
View File

@@ -1,4 +1,28 @@
---
- name: Canal | Write Canal cni config
template:
src: "cni-canal.conf.j2"
dest: "/etc/cni/net.d/10-canal.conf"
owner: kube
- name: Canal | Create canal certs directory
file:
dest: "{{ canal_cert_dir }}"
state: directory
mode: 0750
owner: root
group: root
- name: Canal | Link etcd certificates for canal-node
file:
src: "{{ etcd_cert_dir }}/{{ item.s }}"
dest: "{{ canal_cert_dir }}/{{ item.d }}"
state: hard
with_items:
- {s: "ca.pem", d: "ca_cert.crt"}
- {s: "node.pem", d: "cert.crt"}
- {s: "node-key.pem", d: "key.pem"}
- name: Canal | Set Flannel etcd configuration
command: |-
{{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} \