External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-05-22 00:07:45 -02:30
Code Issues Packages Projects Releases Wiki Activity

Use find module for checking for certificates

Browse Source 
Also generate certs only when absent on master (rather than
when absent on target node)
This commit is contained in:
Matthew Mosesohn
2017-03-03 16:21:01 +03:00
parent a5cd73d047
commit d176818c44
4 changed files with 121 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/kubernetes/secrets/tasks/gen_certs_script.yml
View File

@@ -40,12 +40,12 @@
command: "{{ kube_script_dir }}/make-ssl.sh -f {{ kube_config_dir }}/openssl.conf -d {{ kube_cert_dir }}"
environment:
- MASTERS: "{% for m in groups['kube-master'] %}
{% if hostvars[m].sync_certs|default(true) %}
{% if gen_node_certs[m]|default(false) %}
{{ m }}
{% endif %}
{% endfor %}"
- HOSTS: "{% for h in groups['k8s-cluster'] %}
{% if hostvars[h].sync_certs|default(true) %}
{% if gen_node_certs[h]|default(true) %}
{{ h }}
{% endif %}
{% endfor %}"