External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-04-07 02:59:24 -02:30
Code Issues Packages Projects Releases Wiki Activity

Master and nodes will run the 'node' role, kube-proxy is run under a container, new script for ssl certs

Browse Source
This commit is contained in:
Smaine Kahlouch
2015-12-11 11:32:13 +01:00
parent 3014dfef24
commit d1e19563b0
26 changed files with 319 additions and 374 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
roles/kubernetes/node/templates/openssl.conf.j2 Normal file
View File

@@ -0,0 +1,21 @@
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = kubernetes
DNS.2 = kubernetes.default
DNS.3 = kubernetes.default.svc.{{ dns_domain }}
{% for host in groups['kube-master'] %}
IP.{{ loop.index }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}
{% endfor %}
{% set idx = groups['kube-master'] | length | int + 1 %}
IP.{{ idx | string }} = {{ kube_apiserver_ip }}
{% if kube_loadbalancer_ip is defined | default('') %}
{% set idx = idx | int + 1 %}
IP.{{ idx | string }} = {{ kube_loadbalancer }}
{% endif %}