mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-02-16 10:40:04 -03:30
Remove vault (#7400)
* Remove contrib/vault This is marked as broken since 2018 /3dcb914607This still reference apiserver.pem, not used sinceddffdb63bfSigned-off-by: Etienne Champetier <e.champetier@ateme.com> * Finish nuking vault from the codebase Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
This commit is contained in:
committed by
GitHub
parent
8655b92e93
commit
f0cdf71ccb
@@ -55,7 +55,7 @@ etcd_memory_limit: "{% if ansible_memtotal_mb < 4096 %}512M{% else %}0{% endif %
|
||||
|
||||
etcd_blkio_weight: 1000
|
||||
|
||||
etcd_node_cert_hosts: "{{ groups['k8s-cluster'] | union(groups.get('calico-rr', [])) | union(groups.get('vault', [])) }}"
|
||||
etcd_node_cert_hosts: "{{ groups['k8s-cluster'] | union(groups.get('calico-rr', [])) }}"
|
||||
|
||||
etcd_compaction_retention: "8"
|
||||
|
||||
|
||||
@@ -251,13 +251,6 @@
|
||||
when: kube_proxy_mode is defined
|
||||
run_once: true
|
||||
|
||||
- name: Stop if vault is chose
|
||||
assert:
|
||||
that: cert_management != 'vault'
|
||||
msg: "Support for vault have been removed, please use 'script' or 'none'"
|
||||
when: cert_management is defined
|
||||
run_once: true
|
||||
|
||||
- name: Stop if unknown cert_management
|
||||
assert:
|
||||
that: cert_management|d('script') in ['script', 'none']
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
state: stopped
|
||||
with_items:
|
||||
- kubelet
|
||||
- vault
|
||||
failed_when: false
|
||||
tags:
|
||||
- services
|
||||
@@ -16,11 +15,9 @@
|
||||
state: absent
|
||||
with_items:
|
||||
- kubelet.service
|
||||
- vault.service
|
||||
- calico-node.service
|
||||
- containerd.service.d/http-proxy.conf
|
||||
- crio.service.d/http-proxy.conf
|
||||
- vault.service.d/http-proxy.conf
|
||||
- k8s-certs-renew.service
|
||||
- k8s-certs-renew.timer
|
||||
register: services_removed
|
||||
@@ -270,14 +267,10 @@
|
||||
- /run/kubernetes
|
||||
- /usr/local/share/ca-certificates/etcd-ca.crt
|
||||
- /usr/local/share/ca-certificates/kube-ca.crt
|
||||
- /usr/local/share/ca-certificates/vault-ca.crt
|
||||
- /etc/ssl/certs/etcd-ca.pem
|
||||
- /etc/ssl/certs/kube-ca.pem
|
||||
- /etc/ssl/certs/vault-ca.crt
|
||||
- /etc/pki/ca-trust/source/anchors/etcd-ca.crt
|
||||
- /etc/pki/ca-trust/source/anchors/kube-ca.crt
|
||||
- /etc/pki/ca-trust/source/anchors/vault-ca.crt
|
||||
- /etc/vault
|
||||
- /var/log/pods/
|
||||
- "{{ bin_dir }}/kubelet"
|
||||
- "{{ bin_dir }}/etcd-scripts"
|
||||
|
||||
Reference in New Issue
Block a user