External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-03 10:38:19 -03:30
Code Issues Packages Projects Releases Wiki Activity

etcd: ability to enable/disable ETCD_PEER_CLIENT_CERT_AUTH

Browse Source 
Some installation are failing to authenticate with peers due to
etcd picking up/resoling the wrong node.

By setting 'etcd_peer_client_auth' to "False" you can disable peer client cert
authentication.

Signed-off-by: Sébastien Han <seb@redhat.com>
This commit is contained in:
Sébastien Han
2018-01-11 19:07:43 +01:00
parent f4fe9e3421
commit fa8a128e49
3 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/etcd/defaults/main.yml
View File

@@ -40,3 +40,6 @@ etcd_vault_mount_path: etcd
# Force clients like etcdctl to use TLS certs (different than peer security)
etcd_secure_client: true
# Enable peer client cert authentication
etcd_peer_client_auth: true