epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-04 09:58:20 +03:00
Code Issues Packages Projects Releases Wiki Activity

basic rbac support

Browse Source
This commit is contained in:
jwfang
2017-06-27 12:27:25 +08:00
parent b495d36fa5
commit 092bf07cbf
27 changed files with 374 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
roles/kubernetes/secrets/tasks/gen_certs_script.yml
View File

@@ -56,24 +56,39 @@
- set_fact:
all_master_certs: "['ca-key.pem',
'apiserver.pem',
'apiserver-key.pem',
'kube-scheduler.pem',
'kube-scheduler-key.pem',
'kube-controller-manager.pem',
'kube-controller-manager-key.pem',
{% for node in groups['kube-master'] %}
'admin-{{ node }}.pem',
'admin-{{ node }}-key.pem',
'apiserver.pem',
'apiserver-key.pem',
{% endfor %}]"
my_master_certs: ['ca-key.pem',
'admin-{{ inventory_hostname }}.pem',
'admin-{{ inventory_hostname }}-key.pem',
'apiserver.pem',
'apiserver-key.pem'
'apiserver-key.pem',
'kube-scheduler.pem',
'kube-scheduler-key.pem',
'kube-controller-manager.pem',
'kube-controller-manager-key.pem',
]
all_node_certs: "['ca.pem',
{% for node in groups['k8s-cluster'] %}
'node-{{ node }}.pem',
'node-{{ node }}-key.pem',
'kube-proxy-{{ node }}.pem',
'kube-proxy-{{ node }}-key.pem',
{% endfor %}]"
my_node_certs: ['ca.pem', 'node-{{ inventory_hostname }}.pem', 'node-{{ inventory_hostname }}-key.pem']
my_node_certs: ['ca.pem',
'node-{{ inventory_hostname }}.pem',
'node-{{ inventory_hostname }}-key.pem',
'kube-proxy-{{ inventory_hostname }}.pem',
'kube-proxy-{{ inventory_hostname }}-key.pem',
]
tags: facts
- name: Gen_certs | Gather master certs