epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-28 09:39:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add support for cert alt names for etcd (#2139)

Browse Source 
* Add support for cert alt names for etcd

* Update gen_certs_vault.yml
This commit is contained in:
Matthew Mosesohn
2018-01-09 14:37:34 +03:00
committed by GitHub
parent fd04c14260
commit 1401286910
3 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
roles/etcd/defaults/main.yml
View File

@@ -8,6 +8,13 @@ etcd_data_dir: "/var/lib/etcd"
etcd_config_dir: /etc/ssl/etcd
etcd_cert_dir: "{{ etcd_config_dir }}/ssl"
etcd_cert_group: root
# Note: This does not set up DNS entries. It simply adds the following DNS
# entries to the certificate
etcd_cert_alt_names:
- "etcd.{{ system_namespace }}.svc.{{ dns_domain }}"
- "etcd.{{ system_namespace }}.svc"
- "etcd.{{ system_namespace }}"
- "etcd"
etcd_script_dir: "{{ bin_dir }}/etcd-scripts"