epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-09 19:58:07 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixes the certs issue when masters or not in the kube-node group

Browse Source
This commit is contained in:
Smana
2016-05-12 10:07:34 +02:00
parent ed95f9ab81
commit 1884d89d3b
2 changed files with 16 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
roles/kubernetes/secrets/tasks/gen_certs.yml
View File

@@ -4,7 +4,8 @@
src: "openssl.conf.j2"
dest: "{{ kube_config_dir }}/openssl.conf"
run_once: yes
when: inventory_hostname == groups['kube-master'][0] and gen_certs|default(false)
delegate_to: "{{groups['kube-master'][0]}}"
when: gen_certs|default(false)
- name: certs | copy certs generation script
copy:
@@ -12,12 +13,14 @@
dest: "{{ kube_script_dir }}/make-ssl.sh"
mode: 0700
run_once: yes
when: inventory_hostname == groups['kube-master'][0] and gen_certs|default(false)
delegate_to: "{{groups['kube-master'][0]}}"
when: gen_certs|default(false)
- name: certs | run cert generation script
command: "{{ kube_script_dir }}/make-ssl.sh -f {{ kube_config_dir }}/openssl.conf -d {{ kube_cert_dir }}"
run_once: yes
when: inventory_hostname == groups['kube-master'][0] and gen_certs|default(false)
delegate_to: "{{groups['kube-master'][0]}}"
when: gen_certs|default(false)
notify: set secret_changed
- set_fact: