epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-28 09:39:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Enable external CA mode for control-plane deployment (#8620)

Browse Source
This commit is contained in:
Julien Le Fur
2022-04-12 14:47:23 +02:00
committed by GitHub
parent d7254eead6
commit 30306d6ec7
4 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml
View File

@@ -19,6 +19,7 @@
register: kubeadm_upload_cert
when:
- inventory_hostname == first_kube_control_plane
- not kube_external_ca_mode
- name: Parse certificate key if not set
set_fact:
@@ -49,11 +50,20 @@
debug:
msg: "{{ kubeadm_already_run.stat.exists }}"
- name: Joining control plane node to the cluster.
- name: Reset cert directory
shell: >-
if [ -f /etc/kubernetes/manifests/kube-apiserver.yaml ]; then
{{ bin_dir }}/kubeadm reset -f --cert-dir {{ kube_cert_dir }};
fi &&
fi
environment:
PATH: "{{ bin_dir }}:{{ ansible_env.PATH }}"
when:
- inventory_hostname != first_kube_control_plane
- kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists
- not kube_external_ca_mode
- name: Joining control plane node to the cluster.
command: >-
{{ bin_dir }}/kubeadm join
--config {{ kube_config_dir }}/kubeadm-controlplane.yaml
--ignore-preflight-errors=all