Individual etcd ssl certs

Includes hooks for triggering calico, kubelet, and kube-apiserver restarts
if etcd certs changed.

roles/network_plugin/calico/templates/cni-calico.conf.j2

@@ -5,8 +5,8 @@
 {% endif %}
   "type": "calico",
   "etcd_endpoints": "{{ etcd_access_endpoint }}",
-  "etcd_cert_file": "{{ etcd_cert_dir }}/node.pem",
-  "etcd_key_file": "{{ etcd_cert_dir }}/node-key.pem",
+  "etcd_cert_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem",
+  "etcd_key_file": "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem",
   "etcd_ca_cert_file": "{{ etcd_cert_dir }}/ca.pem",
   "log_level": "info",
   "ipam": {