Fixed generate front proxy client certs with vault (#2359)

* Fixed generate front proxy client certs with vault * fix vault cert management * Distrebute etcd node certs to vault hosts
2026-03-10 04:08:02 +03:00 · 2018-02-22 15:08:50 +03:00
parent 42a0f46268
commit ba91304636
4 changed files with 24 additions and 4 deletions
--- a/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
+++ b/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
@@ -116,6 +116,6 @@
    issue_cert_role: front-proxy-client
    issue_cert_url: "{{ hostvars[groups.vault|first]['vault_leader_url'] }}"
    issue_cert_mount_path: "{{ kube_vault_mount_path }}"
-  with_items: "{{ kube_master_components_certs_needed|d([]) }}"
+  with_items: "{{ kube_front_proxy_clients_certs_needed|d([]) }}"
  when: inventory_hostname in groups['kube-master']
  notify: set secret_changed