epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-08 02:58:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Move cluster roles and system namespace to new role

Browse Source 
This should be done after kubeconfig is set for admin and
before network plugins are up.
This commit is contained in:
Matthew Mosesohn
2017-10-26 09:10:33 +01:00
parent 86fb669fd3
commit ec53b8b66a
10 changed files with 64 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
roles/kubernetes-apps/ansible/tasks/main.yml
View File

@@ -5,26 +5,9 @@
register: result
until: result.status == 200
retries: 10
delay: 6
delay: 2
when: inventory_hostname == groups['kube-master'][0]
- name: Kubernetes Apps | Add ClusterRoleBinding to admit nodes
template:
src: "node-crb.yml.j2"
dest: "{{ kube_config_dir }}/node-crb.yml"
register: node_crb_manifest
when: rbac_enabled
- name: Apply workaround to allow all nodes with cert O=system:nodes to register
kube:
name: "system:node"
kubectl: "{{bin_dir}}/kubectl"
resource: "clusterrolebinding"
filename: "{{ kube_config_dir }}/node-crb.yml"
when:
- rbac_enabled
- node_crb_manifest.changed
- name: Kubernetes Apps | Delete old kubedns resources
kube:
name: "kubedns"