richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3912 Commits
33 Branches
82 Tags
153 MiB
Tree: af5e05d08d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'af5e05d08d'
${ noResults }
kubespray/roles/kubernetes/secrets/templates/openssl-node.conf.j2

20 lines
993 B
Raw Normal View History

Add DNS entries to node certs (#3710)
6 years ago
Create certificates for each node too (#3698)
6 years ago
Add DNS entries to node certs (#3710)
6 years ago
Create certificates for each node too (#3698)
6 years ago
  1. {% set counter = {'dns': 6,'ip': 1,} %}{% macro increment(dct, key, inc=1)%}{% if dct.update({key: dct[key] + inc}) %} {% endif %}{% endmacro %}[req]
  2. req_extensions = v3_req
  3. distinguished_name = req_distinguished_name
  4. [req_distinguished_name]
  5. [ v3_req ]
  6. basicConstraints = CA:FALSE
  7. keyUsage = nonRepudiation, digitalSignature, keyEncipherment
  8. subjectAltName = @alt_names
  9. [alt_names]
  10. DNS.1 = kubernetes
  11. DNS.2 = kubernetes.default
  12. DNS.3 = kubernetes.default.svc
  13. DNS.4 = kubernetes.default.svc.{{ dns_domain }}
  14. DNS.5 = localhost
  15. DNS.{{ counter["dns"] }} = {{ inventory_hostname }}{{ increment(counter, 'dns') }}
  16. {% if hostvars[inventory_hostname]['access_ip'] is defined %}
  17. IP.{{ counter["ip"] }} = {{ hostvars[inventory_hostname]['access_ip'] }}{{ increment(counter, 'ip') }}
  18. {% endif %}
  19. IP.{{ counter["ip"] }} = {{ hostvars[inventory_hostname]['ip'] | default(hostvars[inventory_hostname]['ansible_default_ipv4']['address']) }}{{ increment(counter, 'ip') }}
  20. IP.{{ counter["ip"] }} = 127.0.0.1