richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
583 Commits
29 Branches
80 Tags
156 MiB
Tree: b3282cd0bb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b3282cd0bb'
${ noResults }
kubespray/roles/kubernetes/secrets/tasks/gen_tokens.yml

62 lines
2.0 KiB
Raw Normal View History

generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on first master
8 years ago
fixes the certs issue when masters or not in the kube-node group
8 years ago
generate secrets on first master
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on first master
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
generate secrets on first master
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
generate secrets on first master
8 years ago
fixes the certs issue when masters or not in the kube-node group
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on first master
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
generate secrets on first master
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
generate secrets on first master
8 years ago
fixes the certs issue when masters or not in the kube-node group
8 years ago
generate secrets on first master
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on first master
8 years ago
fixes the certs issue when masters or not in the kube-node group
8 years ago
generate secrets on first master
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on first master
8 years ago
fixes the certs issue when masters or not in the kube-node group
8 years ago
generate secrets on first master
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
fix flannel deployment, remove docker bridge before restarting
8 years ago
generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
generate secrets on first master
8 years ago
s/sync_certs/sync_tokens
8 years ago
generate secrets on first master
8 years ago
  1. ---
  2. - name: Gen_tokens | copy tokens generation script
  3. copy:
  4. src: "kube-gen-token.sh"
  5. dest: "{{ kube_script_dir }}/kube-gen-token.sh"
  6. mode: 0700
  7. run_once: yes
  8. delegate_to: "{{groups['kube-master'][0]}}"
  9. when: gen_tokens|default(false)
  11. - name: Gen_tokens | generate tokens for master components
  12. command: "{{ kube_script_dir }}/kube-gen-token.sh {{ item[0] }}-{{ item[1] }}"
  13. environment:
  14. TOKEN_DIR: "{{ kube_token_dir }}"
  15. with_nested:
  16. - [ "system:kubectl" ]
  17. - "{{ groups['kube-master'] }}"
  18. register: gentoken_master
  19. changed_when: "'Added' in gentoken_master.stdout"
  20. notify: set secret_changed
  21. run_once: yes
  22. delegate_to: "{{groups['kube-master'][0]}}"
  23. when: gen_tokens|default(false)
  25. - name: Gen_tokens | generate tokens for node components
  26. command: "{{ kube_script_dir }}/kube-gen-token.sh {{ item[0] }}-{{ item[1] }}"
  27. environment:
  28. TOKEN_DIR: "{{ kube_token_dir }}"
  29. with_nested:
  30. - [ 'system:kubelet' ]
  31. - "{{ groups['kube-node'] }}"
  32. register: gentoken_node
  33. changed_when: "'Added' in gentoken_node.stdout"
  34. notify: set secret_changed
  35. run_once: yes
  36. delegate_to: "{{groups['kube-master'][0]}}"
  37. when: gen_tokens|default(false)
  39. - name: Gen_tokens | Get list of tokens from first master
  40. shell: "(find {{ kube_token_dir }} -maxdepth 1 -type f)"
  41. register: tokens_list
  42. changed_when: false
  43. delegate_to: "{{groups['kube-master'][0]}}"
  44. when: sync_tokens|default(false)
  46. - name: Gen_tokens | Get the tokens from first master
  47. slurp:
  48. src: "{{ item }}"
  49. register: slurp_tokens
  50. with_items: '{{tokens_list.stdout_lines}}'
  51. run_once: true
  52. delegate_to: "{{groups['kube-master'][0]}}"
  53. when: sync_tokens|default(false)
  54. notify: set secret_changed
  56. - name: Gen_tokens | Copy tokens on masters
  57. copy:
  58. content: "{{ item.content|b64decode }}"
  59. dest: "{{ item.source }}"
  60. with_items: '{{slurp_tokens.results}}'
  61. when: inventory_hostname in groups['kube-master'] and sync_tokens|default(false) and
  62. inventory_hostname != groups['kube-master'][0]