richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
415 Commits
29 Branches
81 Tags
150 MiB
Tree: e8aec5f4f0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e8aec5f4f0'
${ noResults }
kubespray/roles/kubernetes/secrets/tasks/gen_tokens.yml

30 lines
981 B
Raw Normal View History

generate secrets on deployment machine test travis with sudo=true instead of required
8 years ago
  1. ---
  2. - name: tokens | generate tokens for master components
  3. sudo: False
  4. local_action: command "{{ role_path }}/scripts/kube-gen-token.sh" "{{ item[0] }}-{{ item[1] }}"
  5. environment:
  6. TOKEN_DIR: "{{ role_path }}/files/tokens"
  7. with_nested:
  8. - [ "system:kubectl" ]
  9. - "{{ groups['kube-master'] }}"
  10. register: gentoken_master
  11. changed_when: "'Added' in gentoken_master.stdout"
  12. notify: set secret_changed
  14. - name: tokens | generate tokens for node components
  15. sudo: False
  16. local_action: command "{{ role_path }}/scripts/kube-gen-token.sh" "{{ item[0] }}-{{ item[1] }}"
  17. environment:
  18. TOKEN_DIR: "{{ role_path }}/files/tokens"
  19. with_nested:
  20. - [ 'system:kubelet' ]
  21. - "{{ groups['kube-node'] }}"
  22. register: gentoken_node
  23. changed_when: "'Added' in gentoken_node.stdout"
  24. notify: set secret_changed
  26. - name: tokens | Copy tokens on master
  27. copy:
  28. src: "tokens"
  29. dest: "/etc/kubernetes"
  30. when: inventory_hostname in "{{ groups['kube-master'] }}"