|
|
|
@ -5,12 +5,6 @@ |
|
|
|
- k8s-gen-certs |
|
|
|
- facts |
|
|
|
|
|
|
|
- import_tasks: check-tokens.yml |
|
|
|
tags: |
|
|
|
- k8s-secrets |
|
|
|
- k8s-gen-tokens |
|
|
|
- facts |
|
|
|
|
|
|
|
- name: Make sure the certificate directory exits |
|
|
|
file: |
|
|
|
path: "{{ kube_cert_dir }}" |
|
|
|
@ -18,13 +12,6 @@ |
|
|
|
mode: o-rwx |
|
|
|
group: "{{ kube_cert_group }}" |
|
|
|
|
|
|
|
- name: Make sure the tokens directory exits |
|
|
|
file: |
|
|
|
path: "{{ kube_token_dir }}" |
|
|
|
state: directory |
|
|
|
mode: o-rwx |
|
|
|
group: "{{ kube_cert_group }}" |
|
|
|
|
|
|
|
# |
|
|
|
# The following directory creates make sure that the directories |
|
|
|
# exist on the first master for cases where the first master isn't |
|
|
|
@ -37,7 +24,7 @@ |
|
|
|
owner: kube |
|
|
|
run_once: yes |
|
|
|
delegate_to: "{{groups['kube-master'][0]}}" |
|
|
|
when: gen_certs|default(false) or gen_tokens|default(false) |
|
|
|
when: gen_certs|default(false) |
|
|
|
tags: |
|
|
|
- kubelet |
|
|
|
- k8s-secrets |
|
|
|
@ -55,20 +42,10 @@ |
|
|
|
owner: kube |
|
|
|
run_once: yes |
|
|
|
delegate_to: "{{groups['kube-master'][0]}}" |
|
|
|
when: gen_certs|default(false) or gen_tokens|default(false) |
|
|
|
when: gen_certs|default(false) |
|
|
|
tags: |
|
|
|
- k8s-secrets |
|
|
|
|
|
|
|
- name: "Get_tokens | Make sure the tokens directory exits (on {{groups['kube-master'][0]}})" |
|
|
|
file: |
|
|
|
path: "{{ kube_token_dir }}" |
|
|
|
state: directory |
|
|
|
mode: o-rwx |
|
|
|
group: "{{ kube_cert_group }}" |
|
|
|
run_once: yes |
|
|
|
delegate_to: "{{groups['kube-master'][0]}}" |
|
|
|
when: gen_tokens|default(false) |
|
|
|
|
|
|
|
- include_tasks: "gen_certs_script.yml" |
|
|
|
when: |
|
|
|
- cert_management |d('script') == 'script' |
|
|
|
@ -130,8 +107,3 @@ |
|
|
|
- kubelet |
|
|
|
- node |
|
|
|
- kube-proxy |
|
|
|
|
|
|
|
- import_tasks: gen_tokens.yml |
|
|
|
tags: |
|
|
|
- k8s-secrets |
|
|
|
- k8s-gen-tokens |
Andreas Krüger
6 years ago
Kubernetes Prow Robot