Browse Source

[kubeconfig] generate admin kube config from /etc/kubernetes/admin.conf instead of the workaround of using kubeadm init phase kubeadm admin which fails with cri-dockerd

pull/8978/head
Calin Cristian Andrei 2 years ago
committed by Kubernetes Prow Robot
parent
commit
6380483e8b
1 changed files with 5 additions and 22 deletions
  1. 27
      roles/kubernetes/client/tasks/main.yml

27
roles/kubernetes/client/tasks/main.yml

@ -49,33 +49,16 @@
port: "{{ kube_apiserver_port }}" port: "{{ kube_apiserver_port }}"
timeout: 180 timeout: 180
- name: Create external_kubeconfig dir
file:
path: "{{ kube_config_dir }}/external_kubeconfig"
mode: "0750"
state: directory
when: kubeconfig_localhost
# NOTE(mattymo): Please forgive this workaround
- name: Generate admin kubeconfig with external api endpoint # noqa 302
shell: >-
{{ bin_dir }}/kubeadm
init phase
kubeconfig admin
--kubeconfig-dir {{ kube_config_dir }}/external_kubeconfig
--cert-dir {{ kube_cert_dir }}
--apiserver-advertise-address {{ external_apiserver_address }}
--apiserver-bind-port {{ external_apiserver_port }}
>/dev/null && cat {{ kube_config_dir }}/external_kubeconfig/admin.conf &&
rm -rf {{ kube_config_dir }}/external_kubeconfig
environment: "{{ proxy_env }}"
- name: Get admin kubeconfig from remote host
slurp:
src: "{{ kube_config_dir }}/admin.conf"
run_once: yes run_once: yes
register: raw_admin_kubeconfig register: raw_admin_kubeconfig
when: kubeconfig_localhost when: kubeconfig_localhost
- name: Convert kubeconfig to YAML - name: Convert kubeconfig to YAML
set_fact: set_fact:
admin_kubeconfig: "{{ raw_admin_kubeconfig.stdout | from_yaml }}"
admin_kubeconfig: "{{ raw_admin_kubeconfig.content | b64decode | from_yaml }}"
when: kubeconfig_localhost when: kubeconfig_localhost
- name: Override username in kubeconfig - name: Override username in kubeconfig
@ -86,7 +69,7 @@
user_certs: "{{ admin_kubeconfig['users'][0]['user'] }}" user_certs: "{{ admin_kubeconfig['users'][0]['user'] }}"
username: "kubernetes-admin-{{ cluster_name }}" username: "kubernetes-admin-{{ cluster_name }}"
context: "kubernetes-admin-{{ cluster_name }}@{{ cluster_name }}" context: "kubernetes-admin-{{ cluster_name }}@{{ cluster_name }}"
override_cluster_name: "{{ { 'clusters': [ { 'cluster': cluster_infos, 'name': cluster_name } ] } }}"
override_cluster_name: "{{ { 'clusters': [ { 'cluster': (cluster_infos|combine({'server': 'https://'+external_apiserver_address+':'+(external_apiserver_port|string)})), 'name': cluster_name } ] } }}"
override_context: "{{ { 'contexts': [ { 'context': { 'user': username, 'cluster': cluster_name }, 'name': context } ], 'current-context': context } }}" override_context: "{{ { 'contexts': [ { 'context': { 'user': username, 'cluster': cluster_name }, 'name': context } ], 'current-context': context } }}"
override_user: "{{ { 'users': [ { 'name': username, 'user': user_certs } ] } }}" override_user: "{{ { 'users': [ { 'name': username, 'user': user_certs } ] } }}"
when: kubeconfig_localhost when: kubeconfig_localhost

Loading…
Cancel
Save