From 6849788ebc3debb5a8a64e9df5542e9403b4149b Mon Sep 17 00:00:00 2001 From: Takashi Okamoto Date: Wed, 8 Aug 2018 00:49:18 -0400 Subject: [PATCH] Fix copy ca cert and ca key for kubeadm. --- roles/kubernetes/master/tasks/kubeadm-setup.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/kubernetes/master/tasks/kubeadm-setup.yml b/roles/kubernetes/master/tasks/kubeadm-setup.yml index 69ad06e4f..e02c885e9 100644 --- a/roles/kubernetes/master/tasks/kubeadm-setup.yml +++ b/roles/kubernetes/master/tasks/kubeadm-setup.yml @@ -97,6 +97,14 @@ kubeadm_config_api_fqdn: "{{ apiserver_loadbalancer_domain_name|default('lb-apiserver.kubernetes.local') }}" when: loadbalancer_apiserver is defined +- name: kubeadm | Copy etcd ca file as k8s ca + command: "cp -T {{ etcd_cert_dir }}/ca.pem {{ kube_config_dir }}/ssl/etcd/ca.crt" + changed_when: false + +- name: kubeadm | Copy etcd cakey as k8s cakey + command: "cp -T {{ etcd_cert_dir }}/ca-key.pem {{ kube_config_dir }}/ssl/etcd/ca.key" + changed_when: false + - name: kubeadm | Create kubeadm config template: src: "kubeadm-config.{{ kubeadmConfig_api_version }}.yaml.j2"