richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Loadbalancer Apiserver Address is missing 

If you configure your external loadbalancer to do a simple tcp pass-through to the api servers, and you do not use a DNS FQDN but just the ip, then you need to add the ip adress to the certificates too.

Example config:

```
## External LB example config
apiserver_loadbalancer_domain_name: "10.50.63.10"
loadbalancer_apiserver:
  address: 10.50.63.10
  port: 8383
```
pull/2214/head
Andreas Krüger 6 years ago
committed by GitHub
parent
3846384d56
commit
6f36faa4f9
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      roles/kubernetes/secrets/templates/openssl.conf.j2

3
roles/kubernetes/secrets/templates/openssl.conf.j2
View File

@ -25,6 +25,9 @@ IP.{{ 2 * loop.index }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansi
{% endfor %} {% endfor %}
{% set idx = groups['kube-master'] | length | int * 2 + 1 %} {% set idx = groups['kube-master'] | length | int * 2 + 1 %}
IP.{{ idx }} = {{ kube_apiserver_ip }} IP.{{ idx }} = {{ kube_apiserver_ip }}
{% if loadbalancer_apiserver is defined %}
IP.{{ idx + 1 }} = {{ loadbalancer_apiserver.address }}
{% endif %}
IP.{{ idx + 1 }} = 127.0.0.1 IP.{{ idx + 1 }} = 127.0.0.1
{% if supplementary_addresses_in_ssl_keys is defined %} {% if supplementary_addresses_in_ssl_keys is defined %}
{% set is = idx + 1 %} {% set is = idx + 1 %}

Write Preview
Loading…
Cancel
Save