richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ensure ALL certs are synced between masters

pull/232/head
Spencer Smith 8 years ago
parent
5253b3ec13
commit
9f8466a186
1 changed files with 2 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      roles/kubernetes/secrets/tasks/gen_certs.yml

5
roles/kubernetes/secrets/tasks/gen_certs.yml
View File

@ -21,7 +21,7 @@
notify: set secret_changed
- set_fact:
master_certs: ['ca.pem', 'ca-key.pem', 'admin.pem', 'admin-key.pem', 'apiserver-key.pem', 'apiserver.pem']
master_certs: ['ca-key.pem', 'admin.pem', 'admin-key.pem', 'apiserver-key.pem', 'apiserver.pem']
node_certs: ['ca.pem', 'node.pem', 'node-key.pem']
- name: certs | Get the certs from first master
@ -39,8 +39,7 @@
content: "{{ item.content|b64decode }}"
dest: "{{ item.source }}"
with_items: '{{slurp_certs.results}}'
when: item.item in master_certs and
inventory_hostname in groups['kube-master'] and sync_certs|default(false) and
when: inventory_hostname in groups['kube-master'] and sync_certs|default(false) and
inventory_hostname != groups['kube-master'][0]
- name: certs | Copy certs on nodes

Write Preview
Loading…
Cancel
Save