From 9b083b62cf45abbac2f5c082d3dab0214db301b0 Mon Sep 17 00:00:00 2001 From: Antoine Legrand Date: Tue, 19 Jan 2016 14:08:57 +0100 Subject: [PATCH 1/2] Rename tasks --- roles/kubernetes/node/tasks/secrets.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/roles/kubernetes/node/tasks/secrets.yml b/roles/kubernetes/node/tasks/secrets.yml index 436d51926..65c07aaa2 100644 --- a/roles/kubernetes/node/tasks/secrets.yml +++ b/roles/kubernetes/node/tasks/secrets.yml @@ -1,12 +1,12 @@ --- -- name: certs | make sure the certificate directory exits +- name: Secrets | certs | make sure the certificate directory exits file: path={{ kube_cert_dir }} state=directory mode=o-rwx group={{ kube_cert_group }} -- name: tokens | make sure the tokens directory exits +- name: Secrets | tokens | make sure the tokens directory exits file: path={{ kube_token_dir }} state=directory @@ -20,23 +20,24 @@ - include: gen_tokens.yml # Sync certs between nodes -- user: +- name: Secrets | create user + user: name: '{{ansible_user_id}}' generate_ssh_key: yes delegate_to: "{{ groups['kube-master'][0] }}" run_once: yes -- name: 'get ssh keypair' +- name: Secrets | 'get ssh keypair' slurp: path=~/.ssh/id_rsa.pub register: public_key delegate_to: "{{ groups['kube-master'][0] }}" -- name: 'setup keypair on nodes' +- name: Secrets | 'setup keypair on nodes' authorized_key: user: '{{ansible_user_id}}' key: "{{public_key.content|b64decode }}" -- name: synchronize certificates for nodes +- name: Secrets | synchronize certificates for nodes synchronize: src: "{{ item }}" dest: "{{ kube_cert_dir }}" From f68d8f3757c17452b299d5f3c056237b66bdebec Mon Sep 17 00:00:00 2001 From: Antoine Legrand Date: Tue, 19 Jan 2016 14:09:21 +0100 Subject: [PATCH 2/2] Add seT_remote_user in synchronize --- roles/kubernetes/master/tasks/main.yml | 1 + roles/kubernetes/node/tasks/install.yml | 2 ++ roles/network_plugin/tasks/calico.yml | 1 + 3 files changed, 4 insertions(+) diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml index ae7c5d8cc..9e50200f6 100644 --- a/roles/kubernetes/master/tasks/main.yml +++ b/roles/kubernetes/master/tasks/main.yml @@ -11,6 +11,7 @@ archive: no checksum: yes times: yes + set_remote_user: false delegate_to: "{{ groups['downloader'][0] }}" - name: Perms kubectl binary diff --git a/roles/kubernetes/node/tasks/install.yml b/roles/kubernetes/node/tasks/install.yml index 6fd5b1e92..9fa4398f5 100644 --- a/roles/kubernetes/node/tasks/install.yml +++ b/roles/kubernetes/node/tasks/install.yml @@ -23,6 +23,7 @@ dest: "{{ bin_dir }}/kubelet" times: yes archive: no + set_remote_user: false delegate_to: "{{ groups['downloader'][0] }}" notify: - restart kubelet @@ -40,6 +41,7 @@ dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico" times: yes archive: no + set_remote_user: false delegate_to: "{{ groups['downloader'][0] }}" when: kube_network_plugin == "calico" notify: restart kubelet diff --git a/roles/network_plugin/tasks/calico.yml b/roles/network_plugin/tasks/calico.yml index b7b53a2e1..790642399 100644 --- a/roles/network_plugin/tasks/calico.yml +++ b/roles/network_plugin/tasks/calico.yml @@ -5,6 +5,7 @@ dest: "{{ bin_dir }}/calicoctl" archive: no times: yes + set_remote_user: false delegate_to: "{{ groups['downloader'][0] }}" notify: restart calico-node