richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #71 from ansibl8s/add_set_remote_user 

Add set remote user
pull/75/merge
Antoine Legrand 8 years ago
parent
815c5fa43c 859f6322a0
commit
babf42f03a
4 changed files with 11 additions and 6 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      roles/kubernetes/master/tasks/main.yml
  2. 2
      roles/kubernetes/node/tasks/install.yml
  3. 13
      roles/kubernetes/node/tasks/secrets.yml
  4. 1
      roles/network_plugin/tasks/calico.yml

1
roles/kubernetes/master/tasks/main.yml
View File

@ -11,6 +11,7 @@
archive: no archive: no
checksum: yes checksum: yes
times: yes times: yes
set_remote_user: false
delegate_to: "{{ groups['downloader'][0] }}" delegate_to: "{{ groups['downloader'][0] }}"
- name: Perms kubectl binary - name: Perms kubectl binary

2
roles/kubernetes/node/tasks/install.yml
View File

@ -23,6 +23,7 @@
dest: "{{ bin_dir }}/kubelet" dest: "{{ bin_dir }}/kubelet"
times: yes times: yes
archive: no archive: no
set_remote_user: false
delegate_to: "{{ groups['downloader'][0] }}" delegate_to: "{{ groups['downloader'][0] }}"
notify: notify:
- restart kubelet - restart kubelet
@ -40,6 +41,7 @@
dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico" dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
times: yes times: yes
archive: no archive: no
set_remote_user: false
delegate_to: "{{ groups['downloader'][0] }}" delegate_to: "{{ groups['downloader'][0] }}"
when: kube_network_plugin == "calico" when: kube_network_plugin == "calico"
notify: restart kubelet notify: restart kubelet

13
roles/kubernetes/node/tasks/secrets.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: certs | make sure the certificate directory exits
- name: Secrets | certs | make sure the certificate directory exits
file: file:
path={{ kube_cert_dir }} path={{ kube_cert_dir }}
state=directory state=directory
mode=o-rwx mode=o-rwx
group={{ kube_cert_group }} group={{ kube_cert_group }}
- name: tokens | make sure the tokens directory exits
- name: Secrets | tokens | make sure the tokens directory exits
file: file:
path={{ kube_token_dir }} path={{ kube_token_dir }}
state=directory state=directory
@ -19,23 +19,24 @@
- include: gen_tokens.yml - include: gen_tokens.yml
# Sync certs between nodes # Sync certs between nodes
- user:
- name: Secrets | create user
user:
name: '{{ansible_user_id}}' name: '{{ansible_user_id}}'
generate_ssh_key: yes generate_ssh_key: yes
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
run_once: yes run_once: yes
- name: 'get ssh keypair'
- name: Secrets | 'get ssh keypair'
slurp: path=~/.ssh/id_rsa.pub slurp: path=~/.ssh/id_rsa.pub
register: public_key register: public_key
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
- name: 'setup keypair on nodes'
- name: Secrets | 'setup keypair on nodes'
authorized_key: authorized_key:
user: '{{ansible_user_id}}' user: '{{ansible_user_id}}'
key: "{{public_key.content|b64decode }}" key: "{{public_key.content|b64decode }}"
- name: synchronize certificates for nodes
- name: Secrets | synchronize certificates for nodes
synchronize: synchronize:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ kube_cert_dir }}" dest: "{{ kube_cert_dir }}"

1
roles/network_plugin/tasks/calico.yml
View File

@ -5,6 +5,7 @@
dest: "{{ bin_dir }}/calicoctl" dest: "{{ bin_dir }}/calicoctl"
archive: no archive: no
times: yes times: yes
set_remote_user: false
delegate_to: "{{ groups['downloader'][0] }}" delegate_to: "{{ groups['downloader'][0] }}"
notify: restart calico-node notify: restart calico-node

Write Preview
Loading…
Cancel
Save