Browse Source
Fix etcd certificates reference to support etcd_kubeadm_enabled:true (#7766)
* Fix etcd certificates reference to support etcd_kubeadm_enabled:true
* Add retries to ETCD Join Member task
* Fix etcd certificates reference when etcd_kubeadm_enabled:true
* Fix conflicts
pull/8406/head
forselli-stratio
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with
10 additions and
10 deletions
-
recover-control-plane.yml
-
roles/network_plugin/canal/tasks/main.yml
-
roles/remove-node/remove-etcd-node/tasks/main.yml
|
|
|
@ -16,7 +16,7 @@ |
|
|
|
environment: "{{ proxy_disable_env }}" |
|
|
|
roles: |
|
|
|
- { role: kubespray-defaults} |
|
|
|
- { role: recover_control_plane/etcd } |
|
|
|
- { role: recover_control_plane/etcd, when: "not etcd_kubeadm_enabled|default(false)" } |
|
|
|
|
|
|
|
- hosts: kube_control_plane[0] |
|
|
|
environment: "{{ proxy_disable_env }}" |
|
|
|
|
|
|
|
@ -42,9 +42,9 @@ |
|
|
|
run_once: true |
|
|
|
environment: |
|
|
|
ETCDCTL_API: 2 |
|
|
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem" |
|
|
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}.pem" |
|
|
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}-key.pem" |
|
|
|
ETCDCTL_CA_FILE: "{{ kube_cert_dir + '/etcd/ca.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/ca.pem' }}" |
|
|
|
ETCDCTL_CERT_FILE: "{{ kube_cert_dir + '/etcd/server.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd'][0] + '.pem' }}" |
|
|
|
ETCDCTL_KEY_FILE: "{{ kube_cert_dir + '/etcd/server.key' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd'][0] + '-key.pem' }}" |
|
|
|
ETCDCTL_ENDPOINTS: "{{ etcd_access_addresses }}" |
|
|
|
|
|
|
|
- name: Canal | Create canal node manifests |
|
|
|
|
|
|
|
@ -34,9 +34,9 @@ |
|
|
|
- facts |
|
|
|
environment: |
|
|
|
ETCDCTL_API: 3 |
|
|
|
ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ groups['etcd']|first }}.pem" |
|
|
|
ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ groups['etcd']|first }}-key.pem" |
|
|
|
ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem" |
|
|
|
ETCDCTL_CERT: "{{ kube_cert_dir + '/etcd/server.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd']|first + '.pem' }}" |
|
|
|
ETCDCTL_KEY: "{{ kube_cert_dir + '/etcd/server.key' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd']|first + '-key.pem' }}" |
|
|
|
ETCDCTL_CACERT: "{{ kube_cert_dir + '/etcd/ca.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/ca.pem' }}" |
|
|
|
ETCDCTL_ENDPOINTS: "https://{{ hostvars[groups['etcd']|first]['etcd_access_address'] | |
|
|
|
default(hostvars[groups['etcd']|first]['ip']) | |
|
|
|
default(hostvars[groups['etcd']|first]['fallback_ips'][groups['etcd']|first]) }}:2379" |
|
|
|
@ -52,9 +52,9 @@ |
|
|
|
- facts |
|
|
|
environment: |
|
|
|
ETCDCTL_API: 3 |
|
|
|
ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ groups['etcd']|first }}.pem" |
|
|
|
ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ groups['etcd']|first }}-key.pem" |
|
|
|
ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem" |
|
|
|
ETCDCTL_CERT: "{{ kube_cert_dir + '/etcd/server.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd']|first + '.pem' }}" |
|
|
|
ETCDCTL_KEY: "{{ kube_cert_dir + '/etcd/server.key' if etcd_kubeadm_enabled else etcd_cert_dir + '/admin-' + groups['etcd']|first + '-key.pem' }}" |
|
|
|
ETCDCTL_CACERT: "{{ kube_cert_dir + '/etcd/ca.crt' if etcd_kubeadm_enabled else etcd_cert_dir + '/ca.pem' }}" |
|
|
|
ETCDCTL_ENDPOINTS: "https://{{ hostvars[groups['etcd']|first]['etcd_access_address'] | |
|
|
|
default(hostvars[groups['etcd']|first]['ip']) | |
|
|
|
default(hostvars[groups['etcd']|first]['fallback_ips'][groups['etcd']|first]) }}:2379" |
|
|
|
|
