0d44599a63
Add explicit name printing in task names for deletgated task during
cert creation
7 years ago
6c69da1573
This PR adds/or modifies a few tasks to allow for the playbook to
be run by limit on each node without regard for order.
The changes make sure that all of the directories needed to do
certificate management are on the master[0] or etcd[0] node regardless
of when the playbook gets run on each node. This allows for separate
ansible playbook runs in parallel that don't have to be synchronized.
7 years ago
d9539e0f27
Fix etcd cert generation for calico-rr role
"etcd_node_cert_data" variable is undefinded for "calico-rr" role.
This patch adds "calico-rr" nodes to task where "etcd_node_cert_data"
variable is registered.
7 years ago
5af2c42bde
Better fix for different CoreOS os family facts
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
f7447837c5
Rename CoreOS fact
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
7 years ago
1f9f885379
Fix etcd cert generation to support large deployments
Due to bash max args limits, we should pass all node filenames and
base64-encoded tar data through stdin/stdout instead.
Fixes #832
7 years ago
f0c0390646
Fix creation and sync of etcd certs
Admin certs only go to etcd nodes
Only generate cert-data for nodes that need sync
7 years ago
6d9cd2d720
Fix calico-rr to use etcd certs instead of kube certs
7 years ago
ad796d188d
Individual etcd ssl certs
Includes hooks for triggering calico, kubelet, and kube-apiserver restarts
if etcd certs changed.
8 years ago
8cc84e132a
Add tags
Add tags to allow more granular tasks filtering.
Add generator script for MD formatted tags found.
Add docs for tags how-to.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
8 years ago
46ee9faca9
Fix ca certificate loading on CoreOS
8 years ago
a32cd85eb7
Add etcd TLS support
8 years ago
Greg Althaus
Aleksandr Didenko
Bogdan Dobrelya
Matthew Mosesohn
Bogdan Dobrelya