142 Commits (99c139dd5abde26b621c938cd6869cdc86a2a015)

Author SHA1 Message Date
Erwan Miran 2ab2f3a0a3 Ability to define SSL certificates duration and SSL key size (#3482) 6 years ago
Dylan 30132d8c35 Removed hostname truncation. (#3409) 6 years ago
Shida Qiu 8b8e534769 remove the redundant space (#3400) 6 years ago
Matthew Mosesohn 97e0de7e29
Fix vault file owner issues and k8s apiserver cert creation (#2985) 6 years ago
Matthew Mosesohn 5c617c5a8b
Add tags to deploy components by --tags option (#2960) 6 years ago
Yumo Yang 6c2f169ea2 update test-pr2 (#2911) 6 years ago
Brad Beam 3d819a6edd Adding cluster_name to api cert alt name for vault 6 years ago
Matthew Mosesohn 59be578842
Revert "wip pr for improved cert sync" (#2849) 6 years ago
Matthew Mosesohn 7433348aae wip pr for improved cert sync 6 years ago
Matthew Mosesohn 07cc981971
refactor vault role (#2733) 6 years ago
Tomasz Majchrowski 59789ae02a ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys across vault and script mode (#2707) 6 years ago
Markos Chandras 9168c71359 Revert "Revert "Add openSUSE support" (#2697)" (#2699) 6 years ago
Matthew Mosesohn 51f4e6585a
Revert "Add openSUSE support" (#2697) 6 years ago
Romain DEQUIDT 80dd230a65 sync certs tasks (fix #2596 #2667) 6 years ago
Chad Swenson d87b6fd9f3 Use dedicated front-proxy-ca for front-proxy-client 6 years ago
Markos Chandras d07f75b389 roles: kubernetes: secrets: Add SUSE support 6 years ago
Brad Beam dfc46f02d7 Adding missing service-account certificate for vault 6 years ago
georgejdli 76bb5f8d75 check if dedicated service account token signing key exists 6 years ago
avoidik 72c2a8982b Fix kubecert_node.results indexes 6 years ago
georgejdli c8f857eae4 configure kubespray to sign service account tokens with a dedicated and stable key 6 years ago
Kuldip Madnani 9ebbf1c3cd Added a fix in openssl.conf template to check if IP of loadbalncer is available or not. 6 years ago
woopstar 0b5404b2b7 Fix 6 years ago
woopstar 0df32b03ca Update openssl.conf to count better and work with Jinja 2.9 6 years ago
woopstar b9a949820a Only copy tokens if tokens_list contains any 6 years ago
Sergey Bondarev f8fed0f308 change expirations period for generated certificate from 10 years to 100 years 6 years ago
chadswen cd153a1fb3 Fix kubernetes cert permission sync 6 years ago
Simon Li 6b80ac6500
Fix indexing of supplementary DNS in openssl.conf 6 years ago
Maxim Krasilnikov ba91304636 Fixed generate front proxy client certs with vault (#2359) 6 years ago
woopstar f9df692056 Issue front proxy certs for vault 6 years ago
woopstar 4dab92ce69 Rename from aggregator-proxy-client to front-proxy-client to match kubeadm design. Added kubeadm support too. Changed to use variables set and not hardcode paths. Still missing cert generation for Vault 6 years ago
woopstar b2d30d68e7 Rename CN for aggreator back. Add flags to apiserver when version is >= 1.9 6 years ago
woopstar 82d10b882c Added fixes from whereismyjetpack 6 years ago
woopstar 0b4168cad4 WIP. Adding metrics-server support for K8s version 1.9 6 years ago
Simon Li 27a1a697e7
supplementary_addresses_in_ssl_keys can be a hostname 7 years ago
Andreas Krüger 088d36da09
Increase the idx counter 6 years ago
Andreas Krüger 6f36faa4f9
Loadbalancer Apiserver Address is missing 6 years ago
Matthew Mosesohn dc6a17e092
Use include/import tasks (#2192) 6 years ago
Bogdan Dobrelya 8aafe64397
Defaults for apiserver_loadbalancer_domain_name (#1993) 7 years ago
Günther Grill 0d55ed3600 Avoid that some read-only tasks cause an ansible-change (#1910) 7 years ago
Matthew Mosesohn fe81bba08d Force kubelet certificates to be generated as lowercase (#1886) 7 years ago
Rémi de Passmoilesel 356515222a Add possibility to insert more ip adresses in certificates (#1678) 7 years ago
neith00 77f1d4b0f1 Revert "Update roadmap" (#1809) 7 years ago
Matthew Mosesohn d9879d8026 Update roadmap (#1795) 7 years ago
Matthew Mosesohn ee83e874a8 Clear admin kubeconfig when rotating certs (#1772) 7 years ago
Matthew Mosesohn f14f04c5ea Upgrade to kubernetes v1.8.0 (#1730) 7 years ago
Aivars Sterns 9c86da1403 Normalize tags in all places to prepare for tag fixing in future (#1739) 7 years ago
foxyriver 30b5493fd6 use command module instead of shell module 7 years ago
Brad Beam ac281476c8 Prune unnecessary certs from vault setup (#1652) 7 years ago
Matthew Mosesohn 6744726089 kubeadm support (#1631) 7 years ago
Maxim Krasilnikov e16b57aa05 Store vault users passwords to credentials dir. Create vault and etcd roles after start vault cluster (#1632) 7 years ago