From 7237a925eb64ce04793da258471678c8d8762bbe Mon Sep 17 00:00:00 2001
From: ant31 <2t.antoine@gmail.com>
Date: Fri, 1 Apr 2016 12:40:01 +0200
Subject: [PATCH] Add kubernetes.default.svc in certs dns

---
 roles/kubernetes/secrets/templates/openssl.conf.j2 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes/secrets/templates/openssl.conf.j2 b/roles/kubernetes/secrets/templates/openssl.conf.j2
index c0f253ebe..fa00163a3 100644
--- a/roles/kubernetes/secrets/templates/openssl.conf.j2
+++ b/roles/kubernetes/secrets/templates/openssl.conf.j2
@@ -9,9 +9,10 @@ subjectAltName = @alt_names
 [alt_names]
 DNS.1 = kubernetes
 DNS.2 = kubernetes.default
-DNS.3 = kubernetes.default.svc.{{ dns_domain }}
+DNS.3 = kubernetes.default.svc
+DNS.4 = kubernetes.default.svc.{{ dns_domain }}
 {% if loadbalancer_apiserver is defined  and apiserver_loadbalancer_domain_name is defined %}
-DNS.4 = {{ apiserver_loadbalancer_domain_name }}
+DNS.5 = {{ apiserver_loadbalancer_domain_name }}
 {% endif %}
 {% for host in groups['kube-master'] %}
 IP.{{ 2 * loop.index - 1 }} = {{ hostvars[host]['access_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}