Add option to kubeadm upgrade command to control certificates renewal during control plane upgrade (#7976)
* Add option to kubeadm upgrade command to control certificates renewal during control plane upgrade * Remove training whitespace
This commit is contained in:
parent
09af3ab074
commit
30cd91dc6b
2 changed files with 6 additions and 0 deletions
|
@ -193,3 +193,7 @@ event_ttl_duration: "1h0m0s"
|
||||||
auto_renew_certificates: false
|
auto_renew_certificates: false
|
||||||
# First Monday of each month
|
# First Monday of each month
|
||||||
auto_renew_certificates_systemd_calendar: "Mon *-*-1,2,3,4,5,6,7 03:{{ groups['kube_control_plane'].index(inventory_hostname) }}0:00"
|
auto_renew_certificates_systemd_calendar: "Mon *-*-1,2,3,4,5,6,7 03:{{ groups['kube_control_plane'].index(inventory_hostname) }}0:00"
|
||||||
|
# kubeadm renews all the certificates during control plane upgrade.
|
||||||
|
# If we have requirement like without renewing certs upgrade the cluster,
|
||||||
|
# we can opt out from the default behavior by setting kubeadm_upgrade_auto_cert_renewal to false
|
||||||
|
kubeadm_upgrade_auto_cert_renewal: true
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
timeout -k 600s 600s
|
timeout -k 600s 600s
|
||||||
{{ bin_dir }}/kubeadm
|
{{ bin_dir }}/kubeadm
|
||||||
upgrade apply -y {{ kube_version }}
|
upgrade apply -y {{ kube_version }}
|
||||||
|
--certificate-renewal={{ kubeadm_upgrade_auto_cert_renewal }}
|
||||||
--config={{ kube_config_dir }}/kubeadm-config.yaml
|
--config={{ kube_config_dir }}/kubeadm-config.yaml
|
||||||
--ignore-preflight-errors=all
|
--ignore-preflight-errors=all
|
||||||
--allow-experimental-upgrades
|
--allow-experimental-upgrades
|
||||||
|
@ -34,6 +35,7 @@
|
||||||
timeout -k 600s 600s
|
timeout -k 600s 600s
|
||||||
{{ bin_dir }}/kubeadm
|
{{ bin_dir }}/kubeadm
|
||||||
upgrade apply -y {{ kube_version }}
|
upgrade apply -y {{ kube_version }}
|
||||||
|
--certificate-renewal={{ kubeadm_upgrade_auto_cert_renewal }}
|
||||||
--config={{ kube_config_dir }}/kubeadm-config.yaml
|
--config={{ kube_config_dir }}/kubeadm-config.yaml
|
||||||
--ignore-preflight-errors=all
|
--ignore-preflight-errors=all
|
||||||
--allow-experimental-upgrades
|
--allow-experimental-upgrades
|
||||||
|
|
Loading…
Reference in a new issue