From 3cf230fee1c60c5c3c9a236e7cb0cccd03021aff Mon Sep 17 00:00:00 2001 From: Aleksandr Didenko Date: Thu, 10 Nov 2016 13:13:03 +0100 Subject: [PATCH] Fix policy controller 'etcd_cert_dir' variable is missing from 'kubernetes-apps/ansible' role which breaks Calico policy controller deployment. Also fixing calico-policy-controller.yml. --- roles/kubernetes-apps/ansible/defaults/main.yml | 5 ++++- .../templates/calico-policy-controller.yml.j2 | 17 ++++++++--------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml index b1086aa0d..d39d146fd 100644 --- a/roles/kubernetes-apps/ansible/defaults/main.yml +++ b/roles/kubernetes-apps/ansible/defaults/main.yml @@ -9,4 +9,7 @@ kubedns_image_tag: "{{ kubedns_version }}" kubednsmasq_image_repo: "gcr.io/google_containers/kube-dnsmasq-amd64" kubednsmasq_image_tag: "{{ kubednsmasq_version }}" exechealthz_image_repo: "gcr.io/google_containers/exechealthz-amd64" -exechealthz_image_tag: "{{ exechealthz_version }}" \ No newline at end of file +exechealthz_image_tag: "{{ exechealthz_version }}" + +# SSL +etcd_cert_dir: "/etc/ssl/etcd/ssl" diff --git a/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2 b/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2 index 5e0586e16..698710b95 100644 --- a/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/calico-policy-controller.yml.j2 @@ -44,12 +44,11 @@ spec: # This removes the need for KubeDNS to resolve the Service. - name: CONFIGURE_ETC_HOSTS value: "true" - volumeMounts: - - mountPath: {{ etcd_cert_dir }} - name: etcd-certs - readOnly: true - volumes: - - hostPath: - path: {{ etcd_cert_dir }} - name: etcd-certs - + volumeMounts: + - mountPath: {{ etcd_cert_dir }} + name: etcd-certs + readOnly: true + volumes: + - hostPath: + path: {{ etcd_cert_dir }} + name: etcd-certs