[kubeconfig] generate admin kube config from /etc/kubernetes/admin.conf instead of the workaround of using kubeadm init phase kubeadm admin which fails with cri-dockerd

2022-06-11 23:19:51 +03:00 · 2022-06-11 23:19:51 +03:00 · 6380483e8b
parent ae1dcb031f
commit 6380483e8b
1 changed files with 5 additions and 22 deletions
--- a/roles/kubernetes/client/tasks/main.yml
+++ b/roles/kubernetes/client/tasks/main.yml
@ -49,33 +49,16 @@
    port: "{{ kube_apiserver_port }}"
    timeout: 180

- name: Create external_kubeconfig dir
-  file:
-    path: "{{ kube_config_dir }}/external_kubeconfig"
-    mode: "0750"
-    state: directory
-  when: kubeconfig_localhost
-
-# NOTE(mattymo): Please forgive this workaround
- name: Generate admin kubeconfig with external api endpoint  # noqa 302
-  shell: >-
-    {{ bin_dir }}/kubeadm
-    init phase
-    kubeconfig admin
-    --kubeconfig-dir {{ kube_config_dir }}/external_kubeconfig
-    --cert-dir {{ kube_cert_dir }}
-    --apiserver-advertise-address {{ external_apiserver_address }}
-    --apiserver-bind-port {{ external_apiserver_port }}
-    >/dev/null && cat {{ kube_config_dir }}/external_kubeconfig/admin.conf &&
-    rm -rf {{ kube_config_dir }}/external_kubeconfig
-  environment: "{{ proxy_env }}"
+- name: Get admin kubeconfig from remote host
+  slurp:
+    src: "{{ kube_config_dir }}/admin.conf"
  run_once: yes
  register: raw_admin_kubeconfig
  when: kubeconfig_localhost

 - name: Convert kubeconfig to YAML
  set_fact:
-    admin_kubeconfig: "{{ raw_admin_kubeconfig.stdout | from_yaml }}"
+    admin_kubeconfig: "{{ raw_admin_kubeconfig.content | b64decode | from_yaml }}"
  when: kubeconfig_localhost

 - name: Override username in kubeconfig
@ -86,7 +69,7 @@
    user_certs: "{{ admin_kubeconfig['users'][0]['user'] }}"
    username: "kubernetes-admin-{{ cluster_name }}"
    context: "kubernetes-admin-{{ cluster_name }}@{{ cluster_name }}"
-    override_cluster_name: "{{ { 'clusters': [ { 'cluster': cluster_infos, 'name': cluster_name } ] } }}"
+    override_cluster_name: "{{ { 'clusters': [ { 'cluster': (cluster_infos|combine({'server': 'https://'+external_apiserver_address+':'+(external_apiserver_port|string)})), 'name': cluster_name } ] } }}"
    override_context: "{{ { 'contexts': [ { 'context': { 'user': username, 'cluster': cluster_name }, 'name': context } ], 'current-context': context } }}"
    override_user: "{{ { 'users': [ { 'name': username, 'user': user_certs  } ] } }}"
  when: kubeconfig_localhost