Added download_validate_certs
option which allows to disables SSL validation for file downloads
This commit is contained in:
parent
51a5f54fc4
commit
8f85ea89fa
3 changed files with 11 additions and 0 deletions
|
@ -61,6 +61,11 @@ bin_dir: /usr/local/bin
|
||||||
## Refer to roles/kubespray-defaults/defaults/main.yml before modifying no_proxy
|
## Refer to roles/kubespray-defaults/defaults/main.yml before modifying no_proxy
|
||||||
#no_proxy: ""
|
#no_proxy: ""
|
||||||
|
|
||||||
|
## Some problems may occur when downloading files over https proxy due to ansible bug
|
||||||
|
## https://github.com/ansible/ansible/issues/32750. Set this variable to False to disable
|
||||||
|
## SSL validation of get_url module. Note that kubespray will still be performing checksum validation.
|
||||||
|
#download_validate_certs: False
|
||||||
|
|
||||||
## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
|
## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
|
||||||
#additional_no_proxy: ""
|
#additional_no_proxy: ""
|
||||||
|
|
||||||
|
|
|
@ -23,6 +23,11 @@ download_localhost: False
|
||||||
# Always pull images if set to True. Otherwise check by the repo's tag/digest.
|
# Always pull images if set to True. Otherwise check by the repo's tag/digest.
|
||||||
download_always_pull: False
|
download_always_pull: False
|
||||||
|
|
||||||
|
# Some problems may occur when downloading files over https proxy due to ansible bug
|
||||||
|
# https://github.com/ansible/ansible/issues/32750. Set this variable to False to disable
|
||||||
|
# SSL validation of get_url module. Note that kubespray will still be performing checksum validation.
|
||||||
|
download_validate_certs: True
|
||||||
|
|
||||||
# Use the first kube-master if download_localhost is not set
|
# Use the first kube-master if download_localhost is not set
|
||||||
download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube-master'][0]}}{% endif %}"
|
download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube-master'][0]}}{% endif %}"
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
sha256sum: "{{download.sha256 | default(omit)}}"
|
sha256sum: "{{download.sha256 | default(omit)}}"
|
||||||
owner: "{{ download.owner|default(omit) }}"
|
owner: "{{ download.owner|default(omit) }}"
|
||||||
mode: "{{ download.mode|default(omit) }}"
|
mode: "{{ download.mode|default(omit) }}"
|
||||||
|
validate_certs: "{{ download_validate_certs }}"
|
||||||
register: get_url_result
|
register: get_url_result
|
||||||
until: "'OK' in get_url_result.msg or 'file already exists' in get_url_result.msg"
|
until: "'OK' in get_url_result.msg or 'file already exists' in get_url_result.msg"
|
||||||
retries: 4
|
retries: 4
|
||||||
|
|
Loading…
Reference in a new issue