C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

ensure ALL certs are synced between masters

Browse source
This commit is contained in:
Spencer Smith 2016-05-11 10:09:13 -07:00
parent 5253b3ec13
commit 9f8466a186
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
roles/kubernetes/secrets/tasks/gen_certs.yml
View file

@ -21,7 +21,7 @@
notify: set secret_changed notify: set secret_changed
- set_fact: - set_fact:
master_certs: ['ca.pem', 'ca-key.pem', 'admin.pem', 'admin-key.pem', 'apiserver-key.pem', 'apiserver.pem'] master_certs: ['ca-key.pem', 'admin.pem', 'admin-key.pem', 'apiserver-key.pem', 'apiserver.pem']
node_certs: ['ca.pem', 'node.pem', 'node-key.pem'] node_certs: ['ca.pem', 'node.pem', 'node-key.pem']
- name: certs | Get the certs from first master - name: certs | Get the certs from first master
@ -39,8 +39,7 @@
content: "{{ item.content|b64decode }}" content: "{{ item.content|b64decode }}"
dest: "{{ item.source }}" dest: "{{ item.source }}"
with_items: '{{slurp_certs.results}}' with_items: '{{slurp_certs.results}}'
when: item.item in master_certs and when: inventory_hostname in groups['kube-master'] and sync_certs|default(false) and
inventory_hostname in groups['kube-master'] and sync_certs|default(false) and
inventory_hostname != groups['kube-master'][0] inventory_hostname != groups['kube-master'][0]
- name: certs | Copy certs on nodes - name: certs | Copy certs on nodes