From b1ba070ba181ea6a236fd5368dd4c7ba7cf7e7c6 Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Mon, 6 Jun 2016 16:48:40 -0700 Subject: [PATCH] add support for output of tokens to a known location so kubectl can be configured --- roles/kubernetes/secrets/tasks/gen_certs.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/kubernetes/secrets/tasks/gen_certs.yml b/roles/kubernetes/secrets/tasks/gen_certs.yml index 7178bce0c..1fd9de07b 100644 --- a/roles/kubernetes/secrets/tasks/gen_certs.yml +++ b/roles/kubernetes/secrets/tasks/gen_certs.yml @@ -65,3 +65,11 @@ shell: chmod 0600 {{ kube_cert_dir}}/*key.pem when: inventory_hostname in groups['kube-master'] changed_when: false + +- name: Gen_certs | download certs for remote kubectl + fetch: src="{{ kube_cert_dir }}/{{ item }}" dest="output/tokens/{{ item }}" flat=yes + delegate_to: "{{ groups['kube-master'][0] }}" + with_items: + - "ca.pem" + - "admin.pem" + - "admin-key.pem"