Merge pull request #71 from ansibl8s/add_set_remote_user
Add set remote user
This commit is contained in:
commit
babf42f03a
4 changed files with 11 additions and 6 deletions
|
@ -11,6 +11,7 @@
|
||||||
archive: no
|
archive: no
|
||||||
checksum: yes
|
checksum: yes
|
||||||
times: yes
|
times: yes
|
||||||
|
set_remote_user: false
|
||||||
delegate_to: "{{ groups['downloader'][0] }}"
|
delegate_to: "{{ groups['downloader'][0] }}"
|
||||||
|
|
||||||
- name: Perms kubectl binary
|
- name: Perms kubectl binary
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
dest: "{{ bin_dir }}/kubelet"
|
dest: "{{ bin_dir }}/kubelet"
|
||||||
times: yes
|
times: yes
|
||||||
archive: no
|
archive: no
|
||||||
|
set_remote_user: false
|
||||||
delegate_to: "{{ groups['downloader'][0] }}"
|
delegate_to: "{{ groups['downloader'][0] }}"
|
||||||
notify:
|
notify:
|
||||||
- restart kubelet
|
- restart kubelet
|
||||||
|
@ -40,6 +41,7 @@
|
||||||
dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
|
dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
|
||||||
times: yes
|
times: yes
|
||||||
archive: no
|
archive: no
|
||||||
|
set_remote_user: false
|
||||||
delegate_to: "{{ groups['downloader'][0] }}"
|
delegate_to: "{{ groups['downloader'][0] }}"
|
||||||
when: kube_network_plugin == "calico"
|
when: kube_network_plugin == "calico"
|
||||||
notify: restart kubelet
|
notify: restart kubelet
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
---
|
---
|
||||||
- name: certs | make sure the certificate directory exits
|
- name: Secrets | certs | make sure the certificate directory exits
|
||||||
file:
|
file:
|
||||||
path={{ kube_cert_dir }}
|
path={{ kube_cert_dir }}
|
||||||
state=directory
|
state=directory
|
||||||
mode=o-rwx
|
mode=o-rwx
|
||||||
group={{ kube_cert_group }}
|
group={{ kube_cert_group }}
|
||||||
|
|
||||||
- name: tokens | make sure the tokens directory exits
|
- name: Secrets | tokens | make sure the tokens directory exits
|
||||||
file:
|
file:
|
||||||
path={{ kube_token_dir }}
|
path={{ kube_token_dir }}
|
||||||
state=directory
|
state=directory
|
||||||
|
@ -19,23 +19,24 @@
|
||||||
- include: gen_tokens.yml
|
- include: gen_tokens.yml
|
||||||
|
|
||||||
# Sync certs between nodes
|
# Sync certs between nodes
|
||||||
- user:
|
- name: Secrets | create user
|
||||||
|
user:
|
||||||
name: '{{ansible_user_id}}'
|
name: '{{ansible_user_id}}'
|
||||||
generate_ssh_key: yes
|
generate_ssh_key: yes
|
||||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||||
run_once: yes
|
run_once: yes
|
||||||
|
|
||||||
- name: 'get ssh keypair'
|
- name: Secrets | 'get ssh keypair'
|
||||||
slurp: path=~/.ssh/id_rsa.pub
|
slurp: path=~/.ssh/id_rsa.pub
|
||||||
register: public_key
|
register: public_key
|
||||||
delegate_to: "{{ groups['kube-master'][0] }}"
|
delegate_to: "{{ groups['kube-master'][0] }}"
|
||||||
|
|
||||||
- name: 'setup keypair on nodes'
|
- name: Secrets | 'setup keypair on nodes'
|
||||||
authorized_key:
|
authorized_key:
|
||||||
user: '{{ansible_user_id}}'
|
user: '{{ansible_user_id}}'
|
||||||
key: "{{public_key.content|b64decode }}"
|
key: "{{public_key.content|b64decode }}"
|
||||||
|
|
||||||
- name: synchronize certificates for nodes
|
- name: Secrets | synchronize certificates for nodes
|
||||||
synchronize:
|
synchronize:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
dest: "{{ kube_cert_dir }}"
|
dest: "{{ kube_cert_dir }}"
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
dest: "{{ bin_dir }}/calicoctl"
|
dest: "{{ bin_dir }}/calicoctl"
|
||||||
archive: no
|
archive: no
|
||||||
times: yes
|
times: yes
|
||||||
|
set_remote_user: false
|
||||||
delegate_to: "{{ groups['downloader'][0] }}"
|
delegate_to: "{{ groups['downloader'][0] }}"
|
||||||
notify: restart calico-node
|
notify: restart calico-node
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue