From dd2cf5555feeecb074929804ccf5453003ace127 Mon Sep 17 00:00:00 2001 From: gamename Date: Mon, 4 Sep 2017 17:37:35 -0500 Subject: [PATCH] Point apiserver address to 0.0.0.0 Added loadbalancer api server address --- ansible.cfg | 6 ++++-- contrib/terraform/aws/create-infrastructure.tf | 3 +-- contrib/terraform/aws/templates/inventory.tpl | 2 +- contrib/terraform/aws/terraform.tfvars | 13 +++++++------ contrib/terraform/aws/variables.tf | 4 ++-- 5 files changed, 15 insertions(+), 13 deletions(-) diff --git a/ansible.cfg b/ansible.cfg index aecb198a0..2036fca15 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,13 +1,15 @@ [ssh_connection] pipelining=True -#ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m +#ssh_args=-o ForwardAgent=yes +ssh_args = -F ./ssh-bastion.conf -o ControlMaster=auto -o ControlPersist=30m -o StrictHostKeyChecking=no #control_path = ~/.ssh/ansible-%%r@%%h:%%p [defaults] +#sudo_flags = SSH_AUTH_SOCK="$SSH_AUTH_SOCK" -H -S -n host_key_checking=False gathering = smart fact_caching = jsonfile fact_caching_connection = /tmp stdout_callback = skippy library = ./library -callback_whitelist = profile_tasks +#callback_whitelist = profile_tasks roles_path = roles:$VIRTUAL_ENV/usr/local/share/kubespray/roles:$VIRTUAL_ENV/usr/local/share/ansible/roles diff --git a/contrib/terraform/aws/create-infrastructure.tf b/contrib/terraform/aws/create-infrastructure.tf index a58bca53c..8d17f313c 100644 --- a/contrib/terraform/aws/create-infrastructure.tf +++ b/contrib/terraform/aws/create-infrastructure.tf @@ -173,8 +173,7 @@ data "template_file" "inventory" { list_etcd = "${join("\n",aws_instance.k8s-etcd.*.tags.Name)}" elb_api_fqdn = "apiserver_loadbalancer_domain_name=\"${module.aws-elb.aws_elb_api_fqdn}\"" elb_api_port = "loadbalancer_apiserver.port=${var.aws_elb_api_port}" - kube_insecure_apiserver_address = "kube_apiserver_insecure_bind_address: ${var.kube_insecure_apiserver_address}" - + loadbalancer_apiserver_address = "loadbalancer_apiserver.address=${var.loadbalancer_apiserver_address}" } } diff --git a/contrib/terraform/aws/templates/inventory.tpl b/contrib/terraform/aws/templates/inventory.tpl index 8d5afd1cf..dd8126002 100644 --- a/contrib/terraform/aws/templates/inventory.tpl +++ b/contrib/terraform/aws/templates/inventory.tpl @@ -25,4 +25,4 @@ kube-master [k8s-cluster:vars] ${elb_api_fqdn} ${elb_api_port} -${kube_insecure_apiserver_address} +${loadbalancer_apiserver_address} diff --git a/contrib/terraform/aws/terraform.tfvars b/contrib/terraform/aws/terraform.tfvars index a538d46f3..bc83a719d 100644 --- a/contrib/terraform/aws/terraform.tfvars +++ b/contrib/terraform/aws/terraform.tfvars @@ -5,11 +5,11 @@ aws_cluster_name = "devtest" aws_vpc_cidr_block = "10.250.192.0/18" aws_cidr_subnets_private = ["10.250.192.0/20","10.250.208.0/20"] aws_cidr_subnets_public = ["10.250.224.0/20","10.250.240.0/20"] -aws_avail_zones = ["eu-central-1a","eu-central-1b"] +aws_avail_zones = ["us-west-2a","us-west-2b"] #Bastion Host -aws_bastion_ami = "ami-5900cc36" -aws_bastion_size = "t2.small" +aws_bastion_ami = "ami-db56b9a3" +aws_bastion_size = "t2.medium" #Kubernetes Cluster @@ -23,9 +23,10 @@ aws_etcd_size = "t2.medium" aws_kube_worker_num = 4 aws_kube_worker_size = "t2.medium" -aws_cluster_ami = "ami-903df7ff" +aws_cluster_ami = "ami-db56b9a3" #Settings AWS ELB -aws_elb_api_port = 443 -k8s_secure_api_port = 443 +aws_elb_api_port = 6443 +k8s_secure_api_port = 6443 +kube_insecure_apiserver_address = "0.0.0.0" diff --git a/contrib/terraform/aws/variables.tf b/contrib/terraform/aws/variables.tf index c740e6472..c7c65c772 100644 --- a/contrib/terraform/aws/variables.tf +++ b/contrib/terraform/aws/variables.tf @@ -96,6 +96,6 @@ variable "k8s_secure_api_port" { description = "Secure Port of K8S API Server" } -variable "kube_insecure_apiserver_address" { - description= "Bind Address for insecure Port of K8s API Server" +variable "loadbalancer_apiserver_address" { + description= "Bind Address for ELB of K8s API Server" }