optionally add an extra ip for the apiservers certificate

This commit is contained in:
Alex Knol 2017-02-23 16:59:22 +01:00
parent 403fea39f7
commit f1b599ca66
2 changed files with 8 additions and 0 deletions

View file

@ -6,6 +6,11 @@
## but don't know about that address themselves. ## but don't know about that address themselves.
#access_ip: 1.1.1.1 #access_ip: 1.1.1.1
# The kube_apiserver_ext_ip is only used when generating the certificate protecting the apiservers
# This is handy in case you want/have to access the apiserver through an external IP
# that is not routable inside the cluster.
# kube_apiserver_ext_ip: 10.10.10.10
### LOADBALANCING AND ACCESS MODES ### LOADBALANCING AND ACCESS MODES
## Enable multiaccess to configure etcd clients to access all of the etcd members directly ## Enable multiaccess to configure etcd clients to access all of the etcd members directly
## as the "http://hostX:port, http://hostY:port, ..." and ignore the proxy loadbalancers. ## as the "http://hostX:port, http://hostY:port, ..." and ignore the proxy loadbalancers.

View file

@ -26,3 +26,6 @@ IP.{{ 2 * loop.index }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansi
{% set idx = groups['kube-master'] | length | int * 2 + 1 %} {% set idx = groups['kube-master'] | length | int * 2 + 1 %}
IP.{{ idx }} = {{ kube_apiserver_ip }} IP.{{ idx }} = {{ kube_apiserver_ip }}
IP.{{ idx + 1 }} = 127.0.0.1 IP.{{ idx + 1 }} = 127.0.0.1
{% if kube_apiserver_ext_ip is defined %}
IP.{{ idx + 1 | string }} = {{ kube_apiserver_ext_ip }}
{% endif %}