From fc68a5b5fd41ffb4b966525e171253a0376b86a0 Mon Sep 17 00:00:00 2001 From: Boris Zanetti Date: Mon, 24 Apr 2017 20:07:50 +0200 Subject: [PATCH] cleanup rebase from upstream --- roles/kubernetes-apps/helm/defaults/main.yml | 3 +++ roles/kubernetes-apps/helm/tasks/main.yml | 3 +++ roles/kubernetes-apps/helm/templates/helm-container.j2 | 1 + roles/kubernetes/secrets/files/make-ssl.sh | 4 ++-- roles/network_plugin/calico/rr/meta/main.yml | 2 ++ roles/network_plugin/calico/templates/calico-node.service.j2 | 1 - 6 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/kubernetes-apps/helm/defaults/main.yml b/roles/kubernetes-apps/helm/defaults/main.yml index ae139556d..b1b2dfca9 100644 --- a/roles/kubernetes-apps/helm/defaults/main.yml +++ b/roles/kubernetes-apps/helm/defaults/main.yml @@ -1 +1,4 @@ helm_enabled: false + +# specify a dir and attach it to helm for HELM_HOME. +helm_home_dir: "/root/.helm" diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml index 907cc7c20..e90ea2c4a 100644 --- a/roles/kubernetes-apps/helm/tasks/main.yml +++ b/roles/kubernetes-apps/helm/tasks/main.yml @@ -1,4 +1,7 @@ --- +- name: Helm | Make sure HELM_HOME directory exists + file: path={{ helm_home_dir }} state=directory + - name: Helm | Set up helm launcher template: src: helm-container.j2 diff --git a/roles/kubernetes-apps/helm/templates/helm-container.j2 b/roles/kubernetes-apps/helm/templates/helm-container.j2 index 598daa73a..68210ea30 100644 --- a/roles/kubernetes-apps/helm/templates/helm-container.j2 +++ b/roles/kubernetes-apps/helm/templates/helm-container.j2 @@ -3,6 +3,7 @@ --net=host \ --name=helm \ -v /etc/ssl:/etc/ssl:ro \ + -v {{ helm_home_dir }}:{{ helm_home_dir }}:rw \ {% for dir in ssl_ca_dirs -%} -v {{ dir }}:{{ dir }}:ro \ {% endfor -%} diff --git a/roles/kubernetes/secrets/files/make-ssl.sh b/roles/kubernetes/secrets/files/make-ssl.sh index 2b61aa0f0..363dfa94f 100755 --- a/roles/kubernetes/secrets/files/make-ssl.sh +++ b/roles/kubernetes/secrets/files/make-ssl.sh @@ -86,7 +86,7 @@ if [ -n "$MASTERS" ]; then # admin key openssl genrsa -out admin-${host}-key.pem 2048 > /dev/null 2>&1 openssl req -new -key admin-${host}-key.pem -out admin-${host}.csr -subj "/CN=kube-admin-${cn}/O=system:masters" > /dev/null 2>&1 - openssl x509 -req -in admin-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out admin-${host}.pem -days 365 > /dev/null 2>&1 + openssl x509 -req -in admin-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out admin-${host}.pem -days 3650 > /dev/null 2>&1 done fi @@ -97,7 +97,7 @@ if [ -n "$HOSTS" ]; then # node key openssl genrsa -out node-${host}-key.pem 2048 > /dev/null 2>&1 openssl req -new -key node-${host}-key.pem -out node-${host}.csr -subj "/CN=kube-node-${cn}/O=system:nodes" > /dev/null 2>&1 - openssl x509 -req -in node-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out node-${host}.pem -days 365 > /dev/null 2>&1 + openssl x509 -req -in node-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out node-${host}.pem -days 3650 > /dev/null 2>&1 done fi diff --git a/roles/network_plugin/calico/rr/meta/main.yml b/roles/network_plugin/calico/rr/meta/main.yml index 4a0d4b424..55104953e 100644 --- a/roles/network_plugin/calico/rr/meta/main.yml +++ b/roles/network_plugin/calico/rr/meta/main.yml @@ -1,4 +1,6 @@ dependencies: - role: etcd + - role: docker + when: not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] - role: download file: "{{ downloads.calico_rr }}" diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2 index 9194aa973..e84ceaba0 100644 --- a/roles/network_plugin/calico/templates/calico-node.service.j2 +++ b/roles/network_plugin/calico/templates/calico-node.service.j2 @@ -9,7 +9,6 @@ ExecStartPre=-{{ docker_bin_dir }}/docker rm -f calico-node ExecStart={{ docker_bin_dir }}/docker run --net=host --privileged \ --name=calico-node \ -e HOSTNAME=${CALICO_HOSTNAME} \ - -e NODENAME=${CALICO_HOSTNAME} \ -e IP=${CALICO_IP} \ -e IP6=${CALICO_IP6} \ -e CALICO_NETWORKING_BACKEND=${CALICO_NETWORKING_BACKEND} \