C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1259 commits 17 branches 66 tags 141 MiB
Commit graph

6 commits

Author SHA1 Message Date
Greg Althaus
04fbe42aa6 If the inventory name of the host exceeds 63 characters, 
the openssl tools will fail to create signing requests because
the CN is too long.  This is mainly a problem when FQDNs are used
in the inventory file.

THis will truncate the hostname for the CN field only at the
first dot.  This should handle the issue for most cases.
 2017-01-13 10:02:23 -06:00
Matthew Mosesohn
3b562c494d Use only one certificate for all apiservers 
https://github.com/kubernetes/kubernetes/issues/25063
 2017-01-13 14:03:20 +03:00
Matthew Mosesohn
ed253e5c5a Generate individual certificates for k8s hosts 2017-01-11 12:58:07 +03:00
Matthew Mosesohn
73066f308d use nginx proxy on non-master nodes to proxy apiserver traffic 
Also adds all masters by hostname and localhost/127.0.0.1 to
apiserver SSL certificate.

Includes documentation update on how localhost loadbalancer works.
 2016-10-05 20:09:10 +03:00
Smana
4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
Smana
91fca69aa0 generate secrets on deployment machine 
test travis with sudo=true instead of required
 2016-02-13 06:51:54 +01:00