C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1318 commits 17 branches 66 tags 141 MiB
Commit graph

6 commits

Author SHA1 Message Date
Greg Althaus 95bf380d07 If the inventory name of the host exceeds 63 characters, 
the openssl tools will fail to create signing requests because
the CN is too long.  This is mainly a problem when FQDNs are used
in the inventory file.

THis will truncate the hostname for the CN field only at the
first dot.  This should handle the issue for most cases.
 2017-01-13 10:02:23 -06:00
Matthew Mosesohn 80703010bd Use only one certificate for all apiservers 
https://github.com/kubernetes/kubernetes/issues/25063
 2017-01-13 14:03:20 +03:00
Matthew Mosesohn 3f274115b0 Generate individual certificates for k8s hosts 2017-01-11 12:58:07 +03:00
Matthew Mosesohn 84052ff0b6 use nginx proxy on non-master nodes to proxy apiserver traffic 
Also adds all masters by hostname and localhost/127.0.0.1 to
apiserver SSL certificate.

Includes documentation update on how localhost loadbalancer works.
 2016-10-05 20:09:10 +03:00
Smana 4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
Smana 91fca69aa0 generate secrets on deployment machine 
test travis with sudo=true instead of required
 2016-02-13 06:51:54 +01:00