0dc38ff9b3
* Add a flag "authorization_method", when set to "RBAC" enables role based access control. * Add required cluster roles and bindings for kube-dns * Patch tiller deployment to use a service account with proper credentials. * Add a flag to regenerate kubernetes certs on the nodes.
18 lines
503 B
Django/Jinja
18 lines
503 B
Django/Jinja
apiVersion: v1
|
|
kind: Config
|
|
clusters:
|
|
- name: local
|
|
cluster:
|
|
certificate-authority: {{ kube_cert_dir }}/ca.pem
|
|
server: {{ kube_apiserver_endpoint }}
|
|
users:
|
|
- name: kube-proxy
|
|
user:
|
|
client-certificate: {{ kube_cert_dir }}/kube-proxy-{{ inventory_hostname }}.pem
|
|
client-key: {{ kube_cert_dir }}/kube-proxy-{{ inventory_hostname }}-key.pem
|
|
contexts:
|
|
- context:
|
|
cluster: local
|
|
user: kube-proxy
|
|
name: kube-proxy-{{ cluster_name }}
|
|
current-context: kube-proxy-{{ cluster_name }}
|