c12s-kubespray/roles/kubernetes/node/tasks/main.yml
Matthew Mosesohn 84052ff0b6 use nginx proxy on non-master nodes to proxy apiserver traffic
Also adds all masters by hostname and localhost/127.0.0.1 to
apiserver SSL certificate.

Includes documentation update on how localhost loadbalancer works.
2016-10-05 20:09:10 +03:00

36 lines
908 B
YAML

---
- include: install.yml
- include: nginx-proxy.yml
when: is_kube_master == false and loadbalancer_apiserver_localhost|default(false)
- name: Write Calico cni config
template:
src: "cni-calico.conf.j2"
dest: "/etc/cni/net.d/10-calico.conf"
owner: kube
when: kube_network_plugin == "calico"
- name: Write kubelet config file
template: src=kubelet.j2 dest={{ kube_config_dir }}/kubelet.env backup=yes
notify:
- restart kubelet
- name: write the kubecfg (auth) file for kubelet
template: src=node-kubeconfig.yaml.j2 dest={{ kube_config_dir }}/node-kubeconfig.yaml backup=yes
notify:
- restart kubelet
- name: Write proxy manifest
template:
src: manifests/kube-proxy.manifest.j2
dest: "{{ kube_manifest_dir }}/kube-proxy.manifest"
# reload-systemd
- meta: flush_handlers
- name: Enable kubelet
service:
name: kubelet
enabled: yes
state: started