phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add configuration to kubectl role

Browse source
This commit is contained in:
Paul-Henri Froidmont 2018-07-31 18:08:17 +02:00
parent bb3a990c9a
commit 656eedd01e
2 changed files with 33 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

11
k8s.yml
View file

@ -24,12 +24,6 @@
roles:
- role: peervpn
tags: role-peervpn
- hosts: k8s_kubectl
gather_facts: no
become: yes
roles:
- role: kubectl
tags: role-kubectl
- hosts: k8s_ca
become: yes
roles:
@ -37,6 +31,11 @@
tags: role-cfssl
- role: kubernetes-ca
tags: role-kubernetes-ca
- hosts: k8s_kubectl
become: yes
roles:
- role: kubectl
tags: role-kubectl
- hosts: k8s_etcd
gather_facts: no
roles:

28
roles/kubectl/tasks/main.yml
View file

@ -24,3 +24,31 @@
remote_src: yes
with_items:
- kubectl
- name: Generate a kubeconfig file for each worker node (set-cluster)
shell: "kubectl config set-cluster {{k8s_config_cluster_name}} --certificate-authority={{k8s_ca_conf_directory}}/ca-k8s-apiserver.pem --embed-certs=true --server=https://{{hostvars[groups['k8s_master'][0]]['ansible_'+hostvars[item]['peervpn_conf_interface']].ipv4.address}}:{{k8s_apiserver_secure_port}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
with_inventory_hostnames:
- k8s_worker
tags:
- k8s-auth-config-kubelet
- name: Generate a kubeconfig file for each worker node (set-credentials)
shell: "kubectl config set-credentials system:node:{{hostvars[item]['ansible_hostname']}} --client-certificate={{k8s_ca_conf_directory}}/cert-{{item}}.pem --client-key={{k8s_ca_conf_directory}}/cert-{{item}}-key.pem --embed-certs=true --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
with_inventory_hostnames:
- k8s_worker
tags:
- k8s-auth-config-kubelet
- name: Generate a kubeconfig file for each worker node (set-context)
shell: "kubectl config set-context default --cluster={{k8s_config_cluster_name}} --user=system:node:{{hostvars[item]['ansible_hostname']}} --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
with_inventory_hostnames:
- k8s_worker
tags:
- k8s-auth-config-kubelet
- name: Set use-context
shell: "kubectl config use-context default --kubeconfig={{k8s_config_directory}}/{{item}}.kubeconfig"
with_inventory_hostnames:
- k8s_worker
tags:
- k8s-auth-config-kubelet