mirror of
https://github.com/phfroidmont/self-hosting.git
synced 2025-12-25 13:46:59 +01:00
Add all services config to kubectl
This commit is contained in:
Paul-Henri Froidmont
parent
656eedd01e
commit
7166585268
2 changed files with 34 additions and 0 deletions
11
roles/kubectl/tasks/kubectl-config.yml
Normal file
11
roles/kubectl/tasks/kubectl-config.yml
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
- name: Generate a kubeconfig file for the {{service.name}} service (set-cluster)
|
||||||
|
shell: "kubectl config set-cluster {{k8s_config_cluster_name}} --certificate-authority={{k8s_ca_conf_directory}}/ca-k8s-apiserver.pem --embed-certs=true --server=https://{{apiServer}}:{{k8s_apiserver_secure_port}} --kubeconfig={{k8s_config_directory}}/{{service.name}}.kubeconfig"
|
||||||
|
|
||||||
|
- name: Generate a kubeconfig file for the {{service.name}} service (set-credentials)
|
||||||
|
shell: "kubectl config set-credentials system:{{service.name}} --client-certificate={{k8s_ca_conf_directory}}/cert-{{service.client_cert}}.pem --client-key={{k8s_ca_conf_directory}}/cert-{{service.client_cert}}-key.pem --embed-certs=true --kubeconfig={{k8s_config_directory}}/{{service.name}}.kubeconfig"
|
||||||
|
|
||||||
|
- name: Generate a kubeconfig file for the {{service.name}} service (set-context)
|
||||||
|
shell: "kubectl config set-context default --cluster={{k8s_config_cluster_name}} --user=system:{{service.name}} --kubeconfig={{k8s_config_directory}}/{{service.name}}.kubeconfig"
|
||||||
|
|
||||||
|
- name: Set use-context
|
||||||
|
shell: "kubectl config use-context default --kubeconfig={{k8s_config_directory}}/{{service.name}}.kubeconfig"
|
||||||
|
|
@ -52,3 +52,26 @@
|
||||||
- k8s_worker
|
- k8s_worker
|
||||||
tags:
|
tags:
|
||||||
- k8s-auth-config-kubelet
|
- k8s-auth-config-kubelet
|
||||||
|
|
||||||
|
- name: Get IP address of first host in k8s_master group and use as API server
|
||||||
|
set_fact:
|
||||||
|
apiServer: |
|
||||||
|
{% set item = groups["k8s_master"][0] %}
|
||||||
|
{{ hostvars[item]["ansible_"+hostvars[item]["peervpn_conf_interface"]].ipv4.address }}
|
||||||
|
|
||||||
|
- name: Remove newline from API server IP address
|
||||||
|
set_fact:
|
||||||
|
apiServer: "{{apiServer |replace('\n', '')}}"
|
||||||
|
|
||||||
|
- include_tasks: kubectl-config.yml
|
||||||
|
loop:
|
||||||
|
- name: kube-proxy
|
||||||
|
client_cert: k8s-proxy
|
||||||
|
- name: kube-controller-manager
|
||||||
|
client_cert: k8s-controller-manager
|
||||||
|
- name: kube-scheduler
|
||||||
|
client_cert: k8s-scheduler
|
||||||
|
- name: admin
|
||||||
|
client_cert: admin
|
||||||
|
loop_control:
|
||||||
|
loop_var: service
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue