phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

kubernetes-ca role refactoring

Browse source
This commit is contained in:
Paul-Henri Froidmont 2018-08-02 19:40:43 +02:00
parent 126143e7e1
commit a57445c364
15 changed files with 137 additions and 430 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/kubernetes-ca/templates/ca-k8s-apiserver-config.json.j2 → roles/kubernetes-ca/templates/ca-config.json.j2
View file

@ -1,7 +1,7 @@
{
"signing": {
"default": {
"expiry": "{{ ca_k8s_apiserver_expiry }}"
"expiry": "{{ ca_expiry }}"
},
"profiles": {
"kubernetes": {
@ -11,7 +11,7 @@
"server auth",
"client auth"
],
"expiry": "{{ ca_k8s_apiserver_expiry }}"
"expiry": "{{ ca_expiry }}"
}
}
}

18
roles/kubernetes-ca/templates/ca-etcd-config.json.j2
View file

@ -1,18 +0,0 @@
{
"signing": {
"default": {
"expiry": "{{ ca_etcd_expiry }}"
},
"profiles": {
"etcd": {
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
],
"expiry": "{{ ca_etcd_expiry }}"
}
}
}
}

16
roles/kubernetes-ca/templates/ca-etcd-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{ca_etcd_csr_cn}}",
"key": {
"algo": "{{ca_etcd_csr_key_algo}}",
"size": {{ca_etcd_csr_key_size}}
},
"names": [
{
"C": "{{ca_etcd_csr_names_c}}",
"L": "{{ca_etcd_csr_names_l}}",
"O": "{{ca_etcd_csr_names_o}}",
"OU": "{{ca_etcd_csr_names_ou}}",
"ST": "{{ca_etcd_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/ca-k8s-apiserver-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{ca_k8s_apiserver_csr_cn}}",
"key": {
"algo": "{{ca_k8s_apiserver_csr_key_algo}}",
"size": {{ca_k8s_apiserver_csr_key_size}}
},
"names": [
{
"C": "{{ca_k8s_apiserver_csr_names_c}}",
"L": "{{ca_k8s_apiserver_csr_names_l}}",
"O": "{{ca_k8s_apiserver_csr_names_o}}",
"OU": "{{ca_k8s_apiserver_csr_names_ou}}",
"ST": "{{ca_k8s_apiserver_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-admin-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_admin_csr_cn}}",
"key": {
"algo": "{{k8s_admin_csr_key_algo}}",
"size": {{k8s_admin_csr_key_size}}
},
"names": [
{
"C": "{{k8s_admin_csr_names_c}}",
"L": "{{k8s_admin_csr_names_l}}",
"O": "{{k8s_admin_csr_names_o}}",
"OU": "{{k8s_admin_csr_names_ou}}",
"ST": "{{k8s_admin_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-etcd-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{etcd_csr_cn}}",
"key": {
"algo": "{{etcd_csr_key_algo}}",
"size": {{etcd_csr_key_size}}
},
"names": [
{
"C": "{{etcd_csr_names_c}}",
"L": "{{etcd_csr_names_l}}",
"O": "{{etcd_csr_names_o}}",
"OU": "{{etcd_csr_names_ou}}",
"ST": "{{etcd_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-k8s-apiserver-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_apiserver_csr_cn}}",
"key": {
"algo": "{{k8s_apiserver_csr_key_algo}}",
"size": {{k8s_apiserver_csr_key_size}}
},
"names": [
{
"C": "{{k8s_apiserver_csr_names_c}}",
"L": "{{k8s_apiserver_csr_names_l}}",
"O": "{{k8s_apiserver_csr_names_o}}",
"OU": "{{k8s_apiserver_csr_names_ou}}",
"ST": "{{k8s_apiserver_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-k8s-controller-manager-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_controller_manager_csr_cn}}",
"key": {
"algo": "{{k8s_controller_manager_csr_key_algo}}",
"size": {{k8s_controller_manager_csr_key_size}}
},
"names": [
{
"C": "{{k8s_controller_manager_csr_names_c}}",
"L": "{{k8s_controller_manager_csr_names_l}}",
"O": "{{k8s_controller_manager_csr_names_o}}",
"OU": "{{k8s_controller_manager_csr_names_ou}}",
"ST": "{{k8s_controller_manager_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-k8s-controller-manager-sa-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_controller_manager_sa_csr_cn}}",
"key": {
"algo": "{{k8s_controller_manager_sa_csr_key_algo}}",
"size": {{k8s_controller_manager_sa_csr_key_size}}
},
"names": [
{
"C": "{{k8s_controller_manager_sa_csr_names_c}}",
"L": "{{k8s_controller_manager_sa_csr_names_l}}",
"O": "{{k8s_controller_manager_sa_csr_names_o}}",
"OU": "{{k8s_controller_manager_sa_csr_names_ou}}",
"ST": "{{k8s_controller_manager_sa_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-k8s-proxy-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_kube_proxy_csr_cn}}",
"key": {
"algo": "{{k8s_kube_proxy_csr_key_algo}}",
"size": {{k8s_kube_proxy_csr_key_size}}
},
"names": [
{
"C": "{{k8s_kube_proxy_csr_names_c}}",
"L": "{{k8s_kube_proxy_csr_names_l}}",
"O": "{{k8s_kube_proxy_csr_names_o}}",
"OU": "{{k8s_kube_proxy_csr_names_ou}}",
"ST": "{{k8s_kube_proxy_csr_names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/cert-k8s-scheduler-csr.json.j2
View file

@ -1,16 +0,0 @@
{
"CN": "{{k8s_scheduler_csr_cn}}",
"key": {
"algo": "{{k8s_scheduler_csr_key_algo}}",
"size": {{k8s_scheduler_csr_key_size}}
},
"names": [
{
"C": "{{k8s_scheduler_csr_names_c}}",
"L": "{{k8s_scheduler_csr_names_l}}",
"O": "{{k8s_scheduler_csr_names_o}}",
"OU": "{{k8s_scheduler_csr_names_ou}}",
"ST": "{{k8s_scheduler_csr_names_st}}"
}
]
}

14
roles/kubernetes-ca/templates/cert-worker-csr.json.j2
View file

@ -1,16 +1,16 @@
{
"CN": "system:node:{{hostvars[workerHost]['ansible_hostname']}}",
"key": {
"algo": "{{k8s_worker_csr_key_algo}}",
"size": {{k8s_worker_csr_key_size}}
"algo": "{{k8s_csr.worker.key_algo}}",
"size": {{k8s_csr.worker.key_size}}
},
"names": [
{
"C": "{{k8s_worker_csr_names_c}}",
"L": "{{k8s_worker_csr_names_l}}",
"O": "{{k8s_worker_csr_names_o}}",
"OU": "{{k8s_worker_csr_names_ou}}",
"ST": "{{k8s_worker_csr_names_st}}"
"C": "{{k8s_csr.worker.names_c}}",
"L": "{{k8s_csr.worker.names_l}}",
"O": "{{k8s_csr.worker.names_o}}",
"OU": "{{k8s_csr.worker.names_ou}}",
"ST": "{{k8s_csr.worker.names_st}}"
}
]
}

16
roles/kubernetes-ca/templates/csr.json.j2 Normal file
View file

@ -0,0 +1,16 @@
{
"CN": "{{item.cn}}",
"key": {
"algo": "{{item.key_algo}}",
"size": {{item.key_size}}
},
"names": [
{
"C": "{{item.names_c}}",
"L": "{{item.names_l}}",
"O": "{{item.names_o}}",
"OU": "{{item.names_ou}}",
"ST": "{{item.names_st}}"
}
]
}