-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add tasks to generate kubeconfig files
This commit adds tasks to generate kubeconfig files for the kube-proxy, kube-controller-manager, kube-scheduler services, and the admin user. The tasks set up the necessary configurations using kubectl commands and include embedding certificates, setting cluster information, server URLs, client credentials, and context details.
- Loading branch information
Showing
1 changed file
with
100 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
--- | ||
- name: Set facts | ||
run_once: true | ||
block: | ||
- name: Get loadbalancer IP | ||
ansible.builtin.shell: | ||
cmd: "dig +short loadbalancer" | ||
register: loadbalancer_ip | ||
|
||
- name: Set loadbalancer IP | ||
ansible.builtin.set_fact: | ||
loadbalancer_ip: "{{ loadbalancer_ip.stdout }}" | ||
|
||
- name: Print loadbalancer IP | ||
ansible.builtin.debug: | ||
msg: "Loadbalancer IP: {{ loadbalancer_ip }}" | ||
|
||
- name: Generate a kubeconfig file for the kube-proxy service | ||
ansible.builtin.shell: | | ||
kubectl config set-cluster kubernetes-the-hard-way \ | ||
--certificate-authority=ca.crt \ | ||
--embed-certs=true \ | ||
--server=https://{{ loadbalancer_ip }}:6443 \ | ||
--kubeconfig=kube-proxy.kubeconfig | ||
kubectl config set-credentials system:kube-proxy \ | ||
--client-certificate=kube-proxy.crt \ | ||
--client-key=kube-proxy.key \ | ||
--embed-certs=true \ | ||
--kubeconfig=kube-proxy.kubeconfig | ||
kubectl config set-context default \ | ||
--cluster=kubernetes-the-hard-way \ | ||
--user=system:kube-proxy \ | ||
--kubeconfig=kube-proxy.kubeconfig | ||
kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig | ||
- name: Generate a kubeconfig file for the kube-controller-manager service | ||
ansible.builtin.shell: | | ||
kubectl config set-cluster kubernetes-the-hard-way \ | ||
--certificate-authority=ca.crt \ | ||
--embed-certs=true \ | ||
--server=https://{{ loadbalancer_ip }}:6443 \ | ||
--kubeconfig=kube-controller-manager.kubeconfig | ||
kubectl config set-credentials system:kube-controller-manager \ | ||
--client-certificate=kube-controller-manager.crt \ | ||
--client-key=kube-controller-manager.key \ | ||
--embed-certs=true \ | ||
--kubeconfig=kube-controller-manager.kubeconfig | ||
kubectl config set-context default \ | ||
--cluster=kubernetes-the-hard-way \ | ||
--user=system:kube-controller-manager \ | ||
--kubeconfig=kube-controller-manager.kubeconfig | ||
kubectl config use-context default --kubeconfig=kube-controller-manager.kubeconfig | ||
- name: Generate a kubeconfig file for the kube-scheduler service | ||
ansible.builtin.shell: | | ||
kubectl config set-cluster kubernetes-the-hard-way \ | ||
--certificate-authority=ca.crt \ | ||
--embed-certs=true \ | ||
--server=https://{{ loadbalancer_ip }}:6443 \ | ||
--kubeconfig=kube-scheduler.kubeconfig | ||
kubectl config set-credentials system:kube-scheduler \ | ||
--client-certificate=kube-scheduler.crt \ | ||
--client-key=kube-scheduler.key \ | ||
--embed-certs=true \ | ||
--kubeconfig=kube-scheduler.kubeconfig | ||
kubectl config set-context default \ | ||
--cluster=kubernetes-the-hard-way \ | ||
--user=system:kube-scheduler \ | ||
--kubeconfig=kube-scheduler.kubeconfig | ||
kubectl config use-context default --kubeconfig=kube-scheduler.kubeconfig | ||
- name: Generate a kubeconfig file for the admin user | ||
ansible.builtin.shell: | | ||
kubectl config set-cluster kubernetes-the-hard-way \ | ||
--certificate-authority=ca.crt \ | ||
--embed-certs=true \ | ||
--server=https://127.0.0.1:6443 \ | ||
--kubeconfig=admin.kubeconfig | ||
kubectl config set-credentials admin \ | ||
--client-certificate=admin.crt \ | ||
--client-key=admin.key \ | ||
--embed-certs=true \ | ||
--kubeconfig=admin.kubeconfig | ||
kubectl config set-context default \ | ||
--cluster=kubernetes-the-hard-way \ | ||
--user=admin \ | ||
--kubeconfig=admin.kubeconfig | ||
kubectl config use-context default --kubeconfig=admin.kubeconfig |