Merge "k8s: Add admin.conf kubeconfig"
This commit is contained in:
commit
7b9e074ee9
|
@ -380,6 +380,32 @@ sed -i '
|
|||
/^KUBE_ADMISSION_CONTROL=/ s/=.*/="'"${KUBE_ADMISSION_CONTROL}"'"/
|
||||
' /etc/kubernetes/apiserver
|
||||
|
||||
ADMIN_KUBECONFIG=/etc/kubernetes/admin.conf
|
||||
cat << EOF >> ${ADMIN_KUBECONFIG}
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
certificate-authority: ${CERT_DIR}/ca.crt
|
||||
server: https://127.0.0.1:$KUBE_API_PORT
|
||||
name: ${CLUSTER_UUID}
|
||||
contexts:
|
||||
- context:
|
||||
cluster: ${CLUSTER_UUID}
|
||||
user: admin
|
||||
name: default
|
||||
current-context: default
|
||||
kind: Config
|
||||
preferences: {}
|
||||
users:
|
||||
- name: admin
|
||||
user:
|
||||
as-user-extra: {}
|
||||
client-certificate: ${CERT_DIR}/admin.crt
|
||||
client-key: ${CERT_DIR}/admin.key
|
||||
EOF
|
||||
echo "export KUBECONFIG=${ADMIN_KUBECONFIG}" >> /etc/bashrc
|
||||
chown root:root ${ADMIN_KUBECONFIG}
|
||||
chmod 600 ${ADMIN_KUBECONFIG}
|
||||
|
||||
# Add controller manager args
|
||||
KUBE_CONTROLLER_MANAGER_ARGS="--leader-elect=true"
|
||||
|
|
|
@ -167,8 +167,26 @@ keyUsage=critical,digitalSignature,keyEncipherment
|
|||
extendedKeyUsage=clientAuth,serverAuth
|
||||
EOF
|
||||
|
||||
#admin Certs
|
||||
cat > ${cert_dir}/admin.conf <<EOF
|
||||
[req]
|
||||
distinguished_name = req_distinguished_name
|
||||
req_extensions = req_ext
|
||||
prompt = no
|
||||
[req_distinguished_name]
|
||||
CN = admin
|
||||
O = system:masters
|
||||
OU=OpenStack/Magnum
|
||||
C=US
|
||||
ST=TX
|
||||
L=Austin
|
||||
[req_ext]
|
||||
extendedKeyUsage= clientAuth
|
||||
EOF
|
||||
|
||||
generate_certificates server ${cert_dir}/server.conf
|
||||
generate_certificates kubelet ${cert_dir}/kubelet.conf
|
||||
generate_certificates admin ${cert_dir}/admin.conf
|
||||
|
||||
# Generate service account key and private key
|
||||
echo -e "${KUBE_SERVICE_ACCOUNT_KEY}" > ${cert_dir}/service_account.key
|
||||
|
|
Loading…
Reference in New Issue