openstack
/
magnum
Code Issues Proposed changes
Browse Source

[k8s] Add trustee as a secret in kube-system 

Add a new secret in kube-system holding the trustee information. This is
useful for any service running within kubernetes needing to contact
OpenStack services.

Change-Id: I1939fb6a33c9eb6a45697d070f58c9510be774b3
changes/25/636725/4
Ricardo Rocha 3 years ago
parent
61173ec6fb
commit
ca442a7202
1 changed files with 9 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh

9
magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh
View File

@ -80,6 +80,15 @@ EOF
}
kubectl apply --validate=false -f ${ADMIN_RBAC}
# Add the openstack trustee as a secret under kube-system
kubectl -n kube-system create secret generic os-trustee \
--from-literal=os-authURL=${AUTH_URL} \
--from-literal=os-trustID=${TRUST_ID} \
--from-literal=os-trusteeID=${TRUSTEE_USER_ID} \
--from-literal=os-trusteePassword=${TRUSTEE_PASSWORD} \
--from-literal=os-region=${REGION_NAME} \
--from-file=os-certAuthority=/etc/kubernetes/ca-bundle.crt
#TODO: add heat variables for master count to determine leaderelect true/False ?
if [ -n "${TRUST_ID}" ] && [ "$(echo "${CLOUD_PROVIDER_ENABLED}" | tr '[:upper:]' '[:lower:]')" = "true" ]; then
occm_image="${CONTAINER_INFRA_PREFIX:-docker.io/k8scloudprovider/}openstack-cloud-controller-manager:${CLOUD_PROVIDER_TAG}"

Write Preview
Loading…
Cancel
Save