[k8s] Fix CA rotate
Using admin.conf as the kubeconfig to get correct permissions to run kubectl command to update pods to use the new CA certs. Besides, now we need to create client certs on master nodes as well. Story:2008858 Task: 42379 Change-Id: I4996060dd18ef3c448d4b225caec53bf0ae0ba75
This commit is contained in:
parent
12766eaff8
commit
cdbe26c452
|
@ -7,6 +7,7 @@ set -x
|
|||
set -eu -o pipefail
|
||||
|
||||
ssh_cmd="ssh -F /srv/magnum/.ssh/config root@localhost"
|
||||
export KUBECONFIG="/etc/kubernetes/admin.conf"
|
||||
|
||||
service_account_key=$kube_service_account_key_input
|
||||
service_account_private_key=$kube_service_account_private_key_input
|
||||
|
|
|
@ -1067,6 +1067,7 @@ resources:
|
|||
- "#!/bin/bash"
|
||||
- get_file: ../../common/templates/kubernetes/fragments/upgrade-kubernetes.sh
|
||||
- get_file: ../../common/templates/kubernetes/fragments/make-cert.sh
|
||||
- get_file: ../../common/templates/kubernetes/fragments/make-cert-client.sh
|
||||
- get_file: ../../common/templates/kubernetes/fragments/rotate-kubernetes-ca-certs-master.sh
|
||||
|
||||
upgrade_kubernetes_deployment:
|
||||
|
|
Loading…
Reference in New Issue