fix: certs error when run 'kubectl exec' or 'kubectl logs'

v3.4
gjmzj 2023-02-06 19:32:19 +08:00
parent 24b7120a00
commit 6590abfc90
3 changed files with 15 additions and 2 deletions

View File

@ -6,7 +6,7 @@
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-' or '.',
# and must start and end with an alphanumeric character
[kube_master]
192.168.1.1 k8s_nodename=''
192.168.1.1
# work node(s), set unique 'k8s_nodename' for each node
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-' or '.',

View File

@ -74,6 +74,18 @@
shell: systemctl daemon-reload && systemctl restart kube-proxy
tags: reload-kube-proxy, upgrade_k8s, restart_node, force_change_certs
# 设置k8s_nodename 在/etc/hosts 地址解析
- name: 设置k8s_nodename 在/etc/hosts 地址解析
lineinfile:
dest: /etc/hosts
state: present
regexp: "{{ K8S_NODENAME }}"
line: "{{ inventory_hostname }} {{ K8S_NODENAME }}"
delegate_to: "{{ item }}"
with_items: "{{ groups.kube_master }}"
when: "inventory_hostname != K8S_NODENAME"
# 轮询等待kube-proxy启动完成
- name: 轮询等待kube-proxy启动
shell: "systemctl is-active kube-proxy.service"

View File

@ -2,7 +2,8 @@
"CN": "system:node:{{ K8S_NODENAME }}",
"hosts": [
"127.0.0.1",
"{{ inventory_hostname }}"
"{{ inventory_hostname }}",
"{{ K8S_NODENAME }}"
],
"key": {
"algo": "rsa",