mirror of https://github.com/easzlab/kubeasz.git
fix: certs error when run 'kubectl exec' or 'kubectl logs'
parent
24b7120a00
commit
6590abfc90
|
@ -6,7 +6,7 @@
|
|||
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-' or '.',
|
||||
# and must start and end with an alphanumeric character
|
||||
[kube_master]
|
||||
192.168.1.1 k8s_nodename=''
|
||||
192.168.1.1
|
||||
|
||||
# work node(s), set unique 'k8s_nodename' for each node
|
||||
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-' or '.',
|
||||
|
|
|
@ -74,6 +74,18 @@
|
|||
shell: systemctl daemon-reload && systemctl restart kube-proxy
|
||||
tags: reload-kube-proxy, upgrade_k8s, restart_node, force_change_certs
|
||||
|
||||
# 设置k8s_nodename 在/etc/hosts 地址解析
|
||||
- name: 设置k8s_nodename 在/etc/hosts 地址解析
|
||||
lineinfile:
|
||||
dest: /etc/hosts
|
||||
state: present
|
||||
regexp: "{{ K8S_NODENAME }}"
|
||||
line: "{{ inventory_hostname }} {{ K8S_NODENAME }}"
|
||||
delegate_to: "{{ item }}"
|
||||
with_items: "{{ groups.kube_master }}"
|
||||
when: "inventory_hostname != K8S_NODENAME"
|
||||
|
||||
|
||||
# 轮询等待kube-proxy启动完成
|
||||
- name: 轮询等待kube-proxy启动
|
||||
shell: "systemctl is-active kube-proxy.service"
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
"CN": "system:node:{{ K8S_NODENAME }}",
|
||||
"hosts": [
|
||||
"127.0.0.1",
|
||||
"{{ inventory_hostname }}"
|
||||
"{{ inventory_hostname }}",
|
||||
"{{ K8S_NODENAME }}"
|
||||
],
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
|
|
Loading…
Reference in New Issue