废弃ansible hosts中basic_auth相关配置

pull/485/head
gjmzj 2019-03-14 14:00:28 +08:00
parent 7c43c17371
commit 75defebbf5
10 changed files with 7 additions and 38 deletions

View File

@ -53,10 +53,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名 # 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# ---------附加参数-------------------- # ---------附加参数--------------------
#默认二进制文件目录 #默认二进制文件目录
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -54,10 +54,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain # Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# -------- Additional Variables -------------------- # -------- Additional Variables --------------------
# Binaries Directory # Binaries Directory
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -53,10 +53,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名 # 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# ---------附加参数-------------------- # ---------附加参数--------------------
#默认二进制文件目录 #默认二进制文件目录
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -54,10 +54,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain # Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# -------- Additional Variables -------------------- # -------- Additional Variables --------------------
# Binaries Directory # Binaries Directory
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -63,10 +63,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名 # 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# ---------附加参数-------------------- # ---------附加参数--------------------
#默认二进制文件目录 #默认二进制文件目录
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -64,10 +64,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain # Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# -------- Additional Variables -------------------- # -------- Additional Variables --------------------
# Binaries Directory # Binaries Directory
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -54,10 +54,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名 # 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# ---------附加参数-------------------- # ---------附加参数--------------------
#默认二进制文件目录 #默认二进制文件目录
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -55,10 +55,6 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain # Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local." CLUSTER_DNS_DOMAIN="cluster.local."
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"
# -------- Additional Variables -------------------- # -------- Additional Variables --------------------
# Binaries Directory # Binaries Directory
bin_dir="/opt/kube/bin" bin_dir="/opt/kube/bin"

View File

@ -32,12 +32,6 @@
when: p.stat.isreg is not defined when: p.stat.isreg is not defined
shell: "cd {{ ca_dir }} && {{ bin_dir }}/cfssl gencert -initca ca-csr.json | {{ bin_dir }}/cfssljson -bare ca" shell: "cd {{ ca_dir }} && {{ bin_dir }}/cfssl gencert -initca ca-csr.json | {{ bin_dir }}/cfssljson -bare ca"
# 随机生成集群 basic auth 使用的密码
- name: 生成随机 basic auth 密码
shell: 'export PWD=`date +%s%N | md5sum | head -c 16`; sed -i "s/^BASIC_AUTH_PASS.*$/BASIC_AUTH_PASS=\"$PWD\"/g" {{ base_dir }}/hosts'
connection: local
when: p.stat.isreg is not defined
#----------- 创建kubectl kubeconfig文件: /root/.kube/config #----------- 创建kubectl kubeconfig文件: /root/.kube/config
- name: 准备kubectl使用的admin 证书签名请求 - name: 准备kubectl使用的admin 证书签名请求
template: src=admin-csr.json.j2 dest={{ ca_dir }}/admin-csr.json template: src=admin-csr.json.j2 dest={{ ca_dir }}/admin-csr.json

View File

@ -8,3 +8,10 @@ MASTER_CERT_HOSTS:
- "k8s.test.io" - "k8s.test.io"
#- "61.182.11.41" #- "61.182.11.41"
#- "www.test.com" #- "www.test.com"
# apiserver 基础认证(用户名/密码)配置
# BASIC_AUTH_PASS 初次运行时会被随机密码覆盖
# 在 master 节点文件‘/etc/kubernetes/ssl/basic-auth.csv 可以查看密码
BASIC_AUTH_ENABLE: "yes"
BASIC_AUTH_USER: "admin"
BASIC_AUTH_PASS: "test1234"