Merge pull request #2935 from alvistack/cert-manager-0.3.1
cert-manager: Upgrade to 0.3.2pull/2756/merge
commit
9e19159547
|
@ -103,7 +103,7 @@ Supported Components
|
||||||
- [weave](https://github.com/weaveworks/weave) v2.3.0
|
- [weave](https://github.com/weaveworks/weave) v2.3.0
|
||||||
- Application
|
- Application
|
||||||
- [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v1.1.0-k8s1.10
|
- [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v1.1.0-k8s1.10
|
||||||
- [cert-manager](https://github.com/jetstack/cert-manager) v0.3.0
|
- [cert-manager](https://github.com/jetstack/cert-manager) v0.3.2
|
||||||
- [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.15.0
|
- [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.15.0
|
||||||
|
|
||||||
Note: kubernetes doesn't support newer docker versions. Among other things kubelet currently breaks on docker's non-standard version numbering (it no longer uses semantic versioning). To ensure auto-updates don't break your cluster look into e.g. yum versionlock plugin or apt pin).
|
Note: kubernetes doesn't support newer docker versions. Among other things kubelet currently breaks on docker's non-standard version numbering (it no longer uses semantic versioning). To ensure auto-updates don't break your cluster look into e.g. yum versionlock plugin or apt pin).
|
||||||
|
|
|
@ -160,7 +160,7 @@ ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/ngin
|
||||||
ingress_nginx_controller_image_tag: "0.15.0"
|
ingress_nginx_controller_image_tag: "0.15.0"
|
||||||
ingress_nginx_default_backend_image_repo: "gcr.io/google_containers/defaultbackend"
|
ingress_nginx_default_backend_image_repo: "gcr.io/google_containers/defaultbackend"
|
||||||
ingress_nginx_default_backend_image_tag: "1.4"
|
ingress_nginx_default_backend_image_tag: "1.4"
|
||||||
cert_manager_version: "v0.3.0"
|
cert_manager_version: "v0.3.2"
|
||||||
cert_manager_controller_image_repo: "quay.io/jetstack/cert-manager-controller"
|
cert_manager_controller_image_repo: "quay.io/jetstack/cert-manager-controller"
|
||||||
cert_manager_controller_image_tag: "{{ cert_manager_version }}"
|
cert_manager_controller_image_tag: "{{ cert_manager_version }}"
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,23 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
|
- name: Cert Manager | Remove legacy addon dir and manifests
|
||||||
|
file:
|
||||||
|
path: "{{ kube_config_dir }}/addons/cert_manager"
|
||||||
|
state: absent
|
||||||
|
when:
|
||||||
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
|
tags:
|
||||||
|
- upgrade
|
||||||
|
|
||||||
|
- name: Cert Manager | Remove legacy namespace
|
||||||
|
shell: |
|
||||||
|
{{ bin_dir }}/kubectl delete namespace {{ cert_manager_namespace }}
|
||||||
|
ignore_errors: yes
|
||||||
|
when:
|
||||||
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
|
tags:
|
||||||
|
- upgrade
|
||||||
|
|
||||||
- name: Cert Manager | Create addon dir
|
- name: Cert Manager | Create addon dir
|
||||||
file:
|
file:
|
||||||
path: "{{ kube_config_dir }}/addons/cert_manager"
|
path: "{{ kube_config_dir }}/addons/cert_manager"
|
||||||
|
@ -7,20 +25,22 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0755
|
mode: 0755
|
||||||
|
when:
|
||||||
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
|
|
||||||
- name: Cert Manager | Create manifests
|
- name: Cert Manager | Create manifests
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/cert_manager/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/cert_manager/{{ item.file }}"
|
||||||
with_items:
|
with_items:
|
||||||
- { name: cert-manager-ns, file: cert-manager-ns.yml, type: ns }
|
- { name: 00-namespace, file: 00-namespace.yml, type: ns }
|
||||||
- { name: cert-manager-sa, file: cert-manager-sa.yml, type: sa }
|
- { name: sa-cert-manager, file: sa-cert-manager.yml, type: sa }
|
||||||
- { name: cert-manager-clusterrole, file: cert-manager-clusterrole.yml, type: clusterrole }
|
- { name: crd-certificate, file: crd-certificate.yml, type: crd }
|
||||||
- { name: cert-manager-clusterrolebinding, file: cert-manager-clusterrolebinding.yml, type: clusterrolebinding }
|
- { name: crd-clusterissuer, file: crd-clusterissuer.yml, type: crd }
|
||||||
- { name: cert-manager-issuer-crd, file: cert-manager-issuer-crd.yml, type: crd }
|
- { name: crd-issuer, file: crd-issuer.yml, type: crd }
|
||||||
- { name: cert-manager-clusterissuer-crd, file: cert-manager-clusterissuer-crd.yml, type: crd }
|
- { name: clusterrole-cert-manager, file: clusterrole-cert-manager.yml, type: clusterrole }
|
||||||
- { name: cert-manager-certificate-crd, file: cert-manager-certificate-crd.yml, type: crd }
|
- { name: clusterrolebinding-cert-manager, file: clusterrolebinding-cert-manager.yml, type: clusterrolebinding }
|
||||||
- { name: cert-manager-deploy, file: cert-manager-deploy.yml, type: deploy }
|
- { name: deploy-cert-manager, file: deploy-cert-manager.yml, type: deploy }
|
||||||
register: cert_manager_manifests
|
register: cert_manager_manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube-master'][0]
|
- inventory_hostname == groups['kube-master'][0]
|
||||||
|
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
name: cert-manager
|
name: cert-manager
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
rules:
|
rules:
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
name: cert-manager
|
name: cert-manager
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
roleRef:
|
roleRef:
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
name: certificates.certmanager.k8s.io
|
name: certificates.certmanager.k8s.io
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
spec:
|
spec:
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
name: clusterissuers.certmanager.k8s.io
|
name: clusterissuers.certmanager.k8s.io
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
spec:
|
spec:
|
|
@ -5,7 +5,7 @@ metadata:
|
||||||
name: issuers.certmanager.k8s.io
|
name: issuers.certmanager.k8s.io
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
spec:
|
spec:
|
|
@ -6,7 +6,7 @@ metadata:
|
||||||
namespace: {{ cert_manager_namespace }}
|
namespace: {{ cert_manager_namespace }}
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
||||||
spec:
|
spec:
|
|
@ -6,6 +6,6 @@ metadata:
|
||||||
namespace: {{ cert_manager_namespace }}
|
namespace: {{ cert_manager_namespace }}
|
||||||
labels:
|
labels:
|
||||||
app: cert-manager
|
app: cert-manager
|
||||||
chart: cert-manager-v0.3.2
|
chart: cert-manager-v0.3.4
|
||||||
release: cert-manager
|
release: cert-manager
|
||||||
heritage: Tiller
|
heritage: Tiller
|
Loading…
Reference in New Issue