Merge pull request #71 from ansibl8s/add_set_remote_user

Add set remote user
2016-01-19 22:20:31 +01:00 · 2016-01-19 22:20:31 +01:00 · babf42f03a
parent 815c5fa43c 859f6322a0
commit babf42f03a
4 changed files with 11 additions and 6 deletions
--- a/roles/kubernetes/master/tasks/main.yml
+++ b/roles/kubernetes/master/tasks/main.yml
@ -11,6 +11,7 @@
     archive: no
     checksum: yes
     times: yes
+     set_remote_user: false
  delegate_to: "{{ groups['downloader'][0] }}"

 - name: Perms kubectl binary
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@ -23,6 +23,7 @@
     dest: "{{ bin_dir }}/kubelet"
     times: yes
     archive: no
+     set_remote_user: false
  delegate_to: "{{ groups['downloader'][0] }}"
  notify:
    - restart kubelet
@ -40,6 +41,7 @@
    dest: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico"
    times: yes
    archive: no
+    set_remote_user: false
  delegate_to: "{{ groups['downloader'][0] }}"
  when: kube_network_plugin == "calico"
  notify: restart kubelet
--- a/roles/kubernetes/node/tasks/secrets.yml
+++ b/roles/kubernetes/node/tasks/secrets.yml
@ -1,12 +1,12 @@
 ---
- name: certs | make sure the certificate directory exits
+- name: Secrets | certs | make sure the certificate directory exits
  file:
    path={{ kube_cert_dir }}
    state=directory
    mode=o-rwx
    group={{ kube_cert_group }}

- name: tokens | make sure the tokens directory exits
+- name: Secrets | tokens | make sure the tokens directory exits
  file:
    path={{ kube_token_dir }}
    state=directory
@ -19,23 +19,24 @@
 - include: gen_tokens.yml

 # Sync certs between nodes
- user:
+- name: Secrets | create user
+  user:
    name: '{{ansible_user_id}}'
    generate_ssh_key: yes
  delegate_to: "{{ groups['kube-master'][0] }}"
  run_once: yes

- name: 'get ssh keypair'
+- name: Secrets | 'get ssh keypair'
  slurp: path=~/.ssh/id_rsa.pub
  register: public_key
  delegate_to: "{{ groups['kube-master'][0] }}"

- name: 'setup keypair on nodes'
+- name: Secrets | 'setup keypair on nodes'
  authorized_key:
    user: '{{ansible_user_id}}'
    key: "{{public_key.content|b64decode }}"

- name: synchronize certificates for nodes
+- name: Secrets | synchronize certificates for nodes
  synchronize:
    src: "{{ item }}"
    dest: "{{ kube_cert_dir }}"
--- a/roles/network_plugin/tasks/calico.yml
+++ b/roles/network_plugin/tasks/calico.yml
@ -5,6 +5,7 @@
    dest: "{{ bin_dir }}/calicoctl"
    archive: no
    times: yes
+    set_remote_user: false
  delegate_to: "{{ groups['downloader'][0] }}"
  notify: restart calico-node