kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kubespray/roles/kubernetes/control-plane/templates
History
Max Gautier b3f6d05131
Move control plane certs renewal "spread out" into the systemd timer (#10596) 
* Use RandomizedDelaySec to spread out control certificates renewal plane

If the number of control plane node is superior to 6, using (index * 10
minutes) will fail (03:60:00 is not a valid timestamp).

Compared to just fixing the jinja expression (to use a modulo for
example), this should avoid having two control planes certificates
update node being triggered at the same time.

* Make k8s-certs-renew.timer Persistent

If the control plane happens to be offline during the scheduled
certificates renewal (node failure or anything like that), we still want
the renewal to happen.
 		2023-11-08 12:35:20 +01:00
..
admission-controls.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
apiserver-audit-policy.yaml.j2 make sure serviceaccounts/token is only in the metadata stage (#7679) 2021-06-07 08:38:40 -07:00
apiserver-audit-webhook-config.yaml.j2 Move kubernetes/master to kubernetes/control-plane (#7218) 2021-02-01 07:15:49 -08:00
eventratelimit.yaml.j2 [kubeadm] use v1beta3 configuration version 2022-06-15 00:57:20 -07:00
k8s-certs-renew.service.j2 Auto renew control plane certificates (#7358) 2021-03-22 11:22:48 -07:00
k8s-certs-renew.sh.j2 fix(k8s-certs-renew): Use kube_apiserver_port instead of hard-coding (#9620) 2022-12-27 18:17:35 -08:00
k8s-certs-renew.timer.j2 Move control plane certs renewal "spread out" into the systemd timer (#10596) 2023-11-08 12:35:20 +01:00
kubeadm-config.v1beta3.yaml.j2 Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/con… (#10464) 2023-10-17 21:39:40 +02:00
kubeadm-controlplane.v1beta3.yaml.j2 Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/con… (#10464) 2023-10-17 21:39:40 +02:00
kubescheduler-config.yaml.j2 [kubernetes] Kube-scheduler: remove/update deprecated component config v1beta3 (#10484) 2023-09-29 00:22:45 -07:00
podsecurity.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
psp-cr.yml.j2 [PodSecurityPolicy] Move the install of psp (#8744) 2022-05-09 09:21:19 -07:00
psp-crb.yml.j2 [PodSecurityPolicy] Move the install of psp (#8744) 2022-05-09 09:21:19 -07:00
psp.yml.j2 [PodSecurityPolicy] Move the install of psp (#8744) 2022-05-09 09:21:19 -07:00
secrets_encryption.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
webhook-authorization-config.yaml.j2 Move kubernetes/master to kubernetes/control-plane (#7218) 2021-02-01 07:15:49 -08:00
webhook-token-auth-config.yaml.j2 Add optional setting for ca data in auth webhook (#8777) 2022-05-05 14:52:43 -07:00