Alexandros Kosiaris has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/386755 )
Change subject: Enable k8s::controller manager ServiceAccount signing ...................................................................... Enable k8s::controller manager ServiceAccount signing Specify the required hiera parameter to provide the controller manager to create the tokens and secrets for ServiceAccounts Bug: T177393 Change-Id: I202e547079f6ecf26d65d0ed87031a45019166a8 --- M hieradata/role/common/kubernetes/master.yaml M hieradata/role/common/kubernetes/staging/master.yaml 2 files changed, 2 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/55/386755/1 diff --git a/hieradata/role/common/kubernetes/master.yaml b/hieradata/role/common/kubernetes/master.yaml index aa84106..676e426 100644 --- a/hieradata/role/common/kubernetes/master.yaml +++ b/hieradata/role/common/kubernetes/master.yaml @@ -13,6 +13,7 @@ profile::kubernetes::master::ssl_cert_path: "/etc/ssl/localcerts/kubemaster.svc.%{::site}.wmnet.crt" profile::kubernetes::master::ssl_key_path: "/etc/ssl/private/kubemaster.svc.%{::site}.wmnet.key" profile::kubernetes::master::authz_mode: '' +profile::kubernetes::master::service_account_private_key_file: "/etc/ssl/private/kubemaster.svc.%{::site}.wmnet.key" # TODO: This needs to become a profile role::lvs::realserver::pools: kubemaster: {} diff --git a/hieradata/role/common/kubernetes/staging/master.yaml b/hieradata/role/common/kubernetes/staging/master.yaml index 00e562d..f4bc25c 100644 --- a/hieradata/role/common/kubernetes/staging/master.yaml +++ b/hieradata/role/common/kubernetes/staging/master.yaml @@ -14,6 +14,7 @@ profile::kubernetes::master::ssl_cert_path: "/etc/kubernetes/ssl/cert.pem" profile::kubernetes::master::ssl_key_path: "/etc/kubernetes/ssl/server.key" profile::kubernetes::master::authz_mode: '' +profile::kubernetes::master::service_account_private_key_file: "/etc/kubernetes/ssl/server.key" profile::kubernetes::master::service_cluster_ip_range: 10.64.76.0/24 profile::kubernetes::master::etcd_urls: - https://kubestagetcd1001.eqiad.wmnet:2379 -- To view, visit https://gerrit.wikimedia.org/r/386755 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I202e547079f6ecf26d65d0ed87031a45019166a8 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits