Skip to content
Snippets Groups Projects
Unverified Commit 07cc9819 authored by Matthew Mosesohn's avatar Matthew Mosesohn Committed by GitHub
Browse files

refactor vault role (#2733)

* Move front-proxy-client certs back to kube mount

We want the same CA for all k8s certs

* Refactor vault to use a third party module

The module adds idempotency and reduces some of the repetitive
logic in the vault role

Requires ansible-modules-hashivault on ansible node and hvac
on the vault hosts themselves

Add upgrade test scenario
Remove bootstrap-os tags from tasks

* fix upgrade issues

* improve unseal logic

* specify ca and fix etcd check

* Fix initialization check

bump machine size
parent e23fd5ca
No related branches found
No related tags found
No related merge requests found
Showing
with 148 additions and 69 deletions
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment