From 957b7115feeff8a681c5a843d01302395cb3c144 Mon Sep 17 00:00:00 2001
From: mkrasilnikov <m.krasilnikov@propellerads.net>
Date: Tue, 5 Sep 2017 14:40:26 +0300
Subject: [PATCH] Remove node name from kube-proxy and admin certificates

---
 roles/kubernetes/secrets/tasks/gen_certs_vault.yml | 4 ++--
 roles/vault/tasks/bootstrap/main.yml               | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/kubernetes/secrets/tasks/gen_certs_vault.yml b/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
index 82535fd20..8cad8cc66 100644
--- a/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
+++ b/roles/kubernetes/secrets/tasks/gen_certs_vault.yml
@@ -8,7 +8,7 @@
 # Issue admin certs to kube-master hosts
 - include: ../../../vault/tasks/shared/issue_cert.yml
   vars:
-    issue_cert_common_name: "admin:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
+    issue_cert_common_name: "admin"
     issue_cert_copy_ca: "{{ item == kube_admin_certs_needed|first }}"
     issue_cert_file_group: "{{ kube_cert_group }}"
     issue_cert_file_owner: kube
@@ -80,7 +80,7 @@
 # Issue proxy certs to k8s-cluster nodes
 - include: ../../../vault/tasks/shared/issue_cert.yml
   vars:
-    issue_cert_common_name: "system:kube-proxy:{{ item.rsplit('/', 1)[1].rsplit('.', 1)[0] }}"
+    issue_cert_common_name: "system:kube-proxy"
     issue_cert_copy_ca: "{{ item == kube_proxy_certs_needed|first }}"
     issue_cert_file_group: "{{ kube_cert_group }}"
     issue_cert_file_owner: kube
diff --git a/roles/vault/tasks/bootstrap/main.yml b/roles/vault/tasks/bootstrap/main.yml
index e061028b7..b87954ca7 100644
--- a/roles/vault/tasks/bootstrap/main.yml
+++ b/roles/vault/tasks/bootstrap/main.yml
@@ -6,7 +6,7 @@
   when: inventory_hostname in groups.vault
 
 - include: ../shared/find_leader.yml
-  when: inventory_hostname in groups.vault and vault_cluster_is_initialized|d()
+  when: inventory_hostname in groups.vault and vault_cluster_is_initialized
 
 - include: sync_vault_certs.yml
   when: inventory_hostname in groups.vault
-- 
GitLab