From cdf9a9f4fc253f632b80a6cd45903f57caaf6bbf Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Thu, 11 Jul 2019 15:30:54 +0300
Subject: [PATCH] Generate certificate key before kubeadm control plane config
(#4964)
---
.../tasks/kubeadm-secondary-experimental.yml | 33 ++++++++++---------
1 file changed, 17 insertions(+), 16 deletions(-)
diff --git a/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml b/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml
index 00df73cd3..073f8b6f5 100644
--- a/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-secondary-experimental.yml
@@ -10,22 +10,6 @@
tags:
- facts
-- name: Create kubeadm ControlPlane config
- template:
- src: "kubeadm-controlplane.{{ kubeadmConfig_api_version }}.yaml.j2"
- dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml"
- backup: yes
- when:
- - inventory_hostname != groups['kube-master']|first
- - not kubeadm_already_run.stat.exists
-
-- name: Wait for k8s apiserver
- wait_for:
- host: "{{ kubeadm_discovery_address.split(':')[0] }}"
- port: "{{ kubeadm_discovery_address.split(':')[1] }}"
- timeout: 180
-
-
- name: Upload certificates so they are fresh and not expired
command: >-
{{ bin_dir }}/kubeadm init phase
@@ -48,6 +32,23 @@
kubeadm_certificate_key: "{{ hostvars[groups['kube-master'][0]]['kubeadm_upload_cert'].stdout_lines[-1] | trim }}"
when: kubeadm_certificate_key is undefined
+
+- name: Create kubeadm ControlPlane config
+ template:
+ src: "kubeadm-controlplane.{{ kubeadmConfig_api_version }}.yaml.j2"
+ dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml"
+ backup: yes
+ when:
+ - inventory_hostname != groups['kube-master']|first
+ - not kubeadm_already_run.stat.exists
+
+- name: Wait for k8s apiserver
+ wait_for:
+ host: "{{ kubeadm_discovery_address.split(':')[0] }}"
+ port: "{{ kubeadm_discovery_address.split(':')[1] }}"
+ timeout: 180
+
+
- name: check already run
debug:
msg: "{{ kubeadm_already_run.stat.exists }}"
--
GitLab