Merge "Revert "Create k8s server certs directly on ctl nodes""
diff --git a/classes/cluster/k8s-ha-calico-flannel-virtlet/infra/config.yml b/classes/cluster/k8s-ha-calico-flannel-virtlet/infra/config.yml
index 30c0290..a5eb9ab 100644
--- a/classes/cluster/k8s-ha-calico-flannel-virtlet/infra/config.yml
+++ b/classes/cluster/k8s-ha-calico-flannel-virtlet/infra/config.yml
@@ -5,6 +5,7 @@
- system.salt.master.pkg
- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.cert.k8s_server
- system.reclass.storage.salt
- system.reclass.storage.system.kubernetes_control_cluster
- cluster.k8s-ha-calico-flannel-virtlet
diff --git a/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/control.yml b/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/control.yml
index 5cf36e1..6e95a6e 100644
--- a/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/control.yml
+++ b/classes/cluster/k8s-ha-calico-flannel-virtlet/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.keepalived.cluster.instance.kube_api_server_vip
diff --git a/classes/cluster/k8s-ha-calico/infra/config.yml b/classes/cluster/k8s-ha-calico/infra/config.yml
index aa7dac0..c505d53 100644
--- a/classes/cluster/k8s-ha-calico/infra/config.yml
+++ b/classes/cluster/k8s-ha-calico/infra/config.yml
@@ -5,6 +5,7 @@
- system.salt.master.pkg
- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.cert.k8s_server
- system.reclass.storage.salt
- system.reclass.storage.system.kubernetes_control_cluster
- cluster.k8s-ha-calico
diff --git a/classes/cluster/k8s-ha-calico/kubernetes/control.yml b/classes/cluster/k8s-ha-calico/kubernetes/control.yml
index bb40fcb..1e2f60f 100644
--- a/classes/cluster/k8s-ha-calico/kubernetes/control.yml
+++ b/classes/cluster/k8s-ha-calico/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.keepalived.cluster.instance.kube_api_server_vip
diff --git a/classes/cluster/k8s-ha-contrail-40/infra/config.yml b/classes/cluster/k8s-ha-contrail-40/infra/config.yml
index 943cb54..ef5d993 100644
--- a/classes/cluster/k8s-ha-contrail-40/infra/config.yml
+++ b/classes/cluster/k8s-ha-contrail-40/infra/config.yml
@@ -6,6 +6,7 @@
- system.salt.master.pkg
- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.cert.k8s_server
- system.reclass.storage.salt
- system.reclass.storage.system.kubernetes_control_cluster
- cluster.k8s-ha-contrail-40.infra
diff --git a/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
index 0532e50..3d55a35 100644
--- a/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
+++ b/classes/cluster/k8s-ha-contrail-40/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.linux.system.repo.docker_legacy
diff --git a/classes/cluster/k8s-ha-contrail/infra/config.yml b/classes/cluster/k8s-ha-contrail/infra/config.yml
index 9fa261e..48b8397 100644
--- a/classes/cluster/k8s-ha-contrail/infra/config.yml
+++ b/classes/cluster/k8s-ha-contrail/infra/config.yml
@@ -7,6 +7,7 @@
- system.salt.master.api
- system.reclass.storage.salt
- system.salt.minion.ca.salt_master
+- system.salt.minion.cert.k8s_server
- system.reclass.storage.system.kubernetes_control_cluster
- system.reclass.storage.system.opencontrail_control_cluster
- cluster.k8s-ha-contrail
diff --git a/classes/cluster/k8s-ha-contrail/kubernetes/control.yml b/classes/cluster/k8s-ha-contrail/kubernetes/control.yml
index d608df2..5c131c7 100644
--- a/classes/cluster/k8s-ha-contrail/kubernetes/control.yml
+++ b/classes/cluster/k8s-ha-contrail/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.keepalived.cluster.instance.kube_api_server_vip
diff --git a/classes/cluster/sl-k8s-calico/infra/config.yml b/classes/cluster/sl-k8s-calico/infra/config.yml
index 4e98584..5cf7d6c 100644
--- a/classes/cluster/sl-k8s-calico/infra/config.yml
+++ b/classes/cluster/sl-k8s-calico/infra/config.yml
@@ -5,6 +5,7 @@
- system.salt.master.pkg
- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.cert.k8s_server
- system.mysql.client
- system.mysql.client.database.grafana
- system.reclass.storage.salt
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/control.yml b/classes/cluster/sl-k8s-calico/kubernetes/control.yml
index bd254a5..a316fb8 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/control.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.keepalived.cluster.instance.kube_api_server_vip
diff --git a/classes/cluster/sl-k8s-contrail/infra/config.yml b/classes/cluster/sl-k8s-contrail/infra/config.yml
index c94dd3d..bb5ad1f 100644
--- a/classes/cluster/sl-k8s-contrail/infra/config.yml
+++ b/classes/cluster/sl-k8s-contrail/infra/config.yml
@@ -9,6 +9,7 @@
- system.salt.minion.ca.salt_master
- system.salt.master.api
- system.reclass.storage.salt
+- system.salt.minion.cert.k8s_server
- system.reclass.storage.system.kubernetes_control_cluster
#- system.reclass.storage.system.opencontrail_control_cluster
- cluster.sl-k8s-contrail
diff --git a/classes/cluster/sl-k8s-contrail/kubernetes/control.yml b/classes/cluster/sl-k8s-contrail/kubernetes/control.yml
index 0ddfbda..7de9af4 100644
--- a/classes/cluster/sl-k8s-contrail/kubernetes/control.yml
+++ b/classes/cluster/sl-k8s-contrail/kubernetes/control.yml
@@ -4,7 +4,6 @@
- system.keepalived.cluster.instance.kube_api_server_vip
- system.linux.system.repo.docker_legacy
- system.salt.minion.cert.etcd_server
-- system.salt.minion.cert.k8s_server
- system.kubernetes.master.cluster
- system.kubernetes.master.auth.rbac
- system.kubernetes.control.roles.cluster-admin
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/infra/config.yml b/classes/cluster/virtual-mcp11-k8s-calico/infra/config.yml
index 8548e0c..61ab895 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/infra/config.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/infra/config.yml
@@ -7,6 +7,7 @@
- system.salt.master.pkg
- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.cert.k8s_server
- system.mysql.client
- system.mysql.client.database.grafana
- system.reclass.storage.salt
diff --git a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/control.yml b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/control.yml
index 672b202..1c201ee 100644
--- a/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/control.yml
+++ b/classes/cluster/virtual-mcp11-k8s-calico/kubernetes/control.yml
@@ -1,6 +1,5 @@
classes:
- system.etcd.server.cluster
-- system.salt.minion.cert.k8s_server
- service.kubernetes.control.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
- system.keepalived.cluster.instance.kube_api_server_vip
diff --git a/classes/system b/classes/system
index 42435a9..91f8927 160000
--- a/classes/system
+++ b/classes/system
@@ -1 +1 @@
-Subproject commit 42435a9d7e919cca3e0eb24b102da0e3b8343809
+Subproject commit 91f89276bee05cc677c325dafa9dffb190fe1bee