| Marek Celoud | a22f666 | 2017-01-10 17:37:16 +0100 | [diff] [blame] | 1 | parameters: |
| 2 | salt: |
| 3 | minion: |
| 4 | cert: |
| 5 | k8s_server: |
| 6 | host: ${_param:salt_minion_ca_host} |
| 7 | authority: ${_param:salt_minion_ca_authority} |
| 8 | common_name: kubernetes-server |
| Tomáš Kukrál | 16d4ddf | 2017-01-26 12:26:14 +0100 | [diff] [blame] | 9 | key_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.key |
| 10 | cert_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.crt |
| Tomáš Kukrál | 522431f | 2017-01-26 13:49:38 +0100 | [diff] [blame] | 11 | all_file: /srv/salt/env/${_param:salt_master_base_environment}/_certs/kubernetes/kubernetes-server.pem |
| Marek Celoud | a22f666 | 2017-01-10 17:37:16 +0100 | [diff] [blame] | 12 | signing_policy: cert_server |
| Tomáš Kukrál | 761475e | 2017-04-12 13:40:41 +0200 | [diff] [blame] | 13 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address},DNS:kubernetes.default,DNS:kubernetes.default.svc |
| Tomáš Kukrál | 803aa03 | 2018-02-06 13:03:28 +0100 | [diff] [blame] | 14 | k8s_scheduler: |
| 15 | host: ${_param:salt_minion_ca_host} |
| 16 | authority: ${_param:salt_minion_ca_authority} |
| 17 | key_file: /etc/kubernetes/ssl/kube-scheduler-client.key |
| 18 | cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt |
| 19 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 20 | common_name: system:kube-scheduler |
| 21 | signing_policy: cert_client |
| 22 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |
| 23 | k8s_controller_manager: |
| 24 | host: ${_param:salt_minion_ca_host} |
| 25 | authority: ${_param:salt_minion_ca_authority} |
| 26 | key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key |
| 27 | cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt |
| 28 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 29 | common_name: system:kube-controller-manager |
| 30 | signing_policy: cert_client |
| 31 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |
| 32 | k8s_admin: |
| 33 | host: ${_param:salt_minion_ca_host} |
| 34 | authority: ${_param:salt_minion_ca_authority} |
| 35 | key_file: /etc/kubernetes/ssl/admin.key |
| 36 | cert_file: /etc/kubernetes/ssl/admin.crt |
| 37 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 38 | common_name: admin |
| 39 | organization_name: system:masters |
| 40 | signing_policy: cert_client |