| Marek Celoud | a22f666 | 2017-01-10 17:37:16 +0100 | [diff] [blame] | 1 | parameters: |
| 2 | salt: |
| 3 | minion: |
| 4 | cert: |
| 5 | k8s_client: |
| 6 | host: ${_param:salt_minion_ca_host} |
| 7 | authority: ${_param:salt_minion_ca_authority} |
| 8 | key_file: /etc/kubernetes/ssl/kubelet-client.key |
| 9 | cert_file: /etc/kubernetes/ssl/kubelet-client.crt |
| Marek Celoud | 8723b86 | 2017-01-19 16:10:53 +0100 | [diff] [blame] | 10 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| Andrey Shestakov | 97fbd98 | 2017-12-27 22:29:11 +0200 | [diff] [blame] | 11 | common_name: system:node:${linux:system:name} |
| 12 | organization_name: system:nodes |
| Marek Celoud | a22f666 | 2017-01-10 17:37:16 +0100 | [diff] [blame] | 13 | signing_policy: cert_client |
| Andrey Shestakov | 97fbd98 | 2017-12-27 22:29:11 +0200 | [diff] [blame] | 14 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |
| 15 | k8s_proxy: |
| 16 | host: ${_param:salt_minion_ca_host} |
| 17 | authority: ${_param:salt_minion_ca_authority} |
| 18 | key_file: /etc/kubernetes/ssl/kube-proxy-client.key |
| 19 | cert_file: /etc/kubernetes/ssl/kube-proxy-client.crt |
| 20 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 21 | common_name: system:kube-proxy |
| 22 | signing_policy: cert_client |
| 23 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |
| Victor Ryzhenkin | f1de161 | 2018-02-12 16:25:44 +0000 | [diff] [blame^] | 24 | k8s_scheduler: |
| 25 | host: ${_param:salt_minion_ca_host} |
| 26 | authority: ${_param:salt_minion_ca_authority} |
| 27 | key_file: /etc/kubernetes/ssl/kube-scheduler-client.key |
| 28 | cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt |
| 29 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 30 | common_name: system:kube-scheduler |
| 31 | signing_policy: cert_client |
| 32 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |
| 33 | k8s_controller_manager: |
| 34 | host: ${_param:salt_minion_ca_host} |
| 35 | authority: ${_param:salt_minion_ca_authority} |
| 36 | key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key |
| 37 | cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt |
| 38 | ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt |
| 39 | common_name: system:kube-controller-manager |
| 40 | signing_policy: cert_client |
| 41 | alternative_names: IP:${_param:cluster_vip_address},IP:${_param:cluster_node01_address},IP:${_param:cluster_node02_address},IP:${_param:cluster_node03_address},IP:${_param:kubernetes_internal_api_address} |