--- # The purpose of this file is to define the PKI certificates for the environment # # NOTE: When deploying a new site, this file should not be configured until # baremetal/nodes.yaml is complete. # schema: promenade/PKICatalog/v1 metadata: schema: metadata/Document/v1 name: cluster-certificates layeringDefinition: abstract: false layer: site storagePolicy: cleartext data: certificate_authorities: kubernetes: description: CA for Kubernetes components certificates: # NEWSITE-CHANGEME: The following should be a list of all the nodes in # the environment (genesis, control plane, data plane, everything). # Add/delete from this list as necessary until all nodes are listed. # For each node, the `hosts` list should be comprised of: # 1. The node's hostname # 2. The node's ksn/Calico IP address # master nodes - document_name: kubelet-pod15-node1 common_name: system:node:pod15-node1 hosts: - pod15-node1 - 10.10.152.21 groups: - system:nodes - document_name: kubelet-pod15-node2 common_name: system:node:pod15-node2 hosts: - pod15-node2 - 10.10.152.22 groups: - system:nodes - document_name: kubelet-pod15-node3 common_name: system:node:pod15-node3 hosts: - pod15-node3 - 10.10.152.23 groups: - system:nodes # work nodes - document_name: kubelet-pod15-node4 common_name: system:node:pod15-node4 hosts: # values from baremetal/nodes.yaml - pod15-node4 - 10.10.152.24 groups: - system:nodes # - document_name: kubelet-pod15-node5 # common_name: system:node:pod15-node5 # hosts: # values from baremetal/nodes.yaml # - pod15-node5 # - 10.10.152.25 # groups: # - system:nodes # End node list ...