blob: e1c38767d98647ec41ad483a40d75b7a12b60f87 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
---
# The purpose of this file is to define the PKI certificates for the environment
#
# NOTE: When deploying a new site, this file should not be configured until
# baremetal/nodes.yaml is complete.
#
schema: promenade/PKICatalog/v1
metadata:
schema: metadata/Document/v1
name: cluster-certificates
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
certificate_authorities:
kubernetes:
description: CA for Kubernetes components
certificates:
# NEWSITE-CHANGEME: The following should be a list of all the nodes in
# the environment (genesis, control plane, data plane, everything).
# Add/delete from this list as necessary until all nodes are listed.
# For each node, the `hosts` list should be comprised of:
# 1. The node's hostname
# 2. The node's ksn/Calico IP address
# master nodes
- document_name: kubelet-pod15-node1
common_name: system:node:pod15-node1
hosts:
- pod15-node1
- 10.10.152.21
groups:
- system:nodes
- document_name: kubelet-pod15-node2
common_name: system:node:pod15-node2
hosts:
- pod15-node2
- 10.10.152.22
groups:
- system:nodes
- document_name: kubelet-pod15-node3
common_name: system:node:pod15-node3
hosts:
- pod15-node3
- 10.10.152.23
groups:
- system:nodes
# work nodes
- document_name: kubelet-pod15-node4
common_name: system:node:pod15-node4
hosts:
# values from baremetal/nodes.yaml
- pod15-node4
- 10.10.152.24
groups:
- system:nodes
# - document_name: kubelet-pod15-node5
# common_name: system:node:pod15-node5
# hosts:
# values from baremetal/nodes.yaml
# - pod15-node5
# - 10.10.152.25
# groups:
# - system:nodes
# End node list
...
|
