blob: 21506dbfcad20aaa18ce97ba52a045e63cb81a3d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
---
# The purpose of this file is to define the PKI certificates for the environment
#
# NOTE: When deploying a new site, this file should not be configured until
# baremetal/nodes.yaml is complete.
#
schema: promenade/PKICatalog/v1
metadata:
schema: metadata/Document/v1
name: cluster-certificates
layeringDefinition:
abstract: false
layer: site
storagePolicy: cleartext
data:
certificate_authorities:
kubernetes:
description: CA for Kubernetes components
certificates:
# NEWSITE-CHANGEME: The following should be a list of all the nodes in
# the environment (genesis, control plane, data plane, everything).
# Add/delete from this list as necessary until all nodes are listed.
# For each node, the `hosts` list should be comprised of:
# 1. The node's hostname
# 2. The node's ksn/Calico IP address
# master nodes
- document_name: kubelet-pod17-node1
common_name: system:node:pod17-node1
hosts:
- pod17-node1
- 10.10.172.21
groups:
- system:nodes
- document_name: kubelet-pod17-node2
common_name: system:node:pod17-node2
hosts:
- pod17-node2
- 10.10.172.22
groups:
- system:nodes
- document_name: kubelet-pod17-node3
common_name: system:node:pod17-node3
hosts:
- pod17-node3
- 10.10.172.23
groups:
- system:nodes
# work nodes
- document_name: kubelet-pod17-node5
common_name: system:node:pod17-node5
hosts:
# values from baremetal/nodes.yaml
- pod17-node5
- 10.10.172.25
groups:
- system:nodes
# End node list
...
|
