Skip to content

Commit

Permalink
增加随机basic auth密码等脚本优化
Browse files Browse the repository at this point in the history
  • Loading branch information
gjmzj committed Feb 25, 2019
1 parent d6ed23c commit 4c6ec53
Show file tree
Hide file tree
Showing 13 changed files with 18 additions and 8 deletions.
2 changes: 1 addition & 1 deletion example/hosts.allinone.example
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local."

# 集群basic auth 使用的用户名和密码
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.allinone.example.en
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local."

# Basic auth for apiserver
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.cloud.example
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local."

# 集群basic auth 使用的用户名和密码
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.cloud.example.en
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local."

# Basic auth for apiserver
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.m-masters.example
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local."

# 集群basic auth 使用的用户名和密码
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.m-masters.example.en
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local."

# Basic auth for apiserver
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.s-master.example
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# 集群 DNS 域名
CLUSTER_DNS_DOMAIN="cluster.local."

# 集群basic auth 使用的用户名和密码
# 集群basic auth 使用的用户名和密码 (运行时会生成随机密码)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
2 changes: 1 addition & 1 deletion example/hosts.s-master.example.en
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ CLUSTER_DNS_SVC_IP="10.68.0.2"
# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local."

# Basic auth for apiserver
# Basic auth for apiserver (a random password will be gennerated on cluster setup)
BASIC_AUTH_USER="admin"
BASIC_AUTH_PASS="test1234"

Expand Down
1 change: 1 addition & 0 deletions roles/calico/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -105,3 +105,4 @@
delegate_to: "{{ groups.deploy[0] }}"
retries: 15
delay: 15
ignore_errors: true
1 change: 1 addition & 0 deletions roles/cilium/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -96,3 +96,4 @@
delegate_to: "{{ groups.deploy[0] }}"
retries: 15
delay: 8
ignore_errors: true
6 changes: 6 additions & 0 deletions roles/deploy/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,12 @@
when: p.stat.isreg is not defined
shell: "cd {{ ca_dir }} && {{ bin_dir }}/cfssl gencert -initca ca-csr.json | {{ bin_dir }}/cfssljson -bare ca"

# 随机生成集群 basic auth 使用的密码
- name: 生成随机 basic auth 密码
shell: 'export PWD=`date +%s%N | md5sum | head -c 16`; sed -i "s/^BASIC_AUTH_PASS.*$/BASIC_AUTH_PASS=\"$PWD\"/g" {{ base_dir }}/hosts'
connection: local
when: p.stat.isreg is not defined

#----------- 创建kubectl kubeconfig文件: /root/.kube/config
- name: 准备kubectl使用的admin 证书签名请求
template: src=admin-csr.json.j2 dest={{ ca_dir }}/admin-csr.json
Expand Down
1 change: 1 addition & 0 deletions roles/flannel/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,4 +68,5 @@
delegate_to: "{{ groups.deploy[0] }}"
retries: 15
delay: 8
ignore_errors: true

1 change: 1 addition & 0 deletions roles/kube-router/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,4 +85,5 @@
delegate_to: "{{ groups.deploy[0] }}"
retries: 15
delay: 8
ignore_errors: true

0 comments on commit 4c6ec53

Please sign in to comment.