Página inicial Explorar Ajuda
Registrar Entrar
zhouyuhuan
/
Cloudpods
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Tree: 4e53efd173
Branches Tags
Cloudpods
/
ocboot
/
onecloud
/
roles
/
utils
/
controlplane
/
tasks
/
main.yml

main.yml 1.0 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435 
  1. ---
    2. 

  2. - name: Remove kubeadm cronjob that renews certificates
    3. 

  3.   cron:
    4. 

  4.     name: "Use kubeadm renew certificates"
    5. 

  5.     special_time: monthly
    6. 

  6.     user: root
    7. 

  7.     job: "/usr/bin/kubeadm alpha certs renew all"
    8. 

  8.     cron_file: yunion_kubeadm_renew_certs
    9. 

  9.     state: absent
    10. 

  10.   become: true
    11. 

  11. 

  12. - name: Ensure a cronjob that renews k8s certificates
    13. 

  13.   cron:
    14. 

  14.     name: "Use ocadm renew certificates"
    15. 

  15.     special_time: monthly
    16. 

  16.     user: root
    17. 

  17.     job: "/opt/yunion/bin/ocadm alpha certs renew all"
    18. 

  18.     cron_file: yunion_ocadm_renew_certs
    19. 

  19.   become: true
    20. 

  20. 

  21. - name: Check if k3s.service.env file exists
    22. 

  22.   ansible.builtin.stat:
    23. 

  23.     path: /etc/systemd/system/k3s.service.env
    24. 

  24.   register: k3s_service_env_file
    25. 

  25.   become: true
    26. 

  26. 

  27. - name: Add CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS to k3s.service.env if not set
    28. 

  28.   ansible.builtin.lineinfile:
    29. 

  29.     path: /etc/systemd/system/k3s.service.env
    30. 

  30.     line: "CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS=3650"
    31. 

  31.     regexp: "^CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS="
    32. 

  32.     state: present
    33. 

  33.     create: false
    34. 

  34.   when: k3s_service_env_file.stat.exists
    35. 

  35.   become: true
    36.