25 lines
863 B
YAML
25 lines
863 B
YAML
- name: Upload certs and get certificate key
|
|
shell: kubeadm init phase upload-certs --upload-certs | tail -n 1
|
|
register: cert_key
|
|
|
|
- name: Compute CA cert hash
|
|
shell: |
|
|
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | awk '{print $2}'
|
|
register: ca_hash
|
|
|
|
- name: Create short-lived token
|
|
shell: kubeadm token create --ttl 30m
|
|
register: join_token
|
|
|
|
- name: Determine control-plane endpoint
|
|
set_fact:
|
|
cp_endpoint: "{{ hostvars[inventory_hostname].control_plane_endpoint | default(ansible_host ~ ':6443') }}"
|
|
|
|
- set_fact:
|
|
kubeadm_cp_join_cmd: >-
|
|
kubeadm join {{ cp_endpoint }}
|
|
--token {{ join_token.stdout }}
|
|
--discovery-token-ca-cert-hash sha256:{{ ca_hash.stdout }}
|
|
--control-plane
|
|
--certificate-key {{ cert_key.stdout }}
|