mirror of https://github.com/k3s-io/k3s
update dns start to grant required RBAC permissions
deads2k
parent
b18e433590
commit
207c04a3f8
|
|
@ -400,6 +400,14 @@ contexts:
|
||||||
user: local-up-cluster
|
user: local-up-cluster
|
||||||
name: local-up-cluster
|
name: local-up-cluster
|
||||||
current-context: local-up-cluster
|
current-context: local-up-cluster
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# flatten the kubeconfig files to make them self contained
|
||||||
|
username=$(whoami)
|
||||||
|
${CONTROLPLANE_SUDO} /bin/bash -e <<EOF
|
||||||
|
${GO_OUT}/kubectl --kubeconfig="${CERT_DIR}/$1.kubeconfig" config view --minify --flatten > "/tmp/$1.kubeconfig"
|
||||||
|
mv -f "/tmp/$1.kubeconfig" "${CERT_DIR}/$1.kubeconfig"
|
||||||
|
chown ${username} "${CERT_DIR}/$1.kubeconfig"
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -724,7 +732,6 @@ function start_kubeproxy {
|
||||||
}
|
}
|
||||||
|
|
||||||
function start_kubedns {
|
function start_kubedns {
|
||||||
|
|
||||||
if [[ "${ENABLE_CLUSTER_DNS}" = true ]]; then
|
if [[ "${ENABLE_CLUSTER_DNS}" = true ]]; then
|
||||||
echo "Creating kube-system namespace"
|
echo "Creating kube-system namespace"
|
||||||
sed -e "s/{{ pillar\['dns_replicas'\] }}/${DNS_REPLICAS}/g;s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g;" "${KUBE_ROOT}/cluster/addons/dns/skydns-rc.yaml.in" >| skydns-rc.yaml
|
sed -e "s/{{ pillar\['dns_replicas'\] }}/${DNS_REPLICAS}/g;s/{{ pillar\['dns_domain'\] }}/${DNS_DOMAIN}/g;" "${KUBE_ROOT}/cluster/addons/dns/skydns-rc.yaml.in" >| skydns-rc.yaml
|
||||||
|
|
@ -742,18 +749,15 @@ function start_kubedns {
|
||||||
sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" skydns-rc.yaml
|
sed -i -e "/{{ pillar\['federations_domain_map'\] }}/d" skydns-rc.yaml
|
||||||
fi
|
fi
|
||||||
sed -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" "${KUBE_ROOT}/cluster/addons/dns/skydns-svc.yaml.in" >| skydns-svc.yaml
|
sed -e "s/{{ pillar\['dns_server'\] }}/${DNS_SERVER_IP}/g" "${KUBE_ROOT}/cluster/addons/dns/skydns-svc.yaml.in" >| skydns-svc.yaml
|
||||||
export KUBERNETES_PROVIDER=local
|
|
||||||
${KUBECTL} config set-cluster local --server=https://${API_HOST}:${API_SECURE_PORT} --certificate-authority=${ROOT_CA_FILE}
|
# TODO update to dns role once we have one.
|
||||||
${KUBECTL} config set-credentials myself --username=admin --password=admin
|
${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" create clusterrolebinding system:kube-dns --clusterrole=cluster-admin --serviceaccount=kube-system:default
|
||||||
${KUBECTL} config set-context local --cluster=local --user=myself
|
|
||||||
${KUBECTL} config use-context local
|
|
||||||
|
|
||||||
# use kubectl to create skydns rc and service
|
# use kubectl to create skydns rc and service
|
||||||
${KUBECTL} --namespace=kube-system create -f skydns-rc.yaml
|
${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" --namespace=kube-system create -f skydns-rc.yaml
|
||||||
${KUBECTL} --namespace=kube-system create -f skydns-svc.yaml
|
${KUBECTL} --kubeconfig="${CERT_DIR}/admin.kubeconfig" --namespace=kube-system create -f skydns-svc.yaml
|
||||||
echo "Kube-dns rc and service successfully deployed."
|
echo "Kube-dns rc and service successfully deployed."
|
||||||
|
rm skydns-rc.yaml skydns-svc.yaml
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function print_success {
|
function print_success {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue