infra/kubernetes
1
0
Fork 0
Code Pull Requests 3 Activity

ansible: Allow host-provisioner to read root CA

Browse Source 
The Kubernetes root CA certificate is stored in a ConfigMap named
`kube-root-ca.crt` in every namespace.  The _host-provisioner_ needs to
be able to read this ConfigMap in order to prepare control plane nodes,
as it is used by HAProxy to check the health of the API servers running
on each node.
This commit is contained in:
Dustin
2025-07-23 10:50:24 -05:00
parent 484c17c1d5
commit 36015084c8
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/rbac.yaml
View File

@@ -54,6 +54,7 @@ rules:
- get
resourceNames:
- cluster-info
- kube-root-ca.crt
---
apiVersion: rbac.authorization.k8s.io/v1