Alexandros Kosiaris has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/391804 )
Change subject: Add k8s::kubeconfig define
......................................................................
Add k8s::kubeconfig define
Add a simple define that allows to specify a kubeconfig file. It will
prove useful for splitting the kubeconfig files used by the various
kubernetes components in the future for the purposes of fully utilizing
RBAC. Modify the k8s::infrastructure_config class to use that define to
specify the config
Bug: T177393
Change-Id: Ic5600cc6bf63adb4cda5bce2bc981b5f07fa1411
---
M modules/k8s/manifests/infrastructure_config.pp
A modules/k8s/manifests/kubeconfig.pp
M modules/k8s/templates/kubeconfig-client.yaml.erb
3 files changed, 19 insertions(+), 8 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/04/391804/1
diff --git a/modules/k8s/manifests/infrastructure_config.pp
b/modules/k8s/manifests/infrastructure_config.pp
index 694ae33..8c54a7b 100644
--- a/modules/k8s/manifests/infrastructure_config.pp
+++ b/modules/k8s/manifests/infrastructure_config.pp
@@ -10,12 +10,9 @@
}
$users = hiera('k8s_infrastructure_users')
- file { '/etc/kubernetes/kubeconfig':
- ensure => present,
- content => template('k8s/kubeconfig-client.yaml.erb'),
- owner => 'root',
- group => 'root',
- mode => '0400',
- require => File['/etc/kubernetes'],
+ k8s::kubeconfig { '/etc/kubernetes/kubeconfig':
+ master_host => $master_host,
+ username => $username,
+ token => $users[$username]['token'],
}
}
diff --git a/modules/k8s/manifests/kubeconfig.pp
b/modules/k8s/manifests/kubeconfig.pp
new file mode 100644
index 0000000..b5d1b6e
--- /dev/null
+++ b/modules/k8s/manifests/kubeconfig.pp
@@ -0,0 +1,14 @@
+define k8s::kubeconfig(
+ $master_host,
+ $username,
+ $token,
+) {
+ file { $title:
+ ensure => present,
+ content => template('k8s/kubeconfig-client.yaml.erb'),
+ owner => 'root',
+ group => 'root',
+ mode => '0400',
+ require => File['/etc/kubernetes'],
+ }
+}
diff --git a/modules/k8s/templates/kubeconfig-client.yaml.erb
b/modules/k8s/templates/kubeconfig-client.yaml.erb
index e10bcdd..5a1cbbd 100644
--- a/modules/k8s/templates/kubeconfig-client.yaml.erb
+++ b/modules/k8s/templates/kubeconfig-client.yaml.erb
@@ -14,4 +14,4 @@
users:
- name: <%= @username %>
user:
- token: <%= @users[@username]['token'] %>
+ token: <%= @token %>
--
To view, visit https://gerrit.wikimedia.org/r/391804
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ic5600cc6bf63adb4cda5bce2bc981b5f07fa1411
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
