Skip to content

Commit

Permalink
Add ServiceAccounts for kube-apiserver and kube-scheduler
Browse files Browse the repository at this point in the history
* Add a separate ServiceAccount and ClusterRoleBinding for kube-apiserver
* Add a separate ServiceAccount and ClusterRoleBinding for kube-scheduler
* Rename the CA certificate CommonName for consistency with upstream
* Remove the ClusterRoleBinding for the kube-system default ServiceAccount
  • Loading branch information
dghubble committed Jan 2, 2019
1 parent ea8b0d1 commit a82f0f4
Show file tree
Hide file tree
Showing 10 changed files with 14 additions and 9 deletions.
5 changes: 5 additions & 0 deletions CHANGES.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ Notable changes between versions.

## Latest

* Add a separate ServiceAccount and ClusterRoleBinding for `kube-apiserver`
* Add a separate ServiceAccount and ClusterRoleBinding for `kube-scheduler`
* Rename the CA certificate CommonName for consistency with upstream
* Remove the ClusterRoleBinding for the kube-system default ServiceAccount

#### AWS

* Change `controller_type` and `worker_type` default from t2.small to t3.small
Expand Down
2 changes: 1 addition & 1 deletion aws/container-linux/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion aws/fedora-atomic/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion azure/container-linux/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion bare-metal/container-linux/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"]
Expand Down
2 changes: 1 addition & 1 deletion bare-metal/fedora-atomic/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"]
Expand Down
2 changes: 1 addition & 1 deletion digital-ocean/container-linux/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion digital-ocean/fedora-atomic/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion google-cloud/container-linux/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down
2 changes: 1 addition & 1 deletion google-cloud/fedora-atomic/kubernetes/bootkube.tf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=d14348a368298b7c8b0878accba4974cce5401f9"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f382415f2bc18c7a2d39a92fe254e3823a634270"

cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]
Expand Down

0 comments on commit a82f0f4

Please sign in to comment.