path: .genesis.hostname
dest:
path: .values.nodes[0].name
+{% for server in yaml.masters %}
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
- path: .masters[0].hostname
+ path: .masters[{{loop.index-1}}].hostname
dest:
- path: .values.nodes[1].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[1].hostname
- dest:
- path: .values.nodes[2].name
- - src:
- schema: pegleg/CommonAddresses/v1
- name: common-addresses
- path: .masters[2].hostname
- dest:
- path: .values.nodes[3].name
+ path: .values.nodes[{{loop.index}}].name
+{% endfor %}
# Certificate substitutions for the node names assembled on the above list.
# NEWSITE-CHANGEME: Per above, the number of substitutions should not need
# genesis node, but `genesis` is reference here in the certificate names
# because of certain Promenade assumptions that may be addressed in the
# future. Therefore `genesis` is used instead of `cab23-r720-11` here.
+
+ # Genesis node {{yaml.genesis.name}}
- src:
schema: deckhand/Certificate/v1
name: kubernetes-etcd-genesis
path: .
dest:
path: .values.nodes[0].tls.peer.key
+{% for server in yaml.masters %}
- # master node 1 hostname - cab23-r720-12
+ # Master node {{loop.index}} hostname - {{server.name}}
- src:
schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-12
+ name: kubernetes-etcd-{{server.name}}
path: .
dest:
- path: .values.nodes[1].tls.client.cert
+ path: .values.nodes[{{loop.index}}].tls.client.cert
- src:
schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-12
+ name: kubernetes-etcd-{{server.name}}
path: .
dest:
- path: .values.nodes[1].tls.client.key
+ path: .values.nodes[{{loop.index}}].tls.client.key
- src:
schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-12-peer
+ name: kubernetes-etcd-{{server.name}}-peer
path: .
dest:
- path: .values.nodes[1].tls.peer.cert
+ path: .values.nodes[{{loop.index}}].tls.peer.cert
- src:
schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-12-peer
+ name: kubernetes-etcd-{{server.name}}-peer
path: .
dest:
- path: .values.nodes[1].tls.peer.key
-
- # master node 2 hostname - cab23-r720-13
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-13
- path: .
- dest:
- path: .values.nodes[2].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-13
- path: .
- dest:
- path: .values.nodes[2].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-13-peer
- path: .
- dest:
- path: .values.nodes[2].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-13-peer
- path: $
- dest:
- path: .values.nodes[2].tls.peer.key
-
- # master node 3 hostname - cab23-r720-14
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-14
- path: .
- dest:
- path: .values.nodes[3].tls.client.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-14
- path: .
- dest:
- path: .values.nodes[3].tls.client.key
- - src:
- schema: deckhand/Certificate/v1
- name: kubernetes-etcd-cab23-r720-14-peer
- path: .
- dest:
- path: .values.nodes[3].tls.peer.cert
- - src:
- schema: deckhand/CertificateKey/v1
- name: kubernetes-etcd-cab23-r720-14-peer
- path: $
- dest:
- path: .values.nodes[3].tls.peer.key
+ path: .values.nodes[{{loop.index}}].tls.peer.key
+{% endfor %}
data: {}
...