X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site%2Fhpgen10%2Fpki%2Fpki-catalog.yaml;fp=site%2Fhpgen10%2Fpki%2Fpki-catalog.yaml;h=0000000000000000000000000000000000000000;hb=f75a047e5d98eea7d43cfbe6ade55ce2e2e0f3a9;hp=cce0cb41e77b1e6693818021b08fbc720ce2c923;hpb=0a2885e1506c60df0e39d1681657661bacd39670;p=yaml_builds.git diff --git a/site/hpgen10/pki/pki-catalog.yaml b/site/hpgen10/pki/pki-catalog.yaml deleted file mode 100644 index cce0cb4..0000000 --- a/site/hpgen10/pki/pki-catalog.yaml +++ /dev/null @@ -1,266 +0,0 @@ ---- -############################################################################## -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - groups: - - system:nodes - - document_name: kubelet-aknode30 - common_name: system:node:aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - groups: - - system:nodes - - document_name: kubelet-aknode31 - common_name: system:node:aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - groups: - - system:nodes - - document_name: kubelet-aknode32 - common_name: system:node:aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - # NOTE(mark-burnett): hosts not required for client certificates - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode30 - common_name: kubernetes-etcd-aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode31 - common_name: kubernetes-etcd-aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode32 - common_name: kubernetes-etcd-aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode30-peer - common_name: kubernetes-etcd-aknode30-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode31-peer - common_name: kubernetes-etcd-aknode31-peer - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode32-peer - common_name: kubernetes-etcd-aknode32-peer - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-aknode30 - common_name: calico-etcd-aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode31 - common_name: calico-etcd-aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode32 - common_name: calico-etcd-aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-aknode30-peer - common_name: calico-etcd-aknode30-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode31-peer - common_name: calico-etcd-aknode31-peer - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode32-peer - common_name: calico-etcd-aknode32-peer - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -...