X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site%2Fsite30%2Fpki%2Fpki-catalog.yaml;fp=site%2Fsite30%2Fpki%2Fpki-catalog.yaml;h=0000000000000000000000000000000000000000;hb=8e1d108f64f06572790ee4db71bc1d9dd32e82da;hp=b4c5889b69d404e1f22334ee10560156a28301d3;hpb=d743ec6c91f97cc9f5b944a8d0a609883440b14e;p=yaml_builds.git diff --git a/site/site30/pki/pki-catalog.yaml b/site/site30/pki/pki-catalog.yaml deleted file mode 100644 index b4c5889..0000000 --- a/site/site30/pki/pki-catalog.yaml +++ /dev/null @@ -1,285 +0,0 @@ ---- -############################################################################## -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -schema: promenade/PKICatalog/v1 -metadata: - schema: metadata/Document/v1 - name: cluster-certificates - layeringDefinition: - abstract: false - layer: site - storagePolicy: cleartext -data: - certificate_authorities: - kubernetes: - description: CA for Kubernetes components - certificates: - - document_name: apiserver - description: Service certificate for Kubernetes apiserver - common_name: apiserver - hosts: - - localhost - - 127.0.0.1 - - 10.96.0.1 - kubernetes_service_names: - - kubernetes.default.svc.cluster.local - - document_name: kubelet-genesis - common_name: system:node:aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - groups: - - system:nodes - - document_name: kubelet-aknode30 - common_name: system:node:aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - groups: - - system:nodes - - document_name: kubelet-aknode31 - common_name: system:node:aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - groups: - - system:nodes - - document_name: kubelet-aknode32 - common_name: system:node:aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - groups: - - system:nodes - - document_name: kubelet-aknode33 - common_name: system:node:aknode33 - hosts: - - aknode33 - - 192.168.2.33 - - 172.29.1.33 - - 172.30.1.33 - groups: - - system:nodes - - document_name: kubelet-aknode34 - common_name: system:node:aknode34 - hosts: - - aknode34 - - 192.168.2.34 - - 172.29.1.34 - - 172.30.1.34 - groups: - - system:nodes - - document_name: scheduler - description: Service certificate for Kubernetes scheduler - common_name: system:kube-scheduler - - document_name: controller-manager - description: certificate for controller-manager - common_name: system:kube-controller-manager - - document_name: admin - common_name: admin - groups: - - system:masters - - document_name: armada - common_name: armada - groups: - - system:masters - kubernetes-etcd: - description: Certificates for Kubernetes's etcd servers - certificates: - - document_name: apiserver-etcd - description: etcd client certificate for use by Kubernetes apiserver - common_name: apiserver - # NOTE(mark-burnett): hosts not required for client certificates - - document_name: kubernetes-etcd-anchor - description: anchor - common_name: anchor - - document_name: kubernetes-etcd-genesis - common_name: kubernetes-etcd-genesis - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode30 - common_name: kubernetes-etcd-aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode31 - common_name: kubernetes-etcd-aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode32 - common_name: kubernetes-etcd-aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - kubernetes-etcd-peer: - certificates: - - document_name: kubernetes-etcd-genesis-peer - common_name: kubernetes-etcd-genesis-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode30-peer - common_name: kubernetes-etcd-aknode30-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode31-peer - common_name: kubernetes-etcd-aknode31-peer - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - - document_name: kubernetes-etcd-aknode32-peer - common_name: kubernetes-etcd-aknode32-peer - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - kubernetes-etcd.kube-system.svc.cluster.local - - 10.96.0.2 - calico-etcd: - description: Certificates for Calico etcd client traffic - certificates: - - document_name: calico-etcd-anchor - description: anchor - common_name: anchor - - document_name: calico-etcd-aknode30 - common_name: calico-etcd-aknode30 - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode31 - common_name: calico-etcd-aknode31 - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode32 - common_name: calico-etcd-aknode32 - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node - common_name: calcico-node - calico-etcd-peer: - description: Certificates for Calico etcd clients - certificates: - - document_name: calico-etcd-aknode30-peer - common_name: calico-etcd-aknode30-peer - hosts: - - aknode30 - - 192.168.2.30 - - 172.29.1.30 - - 172.30.1.30 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode31-peer - common_name: calico-etcd-aknode31-peer - hosts: - - aknode31 - - 192.168.2.31 - - 172.29.1.31 - - 172.30.1.31 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-etcd-aknode32-peer - common_name: calico-etcd-aknode32-peer - hosts: - - aknode32 - - 192.168.2.32 - - 172.29.1.32 - - 172.30.1.32 - - 127.0.0.1 - - localhost - - 10.96.232.136 - - document_name: calico-node-peer - common_name: calcico-node-peer - keypairs: - - name: service-account - description: Service account signing key for use by Kubernetes controller-manager. -... -