.github
certificates
coding
exercises
ansible
aws
azure
cicd
solutions
deploy_to_kubernetes
html
Jenkinsfile
README.md
deploy.yml
helloworld.yml
inventory
remove_builds_solution.groovy
remove_jobs_solution.groovy
README.md
ci_for_open_source_project.md
deploy_to_kubernetes.md
remove_builds.md
remove_jobs.md
cloud
containers
databases
devops
dns
flask_container_ci
flask_container_ci2
git
grafana
kubernetes
misc
openshift
os
perl
programming
python
security
shell
soft_skills
software_development
sql
terraform
zuul
cloud_slack_bot.md
eflk.md
jenkins_pipelines.md
jenkins_scripts.md
pipeline_deploy_image_to_k8.md
images
scripts
tests
.gitignore
.travis.yml
CONTRIBUTING.md
LICENSE
README-zh_CN.md
README.md
credits.md
faq.md
prepare_for_interview.md
43 lines
1.3 KiB
YAML
43 lines
1.3 KiB
YAML
![]() |
- name: Apply Kubernetes YAMLs
|
||
|
hosts: kubernetes
|
||
|
tasks:
|
||
|
- name: Ensure SSL related directories exist
|
||
|
file:
|
||
|
path: "{{ item }}"
|
||
|
state: directory
|
||
|
loop:
|
||
|
- "/etc/ssl/crt"
|
||
|
- "/etc/ssl/csr"
|
||
|
- "/etc/ssl/private"
|
||
|
|
||
|
- name: Generate an OpenSSL private key.
|
||
|
openssl_privatekey:
|
||
|
path: /etc/ssl/private/privkey.pem
|
||
|
|
||
|
- name: generate openssl certficate signing requests
|
||
|
openssl_csr:
|
||
|
path: /etc/ssl/csr/hello-world.app.csr
|
||
|
privatekey_path: /etc/ssl/private/privkey.pem
|
||
|
common_name: hello-world.app
|
||
|
|
||
|
- name: Generate a Self Signed OpenSSL certificate
|
||
|
openssl_certificate:
|
||
|
path: /etc/ssl/crt/hello-world.app.crt
|
||
|
privatekey_path: /etc/ssl/private/privkey.pem
|
||
|
csr_path: /etc/ssl/csr/hello-world.app.csr
|
||
|
provider: selfsigned
|
||
|
|
||
|
- name: Create k8s secret
|
||
|
command: "kubectl create secret tls tls-secret --cert=/etc/ssl/crt/hello-world.app.crt --key=/etc/ssl/private/privkey.pem"
|
||
|
register: result
|
||
|
failed_when:
|
||
|
- result.rc == 2
|
||
|
|
||
|
- name: Deploy web app
|
||
|
k8s:
|
||
|
state: present
|
||
|
definition: "{{ lookup('file', './helloworld.yml') }}"
|
||
|
kubeconfig: '/home/abregman/.kube/config'
|
||
|
namespace: 'default'
|
||
|
wait: true
|