Comments (3)
adamacosta
commented on August 12, 2024
1
It's this:
config() {
mkdir -p "/etc/rancher/rke2"
cat <<EOF >> "/etc/rancher/rke2/config.yaml"
# Additional user defined configuration
${config}
EOF
}
and this:
if [ $TYPE = "server" ]; then
# Initialize server
identify
cat <<EOF >> "/etc/rancher/rke2/config.yaml"
tls-san:
- ${server_url}
EOF
The module allows the user to pass arbitrary config values, which may include tls-san, but then creates it anyway because the ${server_url} refers to the DNS name assigned by AWS to the control plane load balancer, which isn't known until it gets created. I suspect we'll have to expose a variable to set additional SANs for the API server directly and then explain in bold-face font somewhere that this particular key can't be passed as additional config without breaking the setup. The way this script currently works doesn't make it possible to assign your own DNS name to your API server, which isn't a great idea. We got pretty lucky that it took over three years for someone to encounter this.
from rke2-aws-tf.
ghsbhatia
commented on August 12, 2024
@adamacosta @joshrwolf - Please take a look at the pull request. Thanks!
from rke2-aws-tf.
adamacosta
commented on August 12, 2024
Fixed in v2.4.1
from rke2-aws-tf.
Related Issues (20)
- agent-nodepool Terraform template using an experimental feature without enabling the feature HOT 3
- RKE2 Cluster creation fails with private subnets HOT 4
- Examples don't work in RHEL8. NGINX Backend, CoreDNS, Metrics server left in crash loop. HOT 3
- Setting kube-apiserver.yaml values on deployment HOT 4
- statestore module not compatabile with version 4.0.0 of AWS provider HOT 1
- publish module to terraform registry HOT 1
- Fix deprecated items for Terraform 1.27 HOT 1
- How to access private IP servers and agents HOT 1
- Server fails on AMI having the AWS CLI installed HOT 2
- Feature flag to allow turning on/off security group creation HOT 2
- S3 now defaults to ACLs disabled HOT 1
- Name length issues for nlb module HOT 2
- Does not work on latest RHEL AMIs. No easy way to specify release channel for binary HOT 1
- Error: want at least 1 healthy instance(s) registered to Load Balancer, have 0', timeout: 10m0 HOT 3
- Non-backwards compatible change: CP using NLB HOT 9
- `aws_lb_target_group` logic error on long names HOT 1
- No SLES provision for servers or agents HOT 1
- Need to pin Terraform AWS provider HOT 2
- Terraform 0.13 does not support optional keyword HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rke2-aws-tf.