cri-o/vendor/k8s.io/kubernetes/cluster/openstack-heat/kubernetes-heat/fragments/deploy-kube-auth-files-master.yaml

#cloud-config
merge_how: dict(recurse_array)+list(append)
bootcmd:
  - mkdir -p /srv/salt-overlay/salt/kube-apiserver
  - mkdir -p /srv/salt-overlay/salt/kubelet
write_files:
  - path: /srv/salt-overlay/salt/kube-apiserver/basic_auth.csv
    permissions: "0600"
    content: |
      $apiserver_password,$apiserver_user,admin
  - path: /srv/salt-overlay/salt/kube-apiserver/known_tokens.csv
    permissions: "0600"
    content: |
      $token_kubelet,kubelet,kubelet
      $token_kube_proxy,kube_proxy,kube_proxy
      TokenSystemScheduler,system:scheduler,system:scheduler
      TokenSystemControllerManager,system:controller_manager,system:controller_manager
      TokenSystemLogging,system:logging,system:logging
      TokenSystemMonitoring,system:monitoring,system:monitoring
      TokenSystemDns,system:dns,system:dns
  - path: /srv/salt-overlay/salt/kubelet/kubernetes_auth
    permissions: "0600"
    content: |
      {"BearerToken": "$token_kubelet", "Insecure": true }
  - path: /srv/salt-overlay/salt/kubelet/kubeconfig
    permissions: "0600"
    content: |
      apiVersion: v1
      kind: Config
      users:
        - name: kubelet
          user:
            token: $token_kubelet
      clusters:
        - name: local
          cluster:
            insecure-skip-tls-verify: true
      contexts:
        - context:
            cluster: local
            user: kubelet
          name: service-account-context
      current-context: service-account-context
Switch to github.com/golang/dep for vendoring Signed-off-by: Mrunal Patel <mrunalp@gmail.com> 2017-02-01 00:45:59 +00:00			`#cloud-config`
			`merge_how: dict(recurse_array)+list(append)`
			`bootcmd:`
			`- mkdir -p /srv/salt-overlay/salt/kube-apiserver`
			`- mkdir -p /srv/salt-overlay/salt/kubelet`
			`write_files:`
			`- path: /srv/salt-overlay/salt/kube-apiserver/basic_auth.csv`
			`permissions: "0600"`
			`content: \|`
			`$apiserver_password,$apiserver_user,admin`
			`- path: /srv/salt-overlay/salt/kube-apiserver/known_tokens.csv`
			`permissions: "0600"`
			`content: \|`
			`$token_kubelet,kubelet,kubelet`
			`$token_kube_proxy,kube_proxy,kube_proxy`
			`TokenSystemScheduler,system:scheduler,system:scheduler`
			`TokenSystemControllerManager,system:controller_manager,system:controller_manager`
			`TokenSystemLogging,system:logging,system:logging`
			`TokenSystemMonitoring,system:monitoring,system:monitoring`
			`TokenSystemDns,system:dns,system:dns`
			`- path: /srv/salt-overlay/salt/kubelet/kubernetes_auth`
			`permissions: "0600"`
			`content: \|`
			`{"BearerToken": "$token_kubelet", "Insecure": true }`
			`- path: /srv/salt-overlay/salt/kubelet/kubeconfig`
			`permissions: "0600"`
			`content: \|`
			`apiVersion: v1`
			`kind: Config`
			`users:`
			`- name: kubelet`
			`user:`
			`token: $token_kubelet`
			`clusters:`
			`- name: local`
			`cluster:`
			`insecure-skip-tls-verify: true`
			`contexts:`
			`- context:`
			`cluster: local`
			`user: kubelet`
			`name: service-account-context`
			`current-context: service-account-context`