Fix etcd certificate to include host's FQDN

kubernetes-sigs · Jul 17, 2024 · 0adf426 · 0adf426
1 parent 5f35b66
commit 0adf426
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/roles/etcd/templates/openssl.conf.j2 b/roles/etcd/templates/openssl.conf.j2
@@ -25,7 +25,8 @@ authorityKeyIdentifier=keyid:always,issuer
 [alt_names]
 DNS.1 = localhost
 {% for host in groups['etcd'] %}
-DNS.{{ counter["dns"] }} = {{ host }}{{ increment(counter, 'dns') }}
+DNS.{{ counter["dns"] }} = {{ hostvars[host]['ansible_hostname'] }}{{ increment(counter, 'dns') }}
+DNS.{{ counter["dns"] }} = {{ hostvars[host]['ansible_fqdn'] }}{{ increment(counter, 'dns') }}
 {% endfor %}
 {% if apiserver_loadbalancer_domain_name is defined %}
 DNS.{{ counter["dns"] }} = {{ apiserver_loadbalancer_domain_name }}{{ increment(counter, 'dns') }}