diff --git a/windows/ako/ako-toleration-overlay.yml b/windows/ako/ako-toleration-overlay.yml index e69de29..2351a9b 100644 --- a/windows/ako/ako-toleration-overlay.yml +++ b/windows/ako/ako-toleration-overlay.yml @@ -0,0 +1,11 @@ +#@ load("@ytt:overlay", "overlay") +#@overlay/match by=overlay.subset({"kind": "StatefulSet", "metadata": {"namespace": "avi-system"}}) +--- +spec: + template: + spec: + #@overlay/match missing_ok=True + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" \ No newline at end of file diff --git a/windows/cert/cluster_config.yml b/windows/cert/cluster_config.yml index bb2500a..6ab2062 100644 --- a/windows/cert/cluster_config.yml +++ b/windows/cert/cluster_config.yml @@ -1,2 +1,2 @@ #Add this to the cluster config you are using and replace the content with base64 encoded root ca -CUSTOM_CA: +ROOT_CERT: diff --git a/windows/cert/inject-cert-values.yml b/windows/cert/inject-cert-values.yml index 6af069d..3788d04 100644 --- a/windows/cert/inject-cert-values.yml +++ b/windows/cert/inject-cert-values.yml @@ -1,4 +1,4 @@ #@data/values #@overlay/match-child-defaults missing_ok=True --- -CUSTOM_CA: \ No newline at end of file +ROOT_CERT: \ No newline at end of file diff --git a/windows/cert/inject-cert.yml b/windows/cert/inject-cert.yml index 9388f2a..680dbcf 100644 --- a/windows/cert/inject-cert.yml +++ b/windows/cert/inject-cert.yml @@ -18,9 +18,12 @@ spec: files: #@overlay/append - path: c:\k\rootca.pem - content: #@ base64.decode(data.values.CUSTOM_CA) + content: #@ base64.decode(data.values.ROOT_CERT) + - path: c:\k\addcert.ps1 + content: | + Import-Certificate -FilePath "c:\k\rootca.pem" -CertStoreLocation cert:\LocalMachine\Root #@overlay/match missing_ok=True preKubeadmCommands: #@overlay/append - - 'Import-Certificate -FilePath "c:\k\rootca.pem" -CertStoreLocation cert:\LocalMachine\Root' + - powershell c:/k/addcert.ps1 -ExecutionPolicy Bypass #@ end \ No newline at end of file