Merge "Fix cert usages and Zookeeper namespace"
diff --git a/k8s/zookeeper/certs.yaml b/k8s/zookeeper/certs.yaml
index b47fbf1..684438d 100644
--- a/k8s/zookeeper/certs.yaml
+++ b/k8s/zookeeper/certs.yaml
@@ -13,6 +13,11 @@
keyEncoding: pkcs8
secretName: zookeeper-server-tls
commonName: server
+ usages:
+ - digital signature
+ - key encipherment
+ - server auth
+ - client auth
dnsNames:
- zookeeper-0.zookeeper-headless.zookeeper.svc.cluster.local
- zookeeper-0
diff --git a/k8s/zookeeper/zookeeper.yaml b/k8s/zookeeper/zookeeper.yaml
index b61fce6..4b55965 100644
--- a/k8s/zookeeper/zookeeper.yaml
+++ b/k8s/zookeeper/zookeeper.yaml
@@ -4,6 +4,7 @@
kind: PodDisruptionBudget
metadata:
name: zookeeper
+ namespace: zookeeper
labels:
app: zookeeper
chart: zookeeper-2.1.5
@@ -23,6 +24,7 @@
kind: ConfigMap
metadata:
name: zookeeper
+ namespace: zookeeper
labels:
app: zookeeper
chart: zookeeper-2.1.5
@@ -168,6 +170,7 @@
kind: Service
metadata:
name: zookeeper-headless
+ namespace: zookeeper
labels:
app: zookeeper
chart: zookeeper-2.1.5
@@ -198,6 +201,7 @@
kind: Service
metadata:
name: zookeeper
+ namespace: zookeeper
labels:
app: zookeeper
chart: zookeeper-2.1.5
@@ -219,6 +223,7 @@
kind: StatefulSet
metadata:
name: zookeeper
+ namespace: zookeeper
labels:
app: zookeeper
chart: zookeeper-2.1.5
diff --git a/k8s/zuul.yaml b/k8s/zuul.yaml
index 275039e..5aa2f28 100644
--- a/k8s/zuul.yaml
+++ b/k8s/zuul.yaml
@@ -8,6 +8,11 @@
keyEncoding: pkcs8
secretName: zookeeper-client-tls
commonName: client
+ usages:
+ - digital signature
+ - key encipherment
+ - server auth
+ - client auth
issuerRef:
name: ca-issuer
kind: ClusterIssuer
diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml
index 9495de8..85a4627 100644
--- a/playbooks/deploy.yaml
+++ b/playbooks/deploy.yaml
@@ -19,6 +19,11 @@
state: present
src: "{{ root }}/k8s/certmanager.yaml"
+ - name: Update Zookeeper certs
+ k8s:
+ state: present
+ src: "{{ root }}/k8s/zookeeper/certs.yaml"
+
- name: Update Zookeeper deployment
k8s:
state: present
