K8S Certificates

for instance in us-wrk-01 us-wrk-02 us-wrk-03 us-wrk-04; do
cat > ${instance}-csr.json <<EOF
{
  "CN": "system:node:${instance}",
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "US",
      "L": "Nashville",
      "O": "system:nodes",
      "OU": "8 Bit Kubernetes",
      "ST": "Tennessee"
    }
  ]
}
EOF

EXTERNAL_IP=$(dig +short ${instance}.node.8bitwizard.net)
INTERNAL_IP=${instance}.node.8bitwizard.net

cfssl gencert \
  -ca=ca.pem \
  -ca-key=ca-key.pem \
  -config=ca-config.json \
  -hostname=${instance},${INTERNAL_IP},${EXTERNAL_IP} \
  -profile=kubernetes \
  ${instance}-csr.json | cfssljson -bare ${instance}
done