diff options
author | Andrew Butcher <abutcher@redhat.com> | 2017-02-09 10:49:33 -0500 |
---|---|---|
committer | Andrew Butcher <abutcher@redhat.com> | 2017-02-09 10:49:33 -0500 |
commit | b0ca3ea0a2ffd7917650ca648c940746b8a7825a (patch) | |
tree | 7f6f9f241732869a48b3ff5b8827e0ad0cedce4b /roles/openshift_master | |
parent | fc96d8d22f6c277b599e6e2fa4e9cc06814a9460 (diff) | |
download | openshift-b0ca3ea0a2ffd7917650ca648c940746b8a7825a.tar.gz openshift-b0ca3ea0a2ffd7917650ca648c940746b8a7825a.tar.bz2 openshift-b0ca3ea0a2ffd7917650ca648c940746b8a7825a.tar.xz openshift-b0ca3ea0a2ffd7917650ca648c940746b8a7825a.zip |
Ensure embedded etcd config uses CA bundle.
Diffstat (limited to 'roles/openshift_master')
-rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9ae54dac1..cf2d2e103 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -65,7 +65,11 @@ dnsConfig: bindNetwork: tcp4 {% endif %} etcdClientInfo: +{% if openshift.common.version_gte_3_2_or_1_2 | bool %} + ca: {{ "ca-bundle.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }} +{% else %} ca: {{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }} +{% endif %} certFile: master.etcd-client.crt keyFile: master.etcd-client.key urls: @@ -79,12 +83,20 @@ etcdConfig: peerServingInfo: bindAddress: {{ openshift.master.bind_addr }}:7001 certFile: etcd.server.crt +{% if openshift.common.version_gte_3_2_or_1_2 | bool %} + clientCA: ca-bundle.crt +{% else %} clientCA: ca.crt +{% endif %} keyFile: etcd.server.key servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.etcd_port }} certFile: etcd.server.crt +{% if openshift.common.version_gte_3_2_or_1_2 | bool %} + clientCA: ca-bundle.crt +{% else %} clientCA: ca.crt +{% endif %} keyFile: etcd.server.key storageDirectory: {{ openshift.common.data_dir }}/openshift.local.etcd {% endif %} |