diff options
author | Andrew Butcher <abutcher@redhat.com> | 2016-02-05 12:47:29 -0500 |
---|---|---|
committer | Andrew Butcher <abutcher@redhat.com> | 2016-02-16 14:21:04 -0500 |
commit | 02cf4ef8e279602190ae991f028dc36793747e9e (patch) | |
tree | 62403c6c357dfc8500d89c7d6fb32e70d4470a53 /roles | |
parent | 6d3e1764658582150f6c776c2662075531ccf70f (diff) | |
download | openshift-02cf4ef8e279602190ae991f028dc36793747e9e.tar.gz openshift-02cf4ef8e279602190ae991f028dc36793747e9e.tar.bz2 openshift-02cf4ef8e279602190ae991f028dc36793747e9e.tar.xz openshift-02cf4ef8e279602190ae991f028dc36793747e9e.zip |
Generate each master's certificates separately.
Diffstat (limited to 'roles')
-rw-r--r-- | roles/openshift_master_ca/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_master_certificates/tasks/main.yml | 34 |
2 files changed, 6 insertions, 30 deletions
diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 6d9be81c0..66960e73e 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -25,4 +25,4 @@ --master={{ openshift.master.api_url }} --public-master={{ openshift.master.public_api_url }} --cert-dir={{ openshift_master_config_dir }} --overwrite=false - when: master_certs_missing + when: master_certs_missing | bool diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 7c58e943a..72869a592 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -6,40 +6,16 @@ mode: 0700 with_items: masters_needing_certs -- set_fact: - master_certificates: - - ca.crt - - ca.key - - ca.serial.txt - - admin.crt - - admin.key - - admin.kubeconfig - - master.kubelet-client.crt - - master.kubelet-client.key - - master.server.crt - - master.server.key - - openshift-master.crt - - openshift-master.key - - openshift-master.kubeconfig - - openshift-registry.crt - - openshift-registry.key - - openshift-registry.kubeconfig - - openshift-router.crt - - openshift-router.key - - openshift-router.kubeconfig - - serviceaccounts.private.key - - serviceaccounts.public.key - master_31_certificates: - - master.proxy-client.crt - - master.proxy-client.key - - file: src: "{{ openshift_master_config_dir }}/{{ item.1 }}" dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" state: hard with_nested: - masters_needing_certs - - "{{ master_certificates | union(master_31_certificates) if openshift.common.version_gte_3_1_or_1_1 | bool else master_certificates }}" + - + - ca.crt + - ca.key + - ca.serial.txt - name: Create the master certificates if they do not already exist command: > @@ -49,5 +25,5 @@ --public-master={{ item.openshift.master.public_api_url }} --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }} --overwrite=false - when: master_certs_missing + when: item.master_certs_missing | bool with_items: masters_needing_certs |