summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@afrolegs.com>2017-02-09 13:00:41 -0500
committerGitHub <noreply@github.com>2017-02-09 13:00:41 -0500
commit8b6f88ea657662fb6724c2d4863b6c954f9580d8 (patch)
tree108ecf6944c74ade314bcdcd75f7cb6f814cf479 /roles
parent863f345972b1cf9ed28d682acdf2b74559f79211 (diff)
parentb0ca3ea0a2ffd7917650ca648c940746b8a7825a (diff)
downloadopenshift-8b6f88ea657662fb6724c2d4863b6c954f9580d8.tar.gz
openshift-8b6f88ea657662fb6724c2d4863b6c954f9580d8.tar.bz2
openshift-8b6f88ea657662fb6724c2d4863b6c954f9580d8.tar.xz
openshift-8b6f88ea657662fb6724c2d4863b6c954f9580d8.zip
Merge pull request #3312 from abutcher/embedded-etcd-bundle
Ensure embedded etcd config points to CA bundle.
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j212
1 files changed, 12 insertions, 0 deletions
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 9ae54dac1..cf2d2e103 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -65,7 +65,11 @@ dnsConfig:
bindNetwork: tcp4
{% endif %}
etcdClientInfo:
+{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ ca: {{ "ca-bundle.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}
+{% else %}
ca: {{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}
+{% endif %}
certFile: master.etcd-client.crt
keyFile: master.etcd-client.key
urls:
@@ -79,12 +83,20 @@ etcdConfig:
peerServingInfo:
bindAddress: {{ openshift.master.bind_addr }}:7001
certFile: etcd.server.crt
+{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ clientCA: ca-bundle.crt
+{% else %}
clientCA: ca.crt
+{% endif %}
keyFile: etcd.server.key
servingInfo:
bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.etcd_port }}
certFile: etcd.server.crt
+{% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ clientCA: ca-bundle.crt
+{% else %}
clientCA: ca.crt
+{% endif %}
keyFile: etcd.server.key
storageDirectory: {{ openshift.common.data_dir }}/openshift.local.etcd
{% endif %}