diff options
Diffstat (limited to 'playbooks/common')
| -rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml | 12 | ||||
| -rw-r--r-- | playbooks/common/openshift-etcd/restart.yml | 18 | 
2 files changed, 30 insertions, 0 deletions
| diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml new file mode 100644 index 000000000..4a9fbf7eb --- /dev/null +++ b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml @@ -0,0 +1,12 @@ +--- +- name: Check cert expirys +  hosts: "{{ g_check_expiry_hosts }}" +  vars: +    openshift_certificate_expiry_show_all: yes +  roles: +  # Sets 'check_results' per host which contains health status for +  # etcd, master and node certificates.  We will use 'check_results' +  # to determine if any certificates were expired prior to running +  # this playbook. Service restarts will be skipped if any +  # certificates were previously expired. +  - role: openshift_certificate_expiry diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml index af1ef245a..5eaea5ae8 100644 --- a/playbooks/common/openshift-etcd/restart.yml +++ b/playbooks/common/openshift-etcd/restart.yml @@ -7,3 +7,21 @@        service:          name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"          state: restarted +      when: +        - not g_etcd_certificates_expired | default(false) | bool + +- name: Restart etcd +  hosts: oo_etcd_to_config +  tasks: +    - name: stop etcd +      service: +        name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" +        state: stopped +      when: +        - g_etcd_certificates_expired | default(false) | bool +    - name: start etcd +      service: +        name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" +        state: started +      when: +        - g_etcd_certificates_expired | default(false) | bool | 
