diff options
Diffstat (limited to 'roles/lib_openshift/src/doc')
-rw-r--r-- | roles/lib_openshift/src/doc/ca_server_cert | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/roles/lib_openshift/src/doc/ca_server_cert b/roles/lib_openshift/src/doc/ca_server_cert new file mode 100644 index 000000000..ff9229281 --- /dev/null +++ b/roles/lib_openshift/src/doc/ca_server_cert @@ -0,0 +1,96 @@ +# flake8: noqa +# pylint: skip-file + +DOCUMENTATION = ''' +--- +module: oc_adm_ca_server_cert +short_description: Module to run openshift oc adm ca create-server-cert +description: + - Wrapper around the openshift `oc adm ca create-server-cert` command. +options: + state: + description: + - Present is the only supported state. The state present means that `oc adm ca` will generate a certificate + - and verify if the hostnames and the ClusterIP exists in the certificate. + - When create-server-cert is desired then the following parameters are passed. + - ['cert', 'key', 'signer_cert', 'signer_key', 'signer_serial'] + required: false + default: present + choices: + - present + aliases: [] + kubeconfig: + description: + - The path for the kubeconfig file to use for authentication + required: false + default: /etc/origin/master/admin.kubeconfig + aliases: [] + debug: + description: + - Turn on debug output. + required: false + default: False + aliases: [] + cert: + description: + - The certificate file. Choose a name that indicates what the service is. + required: false + default: None + aliases: [] + key: + description: + - The key file. Choose a name that indicates what the service is. + required: false + default: None + aliases: [] + force: + description: + - Force updating of the existing cert and key files + required: false + default: False + aliases: [] + signer_cert: + description: + - The signer certificate file. + required: false + default: /etc/origin/master/ca.crt + aliases: [] + signer_key: + description: + - The signer key file. + required: false + default: /etc/origin/master/ca.key + aliases: [] + signer_serial: + description: + - The signer serial file. + required: false + default: /etc/origin/master/ca.serial.txt + aliases: [] + hostnames: + description: + - Every hostname or IP that server certs should be valid for + required: false + default: [] + aliases: [] + backup: + description: + - Whether to backup the cert and key files before writing them. + required: false + default: True + aliases: [] +author: +- "Kenny Woodson <kwoodson@redhat.com>" +extends_documentation_fragment: [] +''' + +EXAMPLES = ''' +- name: Create a self-signed cert + oc_adm_ca_server_cert: + signer_cert: /etc/origin/master/ca.crt + signer_key: /etc/origin/master/ca.key + signer_serial: /etc/origin/master/ca.serial.txt + hostnames: "registry.test.openshift.com,127.0.0.1,docker-registry.default.svc.cluster.local" + cert: /etc/origin/master/registry.crt + key: /etc/origin/master/registry.key +''' |