From 7277203b1d5962d83c98d1b5f43c77312bcf9d6f Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Fri, 30 Jun 2017 12:17:12 -0500 Subject: Updating to use openshift.master.etcd_hosts for etcd servers for apiserver --- roles/openshift_service_catalog/tasks/install.yml | 1 + roles/openshift_service_catalog/templates/api_server.j2 | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'roles') diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml index c1773b5f6..5da87649c 100644 --- a/roles/openshift_service_catalog/tasks/install.yml +++ b/roles/openshift_service_catalog/tasks/install.yml @@ -98,6 +98,7 @@ cpu_requests: none memory_request: none cors_allowed_origin: localhost + etcd_servers: "{{ openshift.master.etcd_urls | join(',') }}" node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}" - name: Set Service Catalog API Server daemonset diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2 index 8ae6b6c8d..0ae2b7712 100644 --- a/roles/openshift_service_catalog/templates/api_server.j2 +++ b/roles/openshift_service_catalog/templates/api_server.j2 @@ -29,8 +29,7 @@ spec: - --secure-port - "6443" - --etcd-servers -# TODO: come back and get openshift.common.hostname to work - - https://{{ openshift.common.ip }}:{{ openshift.master.etcd_port }} + - {{ etcd_servers }} - --etcd-cafile - /etc/origin/master/master.etcd-ca.crt - --etcd-certfile -- cgit v1.2.3 From afdf701f9ecdb46fe513f003d03d67cf484253d3 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Fri, 30 Jun 2017 14:40:56 -0500 Subject: Using ca-bundle.crt to connect to local etcd if master.etcd-ca.crt DNE --- roles/openshift_service_catalog/tasks/install.yml | 7 +++++++ roles/openshift_service_catalog/templates/api_server.j2 | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml index 5da87649c..6e8301ffe 100644 --- a/roles/openshift_service_catalog/tasks/install.yml +++ b/roles/openshift_service_catalog/tasks/install.yml @@ -86,6 +86,12 @@ resource_name: admin user: "system:serviceaccount:kube-service-catalog:default" +- name: Checking for master.etcd-ca.crt + stat: + path: /etc/origin/master/master.etcd-ca.crt + register: etcd_ca_crt + check_mode: no + ## api server - template: src: api_server.j2 @@ -99,6 +105,7 @@ memory_request: none cors_allowed_origin: localhost etcd_servers: "{{ openshift.master.etcd_urls | join(',') }}" + etcd_cafile: "{{ '/etc/origin/master/master.etcd-ca.crt' if etcd_ca_crt.stat.exists else '/etc/origin/master/ca-bundle.crt' }}" node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}" - name: Set Service Catalog API Server daemonset diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2 index 0ae2b7712..c09834fd4 100644 --- a/roles/openshift_service_catalog/templates/api_server.j2 +++ b/roles/openshift_service_catalog/templates/api_server.j2 @@ -31,7 +31,7 @@ spec: - --etcd-servers - {{ etcd_servers }} - --etcd-cafile - - /etc/origin/master/master.etcd-ca.crt + - {{ etcd_cafile }} - --etcd-certfile - /etc/origin/master/master.etcd-client.crt - --etcd-keyfile -- cgit v1.2.3