blob: 0013f5289ad625a96a4bc1d293aad331395ed7cb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
---
- name: ensure the node-bootstrap service account exists
oc_serviceaccount:
name: node-bootstrapper
namespace: openshift-infra
state: present
run_once: true
- name: grant node-bootstrapper the correct permissions to bootstrap
oc_adm_policy_user:
namespace: openshift-infra
user: system:serviceaccount:openshift-infra:node-bootstrapper
resource_kind: cluster-role
resource_name: system:node-bootstrapper
state: present
run_once: true
# TODO: create a module for this command.
# oc_serviceaccounts_kubeconfig
- name: create service account kubeconfig with csr rights
command: "oc serviceaccounts create-kubeconfig node-bootstrapper -n openshift-infra"
register: kubeconfig_out
- name: put service account kubeconfig into a file on disk for bootstrap
copy:
content: "{{ kubeconfig_out.stdout }}"
dest: "{{ openshift_master_config_dir }}/bootstrap.kubeconfig"
|