diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2017-10-04 16:30:31 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-04 16:30:31 -0700 |
commit | 30daf85143720c1350a197a8b40f9f1dbff34f29 (patch) | |
tree | 74cd101e291de9d950a738f836f0640639d57291 | |
parent | cb7505c0f76f8388b49b36550376fbae1654c04f (diff) | |
parent | 2c483c16492dda53c2ffff5b6b84172046d58c67 (diff) | |
download | openshift-30daf85143720c1350a197a8b40f9f1dbff34f29.tar.gz openshift-30daf85143720c1350a197a8b40f9f1dbff34f29.tar.bz2 openshift-30daf85143720c1350a197a8b40f9f1dbff34f29.tar.xz openshift-30daf85143720c1350a197a8b40f9f1dbff34f29.zip |
Merge pull request #5643 from mtnbikenc/refactor-certificates
Automatic merge from submit-queue.
Refactor certificate playbooks for checkpointing
The recent breakout of the certificate playbooks resulted in the certificate portion of the install to be outside of the component checkpoint. This PR moves the certificate playbooks inside their respective config.yml playbook.
Removes an unused tasks file from the openshift_named_certificates role.
-rw-r--r-- | playbooks/byo/openshift-master/certificates.yml | 2 | ||||
-rw-r--r-- | playbooks/byo/openshift-node/scaleup.yml | 2 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/config.yml | 10 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml | 8 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/config.yml | 4 | ||||
-rw-r--r-- | playbooks/common/openshift-master/ca.yml | 8 | ||||
-rw-r--r-- | playbooks/common/openshift-master/config.yml | 2 | ||||
-rw-r--r-- | playbooks/common/openshift-master/scaleup.yml | 2 | ||||
-rw-r--r-- | playbooks/common/openshift-node/config.yml | 2 | ||||
-rw-r--r-- | roles/openshift_named_certificates/tasks/named_certificates.yml | 32 |
10 files changed, 15 insertions, 57 deletions
diff --git a/playbooks/byo/openshift-master/certificates.yml b/playbooks/byo/openshift-master/certificates.yml index 26b964034..e147dcba1 100644 --- a/playbooks/byo/openshift-master/certificates.yml +++ b/playbooks/byo/openshift-master/certificates.yml @@ -3,6 +3,4 @@ - include: ../../common/openshift-cluster/std_include.yml -- include: ../../common/openshift-master/ca.yml - - include: ../../common/openshift-master/certificates.yml diff --git a/playbooks/byo/openshift-node/scaleup.yml b/playbooks/byo/openshift-node/scaleup.yml index 9f992cca6..e0c36fb69 100644 --- a/playbooks/byo/openshift-node/scaleup.yml +++ b/playbooks/byo/openshift-node/scaleup.yml @@ -16,6 +16,4 @@ - include: ../../common/openshift-cluster/std_include.yml -- include: ../../common/openshift-node/certificates.yml - - include: ../../common/openshift-node/config.yml diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 4ca0d48e4..96a43230d 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -18,10 +18,6 @@ - docker_image_availability - docker_storage -- include: ../openshift-etcd/ca.yml - -- include: ../openshift-etcd/certificates.yml - - include: ../openshift-etcd/config.yml - include: ../openshift-nfs/config.yml @@ -30,16 +26,10 @@ - include: ../openshift-loadbalancer/config.yml when: groups.oo_lb_to_config | default([]) | count > 0 -- include: ../openshift-master/ca.yml - -- include: ../openshift-master/certificates.yml - - include: ../openshift-master/config.yml - include: ../openshift-master/additional_config.yml -- include: ../openshift-node/certificates.yml - - include: ../openshift-node/config.yml - include: ../openshift-glusterfs/config.yml diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml index 12cd209d2..e4193a00e 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml @@ -114,12 +114,18 @@ register: g_new_openshift_ca_mktemp changed_when: false -- include: ../../openshift-master/ca.yml +- name: Create OpenShift CA + hosts: oo_first_master vars: # Set openshift_ca_config_dir to a temporary directory where CA # will be created. We'll replace the existing CA with the CA # created in the temporary directory. openshift_ca_config_dir: "{{ hostvars[groups.oo_first_master.0].g_new_openshift_ca_mktemp.stdout }}" + roles: + - role: openshift_master_facts + - role: openshift_named_certificates + - role: openshift_ca + openshift_ca_host: "{{ groups.oo_first_master.0 }}" - name: Create temp directory for syncing certs hosts: localhost diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 2cae231b4..82539dac8 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -10,6 +10,10 @@ installer_phase_etcd: "In Progress" aggregate: false +- include: ca.yml + +- include: certificates.yml + - name: Configure etcd hosts: oo_etcd_to_config any_errors_fatal: true diff --git a/playbooks/common/openshift-master/ca.yml b/playbooks/common/openshift-master/ca.yml deleted file mode 100644 index 5bb796fa3..000000000 --- a/playbooks/common/openshift-master/ca.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Create OpenShift CA - hosts: oo_masters_to_config - roles: - - role: openshift_master_facts - - role: openshift_named_certificates - - role: openshift_ca - openshift_ca_host: "{{ groups.oo_first_master.0 }}" diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 766e0e501..bc1fee982 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -10,6 +10,8 @@ installer_phase_master: "In Progress" aggregate: false +- include: certificates.yml + - name: Disable excluders hosts: oo_masters_to_config gather_facts: no diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml index d007fac85..f4dc9df8a 100644 --- a/playbooks/common/openshift-master/scaleup.yml +++ b/playbooks/common/openshift-master/scaleup.yml @@ -47,8 +47,6 @@ - include: ../openshift-etcd/certificates.yml -- include: ../openshift-master/certificates.yml - - include: ../openshift-master/config.yml - include: ../openshift-loadbalancer/config.yml diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 6fd8aa6f1..700aab48c 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -10,6 +10,8 @@ installer_phase_node: "In Progress" aggregate: false +- include: certificates.yml + - include: setup.yml - include: containerized_nodes.yml diff --git a/roles/openshift_named_certificates/tasks/named_certificates.yml b/roles/openshift_named_certificates/tasks/named_certificates.yml deleted file mode 100644 index 7b097b443..000000000 --- a/roles/openshift_named_certificates/tasks/named_certificates.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -- name: Clear named certificates - file: - path: "{{ named_certs_dir }}" - state: absent - when: overwrite_named_certs | bool - -- name: Ensure named certificate directory exists - file: - path: "{{ named_certs_dir }}" - state: directory - mode: 0700 - -- name: Land named certificates - copy: - src: "{{ item.certfile }}" - dest: "{{ named_certs_dir }}" - with_items: "{{ openshift_master_named_certificates | default([]) }}" - -- name: Land named certificate keys - copy: - src: "{{ item.keyfile }}" - dest: "{{ named_certs_dir }}" - mode: 0600 - with_items: "{{ openshift_master_named_certificates | default([]) }}" - -- name: Land named CA certificates - copy: - src: "{{ item }}" - dest: "{{ named_certs_dir }}" - mode: 0600 - with_items: "{{ openshift_master_named_certificates | default([]) | oo_collect('cafile') }}" |