summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJhon Honce <jhonce@redhat.com>2015-02-19 14:52:33 -0700
committerJhon Honce <jhonce@redhat.com>2015-02-19 14:52:33 -0700
commita1b6d03c256ff0065cb7a8772533a1b2c81410e1 (patch)
treea605f0ed891faed36126ba8045d338e3f39d940e
parent81db3db61f911cbbc6ff8f88b90cecb870c41381 (diff)
downloadopenshift-a1b6d03c256ff0065cb7a8772533a1b2c81410e1.tar.gz
openshift-a1b6d03c256ff0065cb7a8772533a1b2c81410e1.tar.bz2
openshift-a1b6d03c256ff0065cb7a8772533a1b2c81410e1.tar.xz
openshift-a1b6d03c256ff0065cb7a8772533a1b2c81410e1.zip
Fix SSL support between master and node(s)
-rw-r--r--roles/openshift_master/tasks/main.yml4
-rw-r--r--roles/openshift_node/tasks/main.yml5
2 files changed, 5 insertions, 4 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 9f28a3469..c92ca9c8f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -24,10 +24,10 @@
firewalld: port=4001/tcp permanent=true state=enabled
- name: Open firewalld port for OpenShift
- firewalld: port=8080/tcp permanent=false state=enabled
+ firewalld: port=8443/tcp permanent=false state=enabled
- name: Save firewalld port for OpenShift
- firewalld: port=8080/tcp permanent=true state=enabled
+ firewalld: port=8443/tcp permanent=true state=enabled
- name: Enable OpenShift
service: name=openshift-master enabled=yes state=started
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index e0041a90c..5d846fbe3 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -27,7 +27,7 @@
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
with_items:
- - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' }
+ - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=https://{{ oo_master_ips[0] }}:8443 --loglevel=5\"' }
notify:
- restart openshift-node
@@ -37,7 +37,8 @@
- name: Save firewalld port for OpenShift
firewalld: port=10250/tcp permanent=true state=enabled
+ # Always bounce service to pick up new credentials
- name: Enable OpenShift
- service: name=openshift-node enabled=yes state=started
+ service: name=openshift-node enabled=yes state=restarted
- local_action: file name={{ mktemp.stdout }} state=absent