Fix SSL support between master and node(s)

2 files changed, 5 insertions, 4 deletions

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 9f28a3469..c92ca9c8f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -24,10 +24,10 @@
   firewalld: port=4001/tcp permanent=true state=enabled
 
 - name: Open firewalld port for OpenShift
-  firewalld: port=8080/tcp permanent=false state=enabled
+  firewalld: port=8443/tcp permanent=false state=enabled
 
 - name: Save firewalld port for OpenShift
-  firewalld: port=8080/tcp permanent=true state=enabled
+  firewalld: port=8443/tcp permanent=true state=enabled
 
 - name: Enable OpenShift
   service: name=openshift-master enabled=yes state=started
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index e0041a90c..5d846fbe3 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -27,7 +27,7 @@
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080  --loglevel=5\"' }
+    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=https://{{ oo_master_ips[0] }}:8443  --loglevel=5\"' }
   notify:
     - restart openshift-node
 
@@ -37,7 +37,8 @@
 - name: Save firewalld port for OpenShift
   firewalld: port=10250/tcp permanent=true state=enabled
 
+  # Always bounce service to pick up new credentials
 - name: Enable OpenShift
-  service: name=openshift-node enabled=yes state=started
+  service: name=openshift-node enabled=yes state=restarted
 
 - local_action: file name={{ mktemp.stdout }} state=absent