summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNoriko Hosoi <nhosoi@redhat.com>2018-01-17 17:41:48 -0800
committerNoriko Hosoi <nhosoi@redhat.com>2018-01-19 12:02:40 -0800
commitac23e6e362d8758032c1dd573d0ff6a958445df5 (patch)
tree32bc6d45a4800d8ca316972b064f5e81d513c3e1
parente5a319cf8c7cc6d36ddb9fdc9e69e9dd1b8eb3f5 (diff)
downloadopenshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.gz
openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.bz2
openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.tar.xz
openshift-ac23e6e362d8758032c1dd573d0ff6a958445df5.zip
Bug 1512825 - add mux pod failed for Serial number 02 has already been issued
According to mkhan@redhat.com, to run the "oc adm ca create-server-cert" command line with --signer-serial option, the following changes need to be made. 1. adding --overwrite=false 2. <ca.serial.txt> should contain only [0-9A-F]*. (no trailing newlines are allowed for now) This patch solves 1.
-rw-r--r--roles/openshift_logging/tasks/generate_certs.yaml2
-rw-r--r--roles/openshift_logging/tasks/procure_server_certs.yaml2
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/openshift_logging/tasks/generate_certs.yaml b/roles/openshift_logging/tasks/generate_certs.yaml
index 0d7f8c056..a40449bf6 100644
--- a/roles/openshift_logging/tasks/generate_certs.yaml
+++ b/roles/openshift_logging/tasks/generate_certs.yaml
@@ -19,7 +19,7 @@
command: >
{{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-signer-cert
--key={{generated_certs_dir}}/ca.key --cert={{generated_certs_dir}}/ca.crt
- --serial={{generated_certs_dir}}/ca.serial.txt --name=logging-signer-test
+ --serial={{generated_certs_dir}}/ca.serial.txt --name=logging-signer-test --overwrite=false
check_mode: no
when:
- not ca_key_file.stat.exists
diff --git a/roles/openshift_logging/tasks/procure_server_certs.yaml b/roles/openshift_logging/tasks/procure_server_certs.yaml
index bc817075d..d28d1d160 100644
--- a/roles/openshift_logging/tasks/procure_server_certs.yaml
+++ b/roles/openshift_logging/tasks/procure_server_certs.yaml
@@ -30,7 +30,7 @@
{{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-server-cert
--key={{generated_certs_dir}}/{{cert_info.procure_component}}.key --cert={{generated_certs_dir}}/{{cert_info.procure_component}}.crt
--hostnames={{cert_info.hostnames|quote}} --signer-cert={{generated_certs_dir}}/ca.crt --signer-key={{generated_certs_dir}}/ca.key
- --signer-serial={{generated_certs_dir}}/ca.serial.txt
+ --signer-serial={{generated_certs_dir}}/ca.serial.txt --overwrite=false
check_mode: no
when:
- cert_info.hostnames is defined