diff options
author | Dan Osborne <djosborne10@gmail.com> | 2017-07-10 15:56:25 -0700 |
---|---|---|
committer | Dan Osborne <djosborne10@gmail.com> | 2017-07-10 16:11:27 -0700 |
commit | d3fd19973950dccfe65c80de09a3c778cdb3f631 (patch) | |
tree | 8b3c13db0f77c3e9b32c18f3cab09f3ff00d0b94 | |
parent | 99ff4fdca9a24a1d5e3953fc7836aee898e62101 (diff) | |
download | openshift-d3fd19973950dccfe65c80de09a3c778cdb3f631.tar.gz openshift-d3fd19973950dccfe65c80de09a3c778cdb3f631.tar.bz2 openshift-d3fd19973950dccfe65c80de09a3c778cdb3f631.tar.xz openshift-d3fd19973950dccfe65c80de09a3c778cdb3f631.zip |
Fix calico when certs are auto-generated
-rw-r--r-- | roles/calico/tasks/gen_certs.yml | 17 | ||||
-rw-r--r-- | roles/calico/tasks/main.yml | 27 |
2 files changed, 18 insertions, 26 deletions
diff --git a/roles/calico/tasks/gen_certs.yml b/roles/calico/tasks/gen_certs.yml deleted file mode 100644 index 2e6aa114e..000000000 --- a/roles/calico/tasks/gen_certs.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Calico Node | Generate OpenShift-etcd certs - include: ../../../roles/etcd_client_certificates/tasks/main.yml - vars: - etcd_cert_prefix: calico.etcd- - etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico" - embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}" - -- name: Calico Node | Set etcd cert location facts - set_fact: - calico_etcd_ca_cert_file: "/etc/origin/calico/calico.etcd-ca.crt" - calico_etcd_cert_file: "/etc/origin/calico/calico.etcd-client.crt" - calico_etcd_key_file: "/etc/origin/calico/calico.etcd-client.key" - calico_etcd_endpoints: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls | join(',') }}" - calico_etcd_cert_dir: "/etc/origin/calico/" diff --git a/roles/calico/tasks/main.yml b/roles/calico/tasks/main.yml index 8a7a61dc9..e62378532 100644 --- a/roles/calico/tasks/main.yml +++ b/roles/calico/tasks/main.yml @@ -4,15 +4,24 @@ msg: "Must provide all or none for the following etcd params: calico_etcd_cert_dir, calico_etcd_ca_cert_file, calico_etcd_cert_file, calico_etcd_key_file, calico_etcd_endpoints" when: (calico_etcd_cert_dir is defined or calico_etcd_ca_cert_file is defined or calico_etcd_cert_file is defined or calico_etcd_key_file is defined or calico_etcd_endpoints is defined) and not (calico_etcd_cert_dir is defined and calico_etcd_ca_cert_file is defined and calico_etcd_cert_file is defined and calico_etcd_key_file is defined and calico_etcd_endpoints is defined) -- name: Calico Node | Generate certs if not provided - include: gen_certs.yml - when: item is not defined - with_items: - - calico_etcd_ca_cert_file - - calico_etcd_cert_file - - calico_etcd_key_file - - calico_etcd_endpoints - - calico_etcd_cert_dir +- name: Calico Node | Generate OpenShift-etcd certs + include: ../../../roles/etcd_client_certificates/tasks/main.yml + when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined + vars: + etcd_cert_prefix: calico.etcd- + etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" + etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" + etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}" + +- name: Calico Node | Set etcd cert location facts + when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined + set_fact: + calico_etcd_ca_cert_file: "/etc/origin/calico/calico.etcd-ca.crt" + calico_etcd_cert_file: "/etc/origin/calico/calico.etcd-client.crt" + calico_etcd_key_file: "/etc/origin/calico/calico.etcd-client.key" + calico_etcd_endpoints: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls | join(',') }}" + calico_etcd_cert_dir: "/etc/origin/calico/" - name: Calico Node | Error if no certs set. fail: |