diff options
author | Andrew Butcher <abutcher@redhat.com> | 2017-09-21 15:18:08 -0400 |
---|---|---|
committer | Andrew Butcher <abutcher@redhat.com> | 2017-09-21 15:37:12 -0400 |
commit | 775128cc52d8295fe4cf08211ab53730d101692c (patch) | |
tree | ec67eba9059a99fb59573cbe60c6c70fee3c7ca4 /playbooks/common | |
parent | 4ba216918e27d2e075b237e3151630d55d1a563d (diff) | |
download | openshift-775128cc52d8295fe4cf08211ab53730d101692c.tar.gz openshift-775128cc52d8295fe4cf08211ab53730d101692c.tar.bz2 openshift-775128cc52d8295fe4cf08211ab53730d101692c.tar.xz openshift-775128cc52d8295fe4cf08211ab53730d101692c.zip |
Do a full stop/start when etcd certificates had expired.
Diffstat (limited to 'playbooks/common')
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml | 12 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/restart.yml | 18 |
2 files changed, 30 insertions, 0 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml new file mode 100644 index 000000000..4a9fbf7eb --- /dev/null +++ b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml @@ -0,0 +1,12 @@ +--- +- name: Check cert expirys + hosts: "{{ g_check_expiry_hosts }}" + vars: + openshift_certificate_expiry_show_all: yes + roles: + # Sets 'check_results' per host which contains health status for + # etcd, master and node certificates. We will use 'check_results' + # to determine if any certificates were expired prior to running + # this playbook. Service restarts will be skipped if any + # certificates were previously expired. + - role: openshift_certificate_expiry diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml index af1ef245a..5eaea5ae8 100644 --- a/playbooks/common/openshift-etcd/restart.yml +++ b/playbooks/common/openshift-etcd/restart.yml @@ -7,3 +7,21 @@ service: name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" state: restarted + when: + - not g_etcd_certificates_expired | default(false) | bool + +- name: Restart etcd + hosts: oo_etcd_to_config + tasks: + - name: stop etcd + service: + name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" + state: stopped + when: + - g_etcd_certificates_expired | default(false) | bool + - name: start etcd + service: + name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" + state: started + when: + - g_etcd_certificates_expired | default(false) | bool |