summaryrefslogtreecommitdiffstats
path: root/playbooks/openshift-node/private
diff options
context:
space:
mode:
authorRussell Teague <rteague@redhat.com>2017-12-01 09:24:45 -0500
committerRussell Teague <rteague@redhat.com>2017-12-01 09:36:34 -0500
commit0b80aca421a89b10a8254f03e1339d1ddfbd54f1 (patch)
tree1f17891d099e615b6f22fc169a2f9d4a7e3e1540 /playbooks/openshift-node/private
parentfdf3edec3f880d21e19e2007065be3ed0ed59a13 (diff)
downloadopenshift-0b80aca421a89b10a8254f03e1339d1ddfbd54f1.tar.gz
openshift-0b80aca421a89b10a8254f03e1339d1ddfbd54f1.tar.bz2
openshift-0b80aca421a89b10a8254f03e1339d1ddfbd54f1.tar.xz
openshift-0b80aca421a89b10a8254f03e1339d1ddfbd54f1.zip
Playbook Consolidation - Redeploy Certificates
Diffstat (limited to 'playbooks/openshift-node/private')
-rw-r--r--playbooks/openshift-node/private/certificates-backup.yml24
-rw-r--r--playbooks/openshift-node/private/redeploy-certificates.yml6
2 files changed, 30 insertions, 0 deletions
diff --git a/playbooks/openshift-node/private/certificates-backup.yml b/playbooks/openshift-node/private/certificates-backup.yml
new file mode 100644
index 000000000..2ad84b3b9
--- /dev/null
+++ b/playbooks/openshift-node/private/certificates-backup.yml
@@ -0,0 +1,24 @@
+---
+- name: Ensure node directory is absent from generated configs
+ hosts: oo_first_master
+ tasks:
+ # The generated configs directory (/etc/origin/generated-configs) is
+ # backed up during redeployment of the control plane certificates.
+ # We need to ensure that the generated config directory for
+ # individual nodes has been deleted before continuing, so verify
+ # that it is missing here.
+ - name: Ensure node directories and tarballs are absent from generated configs
+ shell: >
+ rm -rf {{ openshift.common.config_base }}/generated-configs/node-*
+ args:
+ warn: no
+
+- name: Redeploy node certificates
+ hosts: oo_nodes_to_config
+ pre_tasks:
+ - name: Remove CA certificate
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - "{{ openshift.common.config_base }}/node/ca.crt"
diff --git a/playbooks/openshift-node/private/redeploy-certificates.yml b/playbooks/openshift-node/private/redeploy-certificates.yml
new file mode 100644
index 000000000..3bd38a61d
--- /dev/null
+++ b/playbooks/openshift-node/private/redeploy-certificates.yml
@@ -0,0 +1,6 @@
+---
+- include: certificates-backup.yml
+
+- include: certificates.yml
+ vars:
+ openshift_certificates_redeploy: true