diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2017-12-04 09:51:44 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-12-04 09:51:44 -0800 |
commit | 411235245c903be9e12790444f2f4cfae5ca7ef0 (patch) | |
tree | c04a172511053513a2c15ced0b703336b0afaa28 /playbooks/openshift-node | |
parent | 2eecb801febfefcc54ce01189e82e2c89027f519 (diff) | |
parent | 0b80aca421a89b10a8254f03e1339d1ddfbd54f1 (diff) | |
download | openshift-411235245c903be9e12790444f2f4cfae5ca7ef0.tar.gz openshift-411235245c903be9e12790444f2f4cfae5ca7ef0.tar.bz2 openshift-411235245c903be9e12790444f2f4cfae5ca7ef0.tar.xz openshift-411235245c903be9e12790444f2f4cfae5ca7ef0.zip |
Merge pull request #6324 from mtnbikenc/consolidate-redeploy-certificates
Automatic merge from submit-queue.
Playbook Consolidation - Redeploy Certificates
This PR moves the certificate redeploy playbooks out of {byo,common}/openshift-cluster and into their respective component areas.
- playbooks/openshift-etcd (redeploy-certificates.yml, redeploy-ca.yml)
- playbooks/openshift-master (redeploy-certificates.yml, redeploy-openshift-ca.yml)
- playbooks/openshift-node (redeploy-certificates.yml)
- playbooks/openshift-hosted (redeploy-registry-certificates.yml, redeploy-router-certificates.yml)
playbooks/byo/openshift-cluster/redeploy-certificates.yml was moved to
playbooks/redeploy-certificates.yml
Trello: https://trello.com/c/zCz6RIHM/578-2-playbook-consolidation-openshift-cluster-redeploy-certificates
Diffstat (limited to 'playbooks/openshift-node')
3 files changed, 36 insertions, 0 deletions
diff --git a/playbooks/openshift-node/private/certificates-backup.yml b/playbooks/openshift-node/private/certificates-backup.yml new file mode 100644 index 000000000..2ad84b3b9 --- /dev/null +++ b/playbooks/openshift-node/private/certificates-backup.yml @@ -0,0 +1,24 @@ +--- +- name: Ensure node directory is absent from generated configs + hosts: oo_first_master + tasks: + # The generated configs directory (/etc/origin/generated-configs) is + # backed up during redeployment of the control plane certificates. + # We need to ensure that the generated config directory for + # individual nodes has been deleted before continuing, so verify + # that it is missing here. + - name: Ensure node directories and tarballs are absent from generated configs + shell: > + rm -rf {{ openshift.common.config_base }}/generated-configs/node-* + args: + warn: no + +- name: Redeploy node certificates + hosts: oo_nodes_to_config + pre_tasks: + - name: Remove CA certificate + file: + path: "{{ item }}" + state: absent + with_items: + - "{{ openshift.common.config_base }}/node/ca.crt" diff --git a/playbooks/openshift-node/private/redeploy-certificates.yml b/playbooks/openshift-node/private/redeploy-certificates.yml new file mode 100644 index 000000000..3bd38a61d --- /dev/null +++ b/playbooks/openshift-node/private/redeploy-certificates.yml @@ -0,0 +1,6 @@ +--- +- include: certificates-backup.yml + +- include: certificates.yml + vars: + openshift_certificates_redeploy: true diff --git a/playbooks/openshift-node/redeploy-certificates.yml b/playbooks/openshift-node/redeploy-certificates.yml new file mode 100644 index 000000000..df727247b --- /dev/null +++ b/playbooks/openshift-node/redeploy-certificates.yml @@ -0,0 +1,6 @@ +--- +- include: ../init/main.yml + +- include: private/redeploy-certificates.yml + +- include: private/restart.yml |