diff options
| author | Scott Dodson <sdodson@redhat.com> | 2017-07-11 09:13:54 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-07-11 09:13:54 -0400 |
| commit | 8c9307c1b2a0f34b91dbd90f62730f7b98c78a66 (patch) | |
| tree | 855d50b20f24e4630a671719a1da824219806e2d /roles/calico/tasks/main.yml | |
| parent | 166103b70e289565e1efcd720c5fa529a1a5be25 (diff) | |
| parent | d3fd19973950dccfe65c80de09a3c778cdb3f631 (diff) | |
| download | openshift-8c9307c1b2a0f34b91dbd90f62730f7b98c78a66.tar.gz openshift-8c9307c1b2a0f34b91dbd90f62730f7b98c78a66.tar.bz2 openshift-8c9307c1b2a0f34b91dbd90f62730f7b98c78a66.tar.xz openshift-8c9307c1b2a0f34b91dbd90f62730f7b98c78a66.zip | |
Merge pull request #4730 from ozdanborne/patch-gencerts
Fix calico when certs are auto-generated
Diffstat (limited to 'roles/calico/tasks/main.yml')
| -rw-r--r-- | roles/calico/tasks/main.yml | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/roles/calico/tasks/main.yml b/roles/calico/tasks/main.yml index 8a7a61dc9..e62378532 100644 --- a/roles/calico/tasks/main.yml +++ b/roles/calico/tasks/main.yml @@ -4,15 +4,24 @@ msg: "Must provide all or none for the following etcd params: calico_etcd_cert_dir, calico_etcd_ca_cert_file, calico_etcd_cert_file, calico_etcd_key_file, calico_etcd_endpoints" when: (calico_etcd_cert_dir is defined or calico_etcd_ca_cert_file is defined or calico_etcd_cert_file is defined or calico_etcd_key_file is defined or calico_etcd_endpoints is defined) and not (calico_etcd_cert_dir is defined and calico_etcd_ca_cert_file is defined and calico_etcd_cert_file is defined and calico_etcd_key_file is defined and calico_etcd_endpoints is defined) -- name: Calico Node | Generate certs if not provided - include: gen_certs.yml - when: item is not defined - with_items: - - calico_etcd_ca_cert_file - - calico_etcd_cert_file - - calico_etcd_key_file - - calico_etcd_endpoints - - calico_etcd_cert_dir +- name: Calico Node | Generate OpenShift-etcd certs + include: ../../../roles/etcd_client_certificates/tasks/main.yml + when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined + vars: + etcd_cert_prefix: calico.etcd- + etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" + etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" + etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}" + +- name: Calico Node | Set etcd cert location facts + when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined + set_fact: + calico_etcd_ca_cert_file: "/etc/origin/calico/calico.etcd-ca.crt" + calico_etcd_cert_file: "/etc/origin/calico/calico.etcd-client.crt" + calico_etcd_key_file: "/etc/origin/calico/calico.etcd-client.key" + calico_etcd_endpoints: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls | join(',') }}" + calico_etcd_cert_dir: "/etc/origin/calico/" - name: Calico Node | Error if no certs set. fail: |