summaryrefslogtreecommitdiffstats
path: root/roles/etcd_ca
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2016-08-02 12:33:47 -0400
committerGitHub <noreply@github.com>2016-08-02 12:33:47 -0400
commitee9413cebdb8a7c5ff03a5da767b1c74742bc898 (patch)
treee629c528cc1089a64cb2bb6f3f5466a355a11b41 /roles/etcd_ca
parentaf6025be5c26e505e2577f84528d7bcf78f046e2 (diff)
parentdbb140a649a5540102e3af1d74cbacdd12f1d04a (diff)
downloadopenshift-ee9413cebdb8a7c5ff03a5da767b1c74742bc898.tar.gz
openshift-ee9413cebdb8a7c5ff03a5da767b1c74742bc898.tar.bz2
openshift-ee9413cebdb8a7c5ff03a5da767b1c74742bc898.tar.xz
openshift-ee9413cebdb8a7c5ff03a5da767b1c74742bc898.zip
Merge pull request #1953 from abutcher/etcd-certificates
Refactor etcd certificates roles.
Diffstat (limited to 'roles/etcd_ca')
-rw-r--r--roles/etcd_ca/meta/main.yml6
-rw-r--r--roles/etcd_ca/tasks/main.yml16
2 files changed, 19 insertions, 3 deletions
diff --git a/roles/etcd_ca/meta/main.yml b/roles/etcd_ca/meta/main.yml
index d02456ca3..e3e2f7781 100644
--- a/roles/etcd_ca/meta/main.yml
+++ b/roles/etcd_ca/meta/main.yml
@@ -1,10 +1,10 @@
---
galaxy_info:
author: Jason DeTiberus
- description:
+ description: Etcd CA
company: Red Hat, Inc.
license: Apache License, Version 2.0
- min_ansible_version: 1.9
+ min_ansible_version: 2.1
platforms:
- name: EL
versions:
@@ -13,4 +13,4 @@ galaxy_info:
- cloud
- system
dependencies:
-- { role: etcd_common }
+- role: etcd_common
diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml
index e1bb9baed..865074e41 100644
--- a/roles/etcd_ca/tasks/main.yml
+++ b/roles/etcd_ca/tasks/main.yml
@@ -2,6 +2,8 @@
- name: Install openssl
action: "{{ ansible_pkg_mgr }} name=openssl state=present"
when: not etcd_is_atomic | bool
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- file:
path: "{{ item }}"
@@ -13,29 +15,41 @@
- "{{ etcd_ca_new_certs_dir }}"
- "{{ etcd_ca_crl_dir }}"
- "{{ etcd_ca_dir }}/fragments"
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- command: cp /etc/pki/tls/openssl.cnf ./
args:
chdir: "{{ etcd_ca_dir }}/fragments"
creates: "{{ etcd_ca_dir }}/fragments/openssl.cnf"
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- template:
dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
src: openssl_append.j2
backup: true
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- assemble:
src: "{{ etcd_ca_dir }}/fragments"
dest: "{{ etcd_openssl_conf }}"
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- command: touch {{ etcd_ca_db }}
args:
creates: "{{ etcd_ca_db }}"
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- copy:
dest: "{{ etcd_ca_serial }}"
content: "01"
force: no
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true
- command: >
openssl req -config {{ etcd_openssl_conf }} -newkey rsa:4096
@@ -48,3 +62,5 @@
creates: "{{ etcd_ca_cert }}"
environment:
SAN: 'etcd-signer'
+ delegate_to: "{{ etcd_ca_host }}"
+ run_once: true