summaryrefslogtreecommitdiffstats
path: root/roles/nuage_master
diff options
context:
space:
mode:
authorJan Chaloupka <jchaloup@redhat.com>2017-02-11 10:32:29 +0100
committerGitHub <noreply@github.com>2017-02-11 10:32:29 +0100
commit3921f01be97ccfbb54e11666ce3647774c3fdbb9 (patch)
treefb49743460566722c42b30ec297f2f4e19d4a1eb /roles/nuage_master
parent5444c0f474f3701f22ae8392d1ac192403c8b5b7 (diff)
parentbadaa6dc09abfcbfb2770a2d2070c803a2aaaf03 (diff)
downloadopenshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.gz
openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.bz2
openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.tar.xz
openshift-3921f01be97ccfbb54e11666ce3647774c3fdbb9.zip
Merge pull request #3321 from ashcrow/oc-serviceaccount-module
WIP: oc serviceaccount now done via oc_serviceaccount module
Diffstat (limited to 'roles/nuage_master')
-rw-r--r--roles/nuage_master/meta/main.yml1
-rw-r--r--roles/nuage_master/tasks/serviceaccount.yml16
-rw-r--r--roles/nuage_master/vars/main.yaml6
3 files changed, 7 insertions, 16 deletions
diff --git a/roles/nuage_master/meta/main.yml b/roles/nuage_master/meta/main.yml
index a8a9bd3b4..e3ed9ac71 100644
--- a/roles/nuage_master/meta/main.yml
+++ b/roles/nuage_master/meta/main.yml
@@ -17,6 +17,7 @@ dependencies:
- role: nuage_common
- role: openshift_etcd_client_certificates
- role: os_firewall
+- role: lib_openshift
os_firewall_allow:
- service: openshift-monitor
port: "{{ nuage_mon_rest_server_port }}/tcp"
diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml
index 41143772e..16ea08244 100644
--- a/roles/nuage_master/tasks/serviceaccount.yml
+++ b/roles/nuage_master/tasks/serviceaccount.yml
@@ -13,20 +13,16 @@
changed_when: false
- name: Create Admin Service Account
- shell: >
- echo {{ nuage_service_account_config | to_json | quote }} |
- {{ openshift.common.client_binary }} create
- -n default
- --config={{nuage_tmp_conf}}
- -f -
- register: osnuage_create_service_account
- failed_when: "'already exists' not in osnuage_create_service_account.stderr and osnuage_create_service_account.rc != 0"
- changed_when: osnuage_create_service_account.rc == 0
+ oc_serviceaccount:
+ kubeconfig: "{{ openshift_master_config_dir }}/admin.kubeconfig"
+ name: nuage
+ namespace: default
+ state: present
- name: Configure role/user permissions
command: >
{{ openshift.common.client_binary }} adm {{item}}
- --config={{nuage_tmp_conf}}
+ --config={{ nuage_tmp_conf }}
with_items: "{{nuage_tasks}}"
register: osnuage_perm_task
failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0"
diff --git a/roles/nuage_master/vars/main.yaml b/roles/nuage_master/vars/main.yaml
index dba399a03..651d5775c 100644
--- a/roles/nuage_master/vars/main.yaml
+++ b/roles/nuage_master/vars/main.yaml
@@ -22,11 +22,5 @@ nuage_mon_rest_server_host: "{{ openshift.master.cluster_hostname | default(open
nuage_master_crt_dir: /usr/share/nuage-openshift-monitor
nuage_service_account: system:serviceaccount:default:nuage
-nuage_service_account_config:
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: nuage
-
nuage_tasks:
- policy add-cluster-role-to-user cluster-reader {{ nuage_service_account }}