From 61fbb6b57e41651beef6f226ae59683880c113c9 Mon Sep 17 00:00:00 2001 From: jkaurredhat Date: Thu, 13 Jul 2017 14:40:05 +0530 Subject: Redeploy-certificates will fail for registry and router if user is not system:admin Signed-off-by: jkaurredhat --- playbooks/common/openshift-cluster/redeploy-certificates/registry.yml | 1 + playbooks/common/openshift-cluster/redeploy-certificates/router.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml index 8c8062585..afd5463b2 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml @@ -66,6 +66,7 @@ --signer-cert={{ openshift.common.config_base }}/master/ca.crt --signer-key={{ openshift.common.config_base }}/master/ca.key --signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt + --config={{ mktemp.stdout }}/admin.kubeconfig --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}" --cert={{ openshift.common.config_base }}/master/registry.crt --key={{ openshift.common.config_base }}/master/registry.key diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml index 9f14f2d69..f46553a95 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml @@ -116,6 +116,7 @@ tls.crt="{{ mktemp.stdout }}/openshift-hosted-router-certificate.pem" tls.key="{{ mktemp.stdout }}/openshift-hosted-router-certificate.key" --type=kubernetes.io/tls + --config={{ mktemp.stdout }}/admin.kubeconfig --confirm -o json | {{ openshift.common.client_binary }} replace -f - -- cgit v1.2.3 From cbba0d689f8dbc8cf533142067a2c529dffa24f3 Mon Sep 17 00:00:00 2001 From: jkaurredhat Date: Fri, 14 Jul 2017 05:55:45 +0530 Subject: Config was missed before replace. Signed-off-by: jkaurredhat --- playbooks/common/openshift-cluster/redeploy-certificates/router.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml index f46553a95..748bbbf91 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml @@ -118,7 +118,7 @@ --type=kubernetes.io/tls --config={{ mktemp.stdout }}/admin.kubeconfig --confirm - -o json | {{ openshift.common.client_binary }} replace -f - + -o json | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig replace -f - - name: Remove temporary router certificate and key files file: -- cgit v1.2.3