From b581af9846d0df9813483269034f08b7c72a1353 Mon Sep 17 00:00:00 2001 From: Vishal Patil Date: Mon, 13 Mar 2017 17:56:00 -0400 Subject: Nuage service account handling by single master --- roles/nuage_master/tasks/main.yaml | 9 +++++++++ roles/nuage_master/tasks/serviceaccount.yml | 14 ++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml index d211d30e8..fefd28bbd 100644 --- a/roles/nuage_master/tasks/main.yaml +++ b/roles/nuage_master/tasks/main.yaml @@ -22,6 +22,15 @@ - nuage.key - nuage.kubeconfig +- name: Copy the certificates and keys + become: yes + copy: src="/tmp/{{ item }}" dest="{{ cert_output_dir }}/{{ item }}" + with_items: + - ca.crt + - nuage.crt + - nuage.key + - nuage.kubeconfig + - include: certificates.yml - name: Create nuage-openshift-monitor.yaml diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml index 16ea08244..eee448e2c 100644 --- a/roles/nuage_master/tasks/serviceaccount.yml +++ b/roles/nuage_master/tasks/serviceaccount.yml @@ -3,14 +3,20 @@ command: mktemp -u /tmp/openshift-ansible-XXXXXXX.kubeconfig register: nuage_tmp_conf_mktemp changed_when: False + run_once: True + delegate_to: "{{ nuage_ca_master }}" - set_fact: nuage_tmp_conf: "{{ nuage_tmp_conf_mktemp.stdout }}" + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Copy Configuration to temporary conf command: > cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{nuage_tmp_conf}} changed_when: false + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Create Admin Service Account oc_serviceaccount: @@ -18,6 +24,8 @@ name: nuage namespace: default state: present + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Configure role/user permissions command: > @@ -27,6 +35,8 @@ register: osnuage_perm_task failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0" changed_when: osnuage_perm_task.rc == 0 + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Generate the node client config command: > @@ -40,8 +50,12 @@ --signer-serial={{ openshift_master_ca_serial }} --basename='nuage' --user={{ nuage_service_account }} + delegate_to: "{{ nuage_ca_master }}" + run_once: True - name: Clean temporary configuration file command: > rm -f {{nuage_tmp_conf}} changed_when: false + delegate_to: "{{ nuage_ca_master }}" + run_once: True -- cgit v1.2.3