diff options
author | Scott Dodson <sdodson@redhat.com> | 2016-08-11 17:37:16 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-08-11 17:37:16 -0400 |
commit | 2fcfbb350a888dfeb82913f2e043bf2fea760cd6 (patch) | |
tree | dd8141baaae3cff0dd4f048f6e2d2c959dcd8799 /inventory | |
parent | cac26a48c10aac5ce2b27b31c3d5567f978bb72d (diff) | |
parent | 3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53 (diff) | |
download | openshift-2fcfbb350a888dfeb82913f2e043bf2fea760cd6.tar.gz openshift-2fcfbb350a888dfeb82913f2e043bf2fea760cd6.tar.bz2 openshift-2fcfbb350a888dfeb82913f2e043bf2fea760cd6.tar.xz openshift-2fcfbb350a888dfeb82913f2e043bf2fea760cd6.zip |
Merge pull request #1142 from abutcher/new-certs-who-dis
Support for redeploying certificates
Diffstat (limited to 'inventory')
-rw-r--r-- | inventory/byo/hosts.origin.example | 17 | ||||
-rw-r--r-- | inventory/byo/hosts.ose.example | 16 |
2 files changed, 30 insertions, 3 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index fd6699ac1..8e7883f3b 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -343,7 +343,6 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_cluster_network_cidr=10.1.0.0/16 #openshift_portal_net=172.30.0.0/16 - # Configure number of bits to allocate to each host’s subnet e.g. 8 # would mean a /24 network on the host. #osm_host_subnet_length=8 @@ -355,7 +354,21 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # set RPM version for debugging purposes #openshift_pkg_version=-1.1 -# Configure custom named certificates +# Configure custom ca certificate +#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'} +# +# NOTE: CA certificate will not be replaced with existing clusters. +# This option may only be specified when creating a new cluster or +# when redeploying cluster certificates with the redeploy-certificates +# playbook. If replacing the CA certificate in an existing cluster +# with a custom ca certificate, the following variable must also be +# set. +#openshift_certificates_redeploy_ca=true + +# Configure custom named certificates (SNI certificates) +# +# https://docs.openshift.org/latest/install_config/certificate_customization.html +# # NOTE: openshift_master_named_certificates is cached on masters and is an # additive fact, meaning that each run with a different set of certificates # will add the newly provided certificates to the cached set of certificates. diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 323e385c0..7e3d68e92 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -349,7 +349,21 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # set RPM version for debugging purposes #openshift_pkg_version=-3.1.0.0 -# Configure custom named certificates +# Configure custom ca certificate +#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'} +# +# NOTE: CA certificate will not be replaced with existing clusters. +# This option may only be specified when creating a new cluster or +# when redeploying cluster certificates with the redeploy-certificates +# playbook. If replacing the CA certificate in an existing cluster +# with a custom ca certificate, the following variable must also be +# set. +#openshift_certificates_redeploy_ca=true + +# Configure custom named certificates (SNI certificates) +# +# https://docs.openshift.com/enterprise/latest/install_config/certificate_customization.html +# # NOTE: openshift_master_named_certificates is cached on masters and is an # additive fact, meaning that each run with a different set of certificates # will add the newly provided certificates to the cached set of certificates. |