diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2017-10-02 12:44:55 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-10-02 12:44:55 -0700 |
| commit | 55617251e6abe5b205122b990c7ddb38bec87330 (patch) | |
| tree | 062fdcb808a3954d5156832d84b2ff24b5b173b2 /playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml | |
| parent | 125c266f8f9149d773683a6e4b2fbacf2b557005 (diff) | |
| parent | d8d0e6d7de600d6896014fef928da5bf133dc85e (diff) | |
| download | openshift-55617251e6abe5b205122b990c7ddb38bec87330.tar.gz openshift-55617251e6abe5b205122b990c7ddb38bec87330.tar.bz2 openshift-55617251e6abe5b205122b990c7ddb38bec87330.tar.xz openshift-55617251e6abe5b205122b990c7ddb38bec87330.zip | |
Merge pull request #5510 from abutcher/separate-certs
Automatic merge from submit-queue.
Break out certificate playbooks
Break out certificate role dependencies and move them into their own playbooks.
Diffstat (limited to 'playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml')
| -rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml new file mode 100644 index 000000000..4dbc041b0 --- /dev/null +++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters-backup.yml @@ -0,0 +1,38 @@ +--- +- name: Backup and remove master cerftificates + hosts: oo_masters_to_config + any_errors_fatal: true + vars: + openshift_ca_host: "{{ groups.oo_first_master.0 }}" + openshift_master_count: "{{ openshift.master.master_count | default(groups.oo_masters | length) }}" + pre_tasks: + - stat: + path: "{{ openshift.common.config_base }}/generated-configs" + register: openshift_generated_configs_dir_stat + - name: Backup generated certificate and config directories + command: > + tar -czvf /etc/origin/master-node-cert-config-backup-{{ ansible_date_time.epoch }}.tgz + {{ openshift.common.config_base }}/generated-configs + {{ openshift.common.config_base }}/master + when: openshift_generated_configs_dir_stat.stat.exists + delegate_to: "{{ openshift_ca_host }}" + run_once: true + - name: Remove generated certificate directories + file: + path: "{{ item }}" + state: absent + with_items: + - "{{ openshift.common.config_base }}/generated-configs" + - name: Remove generated certificates + file: + path: "{{ openshift.common.config_base }}/master/{{ item }}" + state: absent + with_items: + - "{{ hostvars[inventory_hostname] | certificates_to_synchronize(include_keys=false, include_ca=false) }}" + - "etcd.server.crt" + - "etcd.server.key" + - "master.server.crt" + - "master.server.key" + - "openshift-master.crt" + - "openshift-master.key" + - "openshift-master.kubeconfig" |