summaryrefslogtreecommitdiffstats
path: root/playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml
diff options
context:
space:
mode:
authorAndrew Butcher <abutcher@redhat.com>2016-10-26 14:59:05 -0400
committerAndrew Butcher <abutcher@redhat.com>2017-02-02 15:29:11 -0500
commit917e871843192b107776ce8459b87f3960e455ed (patch)
tree08acb27fa87578137bb21917487c2521cd08aa82 /playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml
parentc9480811d2222693abe4460ca42c292b289a0ef4 (diff)
downloadopenshift-917e871843192b107776ce8459b87f3960e455ed.tar.gz
openshift-917e871843192b107776ce8459b87f3960e455ed.tar.bz2
openshift-917e871843192b107776ce8459b87f3960e455ed.tar.xz
openshift-917e871843192b107776ce8459b87f3960e455ed.zip
Restructure certificate redeploy playbooks
Diffstat (limited to 'playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml')
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml29
1 files changed, 29 insertions, 0 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml b/playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml
new file mode 100644
index 000000000..4990a03f2
--- /dev/null
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml
@@ -0,0 +1,29 @@
+---
+- name: Ensure node directory is absent from generated configs
+ hosts: oo_first_master
+ tasks:
+ # The generated configs directory (/etc/origin/generated-configs) is
+ # backed up during redeployment of the control plane certificates.
+ # We need to ensure that the generated config directory for
+ # individual nodes has been deleted before continuing, so verify
+ # that it is missing here.
+ - name: Ensure node directories and tarballs are absent from generated configs
+ shell: >
+ rm -rf {{ openshift.common.config_base }}/generated-configs/node-*
+ args:
+ warn: no
+
+- name: Redeploy node certificates
+ hosts: oo_nodes_to_config
+ pre_tasks:
+ - name: Remove CA certificate
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - "{{ openshift.common.config_base }}/node/ca.crt"
+ roles:
+ - role: openshift_node_certificates
+ openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
+ openshift_certificates_redeploy: true
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 00:06:51 +0000