diff options
| author | Andrew Butcher <abutcher@redhat.com> | 2016-05-24 10:42:55 -0400 |
|---|---|---|
| committer | Andrew Butcher <abutcher@redhat.com> | 2016-08-02 10:40:16 -0400 |
| commit | dbb140a649a5540102e3af1d74cbacdd12f1d04a (patch) | |
| tree | e629c528cc1089a64cb2bb6f3f5466a355a11b41 /roles/etcd_certificates | |
| parent | af6025be5c26e505e2577f84528d7bcf78f046e2 (diff) | |
| download | openshift-dbb140a649a5540102e3af1d74cbacdd12f1d04a.tar.gz openshift-dbb140a649a5540102e3af1d74cbacdd12f1d04a.tar.bz2 openshift-dbb140a649a5540102e3af1d74cbacdd12f1d04a.tar.xz openshift-dbb140a649a5540102e3af1d74cbacdd12f1d04a.zip | |
Refactor etcd certificates roles.
Diffstat (limited to 'roles/etcd_certificates')
| -rw-r--r-- | roles/etcd_certificates/README.md | 34 | ||||
| -rw-r--r-- | roles/etcd_certificates/meta/main.yml | 16 | ||||
| -rw-r--r-- | roles/etcd_certificates/tasks/client.yml | 42 | ||||
| -rw-r--r-- | roles/etcd_certificates/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/etcd_certificates/tasks/server.yml | 71 |
5 files changed, 0 insertions, 169 deletions
diff --git a/roles/etcd_certificates/README.md b/roles/etcd_certificates/README.md deleted file mode 100644 index 95f8f8aab..000000000 --- a/roles/etcd_certificates/README.md +++ /dev/null @@ -1,34 +0,0 @@ -OpenShift etcd certificates -======================== - -TODO - -Requirements ------------- - -TODO - -Role Variables --------------- - -TODO - -Dependencies ------------- - -TODO - -Example Playbook ----------------- - -TODO - -License -------- - -Apache License Version 2.0 - -Author Information ------------------- - -Scott Dodson (sdodson@redhat.com) diff --git a/roles/etcd_certificates/meta/main.yml b/roles/etcd_certificates/meta/main.yml deleted file mode 100644 index 41370fab4..000000000 --- a/roles/etcd_certificates/meta/main.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -galaxy_info: - author: Jason DeTiberus - description: - company: Red Hat, Inc. - license: Apache License, Version 2.0 - min_ansible_version: 1.8 - platforms: - - name: EL - versions: - - 7 - categories: - - cloud - - system -dependencies: -- { role: etcd_ca } diff --git a/roles/etcd_certificates/tasks/client.yml b/roles/etcd_certificates/tasks/client.yml deleted file mode 100644 index b497a46c0..000000000 --- a/roles/etcd_certificates/tasks/client.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -- name: Ensure generated_certs directory present - file: - path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - state: directory - mode: 0700 - with_items: "{{ etcd_needing_client_certs | default([]) }}" - -- name: Create the client csr - command: > - openssl req -new -keyout {{ item.etcd_cert_prefix }}client.key - -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}client.csr - -reqexts {{ etcd_req_ext }} -batch -nodes - -subj /CN={{ item.etcd_hostname }} - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'client.csr' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_client_certs | default([]) }}" - -- name: Sign and create the client crt - command: > - openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}client.crt - -in {{ item.etcd_cert_prefix }}client.csr - -batch - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'client.crt' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_client_certs | default([]) }}" - -- file: - src: "{{ etcd_ca_cert }}" - dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" - state: hard - with_items: "{{ etcd_needing_client_certs | default([]) }}" diff --git a/roles/etcd_certificates/tasks/main.yml b/roles/etcd_certificates/tasks/main.yml deleted file mode 100644 index 17092ca58..000000000 --- a/roles/etcd_certificates/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- include: client.yml - when: etcd_needing_client_certs | default([]) | length > 0 - -- include: server.yml - when: etcd_needing_server_certs | default([]) | length > 0 diff --git a/roles/etcd_certificates/tasks/server.yml b/roles/etcd_certificates/tasks/server.yml deleted file mode 100644 index 934b8b805..000000000 --- a/roles/etcd_certificates/tasks/server.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -- name: Ensure generated_certs directory present - file: - path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - state: directory - mode: 0700 - with_items: "{{ etcd_needing_server_certs | default([]) }}" - -- name: Create the server csr - command: > - openssl req -new -keyout {{ item.etcd_cert_prefix }}server.key - -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}server.csr - -reqexts {{ etcd_req_ext }} -batch -nodes - -subj /CN={{ item.etcd_hostname }} - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'server.csr' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" - -- name: Sign and create the server crt - command: > - openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}server.crt - -in {{ item.etcd_cert_prefix }}server.csr - -extensions {{ etcd_ca_exts_server }} -batch - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'server.crt' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" - -- name: Create the peer csr - command: > - openssl req -new -keyout {{ item.etcd_cert_prefix }}peer.key - -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}peer.csr - -reqexts {{ etcd_req_ext }} -batch -nodes - -subj /CN={{ item.etcd_hostname }} - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'peer.csr' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" - -- name: Sign and create the peer crt - command: > - openssl ca -name {{ etcd_ca_name }} -config {{ etcd_openssl_conf }} - -out {{ item.etcd_cert_prefix }}peer.crt - -in {{ item.etcd_cert_prefix }}peer.csr - -extensions {{ etcd_ca_exts_peer }} -batch - args: - chdir: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" - creates: "{{ etcd_generated_certs_dir ~ '/' ~ item.etcd_cert_subdir ~ '/' - ~ item.etcd_cert_prefix ~ 'peer.crt' }}" - environment: - SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" - -- file: - src: "{{ etcd_ca_cert }}" - dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" - state: hard - with_items: "{{ etcd_needing_server_certs | default([]) }}" |