diff options
| author | Andrew Butcher <abutcher@redhat.com> | 2016-05-17 10:24:41 -0400 |
|---|---|---|
| committer | Andrew Butcher <abutcher@redhat.com> | 2016-05-19 14:54:56 -0400 |
| commit | c9cd222f8eab56a31c6ff237739653672c7010af (patch) | |
| tree | 10a0eea158d4e5360f90ccc65837012a87e9dcf4 /roles/openshift_ca/tasks | |
| parent | c78e91c7d4a304cc5d20135e96206008407c5f6f (diff) | |
| download | openshift-c9cd222f8eab56a31c6ff237739653672c7010af.tar.gz openshift-c9cd222f8eab56a31c6ff237739653672c7010af.tar.bz2 openshift-c9cd222f8eab56a31c6ff237739653672c7010af.tar.xz openshift-c9cd222f8eab56a31c6ff237739653672c7010af.zip | |
Consolidate ca/master/node certificates roles into openshift_certificates.
Diffstat (limited to 'roles/openshift_ca/tasks')
| -rw-r--r-- | roles/openshift_ca/tasks/main.yml | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml new file mode 100644 index 000000000..497473f22 --- /dev/null +++ b/roles/openshift_ca/tasks/main.yml @@ -0,0 +1,56 @@ +--- +- fail: + msg: "openshift_ca_host variable must be defined for this role" + when: openshift_ca_host is not defined + +- name: Install the base package for admin tooling + action: > + {{ ansible_pkg_mgr }} + name={{ openshift.common.service_type }}{{ openshift_version }} + state=present + when: not openshift.common.is_containerized | bool + register: install_result + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Reload generated facts + openshift_facts: + when: install_result | changed + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Create openshift_ca_config_dir if it does not exist + file: + path: "{{ openshift_ca_config_dir }}" + state: directory + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Determine if CA must be created + stat: + path: "{{ openshift_ca_config_dir }}/{{ item }}" + register: g_master_ca_stat_result + with_items: + - ca.crt + - ca.key + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- set_fact: + master_ca_missing: "{{ False in (g_master_ca_stat_result.results + | oo_collect(attribute='stat.exists') + | list) }}" + delegate_to: "{{ openshift_ca_host }}" + run_once: true + +- name: Create the master certificates if they do not already exist + command: > + {{ openshift.common.admin_binary }} create-master-certs + --hostnames={{ openshift_master_hostnames | join(',') }} + --master={{ openshift.master.api_url }} + --public-master={{ openshift.master.public_api_url }} + --cert-dir={{ openshift_ca_config_dir }} + --overwrite=false + when: hostvars[openshift_ca_host].master_ca_missing | bool + delegate_to: "{{ openshift_ca_host }}" + run_once: true |