diff options
| author | Scott Dodson <sdodson@redhat.com> | 2017-08-23 14:19:32 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-08-23 14:19:32 -0400 |
| commit | 6968359e77172a8a332d95b5cd146e475d688c7e (patch) | |
| tree | 71546b462e798c54b7711abc816165ec3689a326 /roles/openshift_master/tasks | |
| parent | 66f5e69759542ab8a2b5a5698c192894d9274699 (diff) | |
| parent | 435bbcb4af02ddedaa2ebcbea48b00f2bbf4d164 (diff) | |
| download | openshift-6968359e77172a8a332d95b5cd146e475d688c7e.tar.gz openshift-6968359e77172a8a332d95b5cd146e475d688c7e.tar.bz2 openshift-6968359e77172a8a332d95b5cd146e475d688c7e.tar.xz openshift-6968359e77172a8a332d95b5cd146e475d688c7e.zip | |
Merge pull request #5011 from kwoodson/provision
AWS Provisioning with scale groups.
Diffstat (limited to 'roles/openshift_master/tasks')
| -rw-r--r-- | roles/openshift_master/tasks/bootstrap.yml | 28 | ||||
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 18 |
2 files changed, 46 insertions, 0 deletions
diff --git a/roles/openshift_master/tasks/bootstrap.yml b/roles/openshift_master/tasks/bootstrap.yml new file mode 100644 index 000000000..0013f5289 --- /dev/null +++ b/roles/openshift_master/tasks/bootstrap.yml @@ -0,0 +1,28 @@ +--- + +- name: ensure the node-bootstrap service account exists + oc_serviceaccount: + name: node-bootstrapper + namespace: openshift-infra + state: present + run_once: true + +- name: grant node-bootstrapper the correct permissions to bootstrap + oc_adm_policy_user: + namespace: openshift-infra + user: system:serviceaccount:openshift-infra:node-bootstrapper + resource_kind: cluster-role + resource_name: system:node-bootstrapper + state: present + run_once: true + +# TODO: create a module for this command. +# oc_serviceaccounts_kubeconfig +- name: create service account kubeconfig with csr rights + command: "oc serviceaccounts create-kubeconfig node-bootstrapper -n openshift-infra" + register: kubeconfig_out + +- name: put service account kubeconfig into a file on disk for bootstrap + copy: + content: "{{ kubeconfig_out.stdout }}" + dest: "{{ openshift_master_config_dir }}/bootstrap.kubeconfig" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index a11471891..b80941b48 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -218,6 +218,20 @@ - restart master api - restart master controllers +- name: modify controller args + yedit: + src: /etc/origin/master/master-config.yaml + edits: + - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file + value: + - /etc/origin/master/ca.crt + - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file + value: + - /etc/origin/master/ca.key + notify: + - restart master controllers + when: openshift_master_bootstrap_enabled | default(False) + - include: set_loopback_context.yml when: - openshift.common.version_gte_3_2_or_1_2 @@ -366,3 +380,7 @@ shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster when: - l_install_result | changed + +- name: node bootstrap settings + include: bootstrap.yml + when: openshift_master_bootstrap_enabled | default(False) |