summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--playbooks/byo/openshift-master/certificates.yml2
-rw-r--r--playbooks/byo/openshift-node/scaleup.yml2
-rw-r--r--playbooks/common/openshift-cluster/config.yml10
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml8
-rw-r--r--playbooks/common/openshift-etcd/config.yml4
-rw-r--r--playbooks/common/openshift-master/ca.yml8
-rw-r--r--playbooks/common/openshift-master/config.yml2
-rw-r--r--playbooks/common/openshift-master/scaleup.yml2
-rw-r--r--playbooks/common/openshift-node/config.yml2
-rw-r--r--roles/openshift_named_certificates/tasks/named_certificates.yml32
10 files changed, 15 insertions, 57 deletions
diff --git a/playbooks/byo/openshift-master/certificates.yml b/playbooks/byo/openshift-master/certificates.yml
index 26b964034..e147dcba1 100644
--- a/playbooks/byo/openshift-master/certificates.yml
+++ b/playbooks/byo/openshift-master/certificates.yml
@@ -3,6 +3,4 @@
- include: ../../common/openshift-cluster/std_include.yml
-- include: ../../common/openshift-master/ca.yml
-
- include: ../../common/openshift-master/certificates.yml
diff --git a/playbooks/byo/openshift-node/scaleup.yml b/playbooks/byo/openshift-node/scaleup.yml
index 9f992cca6..e0c36fb69 100644
--- a/playbooks/byo/openshift-node/scaleup.yml
+++ b/playbooks/byo/openshift-node/scaleup.yml
@@ -16,6 +16,4 @@
- include: ../../common/openshift-cluster/std_include.yml
-- include: ../../common/openshift-node/certificates.yml
-
- include: ../../common/openshift-node/config.yml
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 4ca0d48e4..96a43230d 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -18,10 +18,6 @@
- docker_image_availability
- docker_storage
-- include: ../openshift-etcd/ca.yml
-
-- include: ../openshift-etcd/certificates.yml
-
- include: ../openshift-etcd/config.yml
- include: ../openshift-nfs/config.yml
@@ -30,16 +26,10 @@
- include: ../openshift-loadbalancer/config.yml
when: groups.oo_lb_to_config | default([]) | count > 0
-- include: ../openshift-master/ca.yml
-
-- include: ../openshift-master/certificates.yml
-
- include: ../openshift-master/config.yml
- include: ../openshift-master/additional_config.yml
-- include: ../openshift-node/certificates.yml
-
- include: ../openshift-node/config.yml
- include: ../openshift-glusterfs/config.yml
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml
index 12cd209d2..e4193a00e 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/openshift-ca.yml
@@ -114,12 +114,18 @@
register: g_new_openshift_ca_mktemp
changed_when: false
-- include: ../../openshift-master/ca.yml
+- name: Create OpenShift CA
+ hosts: oo_first_master
vars:
# Set openshift_ca_config_dir to a temporary directory where CA
# will be created. We'll replace the existing CA with the CA
# created in the temporary directory.
openshift_ca_config_dir: "{{ hostvars[groups.oo_first_master.0].g_new_openshift_ca_mktemp.stdout }}"
+ roles:
+ - role: openshift_master_facts
+ - role: openshift_named_certificates
+ - role: openshift_ca
+ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- name: Create temp directory for syncing certs
hosts: localhost
diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml
index 2cae231b4..82539dac8 100644
--- a/playbooks/common/openshift-etcd/config.yml
+++ b/playbooks/common/openshift-etcd/config.yml
@@ -10,6 +10,10 @@
installer_phase_etcd: "In Progress"
aggregate: false
+- include: ca.yml
+
+- include: certificates.yml
+
- name: Configure etcd
hosts: oo_etcd_to_config
any_errors_fatal: true
diff --git a/playbooks/common/openshift-master/ca.yml b/playbooks/common/openshift-master/ca.yml
deleted file mode 100644
index 5bb796fa3..000000000
--- a/playbooks/common/openshift-master/ca.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Create OpenShift CA
- hosts: oo_masters_to_config
- roles:
- - role: openshift_master_facts
- - role: openshift_named_certificates
- - role: openshift_ca
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 766e0e501..bc1fee982 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -10,6 +10,8 @@
installer_phase_master: "In Progress"
aggregate: false
+- include: certificates.yml
+
- name: Disable excluders
hosts: oo_masters_to_config
gather_facts: no
diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml
index d007fac85..f4dc9df8a 100644
--- a/playbooks/common/openshift-master/scaleup.yml
+++ b/playbooks/common/openshift-master/scaleup.yml
@@ -47,8 +47,6 @@
- include: ../openshift-etcd/certificates.yml
-- include: ../openshift-master/certificates.yml
-
- include: ../openshift-master/config.yml
- include: ../openshift-loadbalancer/config.yml
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index 6fd8aa6f1..700aab48c 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -10,6 +10,8 @@
installer_phase_node: "In Progress"
aggregate: false
+- include: certificates.yml
+
- include: setup.yml
- include: containerized_nodes.yml
diff --git a/roles/openshift_named_certificates/tasks/named_certificates.yml b/roles/openshift_named_certificates/tasks/named_certificates.yml
deleted file mode 100644
index 7b097b443..000000000
--- a/roles/openshift_named_certificates/tasks/named_certificates.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-- name: Clear named certificates
- file:
- path: "{{ named_certs_dir }}"
- state: absent
- when: overwrite_named_certs | bool
-
-- name: Ensure named certificate directory exists
- file:
- path: "{{ named_certs_dir }}"
- state: directory
- mode: 0700
-
-- name: Land named certificates
- copy:
- src: "{{ item.certfile }}"
- dest: "{{ named_certs_dir }}"
- with_items: "{{ openshift_master_named_certificates | default([]) }}"
-
-- name: Land named certificate keys
- copy:
- src: "{{ item.keyfile }}"
- dest: "{{ named_certs_dir }}"
- mode: 0600
- with_items: "{{ openshift_master_named_certificates | default([]) }}"
-
-- name: Land named CA certificates
- copy:
- src: "{{ item }}"
- dest: "{{ named_certs_dir }}"
- mode: 0600
- with_items: "{{ openshift_master_named_certificates | default([]) | oo_collect('cafile') }}"