diff options
Diffstat (limited to 'playbooks/common/openshift-cluster/redeploy-certificates')
| -rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/ca.yml | 21 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/masters.yml | 8 |
2 files changed, 29 insertions, 0 deletions
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml index 0b1c39ba4..9d4d3ea26 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml @@ -160,6 +160,27 @@ yaml_key: servingInfo.clientCA yaml_value: ca-bundle.crt when: (g_master_config_output.content|b64decode|from_yaml).servingInfo.clientCA != 'ca-bundle.crt' + - modify_yaml: + dest: "{{ openshift.common.config_base }}/master/master-config.yaml" + yaml_key: etcdClientInfo.ca + yaml_value: ca-bundle.crt + when: + - groups.oo_etcd_to_config | default([]) | length == 0 + - (g_master_config_output.content|b64decode|from_yaml).etcdClientInfo.ca != 'ca-bundle.crt' + - modify_yaml: + dest: "{{ openshift.common.config_base }}/master/master-config.yaml" + yaml_key: etcdConfig.peerServingInfo.clientCA + yaml_value: ca-bundle.crt + when: + - groups.oo_etcd_to_config | default([]) | length == 0 + - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.peerServingInfo.clientCA != 'ca-bundle.crt' + - modify_yaml: + dest: "{{ openshift.common.config_base }}/master/master-config.yaml" + yaml_key: etcdConfig.servingInfo.clientCA + yaml_value: ca-bundle.crt + when: + - groups.oo_etcd_to_config | default([]) | length == 0 + - (g_master_config_output.content|b64decode|from_yaml).etcdConfig.servingInfo.clientCA != 'ca-bundle.crt' - name: Copy current OpenShift CA to legacy directory hosts: oo_masters_to_config diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml index f653a111f..c30889d64 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml @@ -36,6 +36,14 @@ - "openshift-master.crt" - "openshift-master.key" - "openshift-master.kubeconfig" + - name: Remove generated etcd client certificates + file: + path: "{{ openshift.common.config_base }}/master/{{ item }}" + state: absent + with_items: + - "master.etcd-client.crt" + - "master.etcd-client.key" + when: groups.oo_etcd_to_config | default([]) | length == 0 roles: - role: openshift_master_certificates openshift_master_etcd_hosts: "{{ hostvars |