diff options
Diffstat (limited to 'roles/openshift_master/tasks/main.yml')
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 44 |
1 files changed, 13 insertions, 31 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index aa5e593b6..dd66eeebb 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -15,7 +15,7 @@ when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method not in ["native", "pacemaker"])) - fail: msg: "'native' high availability is not supported for the requested OpenShift version" - when: openshift_master_ha | bool and openshift_master_cluster_method == "native" and not openshift.common.version_greater_than_3_1_or_1_1 | bool + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" and not openshift.common.version_gte_3_1_or_1_1 | bool - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and (openshift_master_cluster_password is not defined or not openshift_master_cluster_password) @@ -221,6 +221,9 @@ template: dest: "{{ openshift.master.session_secrets_file }}" src: sessionSecretsFile.yaml.v1.j2 + owner: root + group: root + mode: 0600 when: openshift.master.session_auth_secrets is defined and openshift.master.session_encryption_secrets is defined notify: - restart master @@ -235,41 +238,16 @@ dest: "{{ openshift_master_config_file }}" src: master.yaml.v1.j2 backup: true + owner: root + group: root + mode: 0600 notify: - restart master - restart master api - restart master controllers -- name: Test local loopback context - command: > - {{ openshift.common.client_binary }} config view - --config={{ openshift_master_loopback_config }} - changed_when: false - register: loopback_config - -- command: > - {{ openshift.common.client_binary }} config set-cluster - --certificate-authority={{ openshift_master_config_dir }}/ca.crt - --embed-certs=true --server={{ openshift.master.loopback_api_url }} - {{ openshift.master.loopback_cluster_name }} - --config={{ openshift_master_loopback_config }} - when: loopback_context_string not in loopback_config.stdout - register: set_loopback_cluster - -- command: > - {{ openshift.common.client_binary }} config set-context - --cluster={{ openshift.master.loopback_cluster_name }} - --namespace=default --user={{ openshift.master.loopback_user }} - {{ openshift.master.loopback_context_name }} - --config={{ openshift_master_loopback_config }} - when: set_loopback_cluster | changed - register: set_loopback_context - -- command: > - {{ openshift.common.client_binary }} config use-context {{ openshift.master.loopback_context_name }} - --config={{ openshift_master_loopback_config }} - when: set_loopback_context | changed - register: set_current_context +- include: set_loopback_context.yml + when: openshift.common.version_gte_3_2_or_1_2 - name: Start and enable master service: name={{ openshift.common.service_type }}-master enabled=yes state=started @@ -285,6 +263,10 @@ master_service_status_changed: "{{ start_result | changed }}" when: not openshift_master_ha | bool +- name: Mask master service + command: systemctl mask {{ openshift.common.service_type }}-master + when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' and not openshift.common.is_containerized | bool + - name: Start and enable master api service: name={{ openshift.common.service_type }}-master-api enabled=yes state=started when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' |