diff options
Diffstat (limited to 'roles/openshift_master_certificates/tasks/main.yml')
-rw-r--r-- | roles/openshift_master_certificates/tasks/main.yml | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml new file mode 100644 index 000000000..bb23cf4f4 --- /dev/null +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -0,0 +1,48 @@ +--- +- name: Ensure the generated_configs directory present + file: + path: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}" + state: directory + mode: 0700 + with_items: masters_needing_certs + +- file: + src: "{{ openshift_master_config_dir }}/{{ item.1 }}" + dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: hard + with_nested: + - masters_needing_certs + - - ca.crt + - ca.key + - ca.serial.txt + - admin.crt + - admin.key + - admin.kubeconfig + - master.kubelet-client.crt + - master.kubelet-client.key + - openshift-master.crt + - openshift-master.key + - openshift-master.kubeconfig + - openshift-registry.crt + - openshift-registry.key + - openshift-registry.kubeconfig + - openshift-router.crt + - openshift-router.key + - openshift-router.kubeconfig + - serviceaccounts.private.key + - serviceaccounts.public.key + + +- name: Create the master certificates if they do not already exist + command: > + {{ openshift.common.admin_binary }} create-master-certs + --hostnames={{ item.openshift.common.all_hostnames | join(',') }} + --master={{ item.openshift.master.api_url }} + --public-master={{ item.openshift.master.public_api_url }} + --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }} + --overwrite=false + args: + creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt" + with_items: masters_needing_certs + + |