diff options
Diffstat (limited to 'roles/openshift_master_certificates')
| -rw-r--r-- | roles/openshift_master_certificates/README.md | 34 | ||||
| -rw-r--r-- | roles/openshift_master_certificates/meta/main.yml | 16 | ||||
| -rw-r--r-- | roles/openshift_master_certificates/tasks/main.yml | 47 | ||||
| -rw-r--r-- | roles/openshift_master_certificates/vars/main.yml | 3 |
4 files changed, 100 insertions, 0 deletions
diff --git a/roles/openshift_master_certificates/README.md b/roles/openshift_master_certificates/README.md new file mode 100644 index 000000000..ba3d5f28c --- /dev/null +++ b/roles/openshift_master_certificates/README.md @@ -0,0 +1,34 @@ +OpenShift Master Certificates +======================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License Version 2.0 + +Author Information +------------------ + +Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/openshift_master_certificates/meta/main.yml b/roles/openshift_master_certificates/meta/main.yml new file mode 100644 index 000000000..fd7b73b0f --- /dev/null +++ b/roles/openshift_master_certificates/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.8 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud + - system +dependencies: +- { role: openshift_master_ca } diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml new file mode 100644 index 000000000..e4602337e --- /dev/null +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -0,0 +1,47 @@ +--- +- name: Ensure the generated_configs directory present + file: + path: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}" + state: directory + mode: 0700 + with_items: masters_needing_certs + +- file: + src: "{{ openshift_master_config_dir }}/{{ item.1 }}" + dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: hard + with_nested: + - masters_needing_certs + - - ca.crt + - ca.key + - ca.serial.txt + - admin.crt + - admin.key + - admin.kubeconfig + - master.kubelet-client.crt + - master.kubelet-client.key + - "{{ 'master.proxy-client.crt' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" + - "{{ 'master.proxy-client.key' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" + - openshift-master.crt + - openshift-master.key + - openshift-master.kubeconfig + - openshift-registry.crt + - openshift-registry.key + - openshift-registry.kubeconfig + - openshift-router.crt + - openshift-router.key + - openshift-router.kubeconfig + - serviceaccounts.private.key + - serviceaccounts.public.key + + +- name: Create the master certificates if they do not already exist + command: > + {{ openshift.common.admin_binary }} create-master-certs + --hostnames={{ item.openshift.common.all_hostnames | join(',') }} + --master={{ item.openshift.master.api_url }} + --public-master={{ item.openshift.master.public_api_url }} + --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }} + --overwrite=false + when: master_certs_missing + with_items: masters_needing_certs diff --git a/roles/openshift_master_certificates/vars/main.yml b/roles/openshift_master_certificates/vars/main.yml new file mode 100644 index 000000000..3f18ddc79 --- /dev/null +++ b/roles/openshift_master_certificates/vars/main.yml @@ -0,0 +1,3 @@ +--- +openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs" +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" |