3 files changed, 12 insertions, 1 deletions

diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 691227915..626248306 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -153,7 +153,7 @@
   # Using curl here since the uri module requires python-httplib2 and
   # wait_for port doesn't provide health information.
   command: >
-    curl --silent --cacert {{ openshift.common.config_base }}/node/ca.crt
+    curl --silent --tlsv1.2 --cacert {{ openshift.common.config_base }}/node/ca.crt
     {{ openshift_node_master_api_url }}/healthz/ready
   args:
     # Disables the following warning:
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index d3c3feb68..f2f929232 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -40,6 +40,15 @@ servingInfo:
   certFile: server.crt
   clientCA: ca.crt
   keyFile: server.key
+{% if openshift_node_min_tls_version is defined %}
+  minTLSVersion: {{ openshift_node_min_tls_version }}
+{% endif %}
+{% if openshift_node_cipher_suites is defined %}
+  cipherSuites:
+{% for cipher_suite in openshift_node_cipher_suites %}
+  - {{ cipher_suite }}
+{% endfor %}
+{% endif %}
 volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes
 proxyArguments:
   proxy-mode:
diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service
index 6ec88f85e..b4fd5aeb0 100644
--- a/roles/openshift_node/templates/openshift.docker.node.service
+++ b/roles/openshift_node/templates/openshift.docker.node.service
@@ -6,6 +6,8 @@ PartOf=docker.service
 Requires=docker.service
 {% if openshift.common.use_openshift_sdn %}
 Requires=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
 {% endif %}
 Wants={{ openshift.common.service_type }}-master.service
 Requires={{ openshift.common.service_type }}-node-dep.service