diff options
Diffstat (limited to 'roles/openshift_node')
-rw-r--r-- | roles/openshift_node/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_node/templates/node.yaml.v1.j2 | 9 |
2 files changed, 10 insertions, 1 deletions
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 691227915..626248306 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -153,7 +153,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent --cacert {{ openshift.common.config_base }}/node/ca.crt + curl --silent --tlsv1.2 --cacert {{ openshift.common.config_base }}/node/ca.crt {{ openshift_node_master_api_url }}/healthz/ready args: # Disables the following warning: diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index d3c3feb68..f2f929232 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -40,6 +40,15 @@ servingInfo: certFile: server.crt clientCA: ca.crt keyFile: server.key +{% if openshift_node_min_tls_version is defined %} + minTLSVersion: {{ openshift_node_min_tls_version }} +{% endif %} +{% if openshift_node_cipher_suites is defined %} + cipherSuites: +{% for cipher_suite in openshift_node_cipher_suites %} + - {{ cipher_suite }} +{% endfor %} +{% endif %} volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes proxyArguments: proxy-mode: |