From 0b80aca421a89b10a8254f03e1339d1ddfbd54f1 Mon Sep 17 00:00:00 2001
From: Russell Teague <rteague@redhat.com>
Date: Fri, 1 Dec 2017 09:24:45 -0500
Subject: Playbook Consolidation - Redeploy Certificates

---
 .../redeploy-certificates/etcd-ca.yml              | 101 ---------------------
 1 file changed, 101 deletions(-)
 delete mode 100644 playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml

(limited to 'playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml')

diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
deleted file mode 100644
index 438f704bc..000000000
--- a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
+++ /dev/null
@@ -1,101 +0,0 @@
----
-- name: Check cert expirys
-  hosts: oo_etcd_to_config:oo_masters_to_config
-  vars:
-    openshift_certificate_expiry_show_all: yes
-  roles:
-  # Sets 'check_results' per host which contains health status for
-  # etcd, master and node certificates.  We will use 'check_results'
-  # to determine if any certificates were expired prior to running
-  # this playbook. Service restarts will be skipped if any
-  # certificates were previously expired.
-  - role: openshift_certificate_expiry
-
-- name: Backup existing etcd CA certificate directories
-  hosts: oo_etcd_to_config
-  tasks:
-  - include_role:
-      name: etcd
-      tasks_from: backup_ca_certificates
-  - include_role:
-      name: etcd
-      tasks_from: remove_ca_certificates
-
-- include: ../../../openshift-etcd/private/ca.yml
-
-- name: Create temp directory for syncing certs
-  hosts: localhost
-  connection: local
-  become: no
-  gather_facts: no
-  tasks:
-  - name: Create local temp directory for syncing certs
-    local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
-    register: g_etcd_mktemp
-    changed_when: false
-
-- name: Distribute etcd CA to etcd hosts
-  hosts: oo_etcd_to_config
-  tasks:
-  - include_role:
-      name: etcd
-      tasks_from: distribute_ca.yml
-    vars:
-      etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
-      etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
-
-- include: ../../../openshift-etcd/private/restart.yml
-  # Do not restart etcd when etcd certificates were previously expired.
-  when: ('expired' not in (hostvars
-                           | oo_select_keys(groups['etcd'])
-                           | oo_collect('check_results.check_results.etcd')
-                           | oo_collect('health')))
-
-- name: Retrieve etcd CA certificate
-  hosts: oo_first_etcd
-  tasks:
-  - include_role:
-      name: etcd
-      tasks_from: retrieve_ca_certificates
-    vars:
-      etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
-
-- name: Distribute etcd CA to masters
-  hosts: oo_masters_to_config
-  vars:
-    openshift_ca_host: "{{ groups.oo_first_master.0 }}"
-  tasks:
-  - name: Deploy etcd CA
-    copy:
-      src: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}/ca.crt"
-      dest: "{{ openshift.common.config_base }}/master/master.etcd-ca.crt"
-    when: groups.oo_etcd_to_config | default([]) | length > 0
-
-- name: Delete temporary directory on localhost
-  hosts: localhost
-  connection: local
-  become: no
-  gather_facts: no
-  tasks:
-  - file:
-      name: "{{ g_etcd_mktemp.stdout }}"
-      state: absent
-    changed_when: false
-
-- include: ../../../openshift-master/private/restart.yml
-  # Do not restart masters when master or etcd certificates were previously expired.
-  when:
-  # masters
-  - ('expired' not in hostvars
-      | oo_select_keys(groups['oo_masters_to_config'])
-      | oo_collect('check_results.check_results.ocp_certs')
-      | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"}))
-  - ('expired' not in hostvars
-      | oo_select_keys(groups['oo_masters_to_config'])
-      | oo_collect('check_results.check_results.ocp_certs')
-      | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"}))
-  # etcd
-  - ('expired' not in (hostvars
-      | oo_select_keys(groups['etcd'])
-      | oo_collect('check_results.check_results.etcd')
-      | oo_collect('health')))
-- 
cgit v1.2.3