From 61e2d5d539677a236b48ee92ad7b618a232e3833 Mon Sep 17 00:00:00 2001
From: Jan Chaloupka <jchaloup@redhat.com>
Date: Tue, 4 Jul 2017 15:25:02 +0200
Subject: drop etcdctl before the etcd_container service

If the etcdctl is dropped after the etcd_container is enabled,
label of /var/lib/etcd directory is set to var_lib_t instead of virt_sandbox_file_t.
---
 roles/etcd/tasks/main.yml                | 12 ++++++------
 roles/etcd/templates/etcd.docker.service |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'roles/etcd')

diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 586aebb11..f0661209f 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -10,6 +10,12 @@
   package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
   when: not etcd_is_containerized | bool
 
+- include_role:
+    name: etcd_common
+  vars:
+    r_etcd_common_action: drop_etcdctl
+  when: openshift_etcd_etcdctl_profile | default(true) | bool
+
 - block:
   - name: Pull etcd container
     command: docker pull {{ openshift.etcd.etcd_image }}
@@ -120,12 +126,6 @@
     enabled: yes
   register: start_result
 
-- include_role:
-    name: etcd_common
-  vars:
-    r_etcd_common_action: drop_etcdctl
-  when: openshift_etcd_etcdctl_profile | default(true) | bool
-
 - name: Set fact etcd_service_status_changed
   set_fact:
     etcd_service_status_changed: "{{ start_result | changed }}"
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
index d9327f433..adeca7a91 100644
--- a/roles/etcd/templates/etcd.docker.service
+++ b/roles/etcd/templates/etcd.docker.service
@@ -7,7 +7,7 @@ PartOf={{ openshift.docker.service_name }}.service
 [Service]
 EnvironmentFile={{ etcd_conf_file }}
 ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
-ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --security-opt label=type:spc_t --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
+ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
 ExecStop=/usr/bin/docker stop {{ etcd_service }}
 SyslogIdentifier=etcd_container
 Restart=always
-- 
cgit v1.2.3