From 7b316631a2b988318b47d3a50a7b66e3ff3fdbd2 Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Wed, 10 Jun 2015 10:31:39 -0400
Subject: Update for RC2 changes

Remove openshift-deployer.kubeconfig from master template
Sync config template
Update enterprise image names
Switch to node auto registration
Add deployer to list of serviceAccountConfig.managedNames
Move package installation before registering facts
change default kubeconfig location
Change system:openshift-client to system:openshift-master
Rename node cert/key/kubeconfig per openshift/origin#3160
Update references to /var/lib/openshift/openshift.local.certificates
---
 roles/openshift_node_certificates/README.md      | 34 +++++++++++++++++++++++
 roles/openshift_node_certificates/meta/main.yml  | 16 +++++++++++
 roles/openshift_node_certificates/tasks/main.yml | 35 ++++++++++++++++++++++++
 roles/openshift_node_certificates/vars/main.yml  |  8 ++++++
 4 files changed, 93 insertions(+)
 create mode 100644 roles/openshift_node_certificates/README.md
 create mode 100644 roles/openshift_node_certificates/meta/main.yml
 create mode 100644 roles/openshift_node_certificates/tasks/main.yml
 create mode 100644 roles/openshift_node_certificates/vars/main.yml

(limited to 'roles/openshift_node_certificates')

diff --git a/roles/openshift_node_certificates/README.md b/roles/openshift_node_certificates/README.md
new file mode 100644
index 000000000..c6304e4b0
--- /dev/null
+++ b/roles/openshift_node_certificates/README.md
@@ -0,0 +1,34 @@
+OpenShift Node Certificates
+========================
+
+TODO
+
+Requirements
+------------
+
+TODO
+
+Role Variables
+--------------
+
+TODO
+
+Dependencies
+------------
+
+TODO
+
+Example Playbook
+----------------
+
+TODO
+
+License
+-------
+
+Apache License Version 2.0
+
+Author Information
+------------------
+
+Jason DeTiberus (jdetiber@redhat.com)
diff --git a/roles/openshift_node_certificates/meta/main.yml b/roles/openshift_node_certificates/meta/main.yml
new file mode 100644
index 000000000..f3236e850
--- /dev/null
+++ b/roles/openshift_node_certificates/meta/main.yml
@@ -0,0 +1,16 @@
+---
+galaxy_info:
+  author: Jason DeTiberus
+  description:
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 1.8
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
+  - system
+dependencies:
+- { role: openshift_facts }
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
new file mode 100644
index 000000000..1b68bc673
--- /dev/null
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+- name: Create openshift_generated_configs_dir if it doesn't exist
+  file:
+    path: "{{ openshift_generated_configs_dir }}"
+    state: directory
+
+- name: Generate the node client config
+  command: >
+    {{ openshift.common.admin_binary }} create-api-client-config
+      --certificate-authority={{ openshift_master_ca_cert }}
+      --client-dir={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}
+      --groups=system:nodes
+      --master={{ openshift.master.api_url }}
+      --signer-cert={{ openshift_master_ca_cert }}
+      --signer-key={{ openshift_master_ca_key }}
+      --signer-serial={{ openshift_master_ca_serial }}
+      --user=system:node:{{ item.openshift.common.hostname }}
+  args:
+    chdir: "{{ openshift_generated_configs_dir }}"
+    creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}"
+  with_items: nodes_needing_certs
+
+- name: Generate the node server certificate
+  delegate_to: "{{ openshift_first_master }}"
+  command: >
+    {{ openshift.common.admin_binary }} create-server-cert
+      --cert=server.crt --key=server.key --overwrite=true
+      --hostnames={{ [item.openshift.common.hostname, item.openshift.common.public_hostname]|unique|join(",") }}
+      --signer-cert={{ openshift_master_ca_cert }}
+      --signer-key={{ openshift_master_ca_key }}
+      --signer-serial={{ openshift_master_ca_serial }}
+  args:
+    chdir: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}"
+    creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt"
+  with_items: nodes_needing_certs
diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml
new file mode 100644
index 000000000..3801b8427
--- /dev/null
+++ b/roles/openshift_node_certificates/vars/main.yml
@@ -0,0 +1,8 @@
+---
+openshift_node_config_dir: /etc/openshift/node
+openshift_master_config_dir: /etc/openshift/master
+openshift_generated_configs_dir: /etc/openshift/generated-configs
+openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt"
+openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key"
+openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
+openshift_kube_api_version: v1beta3
-- 
cgit v1.2.3