|
|
@@ -18,9 +18,9 @@
|
|
|
stat:
|
|
|
path: "{{ openshift.common.config_base }}/node/{{ item }}"
|
|
|
with_items:
|
|
|
- - "system:node:{{ openshift.common.hostname }}.crt"
|
|
|
- - "system:node:{{ openshift.common.hostname }}.key"
|
|
|
- - "system:node:{{ openshift.common.hostname }}.kubeconfig"
|
|
|
+ - "system:node:{{ openshift.common.hostname | lower }}.crt"
|
|
|
+ - "system:node:{{ openshift.common.hostname | lower }}.key"
|
|
|
+ - "system:node:{{ openshift.common.hostname | lower }}.kubeconfig"
|
|
|
- ca.crt
|
|
|
- server.key
|
|
|
- server.crt
|
|
|
@@ -59,16 +59,16 @@
|
|
|
--certificate-authority {{ legacy_ca_certificate }}
|
|
|
{% endfor %}
|
|
|
--certificate-authority={{ openshift_ca_cert }}
|
|
|
- --client-dir={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}
|
|
|
+ --client-dir={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname | lower }}
|
|
|
--groups=system:nodes
|
|
|
--master={{ hostvars[openshift_ca_host].openshift.master.api_url }}
|
|
|
--signer-cert={{ openshift_ca_cert }}
|
|
|
--signer-key={{ openshift_ca_key }}
|
|
|
--signer-serial={{ openshift_ca_serial }}
|
|
|
- --user=system:node:{{ hostvars[item].openshift.common.hostname }}
|
|
|
+ --user=system:node:{{ hostvars[item].openshift.common.hostname | lower }}
|
|
|
--expire-days={{ openshift_node_cert_expire_days }}
|
|
|
args:
|
|
|
- creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}"
|
|
|
+ creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname | lower }}"
|
|
|
with_items: "{{ hostvars
|
|
|
| lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
|
|
|
| lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
|
|
|
@@ -78,16 +78,16 @@
|
|
|
- name: Generate the node server certificate
|
|
|
command: >
|
|
|
{{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-server-cert
|
|
|
- --cert={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt
|
|
|
- --key={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.key
|
|
|
+ --cert={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname | lower }}/server.crt
|
|
|
+ --key={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname | lower }}/server.key
|
|
|
--expire-days={{ openshift_node_cert_expire_days }}
|
|
|
--overwrite=true
|
|
|
- --hostnames={{ hostvars[item].openshift.common.hostname }},{{ hostvars[item].openshift.common.public_hostname }},{{ hostvars[item].openshift.common.ip }},{{ hostvars[item].openshift.common.public_ip }}
|
|
|
+ --hostnames={{ hostvars[item].openshift.common.hostname }},{{ hostvars[item].openshift.common.hostname | lower }},{{ hostvars[item].openshift.common.public_hostname }},{{ hostvars[item].openshift.common.public_hostname | lower }},{{ hostvars[item].openshift.common.ip }},{{ hostvars[item].openshift.common.public_ip }}
|
|
|
--signer-cert={{ openshift_ca_cert }}
|
|
|
--signer-key={{ openshift_ca_key }}
|
|
|
--signer-serial={{ openshift_ca_serial }}
|
|
|
args:
|
|
|
- creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt"
|
|
|
+ creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname | lower }}/server.crt"
|
|
|
with_items: "{{ hostvars
|
|
|
| lib_utils_oo_select_keys(groups['oo_nodes_to_config'])
|
|
|
| lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}"
|
Vadim Rutkovsky