| 123456789101112131415161718192021222324252627282930313233 |
- ---
- - name: Create openshift_generated_configs_dir if it doesn't exist
- file:
- path: "{{ openshift_generated_configs_dir }}"
- state: directory
- - name: Create openshift_generated_configs_dir for each etcd host
- file:
- path: "{{ openshift_generated_configs_dir }}/etcd-{{ item.openshift.common.hostname}}"
- state: directory
- with_items: etcd_hosts_needing_certs
- - name: Generate the etcd client side certs
- delegate_to: "{{ openshift_first_master }}"
- command: >
- {{ openshift.common.admin_binary }} create-server-cert
- --cert=client.crt --key=client.key --overwrite=true
- --hostnames={{ [item.openshift.common.hostname, item.openshift.common.public_hostname, item.openshift.common.ip]|unique|join(",") }}
- --signer-cert={{ openshift_master_ca_cert }}
- --signer-key={{ openshift_master_ca_key }}
- --signer-serial={{ openshift_master_ca_serial }}
- args:
- chdir: "{{ openshift_generated_configs_dir }}/etcd-{{ item.openshift.common.hostname }}"
- creates: "{{ openshift_generated_configs_dir }}/etcd-{{ item.openshift.common.hostname }}/client.crt"
- with_items: etcd_hosts_needing_certs
- - name: Copy CA cert
- delegate_to: "{{ openshift_first_master }}"
- command: "cp {{ openshift_master_ca_cert }} ."
- args:
- chdir: "{{ openshift_generated_configs_dir }}/etcd-{{ item.openshift.common.hostname }}"
- creates: "{{ openshift_generated_configs_dir }}/etcd-{{ item.openshift.common.hostname }}/ca.crt"
- with_items: etcd_hosts_needing_certs
|
