| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- ---
- - name: Ensure the generated_configs directory present
- file:
- path: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}"
- state: directory
- mode: 0700
- with_items: masters_needing_certs
- - file:
- src: "{{ openshift_master_config_dir }}/{{ item.1 }}"
- dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}"
- state: hard
- with_nested:
- - masters_needing_certs
- - - ca.crt
- - ca.key
- - ca.serial.txt
- - admin.crt
- - admin.key
- - admin.kubeconfig
- - master.kubelet-client.crt
- - master.kubelet-client.key
- - openshift-master.crt
- - openshift-master.key
- - openshift-master.kubeconfig
- - openshift-registry.crt
- - openshift-registry.key
- - openshift-registry.kubeconfig
- - openshift-router.crt
- - openshift-router.key
- - openshift-router.kubeconfig
- - serviceaccounts.private.key
- - serviceaccounts.public.key
- - name: Create the master certificates if they do not already exist
- command: >
- {{ openshift.common.admin_binary }} create-master-certs
- --hostnames={{ item.openshift.common.all_hostnames | join(',') }}
- --master={{ item.openshift.master.api_url }}
- --public-master={{ item.openshift.master.public_api_url }}
- --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}
- --overwrite=false
- args:
- creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt"
- with_items: masters_needing_certs
|
