| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- ---
- - name: Redeploy master certificates
- hosts: oo_masters_to_config
- any_errors_fatal: true
- vars:
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- openshift_master_count: "{{ openshift.master.master_count | default(groups.oo_masters | length) }}"
- pre_tasks:
- - stat:
- path: "{{ openshift_generated_configs_dir }}"
- register: openshift_generated_configs_dir_stat
- - name: Backup generated certificate and config directories
- command: >
- tar -czvf /etc/origin/master-node-cert-config-backup-{{ ansible_date_time.epoch }}.tgz
- {{ openshift_generated_configs_dir }}
- {{ openshift.common.config_base }}/master
- when: openshift_generated_configs_dir_stat.stat.exists
- delegate_to: "{{ openshift_ca_host }}"
- run_once: true
- - name: Remove generated certificate directories
- file:
- path: "{{ item }}"
- state: absent
- with_items:
- - "{{ openshift_generated_configs_dir }}"
- - name: Remove generated certificates
- file:
- path: "{{ openshift.common.config_base }}/master/{{ item }}"
- state: absent
- with_items:
- - "{{ hostvars[inventory_hostname] | certificates_to_synchronize(include_keys=false, include_ca=false) }}"
- - "etcd.server.crt"
- - "etcd.server.key"
- - "master.server.crt"
- - "master.server.key"
- - "openshift-master.crt"
- - "openshift-master.key"
- - "openshift-master.kubeconfig"
- roles:
- - role: openshift_master_certificates
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config'] | default([]))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
- openshift_certificates_redeploy: true
|
