| 12345678910111213141516171819202122232425262728293031323334353637 |
- #
- # These tasks configure the instance to periodically update the project metadata with the
- # latest bootstrap kubeconfig from the project metadata. This keeps the project metadata
- # in sync with the cluster's configuration. We then invoke a CSR approve on any nodes that
- # are waiting to join the cluster.
- #
- ---
- - name: Copy unit service
- copy:
- src: openshift-bootstrap-update.timer
- dest: /etc/systemd/system/openshift-bootstrap-update.timer
- owner: root
- group: root
- mode: 0664
- - name: Copy unit timer
- copy:
- src: openshift-bootstrap-update.service
- dest: /etc/systemd/system/openshift-bootstrap-update.service
- owner: root
- group: root
- mode: 0664
- - name: Create bootstrap update script
- template: src=openshift-bootstrap-update.j2 dest=/usr/bin/openshift-bootstrap-update mode=u+rx
- - name: Start bootstrap update timer
- systemd:
- name: "openshift-bootstrap-update.timer"
- state: started
- - name: Bootstrap all nodes that were identified with bootstrap metadata
- run_once: true
- oc_adm_csr:
- nodes: "{{ groups['all'] | map('extract', hostvars) | selectattr('gce_metadata.bootstrap', 'match', 'true') | map(attribute='gce_name') | list }}"
- timeout: 60
- when: groups['all'] | map('extract', hostvars) | selectattr('gce_metadata.bootstrap', 'match', 'true') | map(attribute='gce_name') | list | length > 0
|
