WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-28 20:42:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
3782dad657e4e3f6a0263de4d8fec00a0669de4a
fedora-infra_ansible/roles/openshift_master_certificates/tasks/main.yml

49 lines
1.5 KiB
YAML
Raw Blame History

---
- name: Ensure the generated_configs directory present
file:
path: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}"
state: directory
mode: 0700
with_items: masters_needing_certs
- file:
src: "{{ openshift_master_config_dir }}/{{ item.1 }}"
dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}"
state: hard
with_nested:
- masters_needing_certs
- - ca.crt
- ca.key
- ca.serial.txt
- admin.crt
- admin.key
- admin.kubeconfig
- master.kubelet-client.crt
- master.kubelet-client.key
- openshift-master.crt
- openshift-master.key
- openshift-master.kubeconfig
- openshift-registry.crt
- openshift-registry.key
- openshift-registry.kubeconfig
- openshift-router.crt
- openshift-router.key
- openshift-router.kubeconfig
- serviceaccounts.private.key
- serviceaccounts.public.key
- name: Create the master certificates if they do not already exist
command: >
{{ openshift.common.admin_binary }} create-master-certs
--hostnames={{ item.openshift.common.all_hostnames | join(',') }}
--master={{ item.openshift.master.api_url }}
--public-master={{ item.openshift.master.public_api_url }}
--cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}
--overwrite=false
args:
creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt"
with_items: masters_needing_certs
Reference in New Issue View Git Blame Copy Permalink