diff options
| author | Andrew Butcher <abutcher@redhat.com> | 2016-09-26 10:36:02 -0400 |
|---|---|---|
| committer | Samuel Munilla <smunilla@redhat.com> | 2016-09-29 15:35:40 -0400 |
| commit | 6826f27769563d30194818a0f13b9da086ddf7ab (patch) | |
| tree | aadb0d4868d9f98e4d513e3b79b9636730083d2e /playbooks/common/openshift-node | |
| parent | 4b102facfb32e4de14147fcbbe97626c4e08e264 (diff) | |
| download | openshift-6826f27769563d30194818a0f13b9da086ddf7ab.tar.gz openshift-6826f27769563d30194818a0f13b9da086ddf7ab.tar.bz2 openshift-6826f27769563d30194818a0f13b9da086ddf7ab.tar.xz openshift-6826f27769563d30194818a0f13b9da086ddf7ab.zip | |
Further secure registry improvements
- Default to hosted_registry_insecure=False
- Add openshift ca to system ca-trust.
- Update ca trust in openshift_node_certificates rather than docker_ca_trust
Diffstat (limited to 'playbooks/common/openshift-node')
| -rw-r--r-- | playbooks/common/openshift-node/config.yml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index f718dbfbd..364a62dd0 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -60,12 +60,12 @@ when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and openshift_generate_no_proxy_hosts | default(True) | bool }}" roles: + - role: openshift_common - role: openshift_clock - role: openshift_docker - role: openshift_node_certificates openshift_ca_host: "{{ groups.oo_first_master.0 }}" - role: openshift_cloud_provider - - role: openshift_common - role: openshift_node_dnsmasq when: openshift.common.use_dnsmasq - role: os_firewall @@ -99,12 +99,12 @@ when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and openshift_generate_no_proxy_hosts | default(True) | bool }}" roles: + - role: openshift_common - role: openshift_clock - role: openshift_docker - role: openshift_node_certificates openshift_ca_host: "{{ groups.oo_first_master.0 }}" - role: openshift_cloud_provider - - role: openshift_common - role: openshift_node_dnsmasq when: openshift.common.use_dnsmasq - role: os_firewall |