diff options
author | Tim Bielawa <tbielawa@redhat.com> | 2016-10-07 09:55:13 -0700 |
---|---|---|
committer | Tim Bielawa <tbielawa@redhat.com> | 2016-10-20 07:49:40 -0700 |
commit | a22e8daf1f7c93469023239f442f19608ffbc970 (patch) | |
tree | 0fa7c6e91d471c0833d58ab95baa6dec7ee657f2 /roles/openshift_certificate_expiry/README.md | |
parent | 4273b21105dd11f52de354b4777d33e4296ba7e0 (diff) | |
download | openshift-a22e8daf1f7c93469023239f442f19608ffbc970.tar.gz openshift-a22e8daf1f7c93469023239f442f19608ffbc970.tar.bz2 openshift-a22e8daf1f7c93469023239f442f19608ffbc970.tar.xz openshift-a22e8daf1f7c93469023239f442f19608ffbc970.zip |
Refactor into a role
Diffstat (limited to 'roles/openshift_certificate_expiry/README.md')
-rw-r--r-- | roles/openshift_certificate_expiry/README.md | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/roles/openshift_certificate_expiry/README.md b/roles/openshift_certificate_expiry/README.md new file mode 100644 index 000000000..75970c7a0 --- /dev/null +++ b/roles/openshift_certificate_expiry/README.md @@ -0,0 +1,63 @@ +OpenShift Certificate Expiration Checker +======================================== + +OpenShift certificate expiration checking. Be warned of certificates +expiring within a configurable window of days, and notified of +certificates which have already expired. Certificates examined +include: + +* Master/Node Service Certificates +* Router/Registry Service Certificates from etcd secrets +* Master/Node/Router/Registry/Admin `kubeconfig`s +* Etcd certificates + + + +Requirements +------------ + +* None + + +Role Variables +-------------- + +From this role: + +| Name | Default value | Description | +|--------------------------|---------------|-------------------------------------------------------------------------------------| +| `config_base` | `/etc/origin` | Base openshift config directory | +| `warning_days` | `30` | Flag certificates which will expire in this many days from now | +| `show_all` | `False` | Include healthy (non-expired and non-warning) certificates in results | +| `generate_report` | `False` | Generate an HTML report of the expiry check results | +| `save_json_results` | `False` | Save expiry check results as a json file | +| `result_dir` | `/tmp` | Directory in which to put check results and generated reports | + + +Dependencies +------------ + +* None + +Example Playbook +---------------- + +``` +- name: Check cert expirys + hosts: all + become: yes + gather_facts: no + roles: + - role: openshift_certificate_expiry +``` + + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Tim Bielawa (tbielawa@redhat.com) |