diff options
| author | Kenny Woodson <kwoodson@redhat.com> | 2017-02-27 19:01:32 -0500 |
|---|---|---|
| committer | Kenny Woodson <kwoodson@redhat.com> | 2017-02-28 09:29:21 -0500 |
| commit | 74e890482f2be933634286f8b4cf488287cf6d39 (patch) | |
| tree | 26ace727f85fa25e6629f3cf10c4f2c1d05f80b4 /roles/openshift_hosted | |
| parent | e0090381732d43de74715b9d41480b3c43391783 (diff) | |
| download | openshift-74e890482f2be933634286f8b4cf488287cf6d39.tar.gz openshift-74e890482f2be933634286f8b4cf488287cf6d39.tar.bz2 openshift-74e890482f2be933634286f8b4cf488287cf6d39.tar.xz openshift-74e890482f2be933634286f8b4cf488287cf6d39.zip | |
Modified base debug statements. Fixed oc_secret debug/verbose flag. Added reencrypt for route.
Diffstat (limited to 'roles/openshift_hosted')
| -rw-r--r-- | roles/openshift_hosted/tasks/registry/registry.yml | 1 | ||||
| -rw-r--r-- | roles/openshift_hosted/tasks/registry/secure.yml | 24 | ||||
| -rw-r--r-- | roles/openshift_hosted/tasks/router/router.yml | 3 |
3 files changed, 8 insertions, 20 deletions
diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml index f9441dd57..5e9d5d06a 100644 --- a/roles/openshift_hosted/tasks/registry/registry.yml +++ b/roles/openshift_hosted/tasks/registry/registry.yml @@ -92,7 +92,6 @@ - name: Create OpenShift registry oc_adm_registry: -#debug: True name: "{{ openshift_hosted_registry_name }}" namespace: "{{ openshift_hosted_registry_namespace }}" selector: "{{ openshift_hosted_registry_selector }}" diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml index 244979f2e..4692892f8 100644 --- a/roles/openshift_hosted/tasks/registry/secure.yml +++ b/roles/openshift_hosted/tasks/registry/secure.yml @@ -4,17 +4,10 @@ docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}" run_once: true -#- name: Create passthrough route for docker-registry -# oc_route: -# name: docker-registry -# namespace: "{{ openshift_hosted_registry_namespace }}" -# service_name: docker-registry -# tls_termination: passthrough -# host: "{{ docker_registry_route_hostname }}" -# run_once: true - name: Get the certificate contents for registry - local_action: - module: slurp + copy: + backup: True + dest: "/etc/origin/master/named_certificates/{{ item | basename }}" src: "{{ item }}" register: openshift_hosted_registry_certificate_content with_items: @@ -23,8 +16,7 @@ - "{{ (openshift_hosted_registry_route_certificates | default({'cafile':none})).cafile }}" when: openshift_hosted_registry_route_certificates -- debug: var=openshift_hosted_registry_certificate_content - when: openshift_hosted_registry_route_certificates +- debug: var=openshift_hosted_registry_route_termination - name: Create passthrough route for docker-registry oc_route: @@ -34,10 +26,10 @@ host: "{{ docker_registry_route_hostname }}" tls_termination: "{{ openshift_hosted_registry_route_termination }}" host: "{{ openshift_hosted_registry_route_host | default(docker_registry_route_hostname) }}" - cert_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content,omit) }}" - key_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content, omit) }}" - cacert_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content, omit) }}" - dest_cacert_path: "{{ openshift_hosted_registry_certificate_content is defined | ternary('/etc/origin/master/ca.crt', omit) }}" + cert_path: "{{ ('certfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.certfile | basename), omit) }}" + key_path: "{{ ('keyfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.keyfile | basename), omit) }}" + cacert_path: "{{ ('cafile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.cafile | basename), omit) }}" + dest_cacert_path: "{{ (openshift_hosted_registry_route_termination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}" run_once: true - name: Retrieve registry service IP diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml index 607ace7f9..71ceff93a 100644 --- a/roles/openshift_hosted/tasks/router/router.yml +++ b/roles/openshift_hosted/tasks/router/router.yml @@ -71,9 +71,6 @@ - key: spec.strategy.rollingParams.updatePeriodSeconds value: 1 action: put - - key: spec.strategy.activeDeadlineSeconds - value: 21600 - action: put register: routerout # This should probably move to module |