Initial containerization work from @ibotty

copied from https://github.com/eparis/kubernetes-ansible/blob/17f98edd7ff53e649b43e26822b8fbc0be42b233/roles/common/tasks/main.yml

1 files changed, 4 insertions, 4 deletions

diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index 57f71887b..b54811414 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -17,19 +17,19 @@
       --signer-serial={{ openshift_master_ca_serial }}
       --user=system:node:{{ item.openshift.common.hostname }}
   args:
-    chdir: "{{ openshift_generated_configs_dir }}"
     creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}"
   with_items: nodes_needing_certs
 
 - name: Generate the node server certificate
   command: >
-    {{ openshift.common.admin_binary }} create-server-cert
-      --cert=server.crt --key=server.key --overwrite=true
+    {{ openshift.common.admin_binary }} ca create-server-cert
+      --cert={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt
+      --key={{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.key
+      --overwrite=true
       --hostnames={{ item.openshift.common.all_hostnames |join(",") }}
       --signer-cert={{ openshift_master_ca_cert }}
       --signer-key={{ openshift_master_ca_key }}
       --signer-serial={{ openshift_master_ca_serial }}
   args:
-    chdir: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}"
     creates: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}/server.crt"
   with_items: nodes_needing_certs