summaryrefslogtreecommitdiffstats
path: root/playbooks/openshift-node/private/certificates-backup.yml
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/openshift-node/private/certificates-backup.yml')
-rw-r--r--playbooks/openshift-node/private/certificates-backup.yml24
1 files changed, 24 insertions, 0 deletions
diff --git a/playbooks/openshift-node/private/certificates-backup.yml b/playbooks/openshift-node/private/certificates-backup.yml
new file mode 100644
index 000000000..2ad84b3b9
--- /dev/null
+++ b/playbooks/openshift-node/private/certificates-backup.yml
@@ -0,0 +1,24 @@
+---
+- name: Ensure node directory is absent from generated configs
+ hosts: oo_first_master
+ tasks:
+ # The generated configs directory (/etc/origin/generated-configs) is
+ # backed up during redeployment of the control plane certificates.
+ # We need to ensure that the generated config directory for
+ # individual nodes has been deleted before continuing, so verify
+ # that it is missing here.
+ - name: Ensure node directories and tarballs are absent from generated configs
+ shell: >
+ rm -rf {{ openshift.common.config_base }}/generated-configs/node-*
+ args:
+ warn: no
+
+- name: Redeploy node certificates
+ hosts: oo_nodes_to_config
+ pre_tasks:
+ - name: Remove CA certificate
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - "{{ openshift.common.config_base }}/node/ca.crt"