diff options
Diffstat (limited to 'roles/openshift_certificate_expiry/README.md')
-rw-r--r-- | roles/openshift_certificate_expiry/README.md | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/roles/openshift_certificate_expiry/README.md b/roles/openshift_certificate_expiry/README.md new file mode 100644 index 000000000..75970c7a0 --- /dev/null +++ b/roles/openshift_certificate_expiry/README.md @@ -0,0 +1,63 @@ +OpenShift Certificate Expiration Checker +======================================== + +OpenShift certificate expiration checking. Be warned of certificates +expiring within a configurable window of days, and notified of +certificates which have already expired. Certificates examined +include: + +* Master/Node Service Certificates +* Router/Registry Service Certificates from etcd secrets +* Master/Node/Router/Registry/Admin `kubeconfig`s +* Etcd certificates + + + +Requirements +------------ + +* None + + +Role Variables +-------------- + +From this role: + +| Name | Default value | Description | +|--------------------------|---------------|-------------------------------------------------------------------------------------| +| `config_base` | `/etc/origin` | Base openshift config directory | +| `warning_days` | `30` | Flag certificates which will expire in this many days from now | +| `show_all` | `False` | Include healthy (non-expired and non-warning) certificates in results | +| `generate_report` | `False` | Generate an HTML report of the expiry check results | +| `save_json_results` | `False` | Save expiry check results as a json file | +| `result_dir` | `/tmp` | Directory in which to put check results and generated reports | + + +Dependencies +------------ + +* None + +Example Playbook +---------------- + +``` +- name: Check cert expirys + hosts: all + become: yes + gather_facts: no + roles: + - role: openshift_certificate_expiry +``` + + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Tim Bielawa (tbielawa@redhat.com) |