From 75dcc04f40548aa93d175567de09f06f41f9c095 Mon Sep 17 00:00:00 2001
From: Andrew Butcher <abutcher@redhat.com>
Date: Fri, 10 Feb 2017 11:19:33 -0500
Subject: Ensure etcd client certs are regenerated with embedded etcd.

---
 .../common/openshift-cluster/redeploy-certificates/masters.yml    | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'playbooks')

diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
index f653a111f..c30889d64 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
@@ -36,6 +36,14 @@
     - "openshift-master.crt"
     - "openshift-master.key"
     - "openshift-master.kubeconfig"
+  - name: Remove generated etcd client certificates
+    file:
+      path: "{{ openshift.common.config_base }}/master/{{ item }}"
+      state: absent
+    with_items:
+    - "master.etcd-client.crt"
+    - "master.etcd-client.key"
+    when: groups.oo_etcd_to_config | default([]) | length == 0
   roles:
   - role: openshift_master_certificates
     openshift_master_etcd_hosts: "{{ hostvars
-- 
cgit v1.2.1