From afdf701f9ecdb46fe513f003d03d67cf484253d3 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Fri, 30 Jun 2017 14:40:56 -0500 Subject: Using ca-bundle.crt to connect to local etcd if master.etcd-ca.crt DNE --- roles/openshift_service_catalog/tasks/install.yml | 7 +++++++ roles/openshift_service_catalog/templates/api_server.j2 | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'roles/openshift_service_catalog') diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml index 5da87649c..6e8301ffe 100644 --- a/roles/openshift_service_catalog/tasks/install.yml +++ b/roles/openshift_service_catalog/tasks/install.yml @@ -86,6 +86,12 @@ resource_name: admin user: "system:serviceaccount:kube-service-catalog:default" +- name: Checking for master.etcd-ca.crt + stat: + path: /etc/origin/master/master.etcd-ca.crt + register: etcd_ca_crt + check_mode: no + ## api server - template: src: api_server.j2 @@ -99,6 +105,7 @@ memory_request: none cors_allowed_origin: localhost etcd_servers: "{{ openshift.master.etcd_urls | join(',') }}" + etcd_cafile: "{{ '/etc/origin/master/master.etcd-ca.crt' if etcd_ca_crt.stat.exists else '/etc/origin/master/ca-bundle.crt' }}" node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}" - name: Set Service Catalog API Server daemonset diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2 index 0ae2b7712..c09834fd4 100644 --- a/roles/openshift_service_catalog/templates/api_server.j2 +++ b/roles/openshift_service_catalog/templates/api_server.j2 @@ -31,7 +31,7 @@ spec: - --etcd-servers - {{ etcd_servers }} - --etcd-cafile - - /etc/origin/master/master.etcd-ca.crt + - {{ etcd_cafile }} - --etcd-certfile - /etc/origin/master/master.etcd-client.crt - --etcd-keyfile -- cgit v1.2.1