playbooks/common/openshift-cluster/redeploy-certificates/nodes.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

---
- name: Ensure node directory is absent from generated configs
  hosts: oo_first_master
  tasks:
  # The generated configs directory (/etc/origin/generated-configs) is
  # backed up during redeployment of the control plane certificates.
  # We need to ensure that the generated config directory for
  # individual nodes has been deleted before continuing, so verify
  # that it is missing here.
  - name: Ensure node directories and tarballs are absent from generated configs
    shell: >
      rm -rf {{ openshift.common.config_base }}/generated-configs/node-*
    args:
      warn: no

- name: Redeploy node certificates
  hosts: oo_nodes_to_config
  pre_tasks:
  - name: Remove CA certificate
    file:
      path: "{{ item }}"
      state: absent
    with_items:
    - "{{ openshift.common.config_base }}/node/ca.crt"
  roles:
  - role: openshift_node_certificates
    openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
    openshift_ca_host: "{{ groups.oo_first_master.0 }}"
    openshift_certificates_redeploy: true