C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix contiv api certificate generation (#3531)

Browse source
This commit is contained in:
Erwan Miran 2018-10-17 00:34:33 +02:00 committed by k8s-ci-robot
parent 7bec169d58
commit 4d2b6b71f2
1 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
roles/network_plugin/contiv/tasks/main.yml
View file

@ -97,16 +97,25 @@
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true run_once: true
- name: Contiv | Generate contiv-api-proxy certificates - name: Contiv | Check for cert key existence
script: /var/contiv/generate-certificate.sh stat:
args: path: /var/contiv/auth_proxy_key.pem
creates: /var/contiv/auth_proxy_key.pem register: contiv_certificate_key_state
when: when:
- contiv_enable_api_proxy - contiv_enable_api_proxy
- contiv_generate_certificate - contiv_generate_certificate
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true run_once: true
- name: Contiv | Generate contiv-api-proxy certificates
command: /var/contiv/generate-certificate.sh
when:
- contiv_enable_api_proxy
- contiv_generate_certificate
- (not contiv_certificate_key_state.stat.exists)
delegate_to: "{{ groups['kube-master'][0] }}"
run_once: true
- name: Contiv | Fetch the generated certificate - name: Contiv | Fetch the generated certificate
fetch: fetch:
src: "/var/contiv/{{ item }}" src: "/var/contiv/{{ item }}"