add certificate authority file (#3433)
This commit is contained in:
parent
99c139dd5a
commit
9c83551a0e
3 changed files with 9 additions and 0 deletions
|
@ -52,6 +52,7 @@
|
||||||
ETCDCTL_API: 3
|
ETCDCTL_API: 3
|
||||||
ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
retries: 3
|
retries: 3
|
||||||
register: etcd_backup_v3_command
|
register: etcd_backup_v3_command
|
||||||
until: etcd_backup_v3_command.rc == 0
|
until: etcd_backup_v3_command.rc == 0
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- name: Configure | Check if etcd-events cluster is healthy
|
- name: Configure | Check if etcd-events cluster is healthy
|
||||||
shell: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_events_access_addresses }} cluster-health | grep -q 'cluster is healthy'"
|
shell: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_events_access_addresses }} cluster-health | grep -q 'cluster is healthy'"
|
||||||
|
@ -24,6 +25,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- include_tasks: refresh_config.yml
|
- include_tasks: refresh_config.yml
|
||||||
when: is_etcd_master
|
when: is_etcd_master
|
||||||
|
@ -75,6 +77,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- name: Configure | Check if etcd-events cluster is healthy
|
- name: Configure | Check if etcd-events cluster is healthy
|
||||||
shell: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_events_access_addresses }} cluster-health | grep -q 'cluster is healthy'"
|
shell: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_events_access_addresses }} cluster-health | grep -q 'cluster is healthy'"
|
||||||
|
@ -91,6 +94,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- name: Configure | Check if member is in etcd cluster
|
- name: Configure | Check if member is in etcd cluster
|
||||||
shell: "{{ bin_dir }}/etcdctl --no-sync --endpoints={{ etcd_access_addresses }} member list | grep -q {{ etcd_access_address }}"
|
shell: "{{ bin_dir }}/etcdctl --no-sync --endpoints={{ etcd_access_addresses }} member list | grep -q {{ etcd_access_address }}"
|
||||||
|
@ -104,6 +108,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- name: Configure | Check if member is in etcd-events cluster
|
- name: Configure | Check if member is in etcd-events cluster
|
||||||
shell: "{{ bin_dir }}/etcdctl --no-sync --endpoints={{ etcd_events_access_addresses }} member list | grep -q {{ etcd_access_address }}"
|
shell: "{{ bin_dir }}/etcdctl --no-sync --endpoints={{ etcd_events_access_addresses }} member list | grep -q {{ etcd_access_address }}"
|
||||||
|
@ -117,6 +122,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- name: Configure | Join member(s) to etcd cluster one at a time
|
- name: Configure | Join member(s) to etcd cluster one at a time
|
||||||
include_tasks: join_etcd_member.yml
|
include_tasks: join_etcd_member.yml
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
||||||
- include_tasks: refresh_config.yml
|
- include_tasks: refresh_config.yml
|
||||||
vars:
|
vars:
|
||||||
|
@ -34,3 +35,4 @@
|
||||||
environment:
|
environment:
|
||||||
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem"
|
||||||
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ inventory_hostname }}-key.pem"
|
||||||
|
ETCDCTL_CA_FILE: "{{ etcd_cert_dir }}/ca.pem"
|
||||||
|
|
Loading…
Reference in a new issue