summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--roles/nuage_master/tasks/main.yaml9
-rw-r--r--roles/nuage_master/tasks/serviceaccount.yml14
2 files changed, 23 insertions, 0 deletions
diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml
index d211d30e8..fefd28bbd 100644
--- a/roles/nuage_master/tasks/main.yaml
+++ b/roles/nuage_master/tasks/main.yaml
@@ -22,6 +22,15 @@
- nuage.key
- nuage.kubeconfig
+- name: Copy the certificates and keys
+ become: yes
+ copy: src="/tmp/{{ item }}" dest="{{ cert_output_dir }}/{{ item }}"
+ with_items:
+ - ca.crt
+ - nuage.crt
+ - nuage.key
+ - nuage.kubeconfig
+
- include: certificates.yml
- name: Create nuage-openshift-monitor.yaml
diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml
index 16ea08244..eee448e2c 100644
--- a/roles/nuage_master/tasks/serviceaccount.yml
+++ b/roles/nuage_master/tasks/serviceaccount.yml
@@ -3,14 +3,20 @@
command: mktemp -u /tmp/openshift-ansible-XXXXXXX.kubeconfig
register: nuage_tmp_conf_mktemp
changed_when: False
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- set_fact:
nuage_tmp_conf: "{{ nuage_tmp_conf_mktemp.stdout }}"
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Copy Configuration to temporary conf
command: >
cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{nuage_tmp_conf}}
changed_when: false
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Create Admin Service Account
oc_serviceaccount:
@@ -18,6 +24,8 @@
name: nuage
namespace: default
state: present
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Configure role/user permissions
command: >
@@ -27,6 +35,8 @@
register: osnuage_perm_task
failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0"
changed_when: osnuage_perm_task.rc == 0
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Generate the node client config
command: >
@@ -40,8 +50,12 @@
--signer-serial={{ openshift_master_ca_serial }}
--basename='nuage'
--user={{ nuage_service_account }}
+ delegate_to: "{{ nuage_ca_master }}"
+ run_once: True
- name: Clean temporary configuration file
command: >
rm -f {{nuage_tmp_conf}}
changed_when: false
+ delegate_to: "{{ nuage_ca_master }}"
+ run_once: True