Skip to content

Commit

Permalink
Merge pull request #99 from scality/fix_redeployment
Browse files Browse the repository at this point in the history 
Fix redeployment
  • Loading branch information
@Zempashi
Zempashi committed Jul 4, 2018
2 parents a212257 + 2028eff commit ffcd502
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 46 deletions.
88 changes: 42 additions & 46 deletions roles/etcd_prometheus_exporter_cert/tasks/gen_cert.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,60 +15,56 @@
path: '{{ etcd_exporter_cert }}'
register: etcd_exporter_cert_file

- name: 'generate csr'
command: >-
openssl req -new
-subj '/CN=etcd-exporter'
-key {{ etcd_exporter_key }}
run_once: True
register: gen_etcd_exporter_csr
when: >-
gen_etcd_exporter_key is changed or not etcd_exporter_cert_file.stat.exists
- name: 'generate csr and cert'
block:
- name: 'generate csr'
command: >-
openssl req -new
-subj '/CN=etcd-exporter'
-key {{ etcd_exporter_key }}
register: gen_etcd_exporter_csr

- debug:
var: gen_etcd_exporter_csr
when: debug|bool
- debug:
var: gen_etcd_exporter_csr
when: debug|bool

- name: 'copy csr over a server capable of signing etcd cert'
copy:
dest: '/tmp/ansible.{{ lookup("password", "/dev/null chars=ascii_letters length=8") }}'
content: '{{ gen_etcd_exporter_csr.stdout }}'
run_once: True
delegate_to: '{{ groups.etcd|first }}'
register: csr_on_etcd_node
when: gen_etcd_exporter_csr is changed
- name: 'copy csr over a server capable of signing etcd cert'
copy:
dest: '/tmp/ansible.{{ lookup("password", "/dev/null chars=ascii_letters length=8") }}'
content: '{{ gen_etcd_exporter_csr.stdout }}'
delegate_to: '{{ groups.etcd|first }}'
register: csr_on_etcd_node

- debug:
var: csr_on_etcd_node
when: debug|bool
- debug:
var: csr_on_etcd_node
when: debug|bool

- name: 'generate certificate'
command: >-
openssl x509 -req -days 3650
-in {{ csr_on_etcd_node.dest }}
-CAkey {{ etcd_cert_dir }}/ca-key.pem
-CA {{ etcd_cert_dir }}/ca.pem
-CAcreateserial
run_once: True
delegate_to: '{{ groups.etcd|first }}'
when: gen_etcd_exporter_csr is changed
register: gen_etcd_exporter_cert
- name: 'generate certificate'
command: >-
openssl x509 -req -days 3650
-in {{ csr_on_etcd_node.dest }}
-CAkey {{ etcd_cert_dir }}/ca-key.pem
-CA {{ etcd_cert_dir }}/ca.pem
-CAcreateserial
delegate_to: '{{ groups.etcd|first }}'
register: gen_etcd_exporter_cert

- name: 'delete temporary file'
file:
name: '{{ csr_on_etcd_node.dest }}'
state: absent
- name: 'delete temporary file'
file:
name: '{{ csr_on_etcd_node.dest }}'
state: absent

- debug:
var: gen_etcd_exporter_cert
when: debug|bool
- debug:
var: gen_etcd_exporter_cert
when: debug|bool

- name: 'copy cert on master node'
copy:
dest: '{{ etcd_exporter_cert }}'
content: '{{ gen_etcd_exporter_cert.stdout }}'
- name: 'copy cert on master node'
copy:
dest: '{{ etcd_exporter_cert }}'
content: '{{ gen_etcd_exporter_cert.stdout }}'
run_once: True
when: gen_etcd_exporter_cert is changed
when: >-
gen_etcd_exporter_key is changed or not etcd_exporter_cert_file.stat.exists
- name: 'download cert from signing server '
slurp:
Expand Down
4 changes: 4 additions & 0 deletions tests/single-node/test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,10 @@ setup_suite() {
make_shell kubectl get nodes
}

test_deploy_again() {
assert make_shell ansible-playbook -i "$(pwd)/inventory" metal-k8s.yml --skip elasticsearch
}

test_reclaim_storage() {
echo "Listing all PVs before test (some should be available)"
make_shell kubectl get pv
Expand Down

0 comments on commit ffcd502

Please sign in to comment.