From 775128cc52d8295fe4cf08211ab53730d101692c Mon Sep 17 00:00:00 2001
From: Andrew Butcher <abutcher@redhat.com>
Date: Thu, 21 Sep 2017 15:18:08 -0400
Subject: Do a full stop/start when etcd certificates had expired.

---
 .../openshift-cluster/redeploy-certificates/check-expiry.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml

(limited to 'playbooks/common/openshift-cluster/redeploy-certificates')

diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml
new file mode 100644
index 000000000..4a9fbf7eb
--- /dev/null
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/check-expiry.yml
@@ -0,0 +1,12 @@
+---
+- name: Check cert expirys
+  hosts: "{{ g_check_expiry_hosts }}"
+  vars:
+    openshift_certificate_expiry_show_all: yes
+  roles:
+  # Sets 'check_results' per host which contains health status for
+  # etcd, master and node certificates.  We will use 'check_results'
+  # to determine if any certificates were expired prior to running
+  # this playbook. Service restarts will be skipped if any
+  # certificates were previously expired.
+  - role: openshift_certificate_expiry
-- 
cgit v1.2.3