summaryrefslogtreecommitdiffstats
path: root/playbooks/openshift-setup-security.yml
diff options
context:
space:
mode:
authorSuren A. Chilingaryan <csa@suren.me>2018-02-20 15:10:45 +0100
committerSuren A. Chilingaryan <csa@suren.me>2018-02-20 15:10:45 +0100
commite4751f88e52aa8e89e4c94bc6fe4c3346eccf6fe (patch)
tree3a8a420d8d26e616491f31b322a006dd2b3e0e1c /playbooks/openshift-setup-security.yml
parent96ced00e05b50f276841a9212ae89e018de4d92d (diff)
downloadands-e4751f88e52aa8e89e4c94bc6fe4c3346eccf6fe.tar.gz
ands-e4751f88e52aa8e89e4c94bc6fe4c3346eccf6fe.tar.bz2
ands-e4751f88e52aa8e89e4c94bc6fe4c3346eccf6fe.tar.xz
ands-e4751f88e52aa8e89e4c94bc6fe4c3346eccf6fe.zip
Handling GlusterFS storage security in OpenShift containers
Diffstat (limited to 'playbooks/openshift-setup-security.yml')
-rw-r--r--playbooks/openshift-setup-security.yml24
1 files changed, 24 insertions, 0 deletions
diff --git a/playbooks/openshift-setup-security.yml b/playbooks/openshift-setup-security.yml
new file mode 100644
index 0000000..6c85602
--- /dev/null
+++ b/playbooks/openshift-setup-security.yml
@@ -0,0 +1,24 @@
+- name: Configure users
+ hosts: masters
+ roles:
+ - { role: ands_facts }
+
+
+- name: Temporary provision /etc/hosts with Masters IP.
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" line="{{ ands_openshift_network | ipaddr(node_id) | ipaddr('address') }} {{ ands_openshift_lb }}" regexp=".*{{ ands_openshift_lb }}$" state="present"
+ when: (ands_provision_without_dns | default(false))
+ vars:
+ node_id: "{{ hostvars[groups['masters'][0]]['ands_host_id'] }}"
+
+- name: Configure security
+ hosts: masters
+ roles:
+ - { role: ands_openshift, subrole: security }
+
+- name: Remove temporary entries in /etc/hosts
+ hosts: nodes:!masters
+ tasks:
+ - lineinfile: dest="/etc/hosts" regexp=".*{{ ands_openshift_lb }}$" state="absent"
+ when: (ands_provision_without_dns | default(false))