diff options
| author | Andrew Butcher <abutcher@redhat.com> | 2016-07-25 12:04:25 -0400 |
|---|---|---|
| committer | Andrew Butcher <abutcher@redhat.com> | 2016-08-11 16:02:45 -0400 |
| commit | 3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53 (patch) | |
| tree | 8f8458d7e98c1c0e2bb40a3d7b5e665fe45756c2 /inventory | |
| parent | 522cccbc7fd119a182a44af8fb2c0959d919a093 (diff) | |
| download | openshift-3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53.tar.gz openshift-3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53.tar.bz2 openshift-3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53.tar.xz openshift-3bd5ae21adbc1d5b3e5063408e30bb5adb14ba53.zip | |
Support for redeploying certificates.
Diffstat (limited to 'inventory')
| -rw-r--r-- | inventory/byo/hosts.origin.example | 17 | ||||
| -rw-r--r-- | inventory/byo/hosts.ose.example | 16 |
2 files changed, 30 insertions, 3 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index fd6699ac1..8e7883f3b 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -343,7 +343,6 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_cluster_network_cidr=10.1.0.0/16 #openshift_portal_net=172.30.0.0/16 - # Configure number of bits to allocate to each host’s subnet e.g. 8 # would mean a /24 network on the host. #osm_host_subnet_length=8 @@ -355,7 +354,21 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # set RPM version for debugging purposes #openshift_pkg_version=-1.1 -# Configure custom named certificates +# Configure custom ca certificate +#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'} +# +# NOTE: CA certificate will not be replaced with existing clusters. +# This option may only be specified when creating a new cluster or +# when redeploying cluster certificates with the redeploy-certificates +# playbook. If replacing the CA certificate in an existing cluster +# with a custom ca certificate, the following variable must also be +# set. +#openshift_certificates_redeploy_ca=true + +# Configure custom named certificates (SNI certificates) +# +# https://docs.openshift.org/latest/install_config/certificate_customization.html +# # NOTE: openshift_master_named_certificates is cached on masters and is an # additive fact, meaning that each run with a different set of certificates # will add the newly provided certificates to the cached set of certificates. diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 323e385c0..7e3d68e92 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -349,7 +349,21 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # set RPM version for debugging purposes #openshift_pkg_version=-3.1.0.0 -# Configure custom named certificates +# Configure custom ca certificate +#openshift_master_ca_certificate={'certfile': '/path/to/ca.crt', 'keyfile': '/path/to/ca.key'} +# +# NOTE: CA certificate will not be replaced with existing clusters. +# This option may only be specified when creating a new cluster or +# when redeploying cluster certificates with the redeploy-certificates +# playbook. If replacing the CA certificate in an existing cluster +# with a custom ca certificate, the following variable must also be +# set. +#openshift_certificates_redeploy_ca=true + +# Configure custom named certificates (SNI certificates) +# +# https://docs.openshift.com/enterprise/latest/install_config/certificate_customization.html +# # NOTE: openshift_master_named_certificates is cached on masters and is an # additive fact, meaning that each run with a different set of certificates # will add the newly provided certificates to the cached set of certificates. |