CN added for all certs 64/1264/2
authorBalint Varga <balint.varga@nokia.com>
Fri, 26 Jul 2019 07:07:20 +0000 (09:07 +0200)
committerBalint Varga <balint.varga@nokia.com>
Fri, 26 Jul 2019 07:43:21 +0000 (09:43 +0200)
Signed-off-by: Balint Varga <balint.varga@nokia.com>
Change-Id: I0891e3ca9a9961d4a6455a6fb84c919cb92bdfcf

SPECS/instantiate.spec
ansible/roles/docker/meta/main.yml
ansible/roles/docker/tasks/configure_docker.yml
ansible/roles/docker/tasks/main.yml
ansible/roles/docker/templates/docker.service
ansible/roles/docker_image_load/defaults/main.yaml
ansible/roles/docker_image_push/defaults/main.yaml

index 5ab7542..7c46560 100644 (file)
@@ -15,7 +15,7 @@
 %define COMPONENT instantiate
 %define RPM_NAME caas-%{COMPONENT}
 %define RPM_MAJOR_VERSION 1.0.0
-%define RPM_MINOR_VERSION 9
+%define RPM_MINOR_VERSION 10
 
 Name:           %{RPM_NAME}
 Version:        %{RPM_MAJOR_VERSION}
index 79bd0dc..cf20f6a 100644 (file)
@@ -32,15 +32,10 @@ dependencies:
 
   - role: cert
     instance: "docker{{ nodeindex }}"
-    cert_path: /etc/docker
-    become: true
-    become_user: "root"
-
-  - role: cert
+    cert_path: "{{ caas.cert_directory }}"
     cert_name: "cert.pem"
     key_name: "key.pem"
-    instance: "docker"
-    cert_path: /etc/docker
+    common_name: "docker"
     alt_names:
       ip:
         - "{{ ansible_host }}"
@@ -48,8 +43,9 @@ dependencies:
     become_user: "root"
 
   - role: cert
-    instance: "client{{ nodeindex }}"
-    cert_path: /etc/docker
+    instance: "docker-client{{ nodeindex }}"
+    cert_path: "{{ caas.cert_path }}"
+    common_name: "docker-client"
     add_users:
       - kube
     become: true
index c911ebb..4f0b860 100644 (file)
@@ -48,4 +48,4 @@
   with_items:
     - "DOCKER_HOST=tcp://{{ networking.infra_internal.ip }}:2375"
     - "DOCKER_TLS_VERIFY=1"
-    - "DOCKER_CERT_PATH=/etc/docker"
+    - "DOCKER_CERT_PATH={{ caas.cert_directory }}"
index da98b49..725df82 100755 (executable)
@@ -42,5 +42,5 @@
   with_items:
     - "export DOCKER_HOST=tcp://{{ networking.infra_internal.ip }}:2375"
     - "export DOCKER_TLS_VERIFY='1'"
-    - "export DOCKER_CERT_PATH=/etc/docker"
+    - "export DOCKER_CERT_PATH={{ caas.cert_directory }}"
   become_user: "root"
index 2e20c3e..d7a0df4 100644 (file)
@@ -57,7 +57,7 @@ Restart=on-failure
 RestartSec=1s
 Environment=DOCKER_HOST=tcp://{{ hostname|lower }}:2375
 Environment=DOCKER_TLS_VERIFY=1
-Environment=DOCKER_CERT_PATH=/etc/docker
+Environment=DOCKER_CERT_PATH={{ caas.cert_directory }}
 
 [Install]
 WantedBy=multi-user.target
index 2c51cbc..e09e8da 100644 (file)
@@ -16,7 +16,7 @@
 docker_environment:
   DOCKER_HOST: "tcp://{{ networking.infra_internal.ip }}:2375"
   DOCKER_TLS_VERIFY: "1"
-  DOCKER_CERT_PATH: "/etc/docker"
+  DOCKER_CERT_PATH: "{{ caas.cert_directory }}"
 
 image_file_extension: .tar
 image_directory: "{{ caas.infra_containers_directory }}"
index d6fccf1..9a56557 100644 (file)
@@ -16,7 +16,7 @@
 docker_environment:
   DOCKER_HOST: "tcp://{{ networking.infra_internal.ip }}:2375"
   DOCKER_TLS_VERIFY: "1"
-  DOCKER_CERT_PATH: "/etc/docker"
+  DOCKER_CERT_PATH: "{{ caas.cert_directory }}"
 
 registry: "{{ caas.registry_url }}:{{ caas.registry_port }}"
 registry_repo: "{{ caas.registry_repo }}"