B&R: Fix ssl server-cert for standby controller
Copy server-cert.pem from backup archive to shared filesystem so that mate controller can find it and allow unlock to proceed. Change-Id: I96c7dd11797fcd3a463db1c6a266c2860c35c5ab Closes-Bug: 1850714 Signed-off-by: Ovidiu Poncea <ovidiu.poncea@windriver.com>
This commit is contained in:
parent
6c3c78f23b
commit
2f7062ffa9
@ -149,6 +149,18 @@
|
||||
args:
|
||||
warn: false
|
||||
|
||||
- name: Check if {{ server_cert_pem }} exists
|
||||
stat: path="{{ server_cert_pem }}"
|
||||
register: server_cert_pem_stat
|
||||
|
||||
- name: Copy {{ server_cert_pem }} to shared filesystem for mate
|
||||
copy:
|
||||
src: "{{ server_cert_pem }}"
|
||||
dest: "{{ config_permdir }}"
|
||||
remote_src: yes
|
||||
mode: preserve
|
||||
when: server_cert_pem_stat.stat.exists
|
||||
|
||||
when: mode == 'restore'
|
||||
|
||||
- name: Copy certificate and keys to shared filesystem for mate
|
||||
|
@ -21,6 +21,7 @@ cert_cnf_file: /etc/ssl/private/registry-cert-extfile.cnf
|
||||
registry_cert_key: /etc/ssl/private/registry-cert.key
|
||||
registry_cert_crt: /etc/ssl/private/registry-cert.crt
|
||||
registry_cert_pkcs1_key: /etc/ssl/private/registry-cert-pkcs1.key
|
||||
server_cert_pem: /etc/ssl/private/server-cert.pem
|
||||
docker_cert_dir: /etc/docker/certs.d
|
||||
cgroup_root: /sys/fs/cgroup
|
||||
k8s_cgroup_name: k8s-infra
|
||||
|
Loading…
Reference in New Issue
Block a user