| | |
|---|
| | | "tag:env_type": "{{ env_type }}" |
|---|
| | | |
|---|
| | | - name: Run recover cluster actions |
|---|
| | | hosts: bastions |
|---|
| | | run_once: True |
|---|
| | | gather_facts: False |
|---|
| | | hosts: localhost |
|---|
| | | run_once: yes |
|---|
| | | become: no |
|---|
| | | tasks: |
|---|
| | | - name: Recover cluster if it missed cert rotation |
|---|
| | | delegate_to: "bastion.{{ guid }}{{ subdomain_base_suffix }}" |
|---|
| | | when: ACTION == 'start' |
|---|
| | | # environment: |
|---|
| | | # KUBECONFIG: "cluster-{{ guid }}/auth/kubeconfig" |
|---|
| | | block: |
|---|
| | | - name: Wait 5 minutes for Nodes to settle and pods to start |
|---|
| | | - name: Wait 150 seconds for Nodes to settle and pods to start |
|---|
| | | pause: |
|---|
| | | minutes: 5 |
|---|
| | | - name: Get Node Readiness status |
|---|
| | | shell: "oc get nodes|grep -v AGE|awk -c '{print $2}'" |
|---|
| | | register: r_nodestatus |
|---|
| | | - name: Approve CSRs if Nodes show NotReady |
|---|
| | | when: "'NotReady' in r_nodestatus.stdout_lines" |
|---|
| | | shell: "oc get csr -oname | xargs oc adm certificate approve" |
|---|
| | | seconds: 150 |
|---|
| | | # - name: Get Node Readiness status |
|---|
| | | # shell: "oc get nodes|grep -v AGE|awk -c '{print $2}'" |
|---|
| | | # register: r_nodestatus |
|---|
| | | - name: Approve all Pending CSRs |
|---|
| | | # when: "'NotReady' in r_nodestatus.stdout_lines" |
|---|
| | | shell: "oc get csr -oname | xargs oc adm certificate approve" |
|---|
| | | ignore_errors: yes |
|---|
