| | |
| | | "tag:env_type": "{{ env_type }}" |
| | | |
| | | - name: Run recover cluster actions |
| | | hosts: bastions |
| | | run_once: True |
| | | gather_facts: False |
| | | hosts: localhost |
| | | run_once: yes |
| | | become: no |
| | | tasks: |
| | | - name: Recover cluster if it missed cert rotation |
| | | delegate_to: "bastion.{{ guid }}{{ subdomain_base_suffix }}" |
| | | when: ACTION == 'start' |
| | | # environment: |
| | | # KUBECONFIG: "cluster-{{ guid }}/auth/kubeconfig" |
| | | block: |
| | | - name: Wait 5 minutes for Nodes to settle and pods to start |
| | | - name: Wait 150 seconds for Nodes to settle and pods to start |
| | | pause: |
| | | minutes: 5 |
| | | - name: Get Node Readiness status |
| | | shell: "oc get nodes|grep -v AGE|awk -c '{print $2}'" |
| | | register: r_nodestatus |
| | | - name: Approve CSRs if Nodes show NotReady |
| | | when: "'NotReady' in r_nodestatus.stdout_lines" |
| | | shell: "oc get csr -oname | xargs oc adm certificate approve" |
| | | seconds: 150 |
| | | # - name: Get Node Readiness status |
| | | # shell: "oc get nodes|grep -v AGE|awk -c '{print $2}'" |
| | | # register: r_nodestatus |
| | | - name: Approve all Pending CSRs |
| | | # when: "'NotReady' in r_nodestatus.stdout_lines" |
| | | shell: "oc get csr -oname | xargs oc adm certificate approve" |
| | | ignore_errors: yes |