|
Using /etc/ansible/ansible.cfg as config file |
|
|
|
PLAY [Check cert expirys] ****************************************************** |
|
|
|
TASK [openshift_certificate_expiry : Check cert expirys on host] *************** |
|
ok: [192.168.124.11] => { |
|
"changed": false, |
|
"check_results": { |
|
"etcd": [], |
|
"kubeconfigs": [ |
|
{ |
|
"cert_cn": "O:system:nodes, CN:system:node:n01.example.com", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:57", |
|
"health": "warning", |
|
"path": "/etc/origin/node/system:node:n01.example.com.kubeconfig" |
|
} |
|
], |
|
"meta": { |
|
"checked_at_time": "2016-10-10 14:10:54.472640", |
|
"show_all": "False", |
|
"warn_before_date": "2020-11-18 14:10:54.472640", |
|
"warning_days": 1500 |
|
}, |
|
"ocp_certs": [ |
|
{ |
|
"cert_cn": "CN:192.168.124.11, DNS:n01.example.com, DNS:192.168.124.11, IP Address:192.168.124.11", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:59", |
|
"health": "warning", |
|
"path": "/etc/origin/node/server.crt" |
|
} |
|
], |
|
"registry": [], |
|
"router": [] |
|
}, |
|
"rc": 0, |
|
"summary": { |
|
"etcd_certificates": 0, |
|
"expired": 0, |
|
"kubeconfig_certificates": 1, |
|
"ok": 1, |
|
"registry_certs": 0, |
|
"router_certs": 0, |
|
"system_certificates": 2, |
|
"total": 3, |
|
"warning": 2 |
|
} |
|
} |
|
|
|
MSG: |
|
|
|
Checked 3 total certificates. Expired/Warning/OK: 0/2/1. Warning window: 1500 days |
|
ok: [192.168.124.110] => { |
|
"changed": false, |
|
"check_results": { |
|
"etcd": [], |
|
"kubeconfigs": [ |
|
{ |
|
"cert_cn": "O:system:nodes, CN:system:node:n02.example.com", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:58", |
|
"health": "warning", |
|
"path": "/etc/origin/node/system:node:n02.example.com.kubeconfig" |
|
} |
|
], |
|
"meta": { |
|
"checked_at_time": "2016-10-10 14:11:00.085800", |
|
"show_all": "False", |
|
"warn_before_date": "2020-11-18 14:11:00.085800", |
|
"warning_days": 1500 |
|
}, |
|
"ocp_certs": [ |
|
{ |
|
"cert_cn": "CN:192.168.124.110, DNS:n02.example.com, DNS:192.168.124.110, IP Address:192.168.124.110", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:59", |
|
"health": "warning", |
|
"path": "/etc/origin/node/server.crt" |
|
} |
|
], |
|
"registry": [], |
|
"router": [] |
|
}, |
|
"rc": 0, |
|
"summary": { |
|
"etcd_certificates": 0, |
|
"expired": 0, |
|
"kubeconfig_certificates": 1, |
|
"ok": 1, |
|
"registry_certs": 0, |
|
"router_certs": 0, |
|
"system_certificates": 2, |
|
"total": 3, |
|
"warning": 2 |
|
} |
|
} |
|
|
|
MSG: |
|
|
|
Checked 3 total certificates. Expired/Warning/OK: 0/2/1. Warning window: 1500 days |
|
ok: [192.168.124.148] => { |
|
"changed": false, |
|
"check_results": { |
|
"etcd": [ |
|
{ |
|
"cert_cn": "CN:etcd-signer@1474563722", |
|
"days_remaining": 347, |
|
"expiry": "2017-09-22 17:02:25", |
|
"health": "warning", |
|
"path": "/etc/etcd/ca.crt" |
|
}, |
|
{ |
|
"cert_cn": "CN:m01.example.com, IP Address:192.168.124.148", |
|
"days_remaining": 347, |
|
"expiry": "2017-09-22 17:02:39", |
|
"health": "warning", |
|
"path": "/etc/etcd/server.crt" |
|
}, |
|
{ |
|
"cert_cn": "CN:m01.example.com, IP Address:192.168.124.148", |
|
"days_remaining": 347, |
|
"expiry": "2017-09-22 17:02:40", |
|
"health": "warning", |
|
"path": "/etc/etcd/peer.crt" |
|
} |
|
], |
|
"kubeconfigs": [ |
|
{ |
|
"cert_cn": "O:system:nodes, CN:system:node:m01.example.com", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:57", |
|
"health": "warning", |
|
"path": "/etc/origin/node/system:node:m01.example.com.kubeconfig" |
|
}, |
|
{ |
|
"cert_cn": "O:system:cluster-admins, CN:system:admin", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:04:40", |
|
"health": "warning", |
|
"path": "/etc/origin/master/admin.kubeconfig" |
|
}, |
|
{ |
|
"cert_cn": "O:system:masters, CN:system:openshift-master", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:04:39", |
|
"health": "warning", |
|
"path": "/etc/origin/master/openshift-master.kubeconfig" |
|
}, |
|
{ |
|
"cert_cn": "O:system:routers, CN:system:openshift-router", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:04:41", |
|
"health": "warning", |
|
"path": "/etc/origin/master/openshift-router.kubeconfig" |
|
}, |
|
{ |
|
"cert_cn": "O:system:registries, CN:system:openshift-registry", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:04:41", |
|
"health": "warning", |
|
"path": "/etc/origin/master/openshift-registry.kubeconfig" |
|
} |
|
], |
|
"meta": { |
|
"checked_at_time": "2016-10-10 14:11:00.382347", |
|
"show_all": "False", |
|
"warn_before_date": "2020-11-18 14:11:00.382347", |
|
"warning_days": 1500 |
|
}, |
|
"ocp_certs": [ |
|
{ |
|
"cert_cn": "CN:172.30.0.1, DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster.local, DNS:m01.example.com, DNS:openshift, DNS:openshift.default, DNS:openshift.default.svc, DNS:openshift.default.svc.cluster.local, DNS:172.30.0.1, DNS:192.168.124.148, IP Address:172.30.0.1, IP Address:192.168.124.148", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:04:39", |
|
"health": "warning", |
|
"path": "/etc/origin/master/master.server.crt" |
|
}, |
|
{ |
|
"cert_cn": "CN:172.30.0.1, DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster.local, DNS:m01.example.com, DNS:openshift, DNS:openshift.default, DNS:openshift.default.svc, DNS:openshift.default.svc.cluster.local, DNS:172.30.0.1, DNS:192.168.124.148, IP Address:172.30.0.1, IP Address:192.168.124.148", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:08:59", |
|
"health": "warning", |
|
"path": "/etc/origin/node/server.crt" |
|
} |
|
], |
|
"registry": [ |
|
{ |
|
"cert_cn": "CN:172.30.101.81, DNS:docker-registry-default.router.default.svc.cluster.local, DNS:docker-registry.default.svc.cluster.local, DNS:172.30.101.81, IP Address:172.30.101.81", |
|
"days_remaining": 725, |
|
"expiry": "2018-10-05 18:54:29", |
|
"health": "warning", |
|
"path": "/api/v1/namespaces/default/secrets/registry-certificates" |
|
} |
|
], |
|
"router": [ |
|
{ |
|
"cert_cn": "CN:router.default.svc, DNS:router.default.svc, DNS:router.default.svc.cluster.local", |
|
"days_remaining": 712, |
|
"expiry": "2018-09-22 17:48:23", |
|
"health": "warning", |
|
"path": "/api/v1/namespaces/default/secrets/router-certs" |
|
} |
|
] |
|
}, |
|
"rc": 0, |
|
"summary": { |
|
"etcd_certificates": 3, |
|
"expired": 0, |
|
"kubeconfig_certificates": 5, |
|
"ok": 2, |
|
"registry_certs": 1, |
|
"router_certs": 1, |
|
"system_certificates": 4, |
|
"total": 14, |
|
"warning": 12 |
|
} |
|
} |
|
|
|
MSG: |
|
|
|
Checked 14 total certificates. Expired/Warning/OK: 0/12/2. Warning window: 1500 days |
|
|
|
TASK [openshift_certificate_expiry : Generate expiration report HTML] ********** |
|
skipping: [192.168.124.148] => { |
|
"changed": false, |
|
"skip_reason": "Conditional check failed", |
|
"skipped": true |
|
} |
|
|
|
TASK [openshift_certificate_expiry : Generate expiration results JSON] ********* |
|
changed: [192.168.124.148 -> localhost] => { |
|
"changed": true, |
|
"checksum": "7d8c377c0d61e0e749cea8dcbe8d76a3e9b41288", |
|
"dest": "/tmp/cert-expiry-report.json", |
|
"gid": 1000, |
|
"group": "tbielawa", |
|
"md5sum": "dcc1af0b147b0191e8836fdbadffb224", |
|
"mode": "0664", |
|
"owner": "tbielawa", |
|
"secontext": "unconfined_u:object_r:user_tmp_t:s0", |
|
"size": 6970, |
|
"src": "/home/tbielawa/.ansible/tmp/ansible-tmp-1476123060.91-21395945722414/source", |
|
"state": "file", |
|
"uid": 1000 |
|
} |
|
|
|
PLAY RECAP ********************************************************************* |
|
192.168.124.11 : ok=1 changed=0 unreachable=0 failed=0 |
|
192.168.124.110 : ok=1 changed=0 unreachable=0 failed=0 |
|
192.168.124.148 : ok=2 changed=1 unreachable=0 failed=0 |
|
|
|
Playbook run took 0 days, 0 hours, 0 minutes, 8 seconds |