Add etcd key and cert environment variables for use with client auth

2026-02-28 01:29:42 +03:00 · 2017-11-07 09:06:16 -05:00
parent ad6fecefa8
commit e45b30d033
13 changed files with 39 additions and 0 deletions
--- a/roles/etcd/handlers/backup.yml
+++ b/roles/etcd/handlers/backup.yml
@@ -48,5 +48,7 @@
      snapshot save {{ etcd_backup_directory }}/snapshot.db
  environment:
    ETCDCTL_API: 3
+    ETCDCTL_CERT: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}.pem"
+    ETCDCTL_KEY: "{{ etcd_cert_dir }}/node-{{ inventory_hostname }}-key.pem"
  retries: 3
  delay: "{{ retry_stagger | random + 3 }}"
--- a/roles/etcd/handlers/main.yml
+++ b/roles/etcd/handlers/main.yml
@@ -22,6 +22,8 @@
  uri:
    url: "https://{% if is_etcd_master %}{{ etcd_address }}{% else %}127.0.0.1{% endif %}:2379/health"
    validate_certs: no
+    client_cert: "{{ etcd_cert_dir }}/member-{{ inventory_hostname }}.pem"
+    client_key: "{{ etcd_cert_dir }}/member-{{ inventory_hostname }}-key.pem"
  register: result
  until: result.status is defined and result.status == 200
  retries: 10