Initial migration of rabbitmq -> redis for k8s installs

2026-05-09 10:27:37 -02:30 · 2020-02-13 13:16:25 -05:00
parent e94bb44082
commit 45ce6d794e
14 changed files with 84 additions and 378 deletions
--- a/installer/roles/kubernetes/tasks/main.yml
+++ b/installer/roles/kubernetes/tasks/main.yml
@@ -194,10 +194,6 @@
      when: kubernetes_web_image is not defined
  when: docker_registry is defined

- name: Generate SSL certificates for RabbitMQ, if needed
-  include_tasks: ssl_cert_gen.yml
-  when: "rabbitmq_use_ssl|default(False)|bool"
-
 - name: Determine StatefulSet api version
  set_fact:
    kubernetes_statefulset_api_version: "{{ 'apps/v1' if kube_api_version is version('1.9', '>=') else 'apps/v1beta1' }}"
--- a/installer/roles/kubernetes/tasks/ssl_cert_gen.yml
+++ b/installer/roles/kubernetes/tasks/ssl_cert_gen.yml
@@ -1,60 +0,0 @@
---
-
- name: Create temporary directory
-  tempfile:
-    state: directory
-    prefix: "tower-install-rmq-certs"
-  register: rmq_cert_tempdir
-  notify: remove-rmq_cert_tempdir
-
- name: Generate CA private key
-  openssl_privatekey:
-    path: '{{ rmq_cert_tempdir.path }}/ca.key'
-    mode: "0600"
-
- name: Generate CA CSR
-  openssl_csr:
-    path: '{{ rmq_cert_tempdir.path }}/ca.csr'
-    privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
-    common_name: 'rabbitmq-ca'
-    basic_constraints: 'CA:TRUE'
-    mode: "0600"
-
- name: Generate CA certificate
-  openssl_certificate:
-    path: '{{ rmq_cert_tempdir.path }}/ca.crt'
-    csr_path: '{{ rmq_cert_tempdir.path }}/ca.csr'
-    privatekey_path: '{{ rmq_cert_tempdir.path }}/ca.key'
-    provider: selfsigned
-    selfsigned_not_after: "+36524d"
-    mode: "0600"
-
- name: Generate server private key
-  openssl_privatekey:
-    path: '{{ rmq_cert_tempdir.path }}/server.key'
-    mode: "0600"
-
- name: Generate server CSR
-  openssl_csr:
-    path: '{{ rmq_cert_tempdir.path }}/server.csr'
-    privatekey_path: '{{ rmq_cert_tempdir.path }}/server.key'
-    common_name: 'rabbitmq-server'
-    mode: "0600"
-
- name: Generate server certificate
-  openssl_certificate:
-    path: "{{ rmq_cert_tempdir.path }}/server.crt"
-    csr_path: "{{ rmq_cert_tempdir.path }}/server.csr"
-    privatekey_path: "{{ rmq_cert_tempdir.path }}/server.key"
-    provider: ownca
-    ownca_path: "{{ rmq_cert_tempdir.path }}/ca.crt"
-    ownca_privatekey_path: "{{ rmq_cert_tempdir.path }}/ca.key"
-    ownca_not_after: "+36500d"
-    mode: "0600"
-
- name: Create combined certificate
-  assemble:
-    src: "{{ rmq_cert_tempdir.path }}"
-    regexp: "server.crt|server.key"
-    dest: "{{ rmq_cert_tempdir.path }}/server-combined.pem"
-    mode: "0600"