diff --git a/roles/etcd/tasks/gen_certs_script.yml b/roles/etcd/tasks/gen_certs_script.yml index 73d1ed768..d474def38 100644 --- a/roles/etcd/tasks/gen_certs_script.yml +++ b/roles/etcd/tasks/gen_certs_script.yml @@ -156,7 +156,7 @@ - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS) command: update-ca-certificates - when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"] + when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"] - name: Gen_certs | update ca-certificates (RedHat) command: update-ca-trust extract diff --git a/roles/kubernetes/secrets/tasks/gen_certs_script.yml b/roles/kubernetes/secrets/tasks/gen_certs_script.yml index 80f424576..fd6e485df 100644 --- a/roles/kubernetes/secrets/tasks/gen_certs_script.yml +++ b/roles/kubernetes/secrets/tasks/gen_certs_script.yml @@ -173,7 +173,7 @@ - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS) command: update-ca-certificates - when: kube_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"] + when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"] - name: Gen_certs | update ca-certificates (RedHat) command: update-ca-trust extract diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml index df5e6784b..52cb19370 100644 --- a/roles/reset/tasks/main.yml +++ b/roles/reset/tasks/main.yml @@ -92,4 +92,4 @@ networking {%- endif %} state: restarted - when: ansible_os_family != "CoreOS" + when: ansible_os_family not in ["CoreOS", "Container Linux by CoreOS"] diff --git a/roles/vault/tasks/bootstrap/ca_trust.yml b/roles/vault/tasks/bootstrap/ca_trust.yml index 2bcfcc2fa..57e25610b 100644 --- a/roles/vault/tasks/bootstrap/ca_trust.yml +++ b/roles/vault/tasks/bootstrap/ca_trust.yml @@ -13,7 +13,7 @@ /usr/local/share/ca-certificates/kube-cluster-ca.crt {%- elif ansible_os_family == "RedHat" -%} /etc/pki/ca-trust/source/anchors/kube-cluster-ca.crt - {%- elif ansible_os_family == "CoreOS" -%} + {%- elif ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] -%} /etc/ssl/certs/kube-cluster-ca.pem {%- endif %} @@ -25,7 +25,7 @@ - name: bootstrap/ca_trust | update ca-certificates (Debian/Ubuntu/CoreOS) command: update-ca-certificates - when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"] + when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"] - name: bootstrap/ca_trust | update ca-certificates (RedHat) command: update-ca-trust extract