Fix deployment without openstack cacert (#7723)

* fix group name * fix external-openstack-cloud-config secret * don't add ca.cert in the secret if not defined
3 years ago · a31baf3c16
2 changed files with 5 additions and 3 deletions
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
@ -7,7 +7,7 @@
    src: "{{ external_openstack_cacert }}"
  register: external_openstack_cacert_b64
  when:
-    - inventory_hostname == groups['k8s_control_plane'][0]
+    - inventory_hostname == groups['kube_control_plane'][0]
    - external_openstack_cacert is defined
    - external_openstack_cacert | length > 0
  tags: external-openstack
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-config-secret.yml.j2
@ -7,5 +7,7 @@ metadata:
  name: external-openstack-cloud-config
  namespace: kube-system
 data:
-  cloud.conf: {{ external_openstack_cloud_config_secret.content }}
-  ca.cert: {{ external_openstack_cacert_b64.content | default("") }}
+  cloud.conf: {{ external_openstack_cloud_config_secret }}
+{% if external_openstack_cacert_b64.content is defined %}
+  ca.cert: {{ external_openstack_cacert_b64.content }}
+{% endif %}