From 00b31b87f229426f59cf3c35f52fd5f209d09cd1 Mon Sep 17 00:00:00 2001
From: entlein <einentlein@gmail.com>
Date: Sun, 14 Aug 2022 20:50:02 +0200
Subject: [PATCH] yet another way of maybe making finally sure that each
 reboot/reload starts the CCM properly

---
 roles/rke2/tasks/fix_selinux.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/rke2/tasks/fix_selinux.yml b/roles/rke2/tasks/fix_selinux.yml
index c343e29..e422e80 100644
--- a/roles/rke2/tasks/fix_selinux.yml
+++ b/roles/rke2/tasks/fix_selinux.yml
@@ -6,16 +6,16 @@
 - name: Update CA trust
   shell: update-ca-trust
 
-#- name: kill the openstack ccm pods to make sure they boot in permissive mode
-#  shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml rollout restart -n kube-system ds openstack-cloud-controller-manager "
-#  register: openstack_ccm_ready
-#  when: ( 'master' in group_names and not upgrade)
-#  ignore_errors: True
+- name: kill the openstack ccm pods to make sure they boot in permissive mode
+  shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml rollout restart -n kube-system ds openstack-cloud-controller-manager "
+  register: openstack_ccm_restart
+  when: ( 'master' in group_names )
+  ignore_errors: True
 
 - name: Wait for openstack-cloud-controller deamon set to be ready
   shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml wait --namespace=kube-system --for=condition=Ready pods --selector app=openstack-cloud-controller-manager --timeout=60s"
   register: openstack_ccm_ready
-  #when: ('master' in group_names)
+  when: ('master' in group_names)
   ignore_errors: True
 
 
-- 
GitLab