Add vars and conditionals to control certs generation and installation

roles/opendistro/opendistro-elasticsearch/defaults/main.yml

@@ -66,3 +66,7 @@ elasticrepo:
 
 opendistro_admin_password: changeme
 opendistro_kibana_password: changeme
+
+# Deployment settings
+generate_certs: true
+perform_installation: true

roles/opendistro/opendistro-elasticsearch/tasks/main.yml

@@ -1,87 +1,94 @@
 ---
 
 - import_tasks: local_actions.yml
-
-- import_tasks: RedHat.yml
-  when: ansible_os_family == 'RedHat'
-
-- name: Install OpenDistro
-  package:
-    name: opendistroforelasticsearch-{{ opendistro_version }}
-    state: present
-  register: install
-  tags: install
-
-- name: Remove elasticsearch configuration file
-  file:
-    path: "{{ opendistro_conf_path }}/elasticsearch.yml"
-    state: absent
-  when: install.changed
-  tags: install
-
-- name: Copy Configuration File
-  blockinfile:
-    block: "{{ lookup('template', 'elasticsearch.yml.j2') }}"
-    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
-    create: true
-    group: elasticsearch
-    mode: 0640
-    marker: "## {mark} Opendistro general settings ##"
-  when: install.changed
-  tags: install
-
-- import_tasks: security_actions.yml
-
-- name: Configure OpenDistro Elasticsearch JVM memmory.
-  template:
-    src: "templates/jvm.options.j2"
-    dest: /etc/elasticsearch/jvm.options
-    owner: root
-    group: elasticsearch
-    mode: 0644
-    force: yes
-  notify: restart elasticsearch
-  tags: install
-
-- name: Ensure Elasticsearch started and enabled
-  service:
-    name: elasticsearch
-    enabled: true
-    state: started
-
-- name: Wait for Elasticsearch API
-  uri:
-    url: "https://{{ inventory_hostname }}:9200/_cluster/health/"
-    user: "admin" # Default OpenDistro user is always "admin"
-    password: "{{ opendistro_admin_password }}"
-    validate_certs: no
-    status_code: 200,401
-    return_content: yes
-    timeout: 4
-  register: _result
-  until: (  _result.json is defined) and (_result.json.status == "green")
-  retries: 24
-  delay: 5
-  tags: debug
   when:
-    - hostvars[inventory_hostname]['private_ip'] is not defined or hostvars[inventory_hostname]['private_ip'] == ""
+    - generate_certs == true
 
-- name: Wait for Elasticsearch API (Private IP)
+- block:
-  uri:
-    url: "https://{{ hostvars[inventory_hostname]['private_ip'] }}:9200/_cluster/health/"
-    user: "admin" # Default OpenDistro user is always "admin"
-    password: "{{ opendistro_admin_password }}"
-    validate_certs: no
-    status_code: 200,401
-    return_content: yes
-    timeout: 4
-  register: _result
-  until: (  _result.json is defined) and (_result.json.status == "green")
-  retries: 24
-  delay: 5
-  tags: debug
-  when:
-    - hostvars[inventory_hostname]['private_ip'] is defined and  hostvars[inventory_hostname]['private_ip'] != ""
 
-- import_tasks: "RMRedHat.yml"
+  - import_tasks: RedHat.yml
-  when: ansible_os_family == "RedHat"
+    when: ansible_os_family == 'RedHat'
+
+
+  - name: Install OpenDistro
+    package:
+      name: opendistroforelasticsearch-{{ opendistro_version }}
+      state: present
+    register: install
+    tags: install
+
+  - name: Remove elasticsearch configuration file
+    file:
+      path: "{{ opendistro_conf_path }}/elasticsearch.yml"
+      state: absent
+    when: install.changed
+    tags: install
+
+  - name: Copy Configuration File
+    blockinfile:
+      block: "{{ lookup('template', 'elasticsearch.yml.j2') }}"
+      dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
+      create: true
+      group: elasticsearch
+      mode: 0640
+      marker: "## {mark} Opendistro general settings ##"
+    when: install.changed
+    tags: install
+
+  - import_tasks: security_actions.yml
+
+  - name: Configure OpenDistro Elasticsearch JVM memmory.
+    template:
+      src: "templates/jvm.options.j2"
+      dest: /etc/elasticsearch/jvm.options
+      owner: root
+      group: elasticsearch
+      mode: 0644
+      force: yes
+    notify: restart elasticsearch
+    tags: install
+
+  - name: Ensure Elasticsearch started and enabled
+    service:
+      name: elasticsearch
+      enabled: true
+      state: started
+
+  - name: Wait for Elasticsearch API
+    uri:
+      url: "https://{{ inventory_hostname }}:9200/_cluster/health/"
+      user: "admin" # Default OpenDistro user is always "admin"
+      password: "{{ opendistro_admin_password }}"
+      validate_certs: no
+      status_code: 200,401
+      return_content: yes
+      timeout: 4
+    register: _result
+    until: (  _result.json is defined) and (_result.json.status == "green")
+    retries: 24
+    delay: 5
+    tags: debug
+    when:
+      - hostvars[inventory_hostname]['private_ip'] is not defined or hostvars[inventory_hostname]['private_ip'] == ""
+
+  - name: Wait for Elasticsearch API (Private IP)
+    uri:
+      url: "https://{{ hostvars[inventory_hostname]['private_ip'] }}:9200/_cluster/health/"
+      user: "admin" # Default OpenDistro user is always "admin"
+      password: "{{ opendistro_admin_password }}"
+      validate_certs: no
+      status_code: 200,401
+      return_content: yes
+      timeout: 4
+    register: _result
+    until: (  _result.json is defined) and (_result.json.status == "green")
+    retries: 24
+    delay: 5
+    tags: debug
+    when:
+      - hostvars[inventory_hostname]['private_ip'] is defined and  hostvars[inventory_hostname]['private_ip'] != ""
+
+  - import_tasks: "RMRedHat.yml"
+    when: ansible_os_family == "RedHat"
+
+  when: perform_installation == true