Merge pull request #61 from jwhonce/wip/kubeconfig

Update playbooks for latest origin code

17 files changed, 103 insertions, 55 deletions

diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 2223bb675..2e9de3abe 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 # tasks file for docker
 - name: Install docker
-  yum: pkg=docker
+  yum: pkg=docker-io
 
 - name: enable docker service
   command: /usr/bin/systemctl enable docker.service
diff --git a/roles/kubernetes_apiserver/tasks/main.yml b/roles/kubernetes_apiserver/tasks/main.yml
index 81fdbbb40..995c2702e 100644
--- a/roles/kubernetes_apiserver/tasks/main.yml
+++ b/roles/kubernetes_apiserver/tasks/main.yml
@@ -9,7 +9,7 @@
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
-    - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' }
+    - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_node_ips | join(",") }}\"' }
     - { regex: '^KUBE_API_ADDRESS=',  line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' }
   notify:
     - restart kubernetes-apiserver
diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml
index 216af5dc9..5c30dccab 100644
--- a/roles/openshift_master/handlers/main.yml
+++ b/roles/openshift_master/handlers/main.yml
@@ -1,4 +1,4 @@
 ---
 # handlers file for openshift_master
 - name: restart openshift-master
-  service: name=openshift state=restarted
+  service: name=openshift-master state=restarted
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 6826ef452..9f28a3469 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -1,20 +1,19 @@
 ---
 # tasks file for openshift_master
 - name: Install Origin
-  yum: pkg=origin state=installed
+  yum: pkg=openshift-master state=installed
 
-  # fixme: Once openshift stops resolving hostnames for minion queries remove this...
+  # fixme: Once openshift stops resolving hostnames for node queries remove this...
 - name: Set hostname to IP Addr (WORKAROUND)
   command: /usr/bin/hostname {{ oo_bind_ip }}
 
 - name: Configure OpenShift Master settings
   lineinfile:
-    dest: /etc/sysconfig/openshift
+    dest: /etc/sysconfig/openshift-master
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
-    - { regex: '^ROLE=', line: 'ROLE=\"master\"' }
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }}  --loglevel=5\"' }
+    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--public-master={{ oo_public_ip }} --nodes={{ oo_node_ips | join(",") }}  --loglevel=5\"' }
   notify:
     - restart openshift-master
 
@@ -31,4 +30,4 @@
   firewalld: port=8080/tcp permanent=true state=enabled
 
 - name: Enable OpenShift
-  service: name=openshift enabled=yes state=started
+  service: name=openshift-master enabled=yes state=started
diff --git a/roles/openshift_minion/defaults/main.yml b/roles/openshift_minion/defaults/main.yml
deleted file mode 100644
index dfcf3d98f..000000000
--- a/roles/openshift_minion/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# defaults file for openshift_minion
diff --git a/roles/openshift_minion/handlers/main.yml b/roles/openshift_minion/handlers/main.yml
deleted file mode 100644
index 2764456f4..000000000
--- a/roles/openshift_minion/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-# handlers file for openshift_minion
-- name: restart openshift-minion
-  service: name=openshift state=restarted
diff --git a/roles/openshift_minion/tasks/main.yml b/roles/openshift_minion/tasks/main.yml
deleted file mode 100644
index 3821277bc..000000000
--- a/roles/openshift_minion/tasks/main.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-# tasks file for openshift_minion
-- name: Install OpenShift
-  yum: pkg=origin state=installed
-
-  # fixme: Once openshift stops resolving hostnames for minion queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
-  command: /usr/bin/hostname {{ oo_bind_ip }}
-
-- name: Configure OpenShift Minion settings
-  lineinfile:
-    dest: /etc/sysconfig/openshift
-    regexp: "{{ item.regex }}"
-    line: "{{ item.line }}"
-  with_items:
-    - { regex: '^ROLE=', line: 'ROLE=\"node\"' }
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080  --loglevel=5\"' }
-  notify:
-    - restart openshift-minion
-
-- name: Open firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=false state=enabled
-
-- name: Save firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=true state=enabled
-
-- name: Enable OpenShift
-  service: name=openshift enabled=yes state=started
-
diff --git a/roles/openshift_minion/vars/main.yml b/roles/openshift_minion/vars/main.yml
deleted file mode 100644
index 715fba487..000000000
--- a/roles/openshift_minion/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# vars file for openshift_minion
diff --git a/roles/openshift_minion/README.md b/roles/openshift_node/README.md
index 225dd44b9..225dd44b9 100644
--- a/roles/openshift_minion/README.md
+++ b/roles/openshift_node/README.md
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
new file mode 100644
index 000000000..af92e96d7
--- /dev/null
+++ b/roles/openshift_node/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for openshift_node
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
new file mode 100644
index 000000000..afbb5a53f
--- /dev/null
+++ b/roles/openshift_node/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+# handlers file for openshift_node
+- name: restart openshift-node
+  service: name=openshift-node state=restarted
diff --git a/roles/openshift_minion/meta/main.yml b/roles/openshift_node/meta/main.yml
index c5c362c60..c5c362c60 100644
--- a/roles/openshift_minion/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
new file mode 100644
index 000000000..e0041a90c
--- /dev/null
+++ b/roles/openshift_node/tasks/main.yml
@@ -0,0 +1,43 @@
+---
+
+# tasks file for openshift_node
+- name: Install OpenShift
+  yum: pkg=openshift-node state=installed
+
+  # fixme: Once openshift stops resolving hostnames for node queries remove this...
+- name: Set hostname to IP Addr (WORKAROUND)
+  hostname: name={{ oo_bind_ip }}
+
+- local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
+  register: mktemp
+
+- name: Retrieve OpenShift Master credentials
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ oo_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ {{ mktemp.stdout }}
+  ignore_errors: yes
+
+- file: path=/var/lib/openshift/openshift.local.certificates/admin state=directory
+
+- name: Store OpenShift Master credentials
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' {{ mktemp.stdout }}/ root@{{ oo_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
+  ignore_errors: yes
+
+- name: Configure OpenShift Node settings
+  lineinfile:
+    dest: /etc/sysconfig/openshift-node
+    regexp: "{{ item.regex }}"
+    line: "{{ item.line }}"
+  with_items:
+    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080  --loglevel=5\"' }
+  notify:
+    - restart openshift-node
+
+- name: Open firewalld port for OpenShift
+  firewalld: port=10250/tcp permanent=false state=enabled
+
+- name: Save firewalld port for OpenShift
+  firewalld: port=10250/tcp permanent=true state=enabled
+
+- name: Enable OpenShift
+  service: name=openshift-node enabled=yes state=started
+
+- local_action: file name={{ mktemp.stdout }} state=absent
diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml
new file mode 100644
index 000000000..3184e8ac7
--- /dev/null
+++ b/roles/openshift_node/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for openshift_node
diff --git a/roles/repos/files/epel7-origin.repo b/roles/repos/files/epel7-openshift.repo
index c7629872d..c7629872d 100644
--- a/roles/repos/files/epel7-origin.repo
+++ b/roles/repos/files/epel7-openshift.repo
diff --git a/roles/repos/files/oso-rhui-rhel-7-server.repo b/roles/repos/files/oso-rhui-rhel-7-server.repo
index d32070634..fa182cb0a 100644
--- a/roles/repos/files/oso-rhui-rhel-7-server.repo
+++ b/roles/repos/files/oso-rhui-rhel-7-server.repo
@@ -1,13 +1,45 @@
-[oso-rhel-7-server]
-name=Red Hat Enterprise Linux 7 Server from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases
+[oso-rhui-rhel-server-releases]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
 enabled=1
 gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
 
-[oso-rhel-7-server-optional]
-name=Red Hat Enterprise Linux 7 Server - Optional from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases-optional
+[oso-rhui-rhel-server-releases-optional]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease - Optional
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
 enabled=1
 gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras-htb]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras HTB
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml
index 3b66bb392..cb4b5ad40 100644
--- a/roles/repos/tasks/main.yaml
+++ b/roles/repos/tasks/main.yaml
@@ -10,4 +10,7 @@
   copy: src=epel7-kubernetes.repo dest=/etc/yum.repos.d/epel7-kubernetes.repo
 
 - name: Ensure the origin repo is available
-  copy: src=epel7-origin.repo dest=/etc/yum.repos.d/epel7-origin.repo
+  copy: src=epel7-openshift.repo dest=/etc/yum.repos.d/epel7-openshift.repo
+
+- name: Ensure the rhel repo is available
+  copy: src=oso-rhui-rhel-7-server.repo dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo