diff options
Diffstat (limited to 'playbooks/common')
14 files changed, 107 insertions, 143 deletions
| diff --git a/playbooks/common/openshift-cluster/additional_config.yml b/playbooks/common/openshift-cluster/additional_config.yml index c5a0f123c..5ed1d3b3c 100644 --- a/playbooks/common/openshift-cluster/additional_config.yml +++ b/playbooks/common/openshift-cluster/additional_config.yml @@ -27,10 +27,6 @@        (osm_use_cockpit | bool or osm_use_cockpit is undefined )    - role: flannel_register      when: openshift.common.use_flannel | bool -  - role: pods -    when: openshift.common.deployment_type == 'online' -  - role: os_env_extras -    when: openshift.common.deployment_type == 'online'  - name: Create persistent volumes and create hosted services    hosts: oo_first_master diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 99b36098a..903babc45 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,6 +1,8 @@  ---  - include: evaluate_groups.yml +- include: initialize_facts.yml +  - include: validate_hostnames.yml  - name: Set oo_options diff --git a/playbooks/common/openshift-cluster/enable_dnsmasq.yml b/playbooks/common/openshift-cluster/enable_dnsmasq.yml new file mode 100644 index 000000000..f2bcc872f --- /dev/null +++ b/playbooks/common/openshift-cluster/enable_dnsmasq.yml @@ -0,0 +1,66 @@ +--- +- include: evaluate_groups.yml + +- name: Load openshift_facts +  hosts: oo_masters_to_config:oo_nodes_to_config +  roles: +  - openshift_facts +  post_tasks: +  - fail: msg="This playbook requires a master version of at least Origin 1.1 or OSE 3.1" +    when: not openshift.common.version_gte_3_1_1_or_1_1_1 | bool +   +- name: Reconfigure masters to listen on our new dns_port +  hosts: oo_masters_to_config +  handlers: +  - include: ../../../roles/openshift_master/handlers/main.yml +  vars: +    os_firewall_allow: +    - service: skydns tcp +      port: "{{ openshift.master.dns_port }}/tcp" +    - service: skydns udp +      port: "{{ openshift.master.dns_port }}/udp" +  roles: +  - os_firewall +  tasks: +  - openshift_facts: +      role: "{{ item.role }}" +      local_facts: "{{ item.local_facts }}" +    with_items: +    - role: common +      local_facts: +        use_dnsmasq: True +    - role: master +      local_facts: +        dns_port: '8053' +  - modify_yaml: +      dest: "{{ openshift.common.config_base }}/master/master-config.yaml" +      yaml_key: dnsConfig.bindAddress +      yaml_value: "{{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}" +    notify: restart master +  - meta: flush_handlers + +- name: Configure nodes for dnsmasq +  hosts: oo_nodes_to_config +  handlers: +  - include: ../../../roles/openshift_node/handlers/main.yml +  pre_tasks: +  - openshift_facts: +      role: "{{ item.role }}" +      local_facts: "{{ item.local_facts }}" +    with_items: +    - role: common +      local_facts: +        use_dnsmasq: True +    - role: node +      local_facts: +        dns_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}" +  vars: +    openshift_deployment_type: "{{ deployment_type }}" +  roles: +    - openshift_node_dnsmasq +  post_tasks: +  - modify_yaml: +      dest: "{{ openshift.common.config_base }}/node/node-config.yaml" +      yaml_key: dnsIP +      yaml_value: "{{ openshift.node.dns_ip }}" +    notify: restart node diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 3fb42a7fa..c5273b08f 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -35,7 +35,7 @@        groups: oo_all_hosts        ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"        ansible_become: "{{ g_sudo | default(omit) }}" -    with_items: "{{ g_all_hosts | default([]) }}" +    with_items: g_all_hosts | default([])    - name: Evaluate oo_masters      add_host: diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml new file mode 100644 index 000000000..9a844e216 --- /dev/null +++ b/playbooks/common/openshift-cluster/initialize_facts.yml @@ -0,0 +1,7 @@ +--- +- name: Initialize host facts +  hosts: OSEv3 +  roles: +  - openshift_facts +  tasks: +  - openshift_facts: diff --git a/playbooks/common/openshift-cluster/library b/playbooks/common/openshift-cluster/library new file mode 120000 index 000000000..d0b7393d3 --- /dev/null +++ b/playbooks/common/openshift-cluster/library @@ -0,0 +1 @@ +../../../library/
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml index 6f0af31b8..1dd47dc15 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml @@ -2,10 +2,11 @@  ###############################################################################  # Evaluate host groups and gather facts  ############################################################################### -- name: Load openshift_facts +- name: Load openshift_facts and update repos    hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config:oo_lb_to_config    roles:    - openshift_facts +  - openshift_repos  - name: Evaluate additional groups for upgrade    hosts: localhost diff --git a/playbooks/common/openshift-cluster/validate_hostnames.yml b/playbooks/common/openshift-cluster/validate_hostnames.yml index 0f562e019..50e25984f 100644 --- a/playbooks/common/openshift-cluster/validate_hostnames.yml +++ b/playbooks/common/openshift-cluster/validate_hostnames.yml @@ -1,6 +1,4 @@  --- -- include: evaluate_groups.yml -  - name: Gather and set facts for node hosts    hosts: oo_nodes_to_config    roles: diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 01c092625..6cb3a954f 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -53,7 +53,7 @@          -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .      args:        creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" -    with_items: etcd_needing_server_certs +    with_items: "{{ etcd_needing_server_certs | default([]) }}"    - name: Retrieve the etcd cert tarballs      fetch:        src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -61,7 +61,7 @@        flat: yes        fail_on_missing: yes        validate_checksum: yes -    with_items: etcd_needing_server_certs +    with_items: "{{ etcd_needing_server_certs | default([]) }}"  # Configure a first etcd host to avoid conflicts in choosing a leader  # if other members come online too quickly. diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 060b5aa0d..1f5e3aaff 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -120,7 +120,7 @@          -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .      args:        creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" -    with_items: etcd_needing_client_certs +    with_items: "{{ etcd_needing_client_certs | default([]) }}"    - name: Retrieve the etcd cert tarballs      fetch:        src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -128,7 +128,7 @@        flat: yes        fail_on_missing: yes        validate_checksum: yes -    with_items: etcd_needing_client_certs +    with_items: "{{ etcd_needing_client_certs | default([]) }}"  - name: Copy the external etcd certs to the masters    hosts: oo_masters_to_config @@ -178,7 +178,7 @@    - name: Check status of master certificates      stat:        path: "{{ openshift.common.config_base }}/master/{{ item }}" -    with_items: openshift_master_certs +    with_items: "{{ openshift_master_certs }}"      register: g_master_cert_stat_result    - set_fact:        master_certs_missing: "{{ False in (g_master_cert_stat_result.results @@ -213,7 +213,7 @@        state: absent      when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config      with_nested: -    - masters_needing_certs +    - "{{ masters_needing_certs | default([]) }}"      - - master.etcd-client.crt        - master.etcd-client.key @@ -223,7 +223,7 @@          -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} .      args:        creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" -    with_items: masters_needing_certs +    with_items: "{{ masters_needing_certs | default([]) }}"    - name: Retrieve the master cert tarball from the master      fetch: @@ -232,7 +232,7 @@        flat: yes        fail_on_missing: yes        validate_checksum: yes -    with_items: masters_needing_certs +    with_items: "{{ masters_needing_certs | default([]) }}"  - name: Configure load balancers    hosts: oo_lb_to_config @@ -367,13 +367,6 @@      group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}      changed_when: False -# Additional instance config for online deployments -- name: Additional instance config -  hosts: oo_masters_deployment_type_online -  roles: -  - pods -  - os_env_extras -  - name: Delete temporary directory on localhost    hosts: localhost    connection: local diff --git a/playbooks/common/openshift-master/library b/playbooks/common/openshift-master/library new file mode 120000 index 000000000..d0b7393d3 --- /dev/null +++ b/playbooks/common/openshift-master/library @@ -0,0 +1 @@ +../../../library/
\ No newline at end of file diff --git a/playbooks/common/openshift-master/library/modify_yaml.py b/playbooks/common/openshift-master/library/modify_yaml.py deleted file mode 100755 index a4be10ca3..000000000 --- a/playbooks/common/openshift-master/library/modify_yaml.py +++ /dev/null @@ -1,95 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# vim: expandtab:tabstop=4:shiftwidth=4 - -''' modify_yaml ansible module ''' - -import yaml - -DOCUMENTATION = ''' ---- -module: modify_yaml -short_description: Modify yaml key value pairs -author: Andrew Butcher -requirements: [ ] -''' -EXAMPLES = ''' -- modify_yaml: -    dest: /etc/origin/master/master-config.yaml -    yaml_key: 'kubernetesMasterConfig.masterCount' -    yaml_value: 2 -''' - -def main(): -    ''' Modify key (supplied in jinja2 dot notation) in yaml file, setting -        the key to the desired value. -    ''' - -    # disabling pylint errors for global-variable-undefined and invalid-name -    # for 'global module' usage, since it is required to use ansible_facts -    # pylint: disable=global-variable-undefined, invalid-name, -    # redefined-outer-name -    global module - -    module = AnsibleModule( -        argument_spec=dict( -            dest=dict(required=True), -            yaml_key=dict(required=True), -            yaml_value=dict(required=True), -            backup=dict(required=False, default=True, type='bool'), -        ), -        supports_check_mode=True, -    ) - -    dest = module.params['dest'] -    yaml_key = module.params['yaml_key'] -    yaml_value = module.safe_eval(module.params['yaml_value']) -    backup = module.params['backup'] - -    # Represent null values as an empty string. -    # pylint: disable=missing-docstring, unused-argument -    def none_representer(dumper, data): -        return yaml.ScalarNode(tag=u'tag:yaml.org,2002:null', value=u'') -    yaml.add_representer(type(None), none_representer) - -    try: -        changes = [] - -        yaml_file = open(dest) -        yaml_data = yaml.safe_load(yaml_file.read()) -        yaml_file.close() - -        ptr = yaml_data -        for key in yaml_key.split('.'): -            if key not in ptr and key != yaml_key.split('.')[-1]: -                ptr[key] = {} -            elif key == yaml_key.split('.')[-1]: -                if (key in ptr and module.safe_eval(ptr[key]) != yaml_value) or (key not in ptr): -                    ptr[key] = yaml_value -                    changes.append((yaml_key, yaml_value)) -            else: -                ptr = ptr[key] - -        if len(changes) > 0: -            if backup: -                module.backup_local(dest) -            yaml_file = open(dest, 'w') -            yaml_string = yaml.dump(yaml_data, default_flow_style=False) -            yaml_string = yaml_string.replace('\'\'', '""') -            yaml_file.write(yaml_string) -            yaml_file.close() - -        return module.exit_json(changed=(len(changes) > 0), changes=changes) - -    # ignore broad-except error to avoid stack trace to ansible user -    # pylint: disable=broad-except -    except Exception, e: -        return module.fail_json(msg=str(e)) - -# ignore pylint errors related to the module_utils import -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import -# import module snippets -from ansible.module_utils.basic import * - -if __name__ == '__main__': -    main() diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 264935a63..b0407ef74 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -66,7 +66,7 @@          -C {{ item.config_dir }} .      args:        creates: "{{ item.config_dir }}.tgz" -    with_items: nodes_needing_certs +    with_items: "{{ nodes_needing_certs | default([]) }}"    - name: Retrieve the node config tarballs from the master      fetch: @@ -75,7 +75,7 @@        flat: yes        fail_on_missing: yes        validate_checksum: yes -    with_items: nodes_needing_certs +    with_items: "{{ nodes_needing_certs | default([]) }}"  - name: Deploy node certificates    hosts: oo_nodes_to_config @@ -118,7 +118,7 @@      # TODO: configure these based on      # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of      # hardcoding -    openshift_docker_hosted_registry_insecure: True +    openshift_docker_hosted_registry_insecure: "{{ openshift.docker.hosted_registry_insecure | default(True) }}"      openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"    roles:    - openshift_node @@ -131,7 +131,7 @@      # TODO: configure these based on      # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of      # hardcoding -    openshift_docker_hosted_registry_insecure: True +    openshift_docker_hosted_registry_insecure: "{{ openshift.docker.hosted_registry_insecure | default(True) }}"      openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"    roles:    - openshift_node @@ -148,15 +148,15 @@      register: g_external_etcd_flannel_cert_stat_result      when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool)    - set_fact: -      etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results +      etcd_client_flannel_certs_missing: "{{ False in g_external_etcd_flannel_cert_stat_result.results                                               | oo_collect(attribute='stat.exists') -                                             | list | intersect([false])}}" +                                             | list }}"        etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }}        etcd_cert_config_dir: "{{ openshift.common.config_base }}/node"        etcd_cert_prefix: node.etcd-        etcd_hostname: "{{ openshift.common.hostname }}"        etcd_ip: "{{ openshift.common.ip }}" -    when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) +    when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 and (openshift.common.use_flannel | bool)  - name: Configure flannel etcd certificates    hosts: oo_first_etcd @@ -166,9 +166,8 @@    pre_tasks:    - set_fact:        etcd_needing_client_certs: "{{ hostvars -                                   | oo_select_keys(groups['oo_nodes_to_config']) -                                   | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}" -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +                                     | oo_select_keys(groups['oo_nodes_to_config']) +                                     | oo_filter_list('etcd_client_flannel_certs_missing') | default([]) }}"    roles:    - role: openshift_etcd_certificates      when: openshift_use_flannel | default(false) | bool @@ -179,8 +178,7 @@          -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .      args:        creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" -    with_items: etcd_needing_client_certs -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +    with_items: etcd_needing_client_certs | default([])    - name: Retrieve the etcd cert tarballs      fetch:        src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -188,8 +186,7 @@        flat: yes        fail_on_missing: yes        validate_checksum: yes -    with_items: etcd_needing_client_certs -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +    with_items: etcd_needing_client_certs | default([])  - name: Copy the external etcd flannel certs to the nodes    hosts: oo_nodes_to_config @@ -200,12 +197,12 @@      file:        path: "{{ openshift.common.config_base }}/node"        state: directory -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +    when: etcd_client_flannel_certs_missing | default(false) | bool    - name: Unarchive the tarball on the master      unarchive:        src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz"        dest: "{{ etcd_cert_config_dir }}" -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +    when: etcd_client_flannel_certs_missing | default(false) | bool    - file:        path: "{{ etcd_cert_config_dir }}/{{ item }}"        owner: root @@ -215,7 +212,7 @@      - node.etcd-client.crt      - node.etcd-client.key      - node.etcd-ca.crt -    when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing +    when: etcd_client_flannel_certs_missing | default(false) | bool  - name: Additional node config @@ -245,14 +242,6 @@    - file: name={{ mktemp.stdout }} state=absent      changed_when: False -# Additional config for online type deployments -- name: Additional instance config -  hosts: oo_nodes_deployment_type_online -  gather_facts: no -  roles: -  - os_env_extras -  - os_env_extras_node -  - name: Set schedulability    hosts: oo_first_master    vars: diff --git a/playbooks/common/openshift-node/scaleup.yml b/playbooks/common/openshift-node/scaleup.yml index d36f7acea..1d79db353 100644 --- a/playbooks/common/openshift-node/scaleup.yml +++ b/playbooks/common/openshift-node/scaleup.yml @@ -1,6 +1,11 @@  ---  - include: ../openshift-cluster/evaluate_groups.yml +- name: Gather facts +  hosts: oo_etcd_to_config:oo_masters_to_config:oo_nodes_to_config +  roles: +  - openshift_facts +  - name: Configure docker hosts    hosts: oo_nodes_to_config    vars: | 
