diff options
Diffstat (limited to 'playbooks')
11 files changed, 123 insertions, 30 deletions
| diff --git a/playbooks/byo/openshift-checks/README.md b/playbooks/byo/openshift-checks/README.md index f0f14b268..b26e7d7ed 100644 --- a/playbooks/byo/openshift-checks/README.md +++ b/playbooks/byo/openshift-checks/README.md @@ -7,15 +7,14 @@ Ansible's default operation mode is to fail fast, on the first error. However,  when performing checks, it is useful to gather as much information about  problems as possible in a single run. -Thus, the playbooks run a battery of checks against the inventory hosts and have -Ansible gather intermediate errors, giving a more complete diagnostic of the -state of each host. If any check failed, the playbook run will be marked as -failed. +Thus, the playbooks run a battery of checks against the inventory hosts and +gather intermediate errors, giving a more complete diagnostic of the state of +each host. If any check failed, the playbook run will be marked as failed.  To facilitate understanding the problems that were encountered, a custom  callback plugin summarizes execution errors at the end of a playbook run. -# Available playbooks +## Available playbooks  1. Pre-install playbook ([pre-install.yml](pre-install.yml)) - verifies system     requirements and look for common problems that can prevent a successful @@ -27,6 +26,10 @@ callback plugin summarizes execution errors at the end of a playbook run.  3. Certificate expiry playbooks ([certificate_expiry](certificate_expiry)) -     check that certificates in use are valid and not expiring soon. +4. Adhoc playbook ([adhoc.yml](adhoc.yml)) - use it to run adhoc checks or to +   list existing checks. +   See the [next section](#the-adhoc-playbook) for a usage example. +  ## Running  With a [recent installation of Ansible](../../../README.md#setup), run the playbook @@ -59,6 +62,41 @@ against your inventory file. Here is the step-by-step:      $ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/certificate_expiry/default.yaml -v      ``` +### The adhoc playbook + +The adhoc playbook gives flexibility to run any check or a custom group of +checks. What will be run is determined by the `openshift_checks` variable, +which, among other ways supported by Ansible, can be set on the command line +using the `-e` flag. + +For example, to run the `docker_storage` check: + +```console +$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=docker_storage +``` + +To run more checks, use a comma-separated list of check names: + +```console +$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=docker_storage,disk_availability +``` + +To run an entire class of checks, use the name of a check group tag, prefixed by `@`. This will run all checks tagged `preflight`: + +```console +$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml -e openshift_checks=@preflight +``` + +It is valid to specify multiple check tags and individual check names together +in a comma-separated list. + +To list all of the available checks and tags, run the adhoc playbook without +setting the `openshift_checks` variable: + +```console +$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/adhoc.yml +``` +  ## Running in a container  This repository is built into a Docker image including Ansible so that it can diff --git a/playbooks/byo/openshift-checks/adhoc.yml b/playbooks/byo/openshift-checks/adhoc.yml new file mode 100644 index 000000000..226bed732 --- /dev/null +++ b/playbooks/byo/openshift-checks/adhoc.yml @@ -0,0 +1,27 @@ +--- +# NOTE: ideally this would be just part of a single play in +# common/openshift-checks/adhoc.yml that lists the existing checks when +# openshift_checks is not set or run the requested checks. However, to actually +# run the checks we need to have the included dependencies to run first and that +# takes time. To speed up listing checks, we use this separate play that runs +# before the include of dependencies to save time and improve the UX. +- name: OpenShift health checks +  # NOTE: though the openshift_checks variable could be potentially defined on +  # individual hosts while not defined for localhost, we do not support that +  # usage. Running this play only in localhost speeds up execution. +  hosts: localhost +  connection: local +  roles: +  - openshift_health_checker +  vars: +  - r_openshift_health_checker_playbook_context: adhoc +  pre_tasks: +  - name: List known health checks +    action: openshift_health_check +    when: openshift_checks is undefined or not openshift_checks + +- include: ../openshift-cluster/initialize_groups.yml + +- include: ../../common/openshift-cluster/std_include.yml + +- include: ../../common/openshift-checks/adhoc.yml diff --git a/playbooks/byo/openshift-checks/health.yml b/playbooks/byo/openshift-checks/health.yml index dfc1a7db0..96a71e4dc 100644 --- a/playbooks/byo/openshift-checks/health.yml +++ b/playbooks/byo/openshift-checks/health.yml @@ -1,3 +1,6 @@  ---  - include: ../openshift-cluster/initialize_groups.yml + +- include: ../../common/openshift-cluster/std_include.yml +  - include: ../../common/openshift-checks/health.yml diff --git a/playbooks/byo/openshift-checks/pre-install.yml b/playbooks/byo/openshift-checks/pre-install.yml index 5e8c3ab9b..dd93df0bb 100644 --- a/playbooks/byo/openshift-checks/pre-install.yml +++ b/playbooks/byo/openshift-checks/pre-install.yml @@ -1,3 +1,6 @@  ---  - include: ../openshift-cluster/initialize_groups.yml + +- include: ../../common/openshift-cluster/std_include.yml +  - include: ../../common/openshift-checks/pre-install.yml diff --git a/playbooks/byo/openshift-cluster/openshift-provisioners.yml b/playbooks/byo/openshift-cluster/openshift-provisioners.yml new file mode 100644 index 000000000..8e80f158b --- /dev/null +++ b/playbooks/byo/openshift-cluster/openshift-provisioners.yml @@ -0,0 +1,6 @@ +--- +- include: initialize_groups.yml + +- include: ../../common/openshift-cluster/std_include.yml + +- include: ../../common/openshift-cluster/openshift_provisioners.yml diff --git a/playbooks/common/openshift-checks/adhoc.yml b/playbooks/common/openshift-checks/adhoc.yml new file mode 100644 index 000000000..dfcef8435 --- /dev/null +++ b/playbooks/common/openshift-checks/adhoc.yml @@ -0,0 +1,12 @@ +--- +- name: OpenShift health checks +  hosts: oo_all_hosts +  roles: +  - openshift_health_checker +  vars: +  - r_openshift_health_checker_playbook_context: adhoc +  post_tasks: +  - name: Run health checks +    action: openshift_health_check +    args: +      checks: '{{ openshift_checks | default([]) }}' diff --git a/playbooks/common/openshift-checks/health.yml b/playbooks/common/openshift-checks/health.yml index ff5b5af67..21ea785ef 100644 --- a/playbooks/common/openshift-checks/health.yml +++ b/playbooks/common/openshift-checks/health.yml @@ -1,10 +1,6 @@  --- -- include: ../openshift-cluster/std_include.yml -  tags: -  - always -  - name: Run OpenShift health checks -  hosts: OSEv3 +  hosts: oo_all_hosts    roles:    - openshift_health_checker    vars: diff --git a/playbooks/common/openshift-checks/pre-install.yml b/playbooks/common/openshift-checks/pre-install.yml index 861229f21..88e6f9120 100644 --- a/playbooks/common/openshift-checks/pre-install.yml +++ b/playbooks/common/openshift-checks/pre-install.yml @@ -1,10 +1,6 @@  --- -- include: ../openshift-cluster/std_include.yml -  tags: -  - always - -- hosts: OSEv3 -  name: run OpenShift pre-install checks +- name: run OpenShift pre-install checks +  hosts: oo_all_hosts    roles:    - openshift_health_checker    vars: diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml index 4bf5d33b1..65be436c6 100644 --- a/playbooks/common/openshift-cluster/initialize_facts.yml +++ b/playbooks/common/openshift-cluster/initialize_facts.yml @@ -108,6 +108,20 @@        when:        - l_any_system_container | bool +  - name: Default system_images_registry to a enterprise registry +    set_fact: +      system_images_registry: "registry.access.redhat.com" +    when: +    - system_images_registry is not defined +    - openshift_deployment_type == "openshift-enterprise" + +  - name: Default system_images_registry to community registry +    set_fact: +      system_images_registry: "docker.io" +    when: +    - system_images_registry is not defined +    - openshift_deployment_type == "origin" +    - name: Gather Cluster facts and set is_containerized if needed      openshift_facts:        role: common @@ -115,6 +129,7 @@          debug_level: "{{ openshift_debug_level | default(2) }}"          deployment_type: "{{ openshift_deployment_type }}"          deployment_subtype: "{{ openshift_deployment_subtype | default(None) }}" +        cli_image: "{{ osm_image | default(None) }}"          cluster_id: "{{ openshift_cluster_id | default('default') }}"          hostname: "{{ openshift_hostname | default(None) }}"          ip: "{{ openshift_ip | default(None) }}" @@ -124,7 +139,7 @@          is_master_system_container: "{{ l_is_master_system_container | default(false) }}"          is_etcd_system_container: "{{ l_is_etcd_system_container | default(false) }}"          etcd_runtime: "{{ l_etcd_runtime }}" -        system_images_registry: "{{ system_images_registry | default('') }}" +        system_images_registry: "{{ system_images_registry }}"          public_hostname: "{{ openshift_public_hostname | default(None) }}"          public_ip: "{{ openshift_public_ip | default(None) }}"          portal_net: "{{ openshift_portal_net | default(openshift_master_portal_net) | default(None) }}" diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_nodes_running.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_nodes_running.yml deleted file mode 100644 index 354af3cde..000000000 --- a/playbooks/common/openshift-cluster/upgrades/pre/verify_nodes_running.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Verify node processes -  hosts: oo_nodes_to_config -  roles: -  - openshift_facts -  - openshift_docker_facts -  tasks: -  - name: Ensure Node is running -    service: -      name: "{{ openshift.common.service_type }}-node" -      state: started -      enabled: yes -    when: openshift.common.is_containerized | bool diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml index 90e95422b..136ad5362 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml @@ -7,6 +7,16 @@    hosts: oo_first_master    roles:    - { role: lib_openshift } +    tasks:    - name: Check for invalid namespaces and SDN errors      oc_objectvalidator: + +  - name: Confirm OpenShift authorization objects are in sync +    command: > +      {{ openshift.common.client_binary }} adm migrate authorization +    changed_when: false +    register: l_oc_result +    until: l_oc_result.rc == 0 +    retries: 4 +    delay: 15 | 
