diff options
Diffstat (limited to 'roles')
40 files changed, 314 insertions, 150 deletions
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 2d207a1a9..878d5fea8 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -7,25 +7,35 @@ register: docker_version_result changed_when: false +- stat: path=/etc/sysconfig/docker-storage + register: docker_storage_check + +- name: Remove deferred deletion for downgrades from 1.9 + command: > + sed -i 's/--storage-opt dm.use_deferred_deletion=true//' /etc/sysconfig/docker-storage + when: docker_storage_check.stat.exists | bool and not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare('1.9', '>=') and docker_version | version_compare('1.9', '<') + - name: Downgrade docker if necessary command: "{{ ansible_pkg_mgr }} downgrade -y docker-{{ docker_version }}" register: docker_downgrade_result when: not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare(docker_version, 'gt') - name: Install docker - action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version != '' else '' }} state=present" - when: not openshift.common.is_atomic | bool and not docker_downgrade_result | changed + action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version is defined and docker_version != '' else '' }} state=present" + when: not openshift.common.is_atomic | bool and not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare(docker_version, 'lt') -- stat: path=/etc/sysconfig/docker - register: docker_check - when: docker_downgrade_result | changed +# If docker were enabled and started before we downgraded it may have entered a +# failed state. Check for that and clear it if necessary. +- name: Check that docker hasn't entered failed state + command: systemctl show docker + register: docker_state + changed_when: False -- name: Remove deferred deletion for downgrades from 1.9 - command: > - sed -i 's/--storage-opt dm.use_deferred_deletion=true//' /etc/sysconfig/docker-storage - when: docker_downgrade_result | changed and docker_check.stat.exists | bool and docker_version_result.stdout | default('0.0', True) | version_compare('1.9', '>=') and docker_version | version_compare('1.9', '<') +- name: Reset docker service state + command: systemctl reset-failed docker.service + when: " 'ActiveState=failed' in docker_state.stdout " -- name: enable and start the docker service +- name: Start the docker service service: name: docker enabled: yes diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml index a71b36237..36906b347 100644 --- a/roles/etcd/meta/main.yml +++ b/roles/etcd/meta/main.yml @@ -16,5 +16,6 @@ galaxy_info: - cloud - system dependencies: +- { role: openshift_docker } - { role: os_firewall } - { role: etcd_common } diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service index b8dbefa64..cf957ede8 100644 --- a/roles/etcd/templates/etcd.docker.service +++ b/roles/etcd/templates/etcd.docker.service @@ -11,6 +11,7 @@ ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/v ExecStop=/usr/bin/docker stop {{ etcd_service }} SyslogIdentifier=etcd_container Restart=always +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_cli/defaults/main.yml b/roles/openshift_cli/defaults/main.yml index 4d0c87497..7baa87ab8 100644 --- a/roles/openshift_cli/defaults/main.yml +++ b/roles/openshift_cli/defaults/main.yml @@ -1,2 +1,2 @@ --- -openshift_version: "{{ openshift_image_tag | default(openshift.common.image_tag) | default('') }}" +openshift_version: "{{ openshift_image_tag | default(openshift.docker.openshift_image_tag | default('')) }}" diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml index 471fd686b..d7442924f 100644 --- a/roles/openshift_cloud_provider/tasks/main.yml +++ b/roles/openshift_cloud_provider/tasks/main.yml @@ -2,14 +2,12 @@ - name: Set cloud provider facts openshift_facts: role: cloudprovider - openshift_env: "{{ item | oo_openshift_env }}" + openshift_env: "{{ hostvars[inventory_hostname] + | oo_merge_dicts(hostvars) + | oo_openshift_env }}" openshift_env_structures: - 'openshift.cloudprovider.aws.*' - 'openshift.cloudprovider.openstack.*' - no_log: true - with_items: - - "{{ hostvars[inventory_hostname] }}" - - "{{ hostvars }}" - name: Create cloudprovider config dir file: diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index b6074ff64..eda43b9f8 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -33,15 +33,11 @@ # versions or image tags. openshift_common's usage requires that it be a RPM # version and openshift_cli expects it to be an image tag. - name: Install the base package for versioning - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_version | default('') | oo_image_tag_to_rpm_version }} state=present" + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" when: not openshift.common.is_containerized | bool -# This invocation also updates the version facts which are necessary -# for setting the hostname below. -- name: openshift_facts +- name: Set version facts openshift_facts: - role: hosted - openshift_env: "{{ hostvars[inventory_hostname] | oo_openshift_env }}" # For enterprise versions < 3.1 and origin versions < 1.1 we want to set the # hostname by default. diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml new file mode 100644 index 000000000..23613b762 --- /dev/null +++ b/roles/openshift_docker/tasks/main.yml @@ -0,0 +1,28 @@ +--- +# It's important that we don't explicitly pull this image here. Otherwise we +# could result in upgrading a preinstalled environment. We'll have to set +# openshift_image_tag correctly for upgrades. +- name: Set version when containerized + command: > + docker run --rm {{ openshift.common.cli_image }}:latest version + register: cli_image_version + when: openshift.common.is_containerized is defined and openshift.common.is_containerized | bool and openshift_image_tag is not defined + +- set_fact: + l_image_tag: "{{ cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0] }}" + when: openshift.common.is_containerized is defined and openshift.common.is_containerized | bool and openshift_image_tag is not defined + +- set_fact: + l_image_tag: "{{ openshift_image_tag }}" + when: openshift.common.is_containerized is defined and openshift.common.is_containerized | bool and openshift_image_tag is defined + +- name: Set post docker install facts + openshift_facts: + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: docker + local_facts: + openshift_image_tag: "{{ l_image_tag }}" + openshift_version: "{{ l_image_tag if l_image_tag is defined else '' | oo_image_tag_to_rpm_version }}" + when: openshift.common.is_containerized is defined and openshift.common.is_containerized | bool diff --git a/roles/openshift_docker_facts/defaults/main.yml b/roles/openshift_docker_facts/defaults/main.yml new file mode 100644 index 000000000..7baa87ab8 --- /dev/null +++ b/roles/openshift_docker_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +openshift_version: "{{ openshift_image_tag | default(openshift.docker.openshift_image_tag | default('')) }}" diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml index eb762e33f..89393168b 100644 --- a/roles/openshift_docker_facts/tasks/main.yml +++ b/roles/openshift_docker_facts/tasks/main.yml @@ -46,10 +46,24 @@ register: common_version failed_when: false changed_when: false - when: not openshift.common.is_atomic | bool + when: not openshift.common.is_containerized | bool + +- set_fact: + l_common_version: "{{ openshift_version | default('0.0', True) | oo_image_tag_to_rpm_version }}" + when: openshift.common.is_containerized | bool + +- set_fact: + l_common_version: "{{ common_version.stdout | default('0.0', True) }}" + when: not openshift.common.is_containerized | bool - name: Set docker version to be installed set_fact: docker_version: "{{ '1.8.2' }}" - when: " ( common_version.stdout | default('0.0', True) | version_compare('3.2','<') and openshift.common.service_type == 'atomic-openshift' ) or - ( common_version.stdout | default('0.0', True) | version_compare('1.1.4','<') and openshift.common.service_type == 'origin' )" + when: " ( l_common_version | version_compare('3.2','<') and openshift.common.service_type in ['openshift', 'atomic-openshift'] ) or + ( l_common_version | version_compare('1.1.4','<') and openshift.common.service_type == 'origin' )" + +- name: Set docker version to be installed + set_fact: + docker_version: "{{ '1.9.1' }}" + when: " ( l_common_version | version_compare('3.2','>') and openshift.common.service_type == 'atomic-openshift' ) or + ( l_common_version | version_compare('1.2','>') and openshift.common.service_type == 'origin' )" diff --git a/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/enterprise/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/enterprise/metrics-deployer.yaml index e8e8713be..67e49f327 100644 --- a/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/enterprise/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/enterprise/metrics-deployer.yaml @@ -79,7 +79,7 @@ parameters: - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "openshift/origin-" + value: "registry.access.redhat.com/openshift3/" - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set version "latest"' name: IMAGE_VERSION diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 32e608e86..9218e12ae 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -63,7 +63,16 @@ def migrate_local_facts(facts): migrated_facts = copy.deepcopy(facts) return migrate_docker_facts(migrated_facts) - +def migrate_hosted_facts(facts): + """ Apply migrations for master facts """ + if 'master' in facts: + if 'router_selector' in facts['master']: + if 'hosted' not in facts: + facts['hosted'] = {} + if 'router' not in facts['hosted']: + facts['hosted']['router'] = {} + facts['hosted']['router']['selector'] = facts['master'].pop('router_selector') + return facts def first_ip(network): """ Return the first IPv4 address in network @@ -394,7 +403,7 @@ def set_node_schedulability(facts): facts['node']['schedulable'] = True return facts -def set_master_selectors(facts): +def set_selectors(facts): """ Set selectors facts if not already present in facts dict Args: facts (dict): existing facts @@ -403,16 +412,21 @@ def set_master_selectors(facts): facts if they were not already present """ + deployment_type = facts['common']['deployment_type'] + if deployment_type == 'online': + selector = "type=infra" + else: + selector = "region=infra" + + if 'hosted' not in facts: + facts['hosted'] = {} + if 'router' not in facts['hosted']: + facts['hosted']['router'] = {} + if 'selector' not in facts['hosted']['router'] or facts['hosted']['router']['selector'] in [None, 'None']: + facts['hosted']['router']['selector'] = selector + if 'master' in facts: if 'infra_nodes' in facts['master']: - deployment_type = facts['common']['deployment_type'] - if deployment_type == 'online': - selector = "type=infra" - else: - selector = "region=infra" - - if 'router_selector' not in facts['master']: - facts['master']['router_selector'] = selector if 'registry_selector' not in facts['master']: facts['master']['registry_selector'] = selector return facts @@ -1034,7 +1048,7 @@ def get_docker_version_info(): } return result -def get_openshift_version(facts, cli_image=None): +def get_openshift_version(facts): """ Get current version of openshift on the host Args: @@ -1056,29 +1070,14 @@ def get_openshift_version(facts, cli_image=None): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) version = parse_openshift_version(output) + # openshift_facts runs before openshift_docker_facts. However, it will be + # called again and set properly throughout the playbook run. This could be + # refactored to simply set the openshift.common.version in the + # openshift_docker_facts role but it would take reworking some assumptions + # on how get_openshift_version is called. if 'is_containerized' in facts['common'] and safe_get_bool(facts['common']['is_containerized']): - container = None - if 'master' in facts: - if 'cluster_method' in facts['master']: - container = facts['common']['service_type'] + '-master-api' - else: - container = facts['common']['service_type'] + '-master' - elif 'node' in facts: - container = facts['common']['service_type'] + '-node' - - if container is not None: - exit_code, output, _ = module.run_command(['docker', 'exec', container, 'openshift', 'version']) - # if for some reason the container is installed but not running - # we'll fall back to using docker run later in this method. - if exit_code == 0: - version = parse_openshift_version(output) - - if version is None and cli_image is not None: - # Assume we haven't installed the environment yet and we need - # to query the latest image, but only if docker is installed - if 'docker' in facts and 'version' in facts['docker']: - exit_code, output, _ = module.run_command(['docker', 'run', '--rm', cli_image, 'version']) - version = parse_openshift_version(output) + if 'docker' in facts and 'openshift_version' in facts['docker']: + version = facts['docker']['openshift_version'] return version @@ -1142,17 +1141,23 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw protected_facts = ['ha', 'master_count'] # Facts we do not ever want to merge. These originate in inventory variables - # and typically contain JSON dicts. We don't ever want to trigger a merge + # and contain JSON dicts. We don't ever want to trigger a merge # here, just completely overwrite with the new if they are present there. - overwrite_facts = ['admission_plugin_config', - 'kube_admission_plugin_config'] + inventory_json_facts = ['admission_plugin_config', + 'kube_admission_plugin_config', + 'image_policy_config'] facts = dict() for key, value in orig.iteritems(): # Key exists in both old and new facts. if key in new: - if key in overwrite_facts: - facts[key] = copy.deepcopy(new[key]) + if key in inventory_json_facts: + # Watchout for JSON facts that sometimes load as strings. + # (can happen if the JSON contains a boolean) + if isinstance(new[key], str): + facts[key] = yaml.safe_load(new[key]) + else: + facts[key] = copy.deepcopy(new[key]) # Continue to recurse if old and new fact is a dictionary. elif isinstance(value, dict) and isinstance(new[key], dict): # Collect the subset of additive facts to overwrite if @@ -1336,10 +1341,6 @@ def set_container_facts_if_unset(facts): if safe_get_bool(facts['common']['is_containerized']): facts['common']['admin_binary'] = '/usr/local/bin/oadm' facts['common']['client_binary'] = '/usr/local/bin/oc' - openshift_version = get_openshift_version(facts, cli_image) - if openshift_version is not None: - base_version = openshift_version.split('-')[0] - facts['common']['image_tag'] = "v" + base_version return facts @@ -1479,7 +1480,7 @@ class OpenShiftFacts(object): facts = set_flannel_facts_if_unset(facts) facts = set_nuage_facts_if_unset(facts) facts = set_node_schedulability(facts) - facts = set_master_selectors(facts) + facts = set_selectors(facts) facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_sdn_facts_if_unset(facts, self.system_facts) @@ -1573,23 +1574,25 @@ class OpenShiftFacts(object): if 'cloudprovider' in roles: defaults['cloudprovider'] = dict(kind=None) - defaults['hosted'] = dict( - registry=dict( - storage=dict( - kind=None, - volume=dict( - name='registry', - size='5Gi' - ), - nfs=dict( - directory='/exports', - options='*(rw,root_squash)'), - host=None, - access_modes=['ReadWriteMany'], - create_pv=True - ) + if 'hosted' in roles or self.role == 'hosted': + defaults['hosted'] = dict( + registry=dict( + storage=dict( + kind=None, + volume=dict( + name='registry', + size='5Gi' + ), + nfs=dict( + directory='/exports', + options='*(rw,root_squash)'), + host=None, + access_modes=['ReadWriteMany'], + create_pv=True + ) + ), + router=dict() ) - ) return defaults diff --git a/roles/openshift_hosted/README.md b/roles/openshift_hosted/README.md new file mode 100644 index 000000000..633ec0937 --- /dev/null +++ b/roles/openshift_hosted/README.md @@ -0,0 +1,55 @@ +OpenShift Hosted +================ + +OpenShift Hosted Resources + +* OpenShift Router + +Requirements +------------ + +This role requires a running OpenShift cluster with nodes labeled to +match the openshift_hosted_router_selector (default: region=infra). + +Role Variables +-------------- + +From this role: + +| Name | Default value | Description | +|-------------------------------------|------------------------------------------|----------------------------------------------------------------------------------------------------------------------| +| openshift_hosted_router_certificate | None | Dictionary containing "certfile" and "keyfile" keys with values containing paths to local certificate files. | +| openshift_hosted_router_registryurl | 'openshift3/ose-${component}:${version}' | The image to base the OpenShift router on. | +| openshift_hosted_router_replicas | Number of nodes matching selector | The number of replicas to configure. | +| openshift_hosted_router_selector | region=infra | Node selector used when creating router. The OpenShift router will only be deployed to nodes matching this selector. | + +Dependencies +------------ + +* openshift_common +* openshift_hosted_facts + +Example Playbook +---------------- + +``` +- name: Create hosted resources + hosts: oo_first_master + roles: + - role: openshift_hosted + openshift_hosted_router_certificate: + certfile: /path/to/my-router.crt + keyfile: /path/to/my-router.key + openshift_hosted_router_registryurl: 'registry.access.redhat.com/openshift3/ose-haproxy-router:v3.0.2.0' + openshift_hosted_router_selector: 'type=infra' +``` + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Red Hat openshift@redhat.com diff --git a/roles/openshift_router/handlers/main.yml b/roles/openshift_hosted/handlers/main.yml index e69de29bb..e69de29bb 100644 --- a/roles/openshift_router/handlers/main.yml +++ b/roles/openshift_hosted/handlers/main.yml diff --git a/roles/openshift_router/meta/main.yml b/roles/openshift_hosted/meta/main.yml index c2b0777b5..75dfc24c3 100644 --- a/roles/openshift_router/meta/main.yml +++ b/roles/openshift_hosted/meta/main.yml @@ -11,5 +11,6 @@ galaxy_info: - 7 categories: - cloud - dependencies: - - openshift_facts +dependencies: +- openshift_common +- openshift_hosted_facts diff --git a/roles/openshift_hosted/tasks/main.yml b/roles/openshift_hosted/tasks/main.yml new file mode 100644 index 000000000..d42a4e365 --- /dev/null +++ b/roles/openshift_hosted/tasks/main.yml @@ -0,0 +1,3 @@ +--- + +- include: router.yml diff --git a/roles/openshift_hosted/tasks/router.yml b/roles/openshift_hosted/tasks/router.yml new file mode 100644 index 000000000..6a36f74b2 --- /dev/null +++ b/roles/openshift_hosted/tasks/router.yml @@ -0,0 +1,64 @@ +--- +- fail: + msg: "Both 'certfile' and 'keyfile' keys must be specified when supplying the openshift_hosted_router_certificate variable." + when: openshift_hosted_router_certificate is defined and ('certfile' not in openshift_hosted_router_certificate or 'keyfile' not in openshift_hosted_router_certificate) + +- name: Read router certificate and key + slurp: + src: "{{ item }}" + register: openshift_router_certificate_output + with_items: + - "{{ openshift_hosted_router_certificate.certfile }}" + - "{{ openshift_hosted_router_certificate.keyfile }}" + delegate_to: localhost + when: openshift_hosted_router_certificate is defined + +- name: Persist certificate contents + openshift_facts: + role: hosted + openshift_env: + openshift_hosted_router_certificate_contents: "{% for certificate in openshift_router_certificate_output.results -%}{{ certificate.content | b64decode }}{% endfor -%}" + when: openshift_hosted_router_certificate is defined + +- name: Create PEM certificate + copy: + content: "{{ openshift.hosted.router.certificate.contents }}" + dest: "{{ openshift_master_config_dir }}/openshift-router.pem" + mode: 0600 + when: openshift.hosted.router.certificate | default(None) != None + +- name: Retrieve list of openshift nodes + command: > + {{ openshift.common.client_binary }} --api-version='v1' -o json + get nodes -n default --config={{ openshift.common.config_base }}/master/admin.kubeconfig + register: openshift_hosted_router_nodes_json + when: openshift.hosted.router.replicas | default(None) == None + +- name: Collect nodes matching router selector + set_fact: + openshift_hosted_router_nodes: > + {{ (openshift_hosted_router_nodes_json.stdout|from_json)['items'] + | oo_oc_nodes_matching_selector(openshift.hosted.router.selector) }} + when: openshift.hosted.router.replicas | default(None) == None + +- name: Create OpenShift router + command: > + {{ openshift.common.admin_binary }} router --create + {% if openshift.hosted.router.replicas | default(None) != None -%} + --replicas={{ openshift.hosted.router.replicas }} + {% else -%} + --replicas={{ openshift_hosted_router_nodes | length }} + {% endif %} + {% if openshift.hosted.router.certificate | default(None) != None -%} + --default-cert={{ openshift_master_config_dir }}/openshift-router.pem + {% endif -%} + --namespace=default + --service-account=router + --selector='{{ openshift.hosted.router.selector }}' + --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig + {% if openshift.hosted.router.registryurl | default(None)!= None -%} + --images='{{ openshift.hosted.router.registryurl }}' + {% endif -%} + register: openshift_hosted_router_results + changed_when: "'service exists' not in openshift_hosted_router_results.stdout" + when: openshift.hosted.router.replicas | default(None) != None or (openshift_hosted_router_nodes is defined and openshift_hosted_router_nodes | length > 0) diff --git a/roles/openshift_hosted/vars/main.yml b/roles/openshift_hosted/vars/main.yml new file mode 100644 index 000000000..9967e26f4 --- /dev/null +++ b/roles/openshift_hosted/vars/main.yml @@ -0,0 +1,2 @@ +--- +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" diff --git a/roles/openshift_hosted_facts/meta/main.yml b/roles/openshift_hosted_facts/meta/main.yml new file mode 100644 index 000000000..dd2de07bc --- /dev/null +++ b/roles/openshift_hosted_facts/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Andrew Butcher + description: OpenShift Hosted Facts + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- role: openshift_facts diff --git a/roles/openshift_hosted_facts/tasks/main.yml b/roles/openshift_hosted_facts/tasks/main.yml new file mode 100644 index 000000000..f595e1e81 --- /dev/null +++ b/roles/openshift_hosted_facts/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Set hosted facts + openshift_facts: + role: hosted + openshift_env: "{{ hostvars[inventory_hostname] + | oo_merge_dicts(hostvars) + | oo_openshift_env }}" diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml index afc81a414..6bf28ff2b 100644 --- a/roles/openshift_master/defaults/main.yml +++ b/roles/openshift_master/defaults/main.yml @@ -29,4 +29,4 @@ os_firewall_deny: - service: former etcd peer port port: 7001/tcp -openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}" +openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}" diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 70c7ef4e4..f7dfb11f7 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -1,17 +1,17 @@ --- - name: restart master service: name={{ openshift.common.service_type }}-master state=restarted - when: (openshift.master.ha is defined and not openshift.master.ha | bool) and (not (master_service_status_changed | default(false) | bool)) + when: (openshift.master.ha is not defined or not openshift.master.ha | bool) and (not (master_service_status_changed | default(false) | bool)) notify: Verify API Server - name: restart master api service: name={{ openshift.common.service_type }}-master-api state=restarted - when: (openshift.master.ha is defined and openshift_master_ha | bool) and (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' + when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' notify: Verify API Server - name: restart master controllers service: name={{ openshift.common.service_type }}-master-controllers state=restarted - when: (openshift.master.ha is defined and openshift_master_ha | bool) and (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' + when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native' - name: Verify API Server # Using curl here since the uri module requires python-httplib2 and diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index 7ab913eea..0d4241e2c 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -16,3 +16,4 @@ dependencies: - role: openshift_cli - role: openshift_cloud_provider - role: openshift_master_facts +- role: openshift_hosted_facts diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 23994cdcf..18a42bf93 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -24,7 +24,7 @@ when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and openshift.common.is_containerized | bool - name: Install Master package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-master{{ openshift_version }} state=present" + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-master{{ openshift_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" when: not openshift.common.is_containerized | bool - name: Pull master image diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 index 66d76978e..df1dbb85e 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 @@ -20,6 +20,7 @@ LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} SyslogIdentifier={{ openshift.common.service_type }}-master-api Restart=always +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 index 75759c133..5ff2edae4 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 @@ -19,6 +19,7 @@ LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} SyslogIdentifier={{ openshift.common.service_type }}-master-controllers Restart=on-failure +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_master/templates/docker/master.docker.service.j2 b/roles/openshift_master/templates/docker/master.docker.service.j2 index d02fc5342..97f698b68 100644 --- a/roles/openshift_master/templates/docker/master.docker.service.j2 +++ b/roles/openshift_master/templates/docker/master.docker.service.j2 @@ -12,6 +12,7 @@ ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.c ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master Restart=always +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index e89fdc0ce..1009aa318 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -89,6 +89,9 @@ etcdStorageConfig: imageConfig: format: {{ openshift.master.registry_url }} latest: false +{% if 'image_policy_config' in openshift.master %} +imagePolicyConfig:{{ openshift.master.image_policy_config | to_padded_yaml(level=1) }} +{% endif %} kind: MasterConfig kubeletClientInfo: {# TODO: allow user specified kubelet port #} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 index e61418eb6..1f50fdce1 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 @@ -15,6 +15,7 @@ LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} SyslogIdentifier=atomic-openshift-master-api +RestartSec=5s [Install] WantedBy=multi-user.target diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 index ba4c1e0e8..bf62696f0 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 @@ -20,6 +20,7 @@ LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} SyslogIdentifier={{ openshift.common.service_type }}-master-controllers Restart=on-failure +RestartSec=5s [Install] WantedBy=multi-user.target diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index f43b8c59d..4d7c04065 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -72,3 +72,4 @@ oauth_template: "{{ openshift_master_oauth_template | default(None) }}" # deprecated in origin 1.2 / OSE 3.2 oauth_templates: "{{ openshift_master_oauth_templates | default(None) }}" oauth_always_show_provider_selection: "{{ openshift_master_oauth_always_show_provider_selection | default(None) }}" + image_policy_config: "{{ openshift_master_image_policy_config | default(None) }}" diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index c4f718bfb..91aed7aa3 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -13,4 +13,4 @@ os_firewall_allow: - service: OpenShift OVS sdn port: 4789/udp when: openshift.node.use_openshift_sdn | bool -openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag) | default(openshift.common.image_tag) | default('') }}" +openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}" diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index eca4848c1..8987e0191 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -36,11 +36,11 @@ # We have to add tuned-profiles in the same transaction otherwise we run into depsolving # problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present" + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" when: not openshift.common.is_containerized | bool - name: Install sdn-ovs package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present" + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool - name: Pull node image diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service index ff5a97fe0..30f09b250 100644 --- a/roles/openshift_node/templates/openshift.docker.node.service +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -17,6 +17,7 @@ ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node SyslogIdentifier={{ openshift.common.service_type }}-node Restart=always +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service index 8052a3a39..1e1f8967d 100644 --- a/roles/openshift_node/templates/openvswitch.docker.service +++ b/roles/openshift_node/templates/openvswitch.docker.service @@ -11,6 +11,7 @@ ExecStartPost=/usr/bin/sleep 5 ExecStop=/usr/bin/docker stop openvswitch SyslogIdentifier=openvswitch Restart=always +RestartSec=5s [Install] WantedBy=docker.service diff --git a/roles/openshift_persistent_volumes/meta/main.yml b/roles/openshift_persistent_volumes/meta/main.yml index d9f6fc01a..25e5a38dd 100644 --- a/roles/openshift_persistent_volumes/meta/main.yml +++ b/roles/openshift_persistent_volumes/meta/main.yml @@ -10,4 +10,5 @@ galaxy_info: versions: - 7 dependencies: -- { role: openshift_common } +- role: openshift_common +- role: openshift_hosted_facts diff --git a/roles/openshift_registry/meta/main.yml b/roles/openshift_registry/meta/main.yml index b220a020e..e6db8c537 100644 --- a/roles/openshift_registry/meta/main.yml +++ b/roles/openshift_registry/meta/main.yml @@ -11,5 +11,5 @@ galaxy_info: - 7 categories: - cloud - dependencies: - - openshift_facts +dependencies: +- role: openshift_hosted_facts diff --git a/roles/openshift_router/README.md b/roles/openshift_router/README.md deleted file mode 100644 index d490e1038..000000000 --- a/roles/openshift_router/README.md +++ /dev/null @@ -1,35 +0,0 @@ -OpenShift Container Router -========================== - -OpenShift Router service installation - -Requirements ------------- - -Running OpenShift cluster - -Role Variables --------------- - -From this role: -| Name | Default value | | -|--------------------|-------------------------------------------------------|---------------------| -| | | | - -Dependencies ------------- - -Example Playbook ----------------- - -TODO - -License -------- - -Apache License, Version 2.0 - -Author Information ------------------- - -Red Hat openshift@redhat.com diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml deleted file mode 100644 index 40365d04d..000000000 --- a/roles/openshift_router/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Deploy OpenShift Router - command: > - {{ openshift.common.admin_binary }} router - --create --replicas={{ openshift.master.infra_nodes | length }} - --namespace=default - --service-account=router {{ ortr_selector }} - --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ ortr_images }} - register: ortr_results - changed_when: "'service exists' not in ortr_results.stdout" diff --git a/roles/openshift_router/vars/main.yml b/roles/openshift_router/vars/main.yml deleted file mode 100644 index bcac12068..000000000 --- a/roles/openshift_router/vars/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -openshift_master_config_dir: "{{ openshift.common.config_base }}/master" -ortr_images: "--images='{{ openshift.master.registry_url }}'" -ortr_selector: "--selector='{{ openshift.master.router_selector }}'" diff --git a/roles/openshift_storage_nfs/meta/main.yml b/roles/openshift_storage_nfs/meta/main.yml index c6815d697..d675e0750 100644 --- a/roles/openshift_storage_nfs/meta/main.yml +++ b/roles/openshift_storage_nfs/meta/main.yml @@ -10,6 +10,6 @@ galaxy_info: versions: - 7 dependencies: -- { role: os_firewall } -- { role: openshift_facts } -- { role: openshift_repos } +- role: os_firewall +- role: openshift_hosted_facts +- role: openshift_repos |