diff options
Diffstat (limited to 'roles')
18 files changed, 505 insertions, 123 deletions
diff --git a/roles/lib_dyn/README.md b/roles/lib_dyn/README.md new file mode 100644 index 000000000..1eec9f81c --- /dev/null +++ b/roles/lib_dyn/README.md @@ -0,0 +1,27 @@ +lib_dyn +========= + +A role containing the dyn_record module for managing DNS records through Dyn's +API + +Requirements +------------ + +The module requires the `dyn` python module for interacting with the Dyn API. +https://github.com/dyninc/dyn-python + +Example Playbook +---------------- + +To make sure the `dyn_record` module is available for use include the role +before it is used. + + - hosts: servers + roles: + - lib_dyn + +License +------- + +Apache + diff --git a/roles/lib_dyn/library/dyn_record.py b/roles/lib_dyn/library/dyn_record.py new file mode 100644 index 000000000..5e088a674 --- /dev/null +++ b/roles/lib_dyn/library/dyn_record.py @@ -0,0 +1,269 @@ +#!/usr/bin/python +# +# (c) 2015, Russell Harrison <rharriso@redhat.com> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +'''Ansible module to manage records in the Dyn Managed DNS service''' +DOCUMENTATION = ''' +--- +module: dyn_record +version_added: "1.9" +short_description: Manage records in the Dyn Managed DNS service. +description: + - "Manages DNS records via the REST API of the Dyn Managed DNS service. It + - "handles records only; there is no manipulation of zones or account support" + - "yet. See: U(https://help.dyn.com/dns-api-knowledge-base/)" +options: + state: + description: + -"Whether the record should be c(present) or c(absent). Optionally the" + - "state c(list) can be used to return the current value of a record." + required: true + choices: [ 'present', 'absent', 'list' ] + default: present + + customer_name: + description: + - "The Dyn customer name for your account. If not set the value of the" + - "c(DYNECT_CUSTOMER_NAME) environment variable is used." + required: false + default: nil + + user_name: + description: + - "The Dyn user name to log in with. If not set the value of the" + - "c(DYNECT_USER_NAME) environment variable is used." + required: false + default: null + + user_password: + description: + - "The Dyn user's password to log in with. If not set the value of the" + - "c(DYNECT_PASSWORD) environment variable is used." + required: false + default: null + + zone: + description: + - "The DNS zone in which your record is located." + required: true + default: null + + record_fqdn: + description: + - "Fully qualified domain name of the record name to get, create, delete," + - "or update." + required: true + default: null + + record_type: + description: + - "Record type." + required: true + choices: [ 'A', 'AAAA', 'CNAME', 'PTR', 'TXT' ] + default: null + + record_value: + description: + - "Record value. If record_value is not specified; no changes will be" + - "made and the module will fail" + required: false + default: null + + record_ttl: + description: + - 'Record's "Time to live". Number of seconds the record remains cached' + - 'in DNS servers or c(0) to use the default TTL for the zone.' + required: false + default: 0 + +notes: + - The module makes a broad assumption that there will be only one record per "node" (FQDN). + - This module returns record(s) in the "result" element when 'state' is set to 'present'. This value can be be registered and used in your playbooks. + +requirements: [ dyn ] +author: "Russell Harrison" +''' + +try: + IMPORT_ERROR = False + from dyn.tm.session import DynectSession + from dyn.tm.zones import Zone + import dyn.tm.errors + import os + +except ImportError as error: + IMPORT_ERROR = str(error) + +# Each of the record types use a different method for the value. +RECORD_PARAMS = { + 'A' : {'value_param': 'address'}, + 'AAAA' : {'value_param': 'address'}, + 'CNAME' : {'value_param': 'cname'}, + 'PTR' : {'value_param': 'ptrdname'}, + 'TXT' : {'value_param': 'txtdata'} +} + +# You'll notice that the value_param doesn't match the key (records_key) +# in the dict returned from Dyn when doing a dyn_node.get_all_records() +# This is a frustrating lookup dict to allow mapping to the RECORD_PARAMS +# dict so we can lookup other values in it efficiently + +def get_record_type(record_key): + '''Get the record type represented by the keys returned from get_any_records.''' + return record_key.replace('_records', '').upper() + +def get_record_key(record_type): + '''Get the key to look up records in the dictionary returned from get_any_records.''' + return record_type.lower() + '_records' + +def get_any_records(module, node): + '''Get any records for a given node''' + # Lets get a list of the A records for the node + try: + records = node.get_any_records() + except dyn.tm.errors.DynectGetError as error: + if 'Not in zone' in str(error): + # The node isn't in the zone so we'll return an empty dictionary + return {} + else: + # An unknown error happened so we'll need to return it. + module.fail_json(msg='Unable to get records', + error=str(error)) + + # Return a dictionary of the record objects + return records + +def get_record_values(records): + '''Get the record values for each record returned by get_any_records.''' + # This simply returns the values from a dictionary of record objects + ret_dict = {} + for key in records.keys(): + record_type = get_record_type(key) + record_value_param = RECORD_PARAMS[record_type]['value_param'] + ret_dict[key] = [getattr(elem, record_value_param) for elem in records[key]] + return ret_dict + +def main(): + '''Ansible module for managing Dyn DNS records.''' + module = AnsibleModule( + argument_spec=dict( + state=dict(required=True, choices=['present', 'absent', 'list']), + customer_name=dict(default=os.environ.get('DYNECT_CUSTOMER_NAME', None), type='str'), + user_name=dict(default=os.environ.get('DYNECT_USER_NAME', None), type='str', no_log=True), + user_password=dict(default=os.environ.get('DYNECT_PASSWORD', None), type='str', no_log=True), + zone=dict(required=True), + record_fqdn=dict(required=False), + record_type=dict(required=False, choices=[ + 'A', 'AAAA', 'CNAME', 'PTR', 'TXT']), + record_value=dict(required=False), + record_ttl=dict(required=False, default=0, type='int'), + ), + required_together=( + ['record_fqdn', 'record_value', 'record_ttl', 'record_type'] + ) + ) + + if IMPORT_ERROR: + module.fail_json(msg="Unable to import dyn module: https://pypi.python.org/pypi/dyn", + error=IMPORT_ERROR) + + # Start the Dyn session + try: + _ = DynectSession(module.params['customer_name'], + module.params['user_name'], + module.params['user_password']) + except dyn.tm.errors.DynectAuthError as error: + module.fail_json(msg='Unable to authenticate with Dyn', + error=str(error)) + + # Retrieve zone object + try: + dyn_zone = Zone(module.params['zone']) + except dyn.tm.errors.DynectGetError as error: + if 'No such zone' in str(error): + module.fail_json( + msg="Not a valid zone for this account", + zone=module.params['zone'] + ) + else: + module.fail_json(msg="Unable to retrieve zone", + error=str(error)) + + + # To retrieve the node object we need to remove the zone name from the FQDN + dyn_node_name = module.params['record_fqdn'].replace('.' + module.params['zone'], '') + + # Retrieve the zone object from dyn + dyn_zone = Zone(module.params['zone']) + + # Retrieve the node object from dyn + dyn_node = dyn_zone.get_node(node=dyn_node_name) + + # All states will need a list of the exiting records for the zone. + dyn_node_records = get_any_records(module, dyn_node) + + if module.params['state'] == 'list': + module.exit_json(changed=False, + records=get_record_values( + dyn_node_records, + )) + + if module.params['state'] == 'present': + + # First get a list of existing records for the node + values = get_record_values(dyn_node_records) + value_key = get_record_key(module.params['record_type']) + + # Check to see if the record is already in place before doing anything. + if (dyn_node_records and + dyn_node_records[value_key][0].ttl == module.params['record_ttl'] and + module.params['record_value'] in values[value_key]): + + module.exit_json(changed=False) + + + # Working on the assumption that there is only one record per + # node we will first delete the node if there are any records before + # creating the correct record + if dyn_node_records: + dyn_node.delete() + + # Now lets create the correct node entry. + dyn_zone.add_record(dyn_node_name, + module.params['record_type'], + module.params['record_value'], + module.params['record_ttl'] + ) + + # Now publish the zone since we've updated it. + dyn_zone.publish() + module.exit_json(changed=True, + msg="Created node %s in zone %s" % (dyn_node_name, module.params['zone'])) + + if module.params['state'] == 'absent': + # If there are any records present we'll want to delete the node. + if dyn_node_records: + dyn_node.delete() + # Publish the zone since we've modified it. + dyn_zone.publish() + module.exit_json(changed=True, + msg="Removed node %s from zone %s" % (dyn_node_name, module.params['zone'])) + else: + module.exit_json(changed=False) + +# Ansible tends to need a wild card import so we'll use it here +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +from ansible.module_utils.basic import * +if __name__ == '__main__': + main() diff --git a/roles/lib_dyn/meta/main.yml b/roles/lib_dyn/meta/main.yml new file mode 100644 index 000000000..5475c6971 --- /dev/null +++ b/roles/lib_dyn/meta/main.yml @@ -0,0 +1,33 @@ +--- +galaxy_info: + author: Russell Harrison + description: A role to provide the dyn_record module + company: Red Hat, Inc. + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + license: Apache + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + #- name: Fedora + # versions: + # - 19 + # - 20 + # - 21 + # - 22 + # Below are all categories currently available. Just as with + # the platforms above, uncomment those that apply to your role. + categories: + - networking +dependencies: [] + # List your role dependencies here, one per line. + # Be sure to remove the '[]' above if you add dependencies + # to this list. + # + # No role dependencies at this time. The module contained in this role does + # require the dyn python module. + # https://pypi.python.org/pypi/dyn + diff --git a/roles/lib_dyn/tasks/main.yml b/roles/lib_dyn/tasks/main.yml new file mode 100644 index 000000000..9b3b1b0b9 --- /dev/null +++ b/roles/lib_dyn/tasks/main.yml @@ -0,0 +1,5 @@ +--- +# tasks file for lib_dyn + +- name: Make sure python-dyn is installed + yum: name=python-dyn state=present diff --git a/roles/nuage_node/handlers/main.yaml b/roles/nuage_node/handlers/main.yaml index d82d4b67b..25482a845 100644 --- a/roles/nuage_node/handlers/main.yaml +++ b/roles/nuage_node/handlers/main.yaml @@ -2,3 +2,7 @@ - name: restart vrs sudo: true service: name=openvswitch state=restarted + +- name: restart node + sudo: true + service: name={{ openshift.common.service_type }}-node state=restarted diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json index 11767862d..68438b538 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json @@ -87,6 +87,13 @@ { "name": "mongodb", "image": "mongodb", + "readinessProbe": { + "tcpSocket":{ + "port": 27017 + }, + "initialDelaySeconds": 15, + "timeoutSeconds": 1 + }, "ports": [ { "containerPort": 27017, diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json index 97b315600..e90ed6fa8 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json @@ -104,6 +104,13 @@ { "name": "mongodb", "image": "mongodb", + "readinessProbe": { + "tcpSocket":{ + "port": 27017 + }, + "initialDelaySeconds": 15, + "timeoutSeconds": 1 + }, "ports": [ { "containerPort": 27017, diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json index 51805d729..a327c0215 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json @@ -15,8 +15,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "2.2" + "kind": "ImageStreamTag", + "name": "2.2" } }, { @@ -30,8 +30,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/ruby-20-centos7:latest" + "kind": "DockerImage", + "name": "openshift/ruby-20-centos7:latest" } }, { @@ -45,8 +45,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "centos/ruby-22-centos7:latest" + "kind": "DockerImage", + "name": "centos/ruby-22-centos7:latest" } } ] @@ -64,8 +64,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "0.10" + "kind": "ImageStreamTag", + "name": "0.10" } }, { @@ -79,8 +79,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/nodejs-010-centos7:latest" + "kind": "DockerImage", + "name": "openshift/nodejs-010-centos7:latest" } } ] @@ -98,8 +98,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.20" + "kind": "ImageStreamTag", + "name": "5.20" } }, { @@ -113,8 +113,8 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/perl-516-centos7:latest" + "kind": "DockerImage", + "name": "openshift/perl-516-centos7:latest" } }, { @@ -128,8 +128,8 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "centos/perl-520-centos7:latest" + "kind": "DockerImage", + "name": "centos/perl-520-centos7:latest" } } @@ -148,8 +148,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.6" + "kind": "ImageStreamTag", + "name": "5.6" } }, { @@ -163,8 +163,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/php-55-centos7:latest" + "kind": "DockerImage", + "name": "openshift/php-55-centos7:latest" } }, { @@ -178,8 +178,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "centos/php-56-centos7:latest" + "kind": "DockerImage", + "name": "centos/php-56-centos7:latest" } } ] @@ -197,8 +197,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "3.4" + "kind": "ImageStreamTag", + "name": "3.4" } }, { @@ -212,8 +212,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/python-33-centos7:latest" + "kind": "DockerImage", + "name": "openshift/python-33-centos7:latest" } }, { @@ -227,8 +227,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "centos/python-27-centos7:latest" + "kind": "DockerImage", + "name": "centos/python-27-centos7:latest" } }, { @@ -242,8 +242,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "centos/python-34-centos7:latest" + "kind": "DockerImage", + "name": "centos/python-34-centos7:latest" } } ] @@ -261,8 +261,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "8.1" + "kind": "ImageStreamTag", + "name": "8.1" } }, { @@ -276,8 +276,8 @@ "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" }, "from": { - "Kind": "DockerImage", - "Name": "openshift/wildfly-81-centos7:latest" + "kind": "DockerImage", + "name": "openshift/wildfly-81-centos7:latest" } } ] @@ -295,22 +295,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.6" + "kind": "ImageStreamTag", + "name": "5.6" } }, { "name": "5.5", "from": { - "Kind": "DockerImage", - "Name": "openshift/mysql-55-centos7:latest" + "kind": "DockerImage", + "name": "openshift/mysql-55-centos7:latest" } }, { "name": "5.6", "from": { - "Kind": "DockerImage", - "Name": "centos/mysql-56-centos7:latest" + "kind": "DockerImage", + "name": "centos/mysql-56-centos7:latest" } } ] @@ -328,22 +328,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "9.4" + "kind": "ImageStreamTag", + "name": "9.4" } }, { "name": "9.2", "from": { - "Kind": "DockerImage", - "Name": "openshift/postgresql-92-centos7:latest" + "kind": "DockerImage", + "name": "openshift/postgresql-92-centos7:latest" } }, { "name": "9.4", "from": { - "Kind": "DockerImage", - "Name": "centos/postgresql-94-centos7:latest" + "kind": "DockerImage", + "name": "centos/postgresql-94-centos7:latest" } } ] @@ -361,22 +361,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "2.6" + "kind": "ImageStreamTag", + "name": "2.6" } }, { "name": "2.4", "from": { - "Kind": "DockerImage", - "Name": "openshift/mongodb-24-centos7:latest" + "kind": "DockerImage", + "name": "openshift/mongodb-24-centos7:latest" } }, { "name": "2.6", "from": { - "Kind": "DockerImage", - "Name": "centos/mongodb-26-centos7:latest" + "kind": "DockerImage", + "name": "centos/mongodb-26-centos7:latest" } } ] @@ -394,15 +394,15 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "1" + "kind": "ImageStreamTag", + "name": "1" } }, { "name": "1", "from": { - "Kind": "DockerImage", - "Name": "openshift/jenkins-1-centos7:latest" + "kind": "DockerImage", + "name": "openshift/jenkins-1-centos7:latest" } } ] diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json index 3092ee486..3f5f713b4 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json @@ -15,8 +15,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "2.2" + "kind": "ImageStreamTag", + "name": "2.2" } }, { @@ -30,8 +30,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest" } }, { @@ -45,8 +45,8 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest" } } ] @@ -64,8 +64,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "0.10" + "kind": "ImageStreamTag", + "name": "0.10" } }, { @@ -79,8 +79,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest" } } ] @@ -98,8 +98,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.20" + "kind": "ImageStreamTag", + "name": "5.20" } }, { @@ -113,8 +113,8 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest" } }, { @@ -128,8 +128,8 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest" } } @@ -148,8 +148,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.6" + "kind": "ImageStreamTag", + "name": "5.6" } }, { @@ -163,8 +163,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest" } }, { @@ -178,8 +178,8 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest" } } ] @@ -197,8 +197,8 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "3.4" + "kind": "ImageStreamTag", + "name": "3.4" } }, { @@ -212,8 +212,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest" } }, { @@ -227,8 +227,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest" } }, { @@ -242,8 +242,8 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest" } } ] @@ -261,22 +261,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "5.6" + "kind": "ImageStreamTag", + "name": "5.6" } }, { "name": "5.5", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest" } }, { "name": "5.6", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest" } } ] @@ -294,22 +294,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "9.4" + "kind": "ImageStreamTag", + "name": "9.4" } }, { "name": "9.2", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest" } }, { "name": "9.4", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" } } ] @@ -327,22 +327,22 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "2.6" + "kind": "ImageStreamTag", + "name": "2.6" } }, { "name": "2.4", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest" } }, { "name": "2.6", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" } } ] @@ -360,15 +360,15 @@ { "name": "latest", "from": { - "Kind": "ImageStreamTag", - "Name": "1" + "kind": "ImageStreamTag", + "name": "1" } }, { "name": "1", "from": { - "Kind": "DockerImage", - "Name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" } } ] diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index 9a5eebc66..a5731be09 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -8,7 +8,7 @@ - name: Import RHEL streams command: > {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ rhel_image_streams }} - when: openshift_examples_load_rhel + when: openshift_examples_load_rhel | bool register: oex_import_rhel_streams failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0" changed_when: false diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 57b50bee4..aa5e593b6 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -82,7 +82,7 @@ registry_selector: "{{ openshift_registry_selector | default(None) }}" api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" - infra_nodes: "{{ num_infra | default(None) }}" + infra_nodes: "{{ openshift_infra_nodes | default(None) }}" disabled_features: "{{ osm_disabled_features | default(None) }}" master_count: "{{ openshift_master_count | default(None) }}" controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service index 0b42ca6d5..6c02b26bf 100644 --- a/roles/openshift_node/templates/openvswitch.docker.service +++ b/roles/openshift_node/templates/openvswitch.docker.service @@ -6,6 +6,7 @@ PartOf=docker.service [Service] ExecStartPre=-/usr/bin/docker rm -f openvswitch ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }} +ExecStartPost=/usr/bin/sleep 5 ExecStop=/usr/bin/docker stop openvswitch Restart=always diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml index 498a65127..355cbf84b 100644 --- a/roles/openshift_router/tasks/main.yml +++ b/roles/openshift_router/tasks/main.yml @@ -1,14 +1,9 @@ --- - -- set_fact: _ortr_images="--images='{{ openshift.master.registry_url }}'" - -- set_fact: _ortr_selector="--selector='{{ openshift.master.router_selector }}'" - - name: Deploy OpenShift Router command: > {{ openshift.common.admin_binary }} router - --create --replicas={{ openshift.master.infra_nodes }} - --service-account=router {{ _ortr_selector }} - --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images }} - register: _ortr_results - changed_when: "'service exists' not in _ortr_results.stdout" + --create --replicas={{ openshift.master.infra_nodes | length }} + --service-account=router {{ ortr_selector }} + --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ ortr_images }} + register: ortr_results + changed_when: "'service exists' not in ortr_results.stdout" diff --git a/roles/openshift_router/vars/main.yml b/roles/openshift_router/vars/main.yml index 9967e26f4..bcac12068 100644 --- a/roles/openshift_router/vars/main.yml +++ b/roles/openshift_router/vars/main.yml @@ -1,2 +1,4 @@ --- openshift_master_config_dir: "{{ openshift.common.config_base }}/master" +ortr_images: "--images='{{ openshift.master.registry_url }}'" +ortr_selector: "--selector='{{ openshift.master.router_selector }}'" diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 12ea36c8b..9d20eb012 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -20,13 +20,26 @@ g_template_openshift_master: - Openshift Master - key: openshift.master.api.ping - description: "Verify that the Openshift API is up" + description: "Verify that the Openshift API is up (uses the cluster API URL)" + type: int + applications: + - Openshift Master + + - key: openshift.master.local.api.ping + description: "Verify that the Openshift API is up on the host (uses the API URL as the https://127.0.0.1)" type: int applications: - Openshift Master - key: openshift.master.api.healthz - description: "Checks the healthz check of the master's api: https://master_host/healthz" + description: "Checks the healthz check of the master's api: https://<cluster_api_url>/healthz" + type: int + data_type: bool + applications: + - Openshift Master + + - key: openshift.master.local.api.healthz + description: "Checks the healthz check of the master's api: https://127.0.0.1/healthz" type: int data_type: bool applications: @@ -292,6 +305,11 @@ g_template_openshift_master: - name: 'Openshift Master API health check is failing on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.api.healthz.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high + + - name: 'Openshift Master Local API health check is failing on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.local.api.healthz.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' dependencies: - 'Openshift Master process not running on {HOST.NAME}' priority: high @@ -299,6 +317,11 @@ g_template_openshift_master: - name: 'Openshift Master API PING check is failing on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.api.ping.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high + + - name: 'Openshift Master Local API PING check is failing on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.local.api.ping.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' dependencies: - 'Openshift Master process not running on {HOST.NAME}' priority: high diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml index ce28b1048..ff65ef158 100644 --- a/roles/os_zabbix/vars/template_openshift_node.yml +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -20,6 +20,12 @@ g_template_openshift_node: applications: - Openshift Node + - key: openshift.node.ovs.stray.rules + description: Number of OVS stray rules found/removed + type: int + applications: + - Openshift Node + ztriggers: - name: 'Openshift Node process not running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1' diff --git a/roles/rhel_subscribe/meta/main.yml b/roles/rhel_subscribe/meta/main.yml new file mode 100644 index 000000000..bbc3ad172 --- /dev/null +++ b/roles/rhel_subscribe/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - openshift_facts diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index eecfd04a0..85e17ff9d 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -41,4 +41,5 @@ command: subscription-manager subscribe --pool {{ openshift_pool_id.stdout_lines[0] }} - include: enterprise.yml - when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] + when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] and + not openshift.common.is_atomic | bool |