diff options
Diffstat (limited to 'roles')
22 files changed, 61 insertions, 50 deletions
diff --git a/roles/contiv/tasks/netmaster_iptables.yml b/roles/contiv/tasks/netmaster_iptables.yml index 2d0fb95ae..07bb16ea7 100644 --- a/roles/contiv/tasks/netmaster_iptables.yml +++ b/roles/contiv/tasks/netmaster_iptables.yml @@ -2,7 +2,7 @@ - name: Netmaster IPtables | Get iptables rules command: iptables -L --wait register: iptablesrules - always_run: yes + check_mode: no - name: Netmaster IPtables | Enable iptables at boot service: diff --git a/roles/contiv/tasks/netplugin_iptables.yml b/roles/contiv/tasks/netplugin_iptables.yml index 184c595c5..3ea34645d 100644 --- a/roles/contiv/tasks/netplugin_iptables.yml +++ b/roles/contiv/tasks/netplugin_iptables.yml @@ -2,7 +2,7 @@ - name: Netplugin IPtables | Get iptables rules command: iptables -L --wait register: iptablesrules - always_run: yes + check_mode: no - name: Netplugin IPtables | Enable iptables at boot service: diff --git a/roles/contiv_facts/tasks/main.yml b/roles/contiv_facts/tasks/main.yml index 926e0e0be..7a4972fca 100644 --- a/roles/contiv_facts/tasks/main.yml +++ b/roles/contiv_facts/tasks/main.yml @@ -3,7 +3,7 @@ stat: path=/run/ostree-booted register: s changed_when: false - always_run: yes + check_mode: no - name: Init the is_atomic fact set_fact: @@ -17,7 +17,7 @@ - name: Determine if CoreOS raw: "grep '^NAME=' /etc/os-release | sed s'/NAME=//'" register: distro - always_run: yes + check_mode: no - name: Init the is_coreos fact set_fact: @@ -61,7 +61,7 @@ stat: path=/usr/bin/rpm register: s changed_when: false - always_run: yes + check_mode: no - name: Init the has_rpm fact set_fact: diff --git a/roles/contiv_facts/tasks/rpm.yml b/roles/contiv_facts/tasks/rpm.yml index d2f66dac5..07401a6dd 100644 --- a/roles/contiv_facts/tasks/rpm.yml +++ b/roles/contiv_facts/tasks/rpm.yml @@ -4,7 +4,7 @@ register: s changed_when: false failed_when: false - always_run: yes + check_mode: no - name: Set the has_firewalld fact set_fact: @@ -16,7 +16,7 @@ register: s changed_when: false failed_when: false - always_run: yes + check_mode: no - name: Set the has_iptables fact set_fact: diff --git a/roles/etcd_migrate/tasks/check.yml b/roles/etcd_migrate/tasks/check.yml index 800073873..b66696b55 100644 --- a/roles/etcd_migrate/tasks/check.yml +++ b/roles/etcd_migrate/tasks/check.yml @@ -1,4 +1,8 @@ --- +- fail: + msg: "Currently etcd v3 migration is unsupported while we test it more thoroughly" + when: not openshift_enable_unsupported_configurations | default(false) | bool + # Check the cluster is healthy - include: check_cluster_health.yml diff --git a/roles/lib_openshift/library/oc_storageclass.py b/roles/lib_openshift/library/oc_storageclass.py index d5375e27a..686119c65 100644 --- a/roles/lib_openshift/library/oc_storageclass.py +++ b/roles/lib_openshift/library/oc_storageclass.py @@ -1427,7 +1427,7 @@ class StorageClassConfig(object): # pylint: disable=too-many-arguments def __init__(self, name, - provisioner=None, + provisioner, parameters=None, annotations=None, default_storage_class="false", @@ -1459,10 +1459,7 @@ class StorageClassConfig(object): self.data['metadata']['annotations']['storageclass.beta.kubernetes.io/is-default-class'] = \ self.default_storage_class - if self.provisioner is None: - self.data['provisioner'] = 'kubernetes.io/aws-ebs' - else: - self.data['provisioner'] = self.provisioner + self.data['provisioner'] = self.provisioner self.data['parameters'] = {} if self.parameters is not None: @@ -1668,7 +1665,7 @@ def main(): name=dict(default=None, type='str'), annotations=dict(default=None, type='dict'), parameters=dict(default=None, type='dict'), - provisioner=dict(default='aws-ebs', type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']), + provisioner=dict(required=True, type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']), api_version=dict(default='v1', type='str'), default_storage_class=dict(default="false", type='str'), ), diff --git a/roles/lib_openshift/src/ansible/oc_storageclass.py b/roles/lib_openshift/src/ansible/oc_storageclass.py index 2bd8f18d5..e9f3ebbd3 100644 --- a/roles/lib_openshift/src/ansible/oc_storageclass.py +++ b/roles/lib_openshift/src/ansible/oc_storageclass.py @@ -14,7 +14,7 @@ def main(): name=dict(default=None, type='str'), annotations=dict(default=None, type='dict'), parameters=dict(default=None, type='dict'), - provisioner=dict(default='aws-ebs', type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']), + provisioner=dict(required=True, type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']), api_version=dict(default='v1', type='str'), default_storage_class=dict(default="false", type='str'), ), diff --git a/roles/lib_openshift/src/lib/storageclass.py b/roles/lib_openshift/src/lib/storageclass.py index ef12a8d2d..c49a3066a 100644 --- a/roles/lib_openshift/src/lib/storageclass.py +++ b/roles/lib_openshift/src/lib/storageclass.py @@ -8,7 +8,7 @@ class StorageClassConfig(object): # pylint: disable=too-many-arguments def __init__(self, name, - provisioner=None, + provisioner, parameters=None, annotations=None, default_storage_class="false", @@ -40,10 +40,7 @@ class StorageClassConfig(object): self.data['metadata']['annotations']['storageclass.beta.kubernetes.io/is-default-class'] = \ self.default_storage_class - if self.provisioner is None: - self.data['provisioner'] = 'kubernetes.io/aws-ebs' - else: - self.data['provisioner'] = self.provisioner + self.data['provisioner'] = self.provisioner self.data['parameters'] = {} if self.parameters is not None: diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 49cc51b48..42c4945b4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -2222,14 +2222,10 @@ class OpenShiftFacts(object): product_version = self.system_facts['ansible_product_version'] virt_type = self.system_facts['ansible_virtualization_type'] virt_role = self.system_facts['ansible_virtualization_role'] + bios_vendor = self.system_facts['ansible_system_vendor'] provider = None metadata = None - # TODO: this is not exposed through module_utils/facts.py in ansible, - # need to create PR for ansible to expose it - bios_vendor = get_file_content( # noqa: F405 - '/sys/devices/virtual/dmi/id/bios_vendor' - ) if bios_vendor == 'Google': provider = 'gce' metadata_url = ('http://metadata.google.internal/' diff --git a/roles/openshift_health_checker/action_plugins/openshift_health_check.py b/roles/openshift_health_checker/action_plugins/openshift_health_check.py index 581dd7d15..23da53940 100644 --- a/roles/openshift_health_checker/action_plugins/openshift_health_check.py +++ b/roles/openshift_health_checker/action_plugins/openshift_health_check.py @@ -13,6 +13,7 @@ except ImportError: display = Display() from ansible.plugins.action import ActionBase +from ansible.module_utils.six import string_types # Augment sys.path so that we can import checks from a directory relative to # this callback plugin. @@ -39,7 +40,8 @@ class ActionModule(ActionBase): try: known_checks = self.load_known_checks(tmp, task_vars) args = self._task.args - resolved_checks = resolve_checks(args.get("checks", []), known_checks.values()) + requested_checks = normalize(args.get('checks', [])) + resolved_checks = resolve_checks(requested_checks, known_checks.values()) except OpenShiftCheckException as e: result["failed"] = True result["msg"] = str(e) @@ -47,10 +49,7 @@ class ActionModule(ActionBase): result["checks"] = check_results = {} - user_disabled_checks = [ - check.strip() - for check in task_vars.get("openshift_disable_check", "").split(",") - ] + user_disabled_checks = normalize(task_vars.get('openshift_disable_check', [])) for check_name in resolved_checks: display.banner("CHECK [{} : {}]".format(check_name, task_vars["ansible_host"])) @@ -134,3 +133,14 @@ def resolve_checks(names, all_checks): resolved.update(tag_to_checks[tag]) return resolved + + +def normalize(checks): + """Return a clean list of check names. + + The input may be a comma-separated string or a sequence. Leading and + trailing whitespace characters are removed. Empty items are discarded. + """ + if isinstance(checks, string_types): + checks = checks.split(',') + return [name.strip() for name in checks if name.strip()] diff --git a/roles/openshift_health_checker/openshift_checks/logging/logging.py b/roles/openshift_health_checker/openshift_checks/logging/logging.py index a48e1c728..43ba6c406 100644 --- a/roles/openshift_health_checker/openshift_checks/logging/logging.py +++ b/roles/openshift_health_checker/openshift_checks/logging/logging.py @@ -11,6 +11,9 @@ from openshift_checks import OpenShiftCheck, OpenShiftCheckException class LoggingCheck(OpenShiftCheck): """Base class for OpenShift aggregated logging component checks""" + # FIXME: this should not be listed as a check, since it is not meant to be + # run by itself. + name = "logging" logging_namespace = "logging" @@ -27,7 +30,7 @@ class LoggingCheck(OpenShiftCheck): return masters[0] == hostname def run(self): - pass + return {} def get_pods_for_component(self, namespace, logging_component): """Get all pods for a given component. Returns: list of pods for component, error string""" diff --git a/roles/openshift_logging_curator/tasks/main.yaml b/roles/openshift_logging_curator/tasks/main.yaml index ae7e48caa..3113fb3c9 100644 --- a/roles/openshift_logging_curator/tasks/main.yaml +++ b/roles/openshift_logging_curator/tasks/main.yaml @@ -91,7 +91,7 @@ es_port: "{{ openshift_logging_curator_es_port }}" curator_cpu_limit: "{{ openshift_logging_curator_cpu_limit }}" curator_memory_limit: "{{ openshift_logging_curator_memory_limit }}" - replicas: "{{ openshift_logging_curator_replicas | default (1) }}" + curator_replicas: "{{ openshift_logging_curator_replicas | default (1) }}" curator_node_selector: "{{openshift_logging_curator_nodeselector | default({})}}" check_mode: no changed_when: no diff --git a/roles/openshift_logging_curator/templates/curator.j2 b/roles/openshift_logging_curator/templates/curator.j2 index 1bf9b9de2..6431f86d9 100644 --- a/roles/openshift_logging_curator/templates/curator.j2 +++ b/roles/openshift_logging_curator/templates/curator.j2 @@ -7,7 +7,7 @@ metadata: component: "{{component}}" logging-infra: "{{logging_component}}" spec: - replicas: {{replicas|default(1)}} + replicas: {{curator_replicas|default(1)}} selector: provider: openshift component: "{{component}}" diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml index 532f4a85d..0548e3c40 100644 --- a/roles/openshift_logging_elasticsearch/tasks/main.yaml +++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml @@ -257,7 +257,7 @@ es_memory_limit: "{{ openshift_logging_elasticsearch_memory_limit }}" es_node_selector: "{{ openshift_logging_elasticsearch_nodeselector | default({}) }}" deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}" - replicas: 1 + es_replicas: 1 - name: Set ES dc oc_obj: diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2 index 7424db6f6..cbe6b89f2 100644 --- a/roles/openshift_logging_elasticsearch/templates/es.j2 +++ b/roles/openshift_logging_elasticsearch/templates/es.j2 @@ -8,7 +8,7 @@ metadata: deployment: "{{deploy_name}}" logging-infra: "{{logging_component}}" spec: - replicas: {{replicas|default(1)}} + replicas: {{es_replicas|default(1)}} selector: provider: openshift component: "{{component}}" @@ -78,7 +78,7 @@ spec: name: "INSTANCE_RAM" value: "{{openshift_logging_elasticsearch_memory_limit}}" - - name: "HEAP_DUMP_LOCATION" + name: "HEAP_DUMP_LOCATION" value: "/elasticsearch/persistent/heapdump.hprof" - name: "NODE_QUORUM" diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml index 93cb82793..62bc26e37 100644 --- a/roles/openshift_logging_kibana/tasks/main.yaml +++ b/roles/openshift_logging_kibana/tasks/main.yaml @@ -233,7 +233,7 @@ kibana_memory_limit: "{{ openshift_logging_kibana_memory_limit }}" kibana_proxy_cpu_limit: "{{ openshift_logging_kibana_proxy_cpu_limit }}" kibana_proxy_memory_limit: "{{ openshift_logging_kibana_proxy_memory_limit }}" - replicas: "{{ openshift_logging_kibana_replicas | default (1) }}" + kibana_replicas: "{{ openshift_logging_kibana_replicas | default (1) }}" kibana_node_selector: "{{ openshift_logging_kibana_nodeselector | default({}) }}" - name: Set Kibana DC diff --git a/roles/openshift_logging_kibana/templates/kibana.j2 b/roles/openshift_logging_kibana/templates/kibana.j2 index f8043812b..512d99d06 100644 --- a/roles/openshift_logging_kibana/templates/kibana.j2 +++ b/roles/openshift_logging_kibana/templates/kibana.j2 @@ -7,7 +7,7 @@ metadata: component: "{{ component }}" logging-infra: "{{ logging_component }}" spec: - replicas: {{ replicas | default(1) }} + replicas: {{ kibana_replicas | default(1) }} selector: provider: openshift component: "{{ component }}" diff --git a/roles/openshift_logging_mux/tasks/main.yaml b/roles/openshift_logging_mux/tasks/main.yaml index 54af40070..02815806a 100644 --- a/roles/openshift_logging_mux/tasks/main.yaml +++ b/roles/openshift_logging_mux/tasks/main.yaml @@ -172,7 +172,7 @@ ops_port: "{{ openshift_logging_mux_ops_port }}" mux_cpu_limit: "{{ openshift_logging_mux_cpu_limit }}" mux_memory_limit: "{{ openshift_logging_mux_memory_limit }}" - replicas: "{{ openshift_logging_mux_replicas | default(1) }}" + mux_replicas: "{{ openshift_logging_mux_replicas | default(1) }}" mux_node_selector: "{{ openshift_logging_mux_nodeselector | default({}) }}" check_mode: no changed_when: no diff --git a/roles/openshift_logging_mux/templates/mux.j2 b/roles/openshift_logging_mux/templates/mux.j2 index 226294847..2b3b64bb8 100644 --- a/roles/openshift_logging_mux/templates/mux.j2 +++ b/roles/openshift_logging_mux/templates/mux.j2 @@ -7,7 +7,7 @@ metadata: component: "{{component}}" logging-infra: "{{logging_component}}" spec: - replicas: {{replicas|default(1)}} + replicas: {{mux_replicas|default(1)}} selector: provider: openshift component: "{{component}}" diff --git a/roles/openshift_node_upgrade/handlers/main.yml b/roles/openshift_node_upgrade/handlers/main.yml index f26f5d573..d31b899cf 100644 --- a/roles/openshift_node_upgrade/handlers/main.yml +++ b/roles/openshift_node_upgrade/handlers/main.yml @@ -29,3 +29,8 @@ when: - (not skip_node_svc_handlers | default(False) | bool) - not (node_service_status_changed | default(false) | bool) + +# TODO(jchaloup): once it is verified the systemd module works as expected +# switch to it: http://docs.ansible.com/ansible/latest/systemd_module.html +- name: reload systemd units + command: systemctl daemon-reload diff --git a/roles/openshift_node_upgrade/tasks/systemd_units.yml b/roles/openshift_node_upgrade/tasks/systemd_units.yml index e8f017445..9b3805eea 100644 --- a/roles/openshift_node_upgrade/tasks/systemd_units.yml +++ b/roles/openshift_node_upgrade/tasks/systemd_units.yml @@ -22,23 +22,27 @@ template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service" src: openshift.docker.node.dep.service - register: install_node_dep_result when: openshift.common.is_containerized | bool + notify: + - reload systemd units + - restart node - name: Install Node docker service file template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" src: openshift.docker.node.service - register: install_node_result when: openshift.common.is_containerized | bool + notify: + - reload systemd units + - restart node - name: Create the openvswitch service env file template: src: openvswitch.sysconfig.j2 dest: /etc/sysconfig/openvswitch when: openshift.common.is_containerized | bool - register: install_ovs_sysconfig notify: + - reload systemd units - restart openvswitch # May be a temporary workaround. @@ -52,8 +56,8 @@ dest: "/etc/systemd/system/openvswitch.service.d/01-avoid-oom.conf" src: openvswitch-avoid-oom.conf when: openshift.common.use_openshift_sdn | default(true) | bool - register: install_oom_fix_result notify: + - reload systemd units - restart openvswitch - name: Install OpenvSwitch docker service file @@ -62,6 +66,7 @@ src: openvswitch.docker.service when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | default(true) | bool notify: + - reload systemd units - restart openvswitch - name: Configure Node settings @@ -96,9 +101,3 @@ when: ('http_proxy' in openshift.common and openshift.common.http_proxy != '') notify: - restart node - -- name: Reload systemd units - command: systemctl daemon-reload - when: (openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed)) or install_oom_fix_result | changed - notify: - - restart node diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml index a846889ca..8661f33a1 100644 --- a/roles/openshift_storage_glusterfs/defaults/main.yml +++ b/roles/openshift_storage_glusterfs/defaults/main.yml @@ -1,6 +1,6 @@ --- openshift_storage_glusterfs_timeout: 300 -openshift_storage_glusterfs_namespace: 'glusterfs' +openshift_storage_glusterfs_namespace: "{{ 'glusterfs' | quote if glusterfs_is_native or glusterfs_heketi_is_native else 'default' | quote }}" openshift_storage_glusterfs_is_native: True openshift_storage_glusterfs_name: 'storage' openshift_storage_glusterfs_nodeselector: "glusterfs={{ openshift_storage_glusterfs_name }}-host" |