From 9cd8ad65fea0b637a4fbf709f419f9c11785c3e9 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 10 Jul 2015 11:48:41 -0400 Subject: Adding ansible upstream sequence plugin to work around the bug in 1.9.2 --- playbooks/aws/openshift-cluster/lookup_plugins | 1 + playbooks/byo/lookup_plugins | 1 + playbooks/byo/openshift-master/lookup_plugins | 1 + playbooks/byo/openshift-node/lookup_plugins | 1 + playbooks/common/openshift-cluster/lookup_plugins | 1 + playbooks/common/openshift-master/lookup_plugins | 1 + playbooks/common/openshift-node/lookup_plugins | 1 + playbooks/gce/openshift-cluster/lookup_plugins | 1 + 8 files changed, 8 insertions(+) create mode 120000 playbooks/aws/openshift-cluster/lookup_plugins create mode 120000 playbooks/byo/lookup_plugins create mode 120000 playbooks/byo/openshift-master/lookup_plugins create mode 120000 playbooks/byo/openshift-node/lookup_plugins create mode 120000 playbooks/common/openshift-cluster/lookup_plugins create mode 120000 playbooks/common/openshift-master/lookup_plugins create mode 120000 playbooks/common/openshift-node/lookup_plugins create mode 120000 playbooks/gce/openshift-cluster/lookup_plugins (limited to 'playbooks') diff --git a/playbooks/aws/openshift-cluster/lookup_plugins b/playbooks/aws/openshift-cluster/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/aws/openshift-cluster/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/lookup_plugins b/playbooks/byo/lookup_plugins new file mode 120000 index 000000000..c528bcd1d --- /dev/null +++ b/playbooks/byo/lookup_plugins @@ -0,0 +1 @@ +../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-master/lookup_plugins b/playbooks/byo/openshift-master/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/byo/openshift-master/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-node/lookup_plugins b/playbooks/byo/openshift-node/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/byo/openshift-node/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/lookup_plugins b/playbooks/common/openshift-cluster/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-cluster/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-master/lookup_plugins b/playbooks/common/openshift-master/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-master/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-node/lookup_plugins b/playbooks/common/openshift-node/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-node/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/gce/openshift-cluster/lookup_plugins b/playbooks/gce/openshift-cluster/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/gce/openshift-cluster/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file -- cgit v1.2.3 From f08e64ac98a62863dfd7b7802338a0a7f4770188 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 10 Jul 2015 13:50:03 -0400 Subject: Remove outdated playbooks - Remove aws openshift-node and openshift-master playbooks - Rmove gce openshift-node and openshift-master playbooks - Consolidate aws terminate playbooks --- playbooks/aws/openshift-cluster/terminate.yml | 51 ++++++++++++++++++- playbooks/aws/openshift-master/config.yml | 19 ------- playbooks/aws/openshift-master/filter_plugins | 1 - playbooks/aws/openshift-master/launch.yml | 70 -------------------------- playbooks/aws/openshift-master/roles | 1 - playbooks/aws/openshift-master/terminate.yml | 2 - playbooks/aws/openshift-node/config.yml | 26 ---------- playbooks/aws/openshift-node/filter_plugins | 1 - playbooks/aws/openshift-node/launch.yml | 72 --------------------------- playbooks/aws/openshift-node/roles | 1 - playbooks/aws/openshift-node/terminate.yml | 2 - playbooks/aws/terminate.yml | 64 ------------------------ playbooks/gce/openshift-master/config.yml | 18 ------- playbooks/gce/openshift-master/filter_plugins | 1 - playbooks/gce/openshift-master/launch.yml | 51 ------------------- playbooks/gce/openshift-master/roles | 1 - playbooks/gce/openshift-master/terminate.yml | 35 ------------- playbooks/gce/openshift-node/config.yml | 25 ---------- playbooks/gce/openshift-node/filter_plugins | 1 - playbooks/gce/openshift-node/launch.yml | 51 ------------------- playbooks/gce/openshift-node/roles | 1 - playbooks/gce/openshift-node/terminate.yml | 35 ------------- 22 files changed, 50 insertions(+), 479 deletions(-) delete mode 100644 playbooks/aws/openshift-master/config.yml delete mode 120000 playbooks/aws/openshift-master/filter_plugins delete mode 100644 playbooks/aws/openshift-master/launch.yml delete mode 120000 playbooks/aws/openshift-master/roles delete mode 100644 playbooks/aws/openshift-master/terminate.yml delete mode 100644 playbooks/aws/openshift-node/config.yml delete mode 120000 playbooks/aws/openshift-node/filter_plugins delete mode 100644 playbooks/aws/openshift-node/launch.yml delete mode 120000 playbooks/aws/openshift-node/roles delete mode 100644 playbooks/aws/openshift-node/terminate.yml delete mode 100644 playbooks/aws/terminate.yml delete mode 100644 playbooks/gce/openshift-master/config.yml delete mode 120000 playbooks/gce/openshift-master/filter_plugins delete mode 100644 playbooks/gce/openshift-master/launch.yml delete mode 120000 playbooks/gce/openshift-master/roles delete mode 100644 playbooks/gce/openshift-master/terminate.yml delete mode 100644 playbooks/gce/openshift-node/config.yml delete mode 120000 playbooks/gce/openshift-node/filter_plugins delete mode 100644 playbooks/gce/openshift-node/launch.yml delete mode 120000 playbooks/gce/openshift-node/roles delete mode 100644 playbooks/gce/openshift-node/terminate.yml (limited to 'playbooks') diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml index 617d0d456..361ab2d37 100644 --- a/playbooks/aws/openshift-cluster/terminate.yml +++ b/playbooks/aws/openshift-cluster/terminate.yml @@ -13,4 +13,53 @@ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" with_items: groups[scratch_group] | default([]) | difference(['localhost']) -- include: ../terminate.yml +- name: Terminate instances + hosts: localhost + connection: local + gather_facts: no + vars: + host_vars: "{{ hostvars + | oo_select_keys(groups['oo_hosts_to_terminate']) }}" + tasks: + - name: Remove tags from instances + ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent + args: + tags: + env: "{{ item['ec2_tag_env'] }}" + host-type: "{{ item['ec2_tag_host-type'] }}" + env-host-type: "{{ item['ec2_tag_env-host-type'] }}" + with_items: host_vars + when: "'oo_hosts_to_terminate' in groups" + + - name: Terminate instances + ec2: + state: absent + instance_ids: ["{{ item.ec2_id }}"] + region: "{{ item.ec2_region }}" + ignore_errors: yes + register: ec2_term + with_items: host_vars + when: "'oo_hosts_to_terminate' in groups" + + # Fail if any of the instances failed to terminate with an error other + # than 403 Forbidden + - fail: msg=Terminating instance {{ item.item.ec2_id }} failed with message {{ item.msg }} + when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" + with_items: ec2_term.results + + - name: Stop instance if termination failed + ec2: + state: stopped + instance_ids: ["{{ item.item.ec2_id }}"] + region: "{{ item.item.ec2_region }}" + register: ec2_stop + when: "'oo_hosts_to_terminate' in groups and item.failed" + with_items: ec2_term.results + + - name: Rename stopped instances + ec2_tag: resource={{ item.item.item.ec2_id }} region={{ item.item.item.ec2_region }} state=present + args: + tags: + Name: "{{ item.item.item.ec2_tag_Name }}-terminate" + with_items: ec2_stop.results + when: "'oo_hosts_to_terminate' in groups" diff --git a/playbooks/aws/openshift-master/config.yml b/playbooks/aws/openshift-master/config.yml deleted file mode 100644 index 37ab4fbe6..000000000 --- a/playbooks/aws/openshift-master/config.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Populate oo_masters_to_config host group - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - groups: oo_masters_to_config - ansible_ssh_user: root - with_items: oo_host_group_exp | default([]) - -- include: ../../common/openshift-master/config.yml - vars: - openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" - openshift_hostname: "{{ ec2_private_ip_address }}" - openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-master/filter_plugins b/playbooks/aws/openshift-master/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/aws/openshift-master/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/aws/openshift-master/launch.yml b/playbooks/aws/openshift-master/launch.yml deleted file mode 100644 index 1cefad492..000000000 --- a/playbooks/aws/openshift-master/launch.yml +++ /dev/null @@ -1,70 +0,0 @@ ---- -- name: Launch instance(s) - hosts: localhost - connection: local - gather_facts: no - -# TODO: modify g_ami based on deployment_type - vars: - inst_region: us-east-1 - g_ami: ami-86781fee - user_data_file: user_data.txt - - tasks: - - name: Launch instances - ec2: - state: present - region: "{{ inst_region }}" - keypair: libra - group: ['public'] - instance_type: m3.large - image: "{{ g_ami }}" - count: "{{ oo_new_inst_names | length }}" - user_data: "{{ lookup('file', user_data_file) }}" - wait: yes - register: ec2 - - - name: Add new instances public IPs to the host group - add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances" - with_items: ec2.instances - - - name: Add Name and environment tags to instances - ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present" - with_together: - - oo_new_inst_names - - ec2.instances - args: - tags: - Name: "{{ item.0 }}" - - - name: Add other tags to instances - ec2_tag: resource={{ item.id }} region={{ inst_region }} state=present - with_items: ec2.instances - args: - tags: "{{ oo_new_inst_tags }}" - - - name: Add new instances public IPs to oo_masters_to_config - add_host: - hostname: "{{ item.0 }}" - ansible_ssh_host: "{{ item.1.dns_name }}" - groupname: oo_masters_to_config - ec2_private_ip_address: "{{ item.1.private_ip }}" - ec2_ip_address: "{{ item.1.public_ip }}" - with_together: - - oo_new_inst_names - - ec2.instances - - - name: Wait for ssh - wait_for: port=22 host={{ item.dns_name }} - with_items: ec2.instances - - - name: Wait for root user setup - command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.dns_name }} echo root user is setup" - register: result - until: result.rc == 0 - retries: 20 - delay: 10 - with_items: ec2.instances - -# Apply the configs, seprate so that just the configs can be run by themselves -- include: config.yml diff --git a/playbooks/aws/openshift-master/roles b/playbooks/aws/openshift-master/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/aws/openshift-master/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/aws/openshift-master/terminate.yml b/playbooks/aws/openshift-master/terminate.yml deleted file mode 100644 index 07d9961bc..000000000 --- a/playbooks/aws/openshift-master/terminate.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include: ../terminate.yml diff --git a/playbooks/aws/openshift-node/config.yml b/playbooks/aws/openshift-node/config.yml deleted file mode 100644 index a993a1e99..000000000 --- a/playbooks/aws/openshift-node/config.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- name: Populate oo_nodes_to_config and oo_first_master host groups - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - groups: oo_nodes_to_config - ansible_ssh_user: root - with_items: oo_host_group_exp | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type_' ~ cluster_id ~ '-openshift-master'][0] }}" - groups: oo_first_master - ansible_ssh_user: root - - -- include: ../../common/openshift-node/config.yml - vars: - openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" - openshift_hostname: "{{ ec2_private_ip_address }}" - openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-node/filter_plugins b/playbooks/aws/openshift-node/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/aws/openshift-node/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/aws/openshift-node/launch.yml b/playbooks/aws/openshift-node/launch.yml deleted file mode 100644 index e7d1f7310..000000000 --- a/playbooks/aws/openshift-node/launch.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -- name: Launch instance(s) - hosts: localhost - connection: local - gather_facts: no - -# TODO: modify g_ami based on deployment_type - vars: - inst_region: us-east-1 - g_ami: ami-86781fee - user_data_file: user_data.txt - - tasks: - - name: Launch instances - ec2: - state: present - region: "{{ inst_region }}" - keypair: libra - group: ['public'] - instance_type: m3.large - image: "{{ g_ami }}" - count: "{{ oo_new_inst_names | length }}" - user_data: "{{ lookup('file', user_data_file) }}" - wait: yes - register: ec2 - - - name: Add new instances public IPs to the host group - add_host: - hostname: "{{ item.public_ip }}" - groupname: new_ec2_instances" - with_items: ec2.instances - - - name: Add Name and environment tags to instances - ec2_tag: resource={{ item.1.id }} region={{ inst_region }} state=present - with_together: - - oo_new_inst_names - - ec2.instances - args: - tags: - Name: "{{ item.0 }}" - - - name: Add other tags to instances - ec2_tag: resource={{ item.id }} region={{ inst_region }} state=present - with_items: ec2.instances - args: - tags: "{{ oo_new_inst_tags }}" - - - name: Add new instances public IPs to oo_nodes_to_config - add_host: - hostname: "{{ item.0 }}" - ansible_ssh_host: "{{ item.1.dns_name }}" - groupname: oo_nodes_to_config - ec2_private_ip_address: "{{ item.1.private_ip }}" - ec2_ip_address: "{{ item.1.public_ip }}" - with_together: - - oo_new_inst_names - - ec2.instances - - - name: Wait for ssh - wait_for: port=22 host={{ item.dns_name }} - with_items: ec2.instances - - - name: Wait for root user setup - command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.dns_name }} echo root user is setup" - register: result - until: result.rc == 0 - retries: 20 - delay: 10 - with_items: ec2.instances - -# Apply the configs, seprate so that just the configs can be run by themselves -- include: config.yml diff --git a/playbooks/aws/openshift-node/roles b/playbooks/aws/openshift-node/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/aws/openshift-node/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/aws/openshift-node/terminate.yml b/playbooks/aws/openshift-node/terminate.yml deleted file mode 100644 index 07d9961bc..000000000 --- a/playbooks/aws/openshift-node/terminate.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include: ../terminate.yml diff --git a/playbooks/aws/terminate.yml b/playbooks/aws/terminate.yml deleted file mode 100644 index e9767b260..000000000 --- a/playbooks/aws/terminate.yml +++ /dev/null @@ -1,64 +0,0 @@ ---- -- name: Populate oo_hosts_to_terminate host group - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_hosts_to_terminate - add_host: name={{ item }} groups=oo_hosts_to_terminate - with_items: oo_host_group_exp | default([]) - -- name: Gather dynamic inventory variables for hosts to terminate - hosts: oo_hosts_to_terminate - gather_facts: no - -- name: Terminate instances - hosts: localhost - connection: local - gather_facts: no - vars: - host_vars: "{{ hostvars - | oo_select_keys(groups['oo_hosts_to_terminate']) }}" - tasks: - - name: Remove tags from instances - ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent - args: - tags: - env: "{{ item['ec2_tag_env'] }}" - host-type: "{{ item['ec2_tag_host-type'] }}" - env-host-type: "{{ item['ec2_tag_env-host-type'] }}" - with_items: host_vars - when: "'oo_hosts_to_terminate' in groups" - - - name: Terminate instances - ec2: - state: absent - instance_ids: ["{{ item.ec2_id }}"] - region: "{{ item.ec2_region }}" - ignore_errors: yes - register: ec2_term - with_items: host_vars - when: "'oo_hosts_to_terminate' in groups" - - # Fail if any of the instances failed to terminate with an error other - # than 403 Forbidden - - fail: msg=Terminating instance {{ item.item.ec2_id }} failed with message {{ item.msg }} - when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" - with_items: ec2_term.results - - - name: Stop instance if termination failed - ec2: - state: stopped - instance_ids: ["{{ item.item.ec2_id }}"] - region: "{{ item.item.ec2_region }}" - register: ec2_stop - when: item.failed - with_items: ec2_term.results - when: "'oo_hosts_to_terminate' in groups" - - - name: Rename stopped instances - ec2_tag: resource={{ item.item.item.ec2_id }} region={{ item.item.item.ec2_region }} state=present - args: - tags: - Name: "{{ item.item.item.ec2_tag_Name }}-terminate" - with_items: ec2_stop.results - when: "'oo_hosts_to_terminate' in groups" diff --git a/playbooks/gce/openshift-master/config.yml b/playbooks/gce/openshift-master/config.yml deleted file mode 100644 index af6000bc8..000000000 --- a/playbooks/gce/openshift-master/config.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Populate oo_masters_to_config host group - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - groups: oo_masters_to_config - ansible_ssh_user: root - with_items: oo_host_group_exp | default([]) - -- include: ../../common/openshift-master/config.yml - vars: - openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" - openshift_hostname: "{{ gce_private_ip }}" diff --git a/playbooks/gce/openshift-master/filter_plugins b/playbooks/gce/openshift-master/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/gce/openshift-master/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/gce/openshift-master/launch.yml b/playbooks/gce/openshift-master/launch.yml deleted file mode 100644 index ef10b6cf0..000000000 --- a/playbooks/gce/openshift-master/launch.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# TODO: when we are ready to go to ansible 1.9+ support only, we can update to -# the gce task to use the disk_auto_delete parameter to avoid having to delete -# the disk as a separate step on termination - -- name: Launch instance(s) - hosts: localhost - connection: local - gather_facts: no - -# TODO: modify image based on deployment_type - vars: - inst_names: "{{ oo_new_inst_names }}" - machine_type: n1-standard-1 - image: libra-rhel7 - - tasks: - - name: Launch instances - gce: - instance_names: "{{ inst_names }}" - machine_type: "{{ machine_type }}" - image: "{{ image }}" - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - tags: "{{ oo_new_inst_tags }}" - register: gce - - - name: Add new instances public IPs to oo_masters_to_config - add_host: - hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.public_ip }}" - groupname: oo_masters_to_config - gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data - - - name: Wait for ssh - wait_for: port=22 host={{ item.public_ip }} - with_items: gce.instance_data - - - name: Wait for root user setup - command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup" - register: result - until: result.rc == 0 - retries: 20 - delay: 10 - with_items: gce.instance_data - - -# Apply the configs, separate so that just the configs can be run by themselves -- include: config.yml diff --git a/playbooks/gce/openshift-master/roles b/playbooks/gce/openshift-master/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/gce/openshift-master/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/gce/openshift-master/terminate.yml b/playbooks/gce/openshift-master/terminate.yml deleted file mode 100644 index 452ac5199..000000000 --- a/playbooks/gce/openshift-master/terminate.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- name: Populate oo_masters_to_terminate host group if needed - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_masters_to_terminate - add_host: name={{ item }} groups=oo_masters_to_terminate - with_items: oo_host_group_exp | default([]) - -- name: Terminate master instances - hosts: localhost - connection: local - gather_facts: no - tasks: - - name: Terminate master instances - gce: - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - state: 'absent' - instance_names: "{{ groups['oo_masters_to_terminate'] }}" - disks: "{{ groups['oo_masters_to_terminate'] }}" - register: gce - when: "'oo_masters_to_terminate' in groups" - - - name: Remove disks of instances - gce_pd: - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - name: "{{ item }}" - zone: "{{ gce.zone }}" - state: absent - with_items: gce.instance_names - when: "'oo_masters_to_terminate' in groups" diff --git a/playbooks/gce/openshift-node/config.yml b/playbooks/gce/openshift-node/config.yml deleted file mode 100644 index 54b0da2ca..000000000 --- a/playbooks/gce/openshift-node/config.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Populate oo_nodes_to_config and oo_first_master host groups - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - groups: oo_nodes_to_config - ansible_ssh_user: root - with_items: oo_host_group_exp | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" - groups: oo_first_master - ansible_ssh_user: root - - -- include: ../../common/openshift-node/config.yml - vars: - openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" - openshift_hostname: "{{ gce_private_ip }}" diff --git a/playbooks/gce/openshift-node/filter_plugins b/playbooks/gce/openshift-node/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/gce/openshift-node/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/gce/openshift-node/launch.yml b/playbooks/gce/openshift-node/launch.yml deleted file mode 100644 index 086ba58bc..000000000 --- a/playbooks/gce/openshift-node/launch.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# TODO: when we are ready to go to ansible 1.9+ support only, we can update to -# the gce task to use the disk_auto_delete parameter to avoid having to delete -# the disk as a separate step on termination - -- name: Launch instance(s) - hosts: localhost - connection: local - gather_facts: no - -# TODO: modify image based on deployment_type - vars: - inst_names: "{{ oo_new_inst_names }}" - machine_type: n1-standard-1 - image: libra-rhel7 - - tasks: - - name: Launch instances - gce: - instance_names: "{{ inst_names }}" - machine_type: "{{ machine_type }}" - image: "{{ image }}" - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - tags: "{{ oo_new_inst_tags }}" - register: gce - - - name: Add new instances public IPs to oo_nodes_to_config - add_host: - hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.public_ip }}" - groupname: oo_nodes_to_config - gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data - - - name: Wait for ssh - wait_for: port=22 host={{ item.public_ip }} - with_items: gce.instance_data - - - name: Wait for root user setup - command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup" - register: result - until: result.rc == 0 - retries: 20 - delay: 10 - with_items: gce.instance_data - - -# Apply the configs, separate so that just the configs can be run by themselves -- include: config.yml diff --git a/playbooks/gce/openshift-node/roles b/playbooks/gce/openshift-node/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/gce/openshift-node/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/gce/openshift-node/terminate.yml b/playbooks/gce/openshift-node/terminate.yml deleted file mode 100644 index 357e0c295..000000000 --- a/playbooks/gce/openshift-node/terminate.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- name: Populate oo_nodes_to_terminate host group if needed - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_nodes_to_terminate - add_host: name={{ item }} groups=oo_nodes_to_terminate - with_items: oo_host_group_exp | default([]) - -- name: Terminate node instances - hosts: localhost - connection: local - gather_facts: no - tasks: - - name: Terminate node instances - gce: - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - state: 'absent' - instance_names: "{{ groups['oo_nodes_to_terminate'] }}" - disks: "{{ groups['oo_nodes_to_terminate'] }}" - register: gce - when: "'oo_nodes_to_terminate' in groups" - - - name: Remove disks of instances - gce_pd: - service_account_email: "{{ gce_service_account_email }}" - pem_file: "{{ gce_pem_file }}" - project_id: "{{ gce_project_id }}" - name: "{{ item }}" - zone: "{{ gce.zone }}" - state: absent - with_items: gce.instance_names - when: "'oo_nodes_to_terminate' in groups" -- cgit v1.2.3 From e7082b9870bdf4cc0769645f4fae3bccc3efdee4 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Fri, 12 Jun 2015 14:52:03 -0400 Subject: Add etcd role that builds out basic etcd cluster - Add initial etcd role - Add etcd playbook to create etcd client certs - Hookup master to etcd --- playbooks/byo/config.yml | 4 + playbooks/byo/etcd/config.yml | 7 ++ playbooks/byo/etcd/filter_plugins | 1 + playbooks/byo/etcd/roles | 1 + playbooks/byo/openshift-etcd/config.yml | 20 +++++ playbooks/byo/openshift-etcd/filter_plugins | 1 + playbooks/byo/openshift-etcd/roles | 1 + playbooks/common/openshift-etcd/config.yml | 106 +++++++++++++++++++++++++ playbooks/common/openshift-etcd/filter_plugins | 1 + playbooks/common/openshift-etcd/roles | 1 + 10 files changed, 143 insertions(+) create mode 100644 playbooks/byo/etcd/config.yml create mode 120000 playbooks/byo/etcd/filter_plugins create mode 120000 playbooks/byo/etcd/roles create mode 100644 playbooks/byo/openshift-etcd/config.yml create mode 120000 playbooks/byo/openshift-etcd/filter_plugins create mode 120000 playbooks/byo/openshift-etcd/roles create mode 100644 playbooks/common/openshift-etcd/config.yml create mode 120000 playbooks/common/openshift-etcd/filter_plugins create mode 120000 playbooks/common/openshift-etcd/roles (limited to 'playbooks') diff --git a/playbooks/byo/config.yml b/playbooks/byo/config.yml index e059514db..092eb9978 100644 --- a/playbooks/byo/config.yml +++ b/playbooks/byo/config.yml @@ -3,6 +3,10 @@ include: openshift-master/config.yml when: groups.masters is defined and groups.masters +- name: Run the openshift-etcd playbook + include: openshift-etcd/config.yml + when: groups.etcd is defined and groups.etcd + - name: Run the openshift-node config playbook include: openshift-node/config.yml when: groups.nodes is defined and groups.nodes and groups.masters is defined and groups.masters diff --git a/playbooks/byo/etcd/config.yml b/playbooks/byo/etcd/config.yml new file mode 100644 index 000000000..0c96b2541 --- /dev/null +++ b/playbooks/byo/etcd/config.yml @@ -0,0 +1,7 @@ +## deploys a simple etcd cluster, this cluster does not provide client side ssl +## and cannot be used directly for openshift. This should only be used for testing. +--- +- name: Configure etcd + hosts: etcd + roles: + - etcd diff --git a/playbooks/byo/etcd/filter_plugins b/playbooks/byo/etcd/filter_plugins new file mode 120000 index 000000000..b0b7a3414 --- /dev/null +++ b/playbooks/byo/etcd/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins/ \ No newline at end of file diff --git a/playbooks/byo/etcd/roles b/playbooks/byo/etcd/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/byo/etcd/roles @@ -0,0 +1 @@ +../../../roles/ \ No newline at end of file diff --git a/playbooks/byo/openshift-etcd/config.yml b/playbooks/byo/openshift-etcd/config.yml new file mode 100644 index 000000000..381f139de --- /dev/null +++ b/playbooks/byo/openshift-etcd/config.yml @@ -0,0 +1,20 @@ +--- +- name: Populate oo_etcd_hosts_to_config and oo_first_master host groups + hosts: localhost + gather_facts: no + tasks: + - name: Evaluate oo_etcd_hosts_to_config + add_host: + name: "{{ item }}" + groups: oo_etcd_hosts_to_config + with_items: groups.etcd + - name: Evaluate oo_first_master + add_host: + name: "{{ item }}" + groups: oo_first_master + with_items: groups.masters.0 + + +- include: ../../common/openshift-etcd/config.yml + vars: + openshift_first_master: "{{ groups.masters.0 }}" diff --git a/playbooks/byo/openshift-etcd/filter_plugins b/playbooks/byo/openshift-etcd/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/byo/openshift-etcd/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-etcd/roles b/playbooks/byo/openshift-etcd/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/byo/openshift-etcd/roles @@ -0,0 +1 @@ +../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml new file mode 100644 index 000000000..2c920df49 --- /dev/null +++ b/playbooks/common/openshift-etcd/config.yml @@ -0,0 +1,106 @@ +--- +- name: Gather and set facts for etcd hosts + hosts: oo_etcd_hosts_to_config + roles: + - openshift_facts + tasks: + - openshift_facts: + role: common + local_facts: + hostname: "{{ openshift_hostname | default(None) }}" + - name: Check for etcd certificates + stat: + path: "{{ item }}" + with_items: + - "/etc/etcd/ca.crt" + - "/etc/etcd/client.crt" + - "/etc/etcd/client.key" + - "/etc/etcd/peer-ca.crt" + - "/etc/etcd/peer.crt" + - "/etc/etcd/peer.key" + register: g_etcd_certs_stat + - set_fact: + etcd_certs_missing: "{{ g_etcd_certs_stat.results | map(attribute='stat.exists') + | list | intersect([false])}}" + etcd_subdir: etcd-{{ openshift.common.hostname }} + etcd_dir: /etc/openshift/generated-configs/etcd-{{ openshift.common.hostname }} + etcd_cert_dir: /etc/etcd + +- name: Create temp directory for syncing certs + hosts: localhost + connection: local + sudo: false + gather_facts: no + tasks: + - name: Create local temp directory for syncing certs + local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX + register: g_etcd_mktemp + changed_when: False + +- name: Create etcd certs + hosts: oo_first_master + vars: + etcd_hosts_needing_certs: "{{ hostvars + | oo_select_keys(groups['oo_etcd_hosts_to_config']) + | oo_filter_list(filter_attr='etcd_certs_missing') }}" + etcd_hosts: "{{ hostvars + | oo_select_keys(groups['oo_etcd_hosts_to_config']) }}" + sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" + roles: + - openshift_etcd_certs + post_tasks: + - name: Create a tarball of the etcd certs + command: > + tar -czvf {{ item.etcd_dir }}.tgz + -C {{ item.etcd_dir }} . + args: + creates: "{{ item.etcd_dir }}.tgz" + with_items: etcd_hosts_needing_certs + + - name: Retrieve the etcd cert tarballs from the master + fetch: + src: "{{ item.etcd_dir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: etcd_hosts_needing_certs + +- name: Deploy etcd + hosts: oo_etcd_hosts_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" + etcd_url_scheme: https + pre_tasks: + - name: Ensure certificate directory exists + file: + path: "{{ etcd_cert_dir }}" + state: directory + - name: Unarchive the tarball on the node + unarchive: + src: "{{ sync_tmpdir }}/{{ etcd_subdir }}.tgz" + dest: "{{ etcd_cert_dir }}" + when: etcd_certs_missing + - file: path=/etc/etcd/client.crt mode=0600 owner=etcd group=etcd + - file: path=/etc/etcd/client.key mode=0600 owner=etcd group=etcd + - file: path=/etc/etcd/ca.crt mode=0644 owner=etcd group=etcd + roles: + - etcd + +- name: Delete the temporary directory on the master + hosts: oo_first_master + gather_facts: no + vars: + sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" + tasks: + - file: name={{ sync_tmpdir }} state=absent + changed_when: False + +- name: Delete temporary directory on localhost + hosts: localhost + connection: local + sudo: false + gather_facts: no + tasks: + - file: name={{ g_etcd_mktemp.stdout }} state=absent + changed_when: False diff --git a/playbooks/common/openshift-etcd/filter_plugins b/playbooks/common/openshift-etcd/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-etcd/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-etcd/roles b/playbooks/common/openshift-etcd/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/common/openshift-etcd/roles @@ -0,0 +1 @@ +../../../roles/ \ No newline at end of file -- cgit v1.2.3 From add3fbcce31e9db4ea8c76acb9c8579f20581912 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 10 Jul 2015 14:46:43 -0400 Subject: Etcd role updates and playbook updates - fix firewall conflict issues with co-located etcd and openshift hosts - added os_firewall dependency to etcd role - updated etcd template to better handle clustered and non-clustered installs - added etcd_ca role - generates a self-signed cert to manage etcd certificates, since etcd peer certificates are required to be client and server certs and the openshift ca will only generate client or server certs (not one authorized for both). - renamed openshift_etcd_certs role to etcd_certificates and updated it to manage certificates generated from the CA managed by the etcd_ca role - remove hard coded etcd_port in openshift_facts - updates for the openshift-etcd common playbook - removed etcd and openshift-etcd playbooks from the byo playbooks directory - added a common playbook for setting etcd launch facts - added an openshift-etcd common service playbook - removed unused variables - fixed tests for embedded_{etcd,dns,kube} in openshift_master - removed old workaround for reloading systemd units --- playbooks/byo/etcd/config.yml | 7 -- playbooks/byo/etcd/filter_plugins | 1 - playbooks/byo/etcd/roles | 1 - playbooks/byo/openshift-etcd/config.yml | 20 ----- playbooks/byo/openshift-etcd/filter_plugins | 1 - playbooks/byo/openshift-etcd/roles | 1 - .../set_etcd_launch_facts_tasks.yml | 13 +++ playbooks/common/openshift-etcd/config.yml | 96 ++++++++++------------ playbooks/common/openshift-etcd/lookup_plugins | 1 + playbooks/common/openshift-etcd/service.yml | 18 ++++ 10 files changed, 75 insertions(+), 84 deletions(-) delete mode 100644 playbooks/byo/etcd/config.yml delete mode 120000 playbooks/byo/etcd/filter_plugins delete mode 120000 playbooks/byo/etcd/roles delete mode 100644 playbooks/byo/openshift-etcd/config.yml delete mode 120000 playbooks/byo/openshift-etcd/filter_plugins delete mode 120000 playbooks/byo/openshift-etcd/roles create mode 100644 playbooks/common/openshift-cluster/set_etcd_launch_facts_tasks.yml create mode 120000 playbooks/common/openshift-etcd/lookup_plugins create mode 100644 playbooks/common/openshift-etcd/service.yml (limited to 'playbooks') diff --git a/playbooks/byo/etcd/config.yml b/playbooks/byo/etcd/config.yml deleted file mode 100644 index 0c96b2541..000000000 --- a/playbooks/byo/etcd/config.yml +++ /dev/null @@ -1,7 +0,0 @@ -## deploys a simple etcd cluster, this cluster does not provide client side ssl -## and cannot be used directly for openshift. This should only be used for testing. ---- -- name: Configure etcd - hosts: etcd - roles: - - etcd diff --git a/playbooks/byo/etcd/filter_plugins b/playbooks/byo/etcd/filter_plugins deleted file mode 120000 index b0b7a3414..000000000 --- a/playbooks/byo/etcd/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins/ \ No newline at end of file diff --git a/playbooks/byo/etcd/roles b/playbooks/byo/etcd/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/playbooks/byo/etcd/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/ \ No newline at end of file diff --git a/playbooks/byo/openshift-etcd/config.yml b/playbooks/byo/openshift-etcd/config.yml deleted file mode 100644 index 381f139de..000000000 --- a/playbooks/byo/openshift-etcd/config.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Populate oo_etcd_hosts_to_config and oo_first_master host groups - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_etcd_hosts_to_config - add_host: - name: "{{ item }}" - groups: oo_etcd_hosts_to_config - with_items: groups.etcd - - name: Evaluate oo_first_master - add_host: - name: "{{ item }}" - groups: oo_first_master - with_items: groups.masters.0 - - -- include: ../../common/openshift-etcd/config.yml - vars: - openshift_first_master: "{{ groups.masters.0 }}" diff --git a/playbooks/byo/openshift-etcd/filter_plugins b/playbooks/byo/openshift-etcd/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/byo/openshift-etcd/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-etcd/roles b/playbooks/byo/openshift-etcd/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/byo/openshift-etcd/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/set_etcd_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_etcd_launch_facts_tasks.yml new file mode 100644 index 000000000..1a6580795 --- /dev/null +++ b/playbooks/common/openshift-cluster/set_etcd_launch_facts_tasks.yml @@ -0,0 +1,13 @@ +--- +- set_fact: k8s_type="etcd" + +- name: Generate etcd instance names(s) + set_fact: + scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}" + register: etcd_names_output + with_sequence: count={{ num_etcd }} + +- set_fact: + etcd_names: "{{ etcd_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 2c920df49..3cc561ba0 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -1,30 +1,32 @@ --- -- name: Gather and set facts for etcd hosts - hosts: oo_etcd_hosts_to_config +- name: Set etcd facts needed for generating certs + hosts: oo_etcd_to_config roles: - openshift_facts tasks: - openshift_facts: - role: common - local_facts: - hostname: "{{ openshift_hostname | default(None) }}" - - name: Check for etcd certificates + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: common + local_facts: + hostname: "{{ openshift_hostname | default(None) }}" + public_hostname: "{{ openshift_public_hostname | default(None) }}" + deployment_type: "{{ openshift_deployment_type }}" + - name: Check status of etcd certificates stat: path: "{{ item }}" with_items: - - "/etc/etcd/ca.crt" - - "/etc/etcd/client.crt" - - "/etc/etcd/client.key" - - "/etc/etcd/peer-ca.crt" - - "/etc/etcd/peer.crt" - - "/etc/etcd/peer.key" - register: g_etcd_certs_stat + - /etc/etcd/server.crt + - /etc/etcd/peer.crt + - /etc/etcd/ca.crt + register: g_etcd_server_cert_stat_result - set_fact: - etcd_certs_missing: "{{ g_etcd_certs_stat.results | map(attribute='stat.exists') - | list | intersect([false])}}" - etcd_subdir: etcd-{{ openshift.common.hostname }} - etcd_dir: /etc/openshift/generated-configs/etcd-{{ openshift.common.hostname }} - etcd_cert_dir: /etc/etcd + etcd_server_certs_missing: "{{ g_etcd_server_cert_stat_result.results | map(attribute='stat.exists') + | list | intersect([false])}}" + etcd_cert_subdir: etcd-{{ openshift.common.hostname }} + etcd_cert_config_dir: /etc/etcd + etcd_cert_prefix: - name: Create temp directory for syncing certs hosts: localhost @@ -37,65 +39,53 @@ register: g_etcd_mktemp changed_when: False -- name: Create etcd certs - hosts: oo_first_master +- name: Configure etcd certificates + hosts: oo_first_etcd vars: - etcd_hosts_needing_certs: "{{ hostvars - | oo_select_keys(groups['oo_etcd_hosts_to_config']) - | oo_filter_list(filter_attr='etcd_certs_missing') }}" - etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_hosts_to_config']) }}" + etcd_generated_certs_dir: /etc/etcd/generated_certs + etcd_needing_server_certs: "{{ hostvars + | oo_select_keys(groups['oo_etcd_to_config']) + | oo_filter_list(filter_attr='etcd_server_certs_missing') }}" sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" roles: - - openshift_etcd_certs + - etcd_certificates post_tasks: - name: Create a tarball of the etcd certs command: > - tar -czvf {{ item.etcd_dir }}.tgz - -C {{ item.etcd_dir }} . + tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz + -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . args: - creates: "{{ item.etcd_dir }}.tgz" - with_items: etcd_hosts_needing_certs - - - name: Retrieve the etcd cert tarballs from the master + creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + with_items: etcd_needing_server_certs + - name: Retrieve the etcd cert tarballs fetch: - src: "{{ item.etcd_dir }}.tgz" + src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" dest: "{{ sync_tmpdir }}/" flat: yes fail_on_missing: yes validate_checksum: yes - with_items: etcd_hosts_needing_certs + with_items: etcd_needing_server_certs -- name: Deploy etcd - hosts: oo_etcd_hosts_to_config +- name: Configure etcd hosts + hosts: oo_etcd_to_config vars: sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" etcd_url_scheme: https + etcd_peer_url_scheme: https + etcd_peers_group: oo_etcd_to_config pre_tasks: - name: Ensure certificate directory exists file: - path: "{{ etcd_cert_dir }}" + path: "{{ etcd_cert_config_dir }}" state: directory - - name: Unarchive the tarball on the node + - name: Unarchive the tarball on the etcd host unarchive: - src: "{{ sync_tmpdir }}/{{ etcd_subdir }}.tgz" - dest: "{{ etcd_cert_dir }}" - when: etcd_certs_missing - - file: path=/etc/etcd/client.crt mode=0600 owner=etcd group=etcd - - file: path=/etc/etcd/client.key mode=0600 owner=etcd group=etcd - - file: path=/etc/etcd/ca.crt mode=0644 owner=etcd group=etcd + src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" + dest: "{{ etcd_cert_config_dir }}" + when: etcd_server_certs_missing roles: - etcd -- name: Delete the temporary directory on the master - hosts: oo_first_master - gather_facts: no - vars: - sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}" - tasks: - - file: name={{ sync_tmpdir }} state=absent - changed_when: False - - name: Delete temporary directory on localhost hosts: localhost connection: local diff --git a/playbooks/common/openshift-etcd/lookup_plugins b/playbooks/common/openshift-etcd/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-etcd/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-etcd/service.yml b/playbooks/common/openshift-etcd/service.yml new file mode 100644 index 000000000..0bf69b22f --- /dev/null +++ b/playbooks/common/openshift-etcd/service.yml @@ -0,0 +1,18 @@ +--- +- name: Populate g_service_masters host group if needed + hosts: localhost + gather_facts: no + tasks: + - fail: msg="new_cluster_state is required to be injected in this playbook" + when: new_cluster_state is not defined + + - name: Evaluate g_service_etcd + add_host: name={{ item }} groups=g_service_etcd + with_items: oo_host_group_exp | default([]) + +- name: Change etcd state on etcd instance(s) + hosts: g_service_etcd + connection: ssh + gather_facts: no + tasks: + - service: name=etcd state="{{ new_cluster_state }}" -- cgit v1.2.3 From f752eaccbb1a5f0e2c1d36502f755d022a21d073 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 10 Jul 2015 15:04:26 -0400 Subject: Playbook updates for clustered etcd - Add support to bin/cluster for specifying etcd hosts - defaults to 0, if no etcd hosts are selected, then configures embedded etcd - Updates for the byo inventory file for etcd and master as node by default - Consolidation of cluster logic more centrally into common playbook - Added etcd config support to playbooks - Restructured byo playbooks to leverage the common openshift-cluster playbook - Added support to common master playbook to generate and apply external etcd client certs from the etcd ca - start of refactor for better handling of master certs in a multi-master environment. - added the openshift_master_ca and openshift_master_certificates roles to manage master certs instead of generating them in the openshift_master role - added etcd host groups to the cluster update playbooks - aded better handling of host groups when they are either not present or are empty. - Update AWS readme --- playbooks/aws/openshift-cluster/config.yml | 33 +--- playbooks/aws/openshift-cluster/launch.yml | 14 +- .../openshift-cluster/tasks/launch_instances.yml | 9 + playbooks/aws/openshift-cluster/update.yml | 4 +- playbooks/byo/config.yml | 12 +- playbooks/byo/openshift-cluster/config.yml | 9 + playbooks/byo/openshift-cluster/filter_plugins | 1 + playbooks/byo/openshift-cluster/lookup_plugins | 1 + playbooks/byo/openshift-cluster/roles | 1 + playbooks/byo/openshift-master/config.yml | 15 -- playbooks/byo/openshift-master/filter_plugins | 1 - playbooks/byo/openshift-master/lookup_plugins | 1 - playbooks/byo/openshift-master/roles | 1 - playbooks/byo/openshift-node/config.yml | 23 --- playbooks/byo/openshift-node/filter_plugins | 1 - playbooks/byo/openshift-node/lookup_plugins | 1 - playbooks/byo/openshift-node/roles | 1 - playbooks/common/openshift-cluster/config.yml | 61 +++++++ .../set_master_launch_facts_tasks.yml | 6 +- .../set_node_launch_facts_tasks.yml | 6 +- playbooks/common/openshift-master/config.yml | 199 ++++++++++++++++++++- playbooks/common/openshift-node/config.yml | 39 ++-- playbooks/gce/openshift-cluster/config.yml | 34 ++-- playbooks/gce/openshift-cluster/update.yml | 4 +- playbooks/libvirt/openshift-cluster/config.yml | 33 +--- playbooks/libvirt/openshift-cluster/update.yml | 4 +- playbooks/openstack/openshift-cluster/config.yml | 33 +--- playbooks/openstack/openshift-cluster/update.yml | 4 +- 28 files changed, 362 insertions(+), 189 deletions(-) create mode 100644 playbooks/byo/openshift-cluster/config.yml create mode 120000 playbooks/byo/openshift-cluster/filter_plugins create mode 120000 playbooks/byo/openshift-cluster/lookup_plugins create mode 120000 playbooks/byo/openshift-cluster/roles delete mode 100644 playbooks/byo/openshift-master/config.yml delete mode 120000 playbooks/byo/openshift-master/filter_plugins delete mode 120000 playbooks/byo/openshift-master/lookup_plugins delete mode 120000 playbooks/byo/openshift-master/roles delete mode 100644 playbooks/byo/openshift-node/config.yml delete mode 120000 playbooks/byo/openshift-node/filter_plugins delete mode 120000 playbooks/byo/openshift-node/lookup_plugins delete mode 120000 playbooks/byo/openshift-node/roles (limited to 'playbooks') diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 7188312ed..6ee539c7e 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -1,37 +1,22 @@ --- -- name: Populate oo_masters_to_config host group - hosts: localhost +- hosts: localhost gather_facts: no vars_files: - vars.yml tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - groups: oo_masters_to_config - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([]) - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - groups: oo_nodes_to_config - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type_' ~ cluster_id ~ '-openshift-master'][0] }}" - groups: oo_first_master - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - when: "'tag_env-host-type_{{ cluster_id }}-openshift-master' in groups" + - set_fact: + g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - include: ../../common/openshift-cluster/config.yml vars: + g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}" + g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}" + g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" + g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" + g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/launch.yml b/playbooks/aws/openshift-cluster/launch.yml index 33e1ec25d..5db87fa90 100644 --- a/playbooks/aws/openshift-cluster/launch.yml +++ b/playbooks/aws/openshift-cluster/launch.yml @@ -11,6 +11,13 @@ msg: Deployment type not supported for aws provider yet when: deployment_type == 'enterprise' + - include: ../../common/openshift-cluster/set_etcd_launch_facts_tasks.yml + - include: tasks/launch_instances.yml + vars: + instances: "{{ etcd_names }}" + cluster: "{{ cluster_id }}" + type: "{{ k8s_type }}" + - include: ../../common/openshift-cluster/set_master_launch_facts_tasks.yml - include: tasks/launch_instances.yml vars: @@ -25,9 +32,10 @@ cluster: "{{ cluster_id }}" type: "{{ k8s_type }}" - - set_fact: - a_master: "{{ master_names[0] }}" - - add_host: name={{ a_master }} groups=service_master + - add_host: + name: "{{ master_names.0 }}" + groups: service_master + when: master_names is defined and master_names.0 is defined - include: update.yml diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index d643b647d..25a87aaf6 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -53,6 +53,15 @@ latest_ami: "{{ ami_result.results | oo_ami_selector(ec2_image_name) }}" user_data: "{{ lookup('template', '../templates/user_data.j2') }}" volume_defs: + etcd: + root: + volume_size: "{{ lookup('env', 'os_etcd_root_vol_size') | default(25, true) }}" + device_type: "{{ lookup('env', 'os_etcd_root_vol_type') | default('gp2', true) }}" + iops: "{{ lookup('env', 'os_etcd_root_vol_iops') | default(500, true) }}" + etcd: + volume_size: "{{ lookup('env', 'os_etcd_vol_size') | default(32, true) }}" + device_type: "{{ lookup('env', 'os_etcd_vol_type') | default('gp2', true) }}" + iops: "{{ lookup('env', 'os_etcd_vol_iops') | default(500, true) }}" master: root: volume_size: "{{ lookup('env', 'os_master_root_vol_size') | default(25, true) }}" diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml index 5e7ab4e58..e006aa74a 100644 --- a/playbooks/aws/openshift-cluster/update.yml +++ b/playbooks/aws/openshift-cluster/update.yml @@ -11,7 +11,9 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"]) | default([]) + with_items: (groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([])) + | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([])) + | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-etcd"] | default([])) - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/byo/config.yml b/playbooks/byo/config.yml index 092eb9978..7d03914a2 100644 --- a/playbooks/byo/config.yml +++ b/playbooks/byo/config.yml @@ -1,12 +1,2 @@ --- -- name: Run the openshift-master config playbook - include: openshift-master/config.yml - when: groups.masters is defined and groups.masters - -- name: Run the openshift-etcd playbook - include: openshift-etcd/config.yml - when: groups.etcd is defined and groups.etcd - -- name: Run the openshift-node config playbook - include: openshift-node/config.yml - when: groups.nodes is defined and groups.nodes and groups.masters is defined and groups.masters +- include: openshift-cluster/config.yml diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml new file mode 100644 index 000000000..2ee1d50a7 --- /dev/null +++ b/playbooks/byo/openshift-cluster/config.yml @@ -0,0 +1,9 @@ +--- +- include: ../../common/openshift-cluster/config.yml + vars: + g_etcd_group: "{{ 'etcd' }}" + g_masters_group: "{{ 'masters' }}" + g_nodes_group: "{{ 'nodes' }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_debug_level: 4 + openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/filter_plugins b/playbooks/byo/openshift-cluster/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/byo/openshift-cluster/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-cluster/lookup_plugins b/playbooks/byo/openshift-cluster/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/byo/openshift-cluster/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-cluster/roles b/playbooks/byo/openshift-cluster/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/byo/openshift-cluster/roles @@ -0,0 +1 @@ +../../../roles \ No newline at end of file diff --git a/playbooks/byo/openshift-master/config.yml b/playbooks/byo/openshift-master/config.yml deleted file mode 100644 index f61d277c6..000000000 --- a/playbooks/byo/openshift-master/config.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Populate oo_masters_to_config host group - hosts: localhost - gather_facts: no - tasks: - - add_host: - name: "{{ item }}" - groups: oo_masters_to_config - with_items: groups['masters'] - -- include: ../../common/openshift-master/config.yml - vars: - openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-master/filter_plugins b/playbooks/byo/openshift-master/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/byo/openshift-master/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-master/lookup_plugins b/playbooks/byo/openshift-master/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/byo/openshift-master/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-master/roles b/playbooks/byo/openshift-master/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/byo/openshift-master/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/byo/openshift-node/config.yml b/playbooks/byo/openshift-node/config.yml deleted file mode 100644 index f50903061..000000000 --- a/playbooks/byo/openshift-node/config.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Populate oo_nodes_to_config and oo_first_master host groups - hosts: localhost - gather_facts: no - tasks: - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - groups: oo_nodes_to_config - with_items: groups.nodes - - name: Evaluate oo_first_master - add_host: - name: "{{ item }}" - groups: oo_first_master - with_items: groups.masters.0 - - -- include: ../../common/openshift-node/config.yml - vars: - openshift_first_master: "{{ groups.masters.0 }}" - openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-node/filter_plugins b/playbooks/byo/openshift-node/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/byo/openshift-node/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-node/lookup_plugins b/playbooks/byo/openshift-node/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/byo/openshift-node/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/byo/openshift-node/roles b/playbooks/byo/openshift-node/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/byo/openshift-node/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 14ffa928f..0779cfe47 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,4 +1,65 @@ --- +- name: Populate config host groups + hosts: localhost + gather_facts: no + tasks: + - fail: + msg: This playbook rquires g_etcd_group to be set + when: g_etcd_group is not defined + + - fail: + msg: This playbook rquires g_masters_group to be set + when: g_masters_group is not defined + + - fail: + msg: This playbook rquires g_nodes_group to be set + when: g_nodes_group is not defined + + - name: Evaluate oo_etcd_to_config + add_host: + name: "{{ item }}" + groups: oo_etcd_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: groups[g_etcd_group] | default([]) + + - name: Evaluate oo_masters_to_config + add_host: + name: "{{ item }}" + groups: oo_masters_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: groups[g_masters_group] | default([]) + + - name: Evaluate oo_nodes_to_config + add_host: + name: "{{ item }}" + groups: oo_nodes_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: groups[g_nodes_group] | default([]) + + - name: Evaluate oo_first_etcd + add_host: + name: "{{ groups[g_etcd_group][0] }}" + groups: oo_first_etcd + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + when: g_etcd_group in groups and (groups[g_etcd_group] | length) > 0 + + - name: Evaluate oo_first_master + add_host: + name: "{{ groups[g_masters_group][0] }}" + groups: oo_first_master + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + when: g_masters_group in groups and (groups[g_masters_group] | length) > 0 + +- include: ../openshift-etcd/config.yml + - include: ../openshift-master/config.yml - include: ../openshift-node/config.yml + vars: + osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/common/openshift-cluster/set_master_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_master_launch_facts_tasks.yml index 118727273..36d7b7870 100644 --- a/playbooks/common/openshift-cluster/set_master_launch_facts_tasks.yml +++ b/playbooks/common/openshift-cluster/set_master_launch_facts_tasks.yml @@ -5,7 +5,9 @@ set_fact: scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}" register: master_names_output - with_sequence: start=1 end={{ num_masters }} + with_sequence: count={{ num_masters }} - set_fact: - master_names: "{{ master_names_output.results | oo_collect('ansible_facts') | oo_collect('scratch_name') }}" + master_names: "{{ master_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/common/openshift-cluster/set_node_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_node_launch_facts_tasks.yml index 162315d46..96e1a9a63 100644 --- a/playbooks/common/openshift-cluster/set_node_launch_facts_tasks.yml +++ b/playbooks/common/openshift-cluster/set_node_launch_facts_tasks.yml @@ -5,7 +5,9 @@ set_fact: scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}" register: node_names_output - with_sequence: start=1 end={{ num_nodes }} + with_sequence: count={{ num_nodes }} - set_fact: - node_names: "{{ node_names_output.results | oo_collect('ansible_facts') | oo_collect('scratch_name') }}" + node_names: "{{ node_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 29c4d9c5c..3956128e1 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -1,19 +1,214 @@ --- +- name: Set master facts and determine if external etcd certs need to be generated + hosts: oo_masters_to_config + pre_tasks: + - set_fact: + openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}" + openshift_master_etcd_hosts: "{{ hostvars + | oo_select_keys(groups['oo_etcd_to_config'] + | default([])) + | oo_collect('openshift.common.hostname') + | default(none, true) }}" + roles: + - openshift_facts + post_tasks: + - openshift_facts: + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: common + local_facts: + hostname: "{{ openshift_hostname | default(None) }}" + public_hostname: "{{ openshift_public_hostname | default(None) }}" + deployment_type: "{{ openshift_deployment_type }}" + - role: master + local_facts: + api_port: "{{ openshift_master_api_port | default(None) }}" + api_url: "{{ openshift_master_api_url | default(None) }}" + api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" + public_api_url: "{{ openshift_master_public_api_url | default(None) }}" + console_path: "{{ openshift_master_console_path | default(None) }}" + console_port: "{{ openshift_master_console_port | default(None) }}" + console_url: "{{ openshift_master_console_url | default(None) }}" + console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" + public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + - name: Check status of external etcd certificatees + stat: + path: "/etc/openshift/master/{{ item }}" + with_items: + - master.etcd-client.crt + - master.etcd-ca.crt + register: g_external_etcd_cert_stat_result + - set_fact: + etcd_client_certs_missing: "{{ g_external_etcd_cert_stat_result.results + | map(attribute='stat.exists') + | list | intersect([false])}}" + etcd_cert_subdir: openshift-master-{{ openshift.common.hostname }} + etcd_cert_config_dir: /etc/openshift/master + etcd_cert_prefix: master.etcd- + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config + +- name: Create temp directory for syncing certs + hosts: localhost + connection: local + sudo: false + gather_facts: no + tasks: + - name: Create local temp directory for syncing certs + local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX + register: g_master_mktemp + changed_when: False + +- name: Configure etcd certificates + hosts: oo_first_etcd + vars: + etcd_generated_certs_dir: /etc/etcd/generated_certs + etcd_needing_client_certs: "{{ hostvars + | oo_select_keys(groups['oo_masters_to_config']) + | oo_filter_list(filter_attr='etcd_client_certs_missing') }}" + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + roles: + - etcd_certificates + post_tasks: + - name: Create a tarball of the etcd certs + command: > + tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz + -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . + args: + creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + with_items: etcd_needing_client_certs + - name: Retrieve the etcd cert tarballs + fetch: + src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: etcd_needing_client_certs + +- name: Copy the external etcd certs to the masters + hosts: oo_masters_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + tasks: + - name: Ensure certificate directory exists + file: + path: /etc/openshift/master + state: directory + when: etcd_client_certs_missing is defined and etcd_client_certs_missing + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" + dest: "{{ etcd_cert_config_dir }}" + when: etcd_client_certs_missing is defined and etcd_client_certs_missing + - file: + path: "{{ etcd_cert_config_dir }}/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - master.etcd-client.crt + - master.etcd-client.key + - master.etcd-ca.crt + when: etcd_client_certs_missing is defined and etcd_client_certs_missing + +- name: Determine if master certificates need to be generated + hosts: oo_masters_to_config + tasks: + - set_fact: + openshift_master_certs_no_etcd: + - admin.crt + - master.kubelet-client.crt + - master.server.crt + - openshift-master.crt + - openshift-registry.crt + - openshift-router.crt + - etcd.server.crt + openshift_master_certs_etcd: + - master.etcd-client.crt + - set_fact: + openshift_master_certs: "{{ (openshift_master_certs_no_etcd | union(openshift_master_certs_etcd)) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else openshift_master_certs_no_etcd }}" + + - name: Check status of master certificates + stat: + path: "/etc/openshift/master/{{ item }}" + with_items: openshift_master_certs + register: g_master_cert_stat_result + - set_fact: + master_certs_missing: "{{ g_master_cert_stat_result.results + | map(attribute='stat.exists') + | list | intersect([false])}}" + master_cert_subdir: master-{{ openshift.common.hostname }} + master_cert_config_dir: /etc/openshift/master + +- name: Configure master certificates + hosts: oo_first_master + vars: + master_generated_certs_dir: /etc/openshift/generated-configs + masters_needing_certs: "{{ hostvars + | oo_select_keys(groups['oo_masters_to_config'] | difference(groups['oo_first_master'])) + | oo_filter_list(filter_attr='master_certs_missing') }}" + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + roles: + - openshift_master_certificates + post_tasks: + - name: Create a tarball of the master certs + command: > + tar -czvf {{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz + -C {{ master_generated_certs_dir }}/{{ item.master.cert_subdir }} . + args: + creates: "{{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz" + with_items: masters_needing_certs + - name: Retrieve the master cert tarball from the master + fetch: + src: "{{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: masters_needing_certs + - name: Configure master instances hosts: oo_masters_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + pre_tasks: + - name: Ensure certificate directory exists + file: + path: /etc/openshift/master + state: directory + when: master_certs_missing and 'oo_first_master' not in group_names + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" + dest: "{{ master_cert_config_dir }}" + when: master_certs_missing and 'oo_first_master' not in group_names roles: - openshift_master - - openshift_examples - role: fluentd_master when: openshift.common.use_fluentd | bool - tasks: + post_tasks: - name: Create group for deployment type group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }} changed_when: False +- name: Deploy OpenShift examples + hosts: oo_first_master + roles: + - openshift_examples + # Additional instance config for online deployments - name: Additional instance config hosts: oo_masters_deployment_type_online roles: - pods - os_env_extras + +- name: Delete temporary directory on localhost + hosts: localhost + connection: local + sudo: false + gather_facts: no + tasks: + - file: name={{ g_master_mktemp.stdout }} state=absent + changed_when: False diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 1cf5616ce..bd35008b8 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -18,21 +18,18 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - resources_cpu: "{{ openshift_node_resources_cpu | default(None) }}" - resources_memory: "{{ openshift_node_resources_memory | default(None) }}" - pod_cidr: "{{ openshift_node_pod_cidr | default(None) }}" labels: "{{ openshift_node_labels | default(None) }}" annotations: "{{ openshift_node_annotations | default(None) }}" - name: Check status of node certificates stat: - path: "{{ item }}" + path: "/etc/openshift/node/{{ item }}" with_items: - - "/etc/openshift/node/system:node:{{ openshift.common.hostname }}.crt" - - "/etc/openshift/node/system:node:{{ openshift.common.hostname }}.key" - - "/etc/openshift/node/system:node:{{ openshift.common.hostname }}.kubeconfig" - - "/etc/openshift/node/ca.crt" - - "/etc/openshift/node/server.key" - - "/etc/openshift/node/server.crt" + - "system:node:{{ openshift.common.hostname }}.crt" + - "system:node:{{ openshift.common.hostname }}.key" + - "system:node:{{ openshift.common.hostname }}.kubeconfig" + - ca.crt + - server.key + - server.crt register: stat_result - set_fact: certs_missing: "{{ stat_result.results | map(attribute='stat.exists') @@ -56,10 +53,9 @@ hosts: oo_first_master vars: nodes_needing_certs: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) + | oo_select_keys(groups['oo_nodes_to_config'] + | default([])) | oo_filter_list(filter_attr='certs_missing') }}" - openshift_nodes: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) }}" sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" roles: - openshift_node_certificates @@ -86,7 +82,7 @@ hosts: oo_nodes_to_config vars: sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" - openshift_node_master_api_url: "{{ hostvars[openshift_first_master].openshift.master.api_url }}" + openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -110,15 +106,6 @@ group_by: key=oo_nodes_deployment_type_{{ openshift.common.deployment_type }} changed_when: False -- name: Delete the temporary directory on the master - hosts: oo_first_master - gather_facts: no - vars: - sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" - tasks: - - file: name={{ sync_tmpdir }} state=absent - changed_when: False - - name: Delete temporary directory on localhost hosts: localhost connection: local @@ -143,12 +130,14 @@ | oo_select_keys(groups['oo_nodes_to_config']) | oo_collect('openshift.common.hostname') }}" openshift_unscheduleable_nodes: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) + | oo_select_keys(groups['oo_nodes_to_config'] + | default([])) | oo_collect('openshift.common.hostname', {'openshift_scheduleable': False}) }}" pre_tasks: - set_fact: openshift_scheduleable_nodes: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) + | oo_select_keys(groups['oo_nodes_to_config'] + | default([])) | oo_collect('openshift.common.hostname') | difference(openshift_unscheduleable_nodes) }}" roles: diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 8c320dbd2..219ebe6a0 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -1,38 +1,24 @@ --- # TODO: fix firewall related bug with GCE and origin, since GCE is overriding # /etc/sysconfig/iptables -- name: Populate oo_masters_to_config host group - hosts: localhost + +- hosts: localhost gather_facts: no vars_files: - vars.yml tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - groups: oo_masters_to_config - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | default([]) - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - groups: oo_nodes_to_config - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-node"] | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" - groups: oo_first_master - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" + - set_fact: + g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - include: ../../common/openshift-cluster/config.yml vars: + g_etcd_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-etcd' }}" + g_masters_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-master' }}" + g_nodes_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-node' }}" + g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" + g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" openshift_hostname: "{{ gce_private_ip }}" diff --git a/playbooks/gce/openshift-cluster/update.yml b/playbooks/gce/openshift-cluster/update.yml index 9ebf39a13..8096aa654 100644 --- a/playbooks/gce/openshift-cluster/update.yml +++ b/playbooks/gce/openshift-cluster/update.yml @@ -11,7 +11,9 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-node"]) | default([]) + with_items: (groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | default([])) + | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-node"] | default([])) + | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-etcd"] | default([])) - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index 75e2005a2..98fe11251 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -3,37 +3,22 @@ # is localhost, so no hostname value (or public_hostname) value is getting # assigned -- name: Populate oo_masters_to_config host group - hosts: localhost +- hosts: localhost gather_facts: no vars_files: - vars.yml tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_masters_to_config - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | default([]) - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_nodes_to_config - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-node"] | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_first_master - when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" + - set_fact: + g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - include: ../../common/openshift-cluster/config.yml vars: + g_etcd_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-etcd' }}" + g_masters_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-master' }}" + g_nodes_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-node' }}" + g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" + g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml index 57e36db9e..d09832c16 100644 --- a/playbooks/libvirt/openshift-cluster/update.yml +++ b/playbooks/libvirt/openshift-cluster/update.yml @@ -11,7 +11,9 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-node"]) | default([]) + with_items: (groups["tag_env-host-type-{{ cluster_id }}-openshift-master"] | default([])) + | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-node"] | default([])) + | union(groups["tag_env-host-type-{{ cluster_id }}-openshift-etcd"] | default([])) - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index abadaf5ca..3c9a231e3 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -1,35 +1,20 @@ -- name: Populate oo_masters_to_config host group - hosts: localhost +- hosts: localhost gather_facts: no vars_files: - vars.yml tasks: - - name: Evaluate oo_masters_to_config - add_host: - name: "{{ item }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_masters_to_config - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([]) - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ item }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_nodes_to_config - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([]) - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type_' ~ cluster_id ~ '-openshift-master'][0] }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_first_master - when: "'tag_env-host-type_{{ cluster_id }}-openshift-master' in groups" + - set_fact: + g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - include: ../../common/openshift-cluster/config.yml vars: + g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}" + g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}" + g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" + g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" + g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" - openshift_first_master: "{{ groups.oo_first_master.0 }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml index 5e7ab4e58..e006aa74a 100644 --- a/playbooks/openstack/openshift-cluster/update.yml +++ b/playbooks/openstack/openshift-cluster/update.yml @@ -11,7 +11,9 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"]) | default([]) + with_items: (groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([])) + | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([])) + | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-etcd"] | default([])) - include: ../../common/openshift-cluster/update_repos_and_packages.yml -- cgit v1.2.3 From aefff9001ab43155696820f01db7cc11de5cfcea Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 10 Jul 2015 16:44:11 -0400 Subject: Add support for separate etcd volume with aws provider through bin/cluster --- .../aws/openshift-cluster/templates/user_data.j2 | 20 ++++++++++++++++++++ playbooks/aws/openshift-cluster/terminate.yml | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) (limited to 'playbooks') diff --git a/playbooks/aws/openshift-cluster/templates/user_data.j2 b/playbooks/aws/openshift-cluster/templates/user_data.j2 index db14bacd1..82c2f4d57 100644 --- a/playbooks/aws/openshift-cluster/templates/user_data.j2 +++ b/playbooks/aws/openshift-cluster/templates/user_data.j2 @@ -1,4 +1,24 @@ #cloud-config +{% if type =='etcd' %} +cloud_config_modules: +- disk_setup +- mounts + +mounts: +- [ xvdb, /var/lib/etcd, xfs, "defaults" ] + +disk_setup: + xvdb: + table_type: mbr + layout: True + +fs_setup: +- label: etcd_storage + filesystem: xfs + device: /dev/xvdb + partition: auto +{% endif %} + {% if type == 'node' %} mounts: - [ xvdb ] diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml index 361ab2d37..9c3703aba 100644 --- a/playbooks/aws/openshift-cluster/terminate.yml +++ b/playbooks/aws/openshift-cluster/terminate.yml @@ -43,7 +43,7 @@ # Fail if any of the instances failed to terminate with an error other # than 403 Forbidden - - fail: msg=Terminating instance {{ item.item.ec2_id }} failed with message {{ item.msg }} + - fail: msg=Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }} when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" with_items: ec2_term.results -- cgit v1.2.3