From 6b4282004a4331d9db0e0ab857c96d83a738d82c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 14 Jul 2015 14:48:38 -0400 Subject: Initial HA master - Ability to specify multiple masters - configures the CA only a single time on the first master - creates and distributes additional certs for additional master hosts - Depending on the status of openshift_master_cluster_defer_ha (defaults to False) one of two actions are taken when multiple masters are defined 1. If openshift_master_cluster_defer_ha is true a. Certs/configs for all masters are deployed b. openshift-master service is only started and enabled on the master c. HA configuration is expected to be handled by the user manually after the completion of the playbook run. 2. If oepnshift_master_cluster_defer_ha is false or undefined a. Certs/configs for all masters are deployed b. a Pacemaker/RHEL HA cluster is configured i. VIPs are configured based on the values of openshift_master_cluster_vip and openshift_master_cluster_plublic_vip ii. The openshift-master service is configured as an active/passive cluster service --- playbooks/common/openshift-master/config.yml | 29 +++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) (limited to 'playbooks') diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 3956128e1..904ad2dab 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -27,6 +27,9 @@ api_url: "{{ openshift_master_api_url | default(None) }}" api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" public_api_url: "{{ openshift_master_public_api_url | default(None) }}" + cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" + cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" + cluster_defer_ha: "{{ openshift_master_cluster_defer_ha | default(None) }}" console_path: "{{ openshift_master_console_path | default(None) }}" console_port: "{{ openshift_master_console_port | default(None) }}" console_url: "{{ openshift_master_console_url | default(None) }}" @@ -152,16 +155,26 @@ roles: - openshift_master_certificates post_tasks: + - name: Remove generated etcd client certs when using external etcd + file: + path: "{{ master_generated_certs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: absent + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config + with_nested: + - masters_needing_certs + - - master.etcd-client.crt + - master.etcd-client.key + - name: Create a tarball of the master certs command: > - tar -czvf {{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz - -C {{ master_generated_certs_dir }}/{{ item.master.cert_subdir }} . + tar -czvf {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz + -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . args: - creates: "{{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz" + creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" with_items: masters_needing_certs - name: Retrieve the master cert tarball from the master fetch: - src: "{{ master_generated_certs_dir }}/{{ item.master.cert_subdir }}.tgz" + src: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" dest: "{{ sync_tmpdir }}/" flat: yes fail_on_missing: yes @@ -172,6 +185,7 @@ hosts: oo_masters_to_config vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -192,9 +206,14 @@ group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }} changed_when: False -- name: Deploy OpenShift examples +- name: Additional master configuration hosts: oo_first_master + vars: + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ')}}" roles: + - role: openshift_master_cluster + when: openshift_master_ha | bool - openshift_examples # Additional instance config for online deployments -- cgit v1.2.3