summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/adhoc/atomic_openshift_tutorial_reset.yml2
-rw-r--r--playbooks/adhoc/bootstrap-fedora.yml2
l---------playbooks/adhoc/noc/filter_plugins1
l---------playbooks/adhoc/noc/roles1
-rw-r--r--playbooks/adhoc/setupnfs.yml2
-rw-r--r--playbooks/adhoc/uninstall.yml18
-rw-r--r--playbooks/aws/ansible-tower/config.yml24
l---------playbooks/aws/ansible-tower/filter_plugins1
-rw-r--r--playbooks/aws/ansible-tower/launch.yml79
l---------playbooks/aws/ansible-tower/roles1
-rw-r--r--playbooks/aws/ansible-tower/user_data.txt6
-rw-r--r--playbooks/aws/ansible-tower/vars.ops.yml9
-rw-r--r--playbooks/aws/ansible-tower/vars.yml1
-rw-r--r--playbooks/aws/openshift-cluster/add_nodes.yml5
-rw-r--r--playbooks/aws/openshift-cluster/config.yml8
-rw-r--r--playbooks/aws/openshift-cluster/launch.yml5
-rw-r--r--playbooks/aws/openshift-cluster/list.yml2
-rw-r--r--playbooks/aws/openshift-cluster/scaleup.yml4
-rw-r--r--playbooks/aws/openshift-cluster/service.yml4
-rw-r--r--playbooks/aws/openshift-cluster/tasks/launch_instances.yml97
-rw-r--r--playbooks/aws/openshift-cluster/templates/user_data.j233
-rw-r--r--playbooks/aws/openshift-cluster/terminate.yml2
-rw-r--r--playbooks/aws/openshift-cluster/update.yml2
-rw-r--r--playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml5
-rw-r--r--playbooks/aws/openshift-cluster/vars.defaults.yml1
-rw-r--r--playbooks/aws/openshift-cluster/vars.online.int.yml15
-rw-r--r--playbooks/aws/openshift-cluster/vars.online.prod.yml15
-rw-r--r--playbooks/aws/openshift-cluster/vars.online.stage.yml15
-rw-r--r--playbooks/aws/openshift-cluster/vars.yml49
-rw-r--r--playbooks/byo/openshift-cluster/config.yml18
-rw-r--r--playbooks/byo/openshift-cluster/enable_dnsmasq.yml18
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml29
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml29
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml27
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml50
-rw-r--r--playbooks/byo/openshift-master/restart.yml18
-rw-r--r--playbooks/byo/openshift-master/scaleup.yml18
-rw-r--r--playbooks/byo/openshift-node/scaleup.yml18
-rw-r--r--playbooks/byo/openshift_facts.yml18
-rw-r--r--playbooks/common/openshift-cluster/additional_config.yml8
-rw-r--r--playbooks/common/openshift-cluster/config.yml6
-rw-r--r--playbooks/common/openshift-cluster/enable_dnsmasq.yml66
-rw-r--r--playbooks/common/openshift-cluster/evaluate_groups.yml20
-rw-r--r--playbooks/common/openshift-cluster/initialize_facts.yml10
l---------playbooks/common/openshift-cluster/library1
-rw-r--r--playbooks/common/openshift-cluster/openshift_hosted.yml5
-rw-r--r--playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh10
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml7
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml2
l---------playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/atomic-openshift-master.j21
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml2
l---------playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker1
l---------playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker-cluster1
l---------playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/native-cluster1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/node_upgrade.yml24
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/post.yml1
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml38
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/rpm_upgrade.yml3
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml82
-rw-r--r--playbooks/common/openshift-cluster/validate_hostnames.yml2
-rw-r--r--playbooks/common/openshift-etcd/config.yml14
-rw-r--r--playbooks/common/openshift-master/config.yml39
l---------playbooks/common/openshift-master/library1
-rwxr-xr-xplaybooks/common/openshift-master/library/modify_yaml.py95
-rw-r--r--playbooks/common/openshift-master/restart.yml4
-rw-r--r--playbooks/common/openshift-node/config.yml53
-rw-r--r--playbooks/common/openshift-node/scaleup.yml5
-rw-r--r--playbooks/gce/openshift-cluster/config.yml4
-rw-r--r--playbooks/gce/openshift-cluster/list.yml2
-rw-r--r--playbooks/gce/openshift-cluster/service.yml4
-rw-r--r--playbooks/gce/openshift-cluster/tasks/launch_instances.yml2
-rw-r--r--playbooks/gce/openshift-cluster/terminate.yml2
-rw-r--r--playbooks/gce/openshift-cluster/update.yml2
-rw-r--r--playbooks/gce/openshift-cluster/vars.yml9
-rw-r--r--playbooks/libvirt/openshift-cluster/config.yml4
-rw-r--r--playbooks/libvirt/openshift-cluster/launch.yml3
-rw-r--r--playbooks/libvirt/openshift-cluster/list.yml2
-rw-r--r--playbooks/libvirt/openshift-cluster/service.yml4
-rw-r--r--playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml4
-rw-r--r--playbooks/libvirt/openshift-cluster/terminate.yml2
-rw-r--r--playbooks/libvirt/openshift-cluster/update.yml2
-rw-r--r--playbooks/libvirt/openshift-cluster/vars.yml11
-rw-r--r--playbooks/openstack/openshift-cluster/config.yml4
-rw-r--r--playbooks/openstack/openshift-cluster/dns.yml4
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack.yaml5
-rw-r--r--playbooks/openstack/openshift-cluster/files/user-data6
-rw-r--r--playbooks/openstack/openshift-cluster/launch.yml14
-rw-r--r--playbooks/openstack/openshift-cluster/list.yml2
-rw-r--r--playbooks/openstack/openshift-cluster/terminate.yml2
-rw-r--r--playbooks/openstack/openshift-cluster/update.yml2
-rw-r--r--playbooks/openstack/openshift-cluster/vars.yml8
92 files changed, 609 insertions, 651 deletions
diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
index c14d08e87..5a5a00ea4 100644
--- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
+++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
@@ -8,7 +8,7 @@
- hosts:
- OSEv3:children
- sudo: yes
+ become: yes
tasks:
- shell: docker ps -a -q | xargs docker stop
diff --git a/playbooks/adhoc/bootstrap-fedora.yml b/playbooks/adhoc/bootstrap-fedora.yml
index 471c41f16..b380a74d6 100644
--- a/playbooks/adhoc/bootstrap-fedora.yml
+++ b/playbooks/adhoc/bootstrap-fedora.yml
@@ -1,4 +1,4 @@
- hosts: OSEv3
tasks:
- name: install python and deps for ansible modules
- raw: dnf install -y python2 python2-dnf libselinux-python libsemanage-python
+ raw: dnf install -y python2 python2-dnf libselinux-python libsemanage-python python2-firewall
diff --git a/playbooks/adhoc/noc/filter_plugins b/playbooks/adhoc/noc/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/adhoc/noc/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/adhoc/noc/roles b/playbooks/adhoc/noc/roles
deleted file mode 120000
index 20c4c58cf..000000000
--- a/playbooks/adhoc/noc/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles \ No newline at end of file
diff --git a/playbooks/adhoc/setupnfs.yml b/playbooks/adhoc/setupnfs.yml
index 5f3631fcf..fd489dc70 100644
--- a/playbooks/adhoc/setupnfs.yml
+++ b/playbooks/adhoc/setupnfs.yml
@@ -1,7 +1,7 @@
---
### This playbook is old and we are currently not using NFS.
- hosts: tag_Name_nfs-v3-stg
- sudo: no
+ become: no
remote_user: root
gather_facts: no
roles:
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index 680964d80..a407e326b 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -10,7 +10,7 @@
- hosts:
- OSEv3:children
- sudo: yes
+ become: yes
tasks:
- name: Detecting Operating System
@@ -53,6 +53,15 @@
- pcsd
failed_when: false
+ - name: unmask services
+ command: systemctl unmask "{{ item }}"
+ changed_when: False
+ failed_when: False
+ with_items:
+ - etcd
+ - firewalld
+ - atomic-openshift-master
+
- name: Stop additional atomic services
service: name={{ item }} state=stopped
when: is_containerized | bool
@@ -224,6 +233,9 @@
- /usr/local/bin/oadm
- /usr/local/bin/oc
- /usr/local/bin/kubectl
+ - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
+ - /etc/dnsmasq.d/origin-dns.conf
+ - /etc/dnsmasq.d/origin-upstream-dns.conf
# Since we are potentially removing the systemd unit files for separated
# master-api and master-controllers services, so we need to reload the
@@ -232,7 +244,9 @@
command: systemctl daemon-reload
- hosts: nodes
- sudo: yes
+ become: yes
tasks:
- name: restart docker
service: name=docker state=restarted
+ - name: restart NetworkManager
+ service: name=NetworkManager state=restarted
diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml
deleted file mode 100644
index eb3f1a1da..000000000
--- a/playbooks/aws/ansible-tower/config.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: "populate oo_hosts_to_config host group if needed"
- hosts: localhost
- gather_facts: no
- connection: local
- become: no
- tasks:
- - name: Evaluate oo_host_group_exp if it's set
- add_host: "name={{ item }} groups=oo_hosts_to_config"
- with_items: "{{ oo_host_group_exp | default(['']) }}"
- when: oo_host_group_exp is defined
-
-- name: "Configure instances"
- hosts: oo_hosts_to_config
- connection: ssh
- user: root
- vars_files:
- - vars.yml
- - "vars.{{ oo_env }}.yml"
- roles:
- - os_ipv6_disable
- - ansible
- - ansible_tower
- - os_env_extras
diff --git a/playbooks/aws/ansible-tower/filter_plugins b/playbooks/aws/ansible-tower/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/aws/ansible-tower/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml
deleted file mode 100644
index d40529435..000000000
--- a/playbooks/aws/ansible-tower/launch.yml
+++ /dev/null
@@ -1,79 +0,0 @@
----
-- name: Launch instance(s)
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
-
- vars:
- inst_region: us-east-1
- rhel7_ami: ami-9101c8fa
- user_data_file: user_data.txt
-
- vars_files:
- - vars.yml
- - "vars.{{ oo_env }}.yml"
-
- tasks:
- - name: Launch instances in VPC
- ec2:
- state: present
- region: "{{ inst_region }}"
- keypair: mmcgrath_libra
- group_id: "{{ oo_security_group_ids }}"
- instance_type: c4.xlarge
- image: "{{ rhel7_ami }}"
- count: "{{ oo_new_inst_names | length }}"
- user_data: "{{ lookup('file', user_data_file) }}"
- wait: yes
- assign_public_ip: "{{ oo_assign_public_ip }}"
- vpc_subnet_id: "{{ oo_vpc_subnet_id }}"
- register: ec2
-
- - name: Add Name and environment tags to instances
- ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present"
- with_together:
- - oo_new_inst_names
- - ec2.instances
- args:
- tags:
- Name: "{{ item.0 }}"
-
- - name: Add other tags to instances
- ec2_tag: "resource={{ item.id }} region={{ inst_region }} state=present"
- with_items: ec2.instances
- args:
- tags: "{{ oo_new_inst_tags }}"
-
- - name: Add new instances public IPs to oo_hosts_to_config
- add_host: "hostname={{ item.0 }} ansible_ssh_host={{ item.1.public_ip }} groupname=oo_hosts_to_config"
- with_together:
- - oo_new_inst_names
- - ec2.instances
-
- - debug: var=ec2
-
- - name: Wait for ssh
- wait_for: "port=22 host={{ item.public_ip }}"
- with_items: ec2.instances
-
- - name: Wait for root user setup
- command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup"
- register: result
- until: result.rc == 0
- retries: 20
- delay: 10
- with_items: ec2.instances
-
-- name: Initial setup
- hosts: oo_hosts_to_config
- user: root
- gather_facts: true
-
- tasks:
-
- - name: Update All Things
- action: "{{ ansible_pkg_mgr }} name=* state=latest"
-
-# Apply the configs, seprate so that just the configs can be run by themselves
-- include: config.yml
diff --git a/playbooks/aws/ansible-tower/roles b/playbooks/aws/ansible-tower/roles
deleted file mode 120000
index 20c4c58cf..000000000
--- a/playbooks/aws/ansible-tower/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles \ No newline at end of file
diff --git a/playbooks/aws/ansible-tower/user_data.txt b/playbooks/aws/ansible-tower/user_data.txt
deleted file mode 100644
index 643d17c32..000000000
--- a/playbooks/aws/ansible-tower/user_data.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-#cloud-config
-disable_root: 0
-
-system_info:
- default_user:
- name: root
diff --git a/playbooks/aws/ansible-tower/vars.ops.yml b/playbooks/aws/ansible-tower/vars.ops.yml
deleted file mode 100644
index feb5d786a..000000000
--- a/playbooks/aws/ansible-tower/vars.ops.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-oo_env_long: operations
-oo_zabbix_hostgroups: ['OPS Environment']
-oo_vpc_subnet_id: subnet-4f0bdd38 # USE OPS
-oo_assign_public_ip: yes
-oo_security_group_ids:
- - sg-02c2f267 # Libra (vpc)
- - sg-7fc4f41a # ops (vpc)
- - sg-4dc26829 # ops_tower (vpc)
diff --git a/playbooks/aws/ansible-tower/vars.yml b/playbooks/aws/ansible-tower/vars.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/playbooks/aws/ansible-tower/vars.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/playbooks/aws/openshift-cluster/add_nodes.yml b/playbooks/aws/openshift-cluster/add_nodes.yml
index 3d88e6b23..0e8eb90c1 100644
--- a/playbooks/aws/openshift-cluster/add_nodes.yml
+++ b/playbooks/aws/openshift-cluster/add_nodes.yml
@@ -6,14 +6,9 @@
gather_facts: no
vars_files:
- vars.yml
- - ["vars.{{ deployment_type }}.{{ cluster_id }}.yml", vars.defaults.yml]
vars:
oo_extend_env: True
tasks:
- - fail:
- msg: Deployment type not supported for aws provider yet
- when: deployment_type == 'enterprise'
-
- include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
vars:
type: "compute"
diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml
index 9fba856a2..8402b3579 100644
--- a/playbooks/aws/openshift-cluster/config.yml
+++ b/playbooks/aws/openshift-cluster/config.yml
@@ -4,16 +4,18 @@
- ../../aws/openshift-cluster/cluster_hosts.yml
vars:
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
g_nodeonmaster: true
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
openshift_deployment_type: "{{ deployment_type }}"
openshift_public_hostname: "{{ ec2_ip_address }}"
openshift_registry_selector: 'type=infra'
- openshift_router_selector: 'type=infra'
+ openshift_hosted_router_selector: 'type=infra'
openshift_infra_nodes: "{{ g_infra_hosts }}"
- openshift_node_labels: '{"region": "{{ ec2_region }}", "type": "{{ hostvars[inventory_hostname]["ec2_tag_sub-host-type"] if inventory_hostname in groups["tag_host-type_node"] else hostvars[inventory_hostname]["ec2_tag_host-type"] }}"}'
+ openshift_node_labels:
+ region: "{{ deployment_vars[deployment_type].region }}"
+ type: "{{ hostvars[inventory_hostname]['ec2_tag_sub-host-type'] if inventory_hostname in groups['tag_host-type_node'] else hostvars[inventory_hostname]['ec2_tag_host-type'] }}"
openshift_master_cluster_method: 'native'
openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}"
os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}"
diff --git a/playbooks/aws/openshift-cluster/launch.yml b/playbooks/aws/openshift-cluster/launch.yml
index 15b83dfad..3edace493 100644
--- a/playbooks/aws/openshift-cluster/launch.yml
+++ b/playbooks/aws/openshift-cluster/launch.yml
@@ -6,12 +6,7 @@
gather_facts: no
vars_files:
- vars.yml
- - ["vars.{{ deployment_type }}.{{ cluster_id }}.yml", vars.defaults.yml]
tasks:
- - fail:
- msg: Deployment type not supported for aws provider yet
- when: deployment_type == 'enterprise'
-
- include: ../../common/openshift-cluster/tasks/set_etcd_launch_facts.yml
- include: tasks/launch_instances.yml
vars:
diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml
index 8b41a355e..a542b4ca3 100644
--- a/playbooks/aws/openshift-cluster/list.yml
+++ b/playbooks/aws/openshift-cluster/list.yml
@@ -15,7 +15,7 @@
name: "{{ item }}"
groups: oo_list_hosts
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: groups[scratch_group] | default([]) | difference(['localhost'])
- name: List Hosts
diff --git a/playbooks/aws/openshift-cluster/scaleup.yml b/playbooks/aws/openshift-cluster/scaleup.yml
index 7e3a47964..6fa9142a0 100644
--- a/playbooks/aws/openshift-cluster/scaleup.yml
+++ b/playbooks/aws/openshift-cluster/scaleup.yml
@@ -12,7 +12,7 @@
name: "{{ item }}"
groups: oo_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ groups.nodes_to_add }}"
- include: ../../common/openshift-cluster/update_repos_and_packages.yml
@@ -24,7 +24,7 @@
vars:
g_new_node_hosts: "{{ groups.nodes_to_add }}"
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
g_nodeonmaster: true
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
diff --git a/playbooks/aws/openshift-cluster/service.yml b/playbooks/aws/openshift-cluster/service.yml
index d5f7d6b19..f7f4812bb 100644
--- a/playbooks/aws/openshift-cluster/service.yml
+++ b/playbooks/aws/openshift-cluster/service.yml
@@ -16,7 +16,7 @@
name: "{{ item }}"
groups: g_service_masters
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ master_hosts | default([]) }}"
- name: Evaluate g_service_nodes
@@ -24,7 +24,7 @@
name: "{{ item }}"
groups: g_service_nodes
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ node_hosts | default([]) }}"
- include: ../../common/openshift-node/service.yml
diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
index 63be06ecf..7d5776ae6 100644
--- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
@@ -8,80 +8,50 @@
sub_host_type: "{{ g_sub_host_type }}"
- set_fact:
- ec2_region: "{{ lookup('env', 'ec2_region')
- | default(deployment_vars[deployment_type].region, true) }}"
- when: ec2_region is not defined
-- set_fact:
- ec2_image_name: "{{ lookup('env', 'ec2_image_name')
- | default(deployment_vars[deployment_type].image_name, true) }}"
- when: ec2_image_name is not defined and ec2_image is not defined
-- set_fact:
- ec2_image: "{{ lookup('env', 'ec2_image')
- | default(deployment_vars[deployment_type].image, true) }}"
- when: ec2_image is not defined and not ec2_image_name
-- set_fact:
- ec2_keypair: "{{ lookup('env', 'ec2_keypair')
- | default(deployment_vars[deployment_type].keypair, true) }}"
- when: ec2_keypair is not defined
-- set_fact:
- ec2_vpc_subnet: "{{ lookup('env', 'ec2_vpc_subnet')
- | default(deployment_vars[deployment_type].vpc_subnet, true) }}"
- when: ec2_vpc_subnet is not defined
-- set_fact:
- ec2_assign_public_ip: "{{ lookup('env', 'ec2_assign_public_ip')
- | default(deployment_vars[deployment_type].assign_public_ip, true) }}"
- when: ec2_assign_public_ip is not defined
-
-- set_fact:
- ec2_instance_type: "{{ ec2_master_instance_type | default(lookup('env', 'ec2_master_instance_type') | default(lookup('env', 'ec2_instance_type') | default(deployment_vars[deployment_type].type, true), true), true) }}"
- ec2_security_groups: "{{ ec2_master_security_groups | default(lookup('env', 'ec2_master_security_groups') | default(lookup('env', 'ec2_security_groups') | default(deployment_vars[deployment_type].security_groups, true), true), true) }}"
+ ec2_instance_type: "{{ lookup('env', 'ec2_master_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+ ec2_security_groups: "{{ lookup('env', 'ec2_master_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
when: host_type == "master" and sub_host_type == "default"
- set_fact:
- ec2_instance_type: "{{ ec2_etcd_instance_type | default(lookup('env', 'ec2_etcd_instance_type') | default(lookup('env', 'ec2_instance_type') | default(deployment_vars[deployment_type].type, true), true), true) }}"
- ec2_security_groups: "{{ ec2_etcd_security_groups | default(lookup('env', 'ec2_etcd_security_groups') | default(lookup('env', 'ec2_security_groups') | default(deployment_vars[deployment_type].security_groups, true), true), true) }}"
+ ec2_instance_type: "{{ lookup('env', 'ec2_etcd_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+ ec2_security_groups: "{{ lookup('env', 'ec2_etcd_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
when: host_type == "etcd" and sub_host_type == "default"
- set_fact:
- ec2_instance_type: "{{ ec2_infra_instance_type | default(lookup('env', 'ec2_infra_instance_type') | default(lookup('env', 'ec2_instance_type') | default(deployment_vars[deployment_type].type, true), true), true) }}"
- ec2_security_groups: "{{ ec2_infra_security_groups | default(lookup('env', 'ec2_infra_security_groups') | default(lookup('env', 'ec2_security_groups') | default(deployment_vars[deployment_type].security_groups, true), true), true) }}"
+ ec2_instance_type: "{{ lookup('env', 'ec2_infra_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+ ec2_security_groups: "{{ lookup('env', 'ec2_infra_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
when: host_type == "node" and sub_host_type == "infra"
- set_fact:
- ec2_instance_type: "{{ ec2_node_instance_type | default(lookup('env', 'ec2_node_instance_type') | default(lookup('env', 'ec2_instance_type') | default(deployment_vars[deployment_type].type, true), true), true) }}"
- ec2_security_groups: "{{ ec2_node_security_groups | default(lookup('env', 'ec2_node_security_groups') | default(lookup('env', 'ec2_security_groups') | default(deployment_vars[deployment_type].security_groups, true), true), true) }}"
+ ec2_instance_type: "{{ lookup('env', 'ec2_node_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+ ec2_security_groups: "{{ lookup('env', 'ec2_node_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
when: host_type == "node" and sub_host_type == "compute"
- set_fact:
- ec2_instance_type: "{{ lookup('env', 'ec2_instance_type')
- | default(deployment_vars[deployment_type].type, true) }}"
+ ec2_instance_type: "{{ deployment_vars[deployment_type].type }}"
when: ec2_instance_type is not defined
- set_fact:
- ec2_security_groups: "{{ lookup('env', 'ec2_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
+ ec2_security_groups: "{{ deployment_vars[deployment_type].security_groups }}"
when: ec2_security_groups is not defined
- name: Find amis for deployment_type
ec2_ami_find:
- region: "{{ ec2_region }}"
- ami_id: "{{ ec2_image | default(omit, true) }}"
- name: "{{ ec2_image_name | default(omit, true) }}"
+ region: "{{ deployment_vars[deployment_type].region }}"
+ ami_id: "{{ deployment_vars[deployment_type].image }}"
+ name: "{{ deployment_vars[deployment_type].image_name }}"
register: ami_result
- fail: msg="Could not find requested ami"
when: not ami_result.results
- set_fact:
- latest_ami: "{{ ami_result.results | oo_ami_selector(ec2_image_name) }}"
+ latest_ami: "{{ ami_result.results | oo_ami_selector(deployment_vars[deployment_type].image_name) }}"
volume_defs:
etcd:
root:
volume_size: "{{ lookup('env', 'os_etcd_root_vol_size') | default(25, true) }}"
device_type: "{{ lookup('env', 'os_etcd_root_vol_type') | default('gp2', true) }}"
iops: "{{ lookup('env', 'os_etcd_root_vol_iops') | default(500, true) }}"
- etcd:
- volume_size: "{{ lookup('env', 'os_etcd_vol_size') | default(32, true) }}"
- device_type: "{{ lookup('env', 'os_etcd_vol_type') | default('gp2', true) }}"
- iops: "{{ lookup('env', 'os_etcd_vol_iops') | default(500, true) }}"
master:
root:
volume_size: "{{ lookup('env', 'os_master_root_vol_size') | default(25, true) }}"
@@ -107,14 +77,14 @@
- name: Launch instance(s)
ec2:
state: present
- region: "{{ ec2_region }}"
- keypair: "{{ ec2_keypair }}"
- group: "{{ ec2_security_groups }}"
+ region: "{{ deployment_vars[deployment_type].region }}"
+ keypair: "{{ deployment_vars[deployment_type].keypair }}"
+ group: "{{ deployment_vars[deployment_type].security_groups }}"
instance_type: "{{ ec2_instance_type }}"
- image: "{{ latest_ami }}"
+ image: "{{ deployment_vars[deployment_type].image }}"
count: "{{ instances | length }}"
- vpc_subnet_id: "{{ ec2_vpc_subnet | default(omit, true) }}"
- assign_public_ip: "{{ ec2_assign_public_ip | default(omit, true) }}"
+ vpc_subnet_id: "{{ deployment_vars[deployment_type].vpc_subnet }}"
+ assign_public_ip: "{{ deployment_vars[deployment_type].assign_public_ip }}"
user_data: "{{ lookup('template', '../templates/user_data.j2') }}"
wait: yes
instance_tags:
@@ -127,7 +97,7 @@
register: ec2
- name: Add Name tag to instances
- ec2_tag: resource={{ item.1.id }} region={{ ec2_region }} state=present
+ ec2_tag: resource={{ item.1.id }} region={{ deployment_vars[deployment_type].region }} state=present
with_together:
- instances
- ec2.instances
@@ -136,29 +106,32 @@
Name: "{{ item.0 }}"
- set_fact:
- instance_groups: "tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }}, tag_environment_{{ cluster_env }},
- tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}"
+ instance_groups: >
+ tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }},
+ tag_environment_{{ cluster_env }}, tag_host-type_{{ host_type }},
+ tag_sub-host-type_{{ sub_host_type }}
- set_fact:
node_label:
- region: "{{ec2_region}}"
+ region: "{{ deployment_vars[deployment_type].region }}"
type: "{{sub_host_type}}"
when: host_type == "node"
- set_fact:
node_label:
- region: "{{ec2_region}}"
+ region: "{{ deployment_vars[deployment_type].region }}"
type: "{{host_type}}"
when: host_type != "node"
- set_fact:
logrotate:
- name: syslog
- path: "/var/log/cron
- \n/var/log/maillog
- \n/var/log/messages
- \n/var/log/secure
- \n/var/log/spooler \n"
+ path: |
+ /var/log/cron
+ /var/log/maillog
+ /var/log/messages
+ /var/log/secure
+ /var/log/spooler"
options:
- daily
- rotate 7
@@ -173,7 +146,7 @@
hostname: "{{ item.0 }}"
ansible_ssh_host: "{{ item.1.dns_name }}"
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: "{{ instance_groups }}"
ec2_private_ip_address: "{{ item.1.private_ip }}"
ec2_ip_address: "{{ item.1.public_ip }}"
@@ -188,7 +161,7 @@
hostname: "{{ item.0 }}"
ansible_ssh_host: "{{ item.1.dns_name }}"
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: nodes_to_add
ec2_private_ip_address: "{{ item.1.private_ip }}"
ec2_ip_address: "{{ item.1.public_ip }}"
diff --git a/playbooks/aws/openshift-cluster/templates/user_data.j2 b/playbooks/aws/openshift-cluster/templates/user_data.j2
index 3621a7d7d..2a3974a8c 100644
--- a/playbooks/aws/openshift-cluster/templates/user_data.j2
+++ b/playbooks/aws/openshift-cluster/templates/user_data.j2
@@ -1,24 +1,4 @@
#cloud-config
-{% if type == 'etcd' and 'etcd' in volume_defs[type] %}
-cloud_config_modules:
-- disk_setup
-- mounts
-
-mounts:
-- [ xvdb, /var/lib/etcd, xfs, "defaults" ]
-
-disk_setup:
- xvdb:
- table_type: mbr
- layout: True
-
-fs_setup:
-- label: etcd_storage
- filesystem: xfs
- device: /dev/xvdb
- partition: auto
-{% endif %}
-
{% if type in ['node', 'master'] and 'docker' in volume_defs[type] %}
mounts:
- [ xvdb ]
@@ -33,18 +13,7 @@ write_files:
permissions: '0644'
{% endif %}
-{% if deployment_type == 'online' %}
-devices: ['/var'] # Workaround for https://bugs.launchpad.net/bugs/1455436
-
-disable_root: 0
-growpart:
- mode: auto
- devices: ['/var']
-runcmd:
-- xfs_growfs /var
-{% endif %}
-
-{% if deployment_vars[deployment_type].sudo %}
+{% if deployment_vars[deployment_type].become %}
- path: /etc/sudoers.d/99-{{ deployment_vars[deployment_type].ssh_user }}-cloud-init-requiretty
permissions: 440
content: |
diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml
index 6dd5d8b62..fb13e1839 100644
--- a/playbooks/aws/openshift-cluster/terminate.yml
+++ b/playbooks/aws/openshift-cluster/terminate.yml
@@ -11,7 +11,7 @@
name: "{{ item }}"
groups: oo_hosts_to_terminate
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: (groups['tag_clusterid_' ~ cluster_id] | default([])) | difference(['localhost'])
- name: Unsubscribe VMs
diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml
index 32bab76b5..bd31c42dd 100644
--- a/playbooks/aws/openshift-cluster/update.yml
+++ b/playbooks/aws/openshift-cluster/update.yml
@@ -13,7 +13,7 @@
name: "{{ item }}"
groups: oo_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ g_all_hosts | default([]) }}"
- include: ../../common/openshift-cluster/update_repos_and_packages.yml
diff --git a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
index 11026e38d..44d9a3e25 100644
--- a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
+++ b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
@@ -1,14 +1,13 @@
---
-# This playbook upgrades an existing AWS cluster, leaving nodes untouched if used with an 'online' deployment type.
# Usage:
-# ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=online -e cluster_id=<cluster_id>
+# ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=<deployment_type> -e cluster_id=<cluster_id>
- include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
vars_files:
- "{{lookup('file', '../../../../aws/openshift-cluster/vars.yml')}}"
- "{{lookup('file', '../../../../aws/openshift-cluster/cluster_hosts.yml')}}"
vars:
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
g_nodeonmaster: true
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
diff --git a/playbooks/aws/openshift-cluster/vars.defaults.yml b/playbooks/aws/openshift-cluster/vars.defaults.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/playbooks/aws/openshift-cluster/vars.defaults.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/playbooks/aws/openshift-cluster/vars.online.int.yml b/playbooks/aws/openshift-cluster/vars.online.int.yml
deleted file mode 100644
index 2e2f25ccd..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.int.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_master_instance_type: t2.medium
-ec2_master_security_groups: [ 'integration', 'integration-master' ]
-ec2_infra_instance_type: c4.large
-ec2_infra_security_groups: [ 'integration', 'integration-infra' ]
-ec2_node_instance_type: m4.large
-ec2_node_security_groups: [ 'integration', 'integration-node' ]
-ec2_etcd_instance_type: m4.large
-ec2_etcd_security_groups: [ 'integration', 'integration-etcd' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.online.prod.yml b/playbooks/aws/openshift-cluster/vars.online.prod.yml
deleted file mode 100644
index 18a53e12e..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.prod.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_master_instance_type: t2.medium
-ec2_master_security_groups: [ 'production', 'production-master' ]
-ec2_infra_instance_type: c4.large
-ec2_infra_security_groups: [ 'production', 'production-infra' ]
-ec2_node_instance_type: m4.large
-ec2_node_security_groups: [ 'production', 'production-node' ]
-ec2_etcd_instance_type: m4.large
-ec2_etcd_security_groups: [ 'production', 'production-etcd' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.online.stage.yml b/playbooks/aws/openshift-cluster/vars.online.stage.yml
deleted file mode 100644
index 1f9ac4252..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.stage.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_master_instance_type: t2.medium
-ec2_master_security_groups: [ 'stage', 'stage-master' ]
-ec2_infra_instance_type: c4.large
-ec2_infra_security_groups: [ 'stage', 'stage-infra' ]
-ec2_node_instance_type: m4.large
-ec2_node_security_groups: [ 'stage', 'stage-node' ]
-ec2_etcd_instance_type: m4.large
-ec2_etcd_security_groups: [ 'stage', 'stage-etcd' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml
index ae12286bd..8bda72ac2 100644
--- a/playbooks/aws/openshift-cluster/vars.yml
+++ b/playbooks/aws/openshift-cluster/vars.yml
@@ -3,42 +3,31 @@ debug_level: 2
deployment_rhel7_ent_base:
# rhel-7.1, requires cloud access subscription
- image: ami-10663b78
- image_name:
- region: us-east-1
+ image: "{{ lookup('oo_option', 'ec2_image') | default('ami-10251c7a', True) }}"
+ image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
+ region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
ssh_user: ec2-user
- sudo: yes
- keypair: libra
- type: m4.large
- security_groups: [ 'public' ]
- vpc_subnet:
- assign_public_ip:
+ become: yes
+ keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
+ type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
+ security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
+ vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
+ assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
deployment_vars:
origin:
# centos-7, requires marketplace
- image: ami-61bbf104
- image_name:
- region: us-east-1
+ image: "{{ lookup('oo_option', 'ec2_image') | default('ami-61bbf104', True) }}"
+ image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
+ region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
ssh_user: centos
- sudo: yes
- keypair: libra
- type: m4.large
- security_groups: [ 'public' ]
- vpc_subnet:
- assign_public_ip:
- online:
- # private ami
- image: ami-7a9e9812
- image_name: openshift-rhel7_*
- region: us-east-1
- ssh_user: root
- sudo: no
- keypair: libra
- type: m4.large
- security_groups: [ 'public' ]
- vpc_subnet:
- assign_public_ip:
+ become: yes
+ keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
+ type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
+ security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
+ vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
+ assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
+
enterprise: "{{ deployment_rhel7_ent_base }}"
openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml
index 5887b3208..c5479d098 100644
--- a/playbooks/byo/openshift-cluster/config.yml
+++ b/playbooks/byo/openshift-cluster/config.yml
@@ -1,7 +1,21 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../common/openshift-cluster/config.yml
- vars_files:
- - ../../byo/openshift-cluster/cluster_hosts.yml
vars:
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_debug_level: "{{ debug_level | default(2) }}"
diff --git a/playbooks/byo/openshift-cluster/enable_dnsmasq.yml b/playbooks/byo/openshift-cluster/enable_dnsmasq.yml
new file mode 100644
index 000000000..1c8d99341
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/enable_dnsmasq.yml
@@ -0,0 +1,18 @@
+---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+
+- include: ../../common/openshift-cluster/enable_dnsmasq.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
index 628a07752..59d275d52 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
@@ -1,13 +1,28 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Verify Ansible version is greater than or equal to 1.9.4 and less than 2.0
+ fail:
+ msg: "Unsupported ansible version: {{ ansible_version }} found."
+ when: ansible_version.full | version_compare('1.9.4', 'lt') or ansible_version.full | version_compare('2.0', 'ge')
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: "{{ g_all_hosts }}"
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
- vars_files:
- - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"
vars:
- g_etcd_hosts: "{{ groups.etcd | default([]) }}"
- g_master_hosts: "{{ groups.masters | default([]) }}"
+ # Do not allow adding hosts during upgrade.
g_new_master_hosts: []
- g_nfs_hosts: "{{ groups.nfs | default([]) }}"
- g_node_hosts: "{{ groups.nodes | default([]) }}"
- g_lb_hosts: "{{ groups.lb | default([]) }}"
+ g_new_node_hosts: []
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_deployment_type: "{{ deployment_type }}"
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
index 8fadd2ce7..239da4df0 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
@@ -1,13 +1,28 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Verify Ansible version is greater than or equal to 1.9.4 and less than 2.0
+ fail:
+ msg: "Unsupported ansible version: {{ ansible_version }} found."
+ when: ansible_version.full | version_compare('1.9.4', 'lt') or ansible_version.full | version_compare('2.0', 'ge')
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: "{{ g_all_hosts }}"
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
- vars_files:
- - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"
vars:
- g_etcd_hosts: "{{ groups.etcd | default([]) }}"
- g_master_hosts: "{{ groups.masters | default([]) }}"
+ # Do not allow adding hosts during upgrade.
g_new_master_hosts: []
- g_nfs_hosts: "{{ groups.nfs | default([]) }}"
- g_node_hosts: "{{ groups.nodes | default([]) }}"
- g_lb_hosts: "{{ groups.lb | default([]) }}"
+ g_new_node_hosts: []
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_deployment_type: "{{ deployment_type }}"
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
index 42078584b..9363442aa 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
@@ -1,12 +1,29 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Verify Ansible version is greater than or equal to 1.9.4 and less than 2.0
+ fail:
+ msg: "Unsupported ansible version: {{ ansible_version }} found."
+ when: ansible_version.full | version_compare('1.9.4', 'lt') or ansible_version.full | version_compare('2.0', 'ge')
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: "{{ g_all_hosts }}"
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../../../common/openshift-cluster/evaluate_groups.yml
vars:
- g_etcd_hosts: "{{ groups.etcd | default([]) }}"
- g_master_hosts: "{{ groups.masters | default([]) }}"
+ # Do not allow adding hosts during upgrade.
g_new_master_hosts: []
- g_nfs_hosts: "{{ groups.nfs | default([]) }}"
- g_node_hosts: "{{ groups.nodes | default([]) }}"
- g_lb_hosts: "{{ groups.lb | default([]) }}"
+ g_new_node_hosts: []
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_deployment_type: "{{ deployment_type }}"
- include: ../../../../common/openshift-cluster/upgrades/v3_1_minor/pre.yml
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
index 0c91b51d6..24617620b 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
@@ -1,14 +1,54 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - name: Verify Ansible version is greater than or equal to 1.9.4 and less than 2.0
+ fail:
+ msg: "Unsupported ansible version: {{ ansible_version }} found."
+ when: ansible_version.full | version_compare('1.9.4', 'lt') or ansible_version.full | version_compare('2.0', 'ge')
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts | default([])
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../../../common/openshift-cluster/evaluate_groups.yml
vars:
- g_etcd_hosts: "{{ groups.etcd | default([]) }}"
- g_master_hosts: "{{ groups.masters | default([]) }}"
+ # Do not allow adding hosts during upgrade.
g_new_master_hosts: []
- g_nfs_hosts: "{{ groups.nfs | default([]) }}"
- g_node_hosts: "{{ groups.nodes | default([]) }}"
- g_lb_hosts: "{{ groups.lb | default([]) }}"
+ g_new_node_hosts: []
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_deployment_type: "{{ deployment_type }}"
+
+- name: Set oo_options
+ hosts: oo_all_hosts
+ tasks:
+ - set_fact:
+ openshift_docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}"
+ when: openshift_docker_additional_registries is not defined
+ - set_fact:
+ openshift_docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') }}"
+ when: openshift_docker_insecure_registries is not defined
+ - set_fact:
+ openshift_docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') }}"
+ when: openshift_docker_blocked_registries is not defined
+ - set_fact:
+ openshift_docker_options: "{{ lookup('oo_option', 'docker_options') }}"
+ when: openshift_docker_options is not defined
+ - set_fact:
+ openshift_docker_log_driver: "{{ lookup('oo_option', 'docker_log_driver') }}"
+ when: openshift_docker_log_driver is not defined
+ - set_fact:
+ openshift_docker_log_options: "{{ lookup('oo_option', 'docker_log_options') }}"
+ when: openshift_docker_log_options is not defined
+
- include: ../../../../common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
vars:
openshift_deployment_type: "{{ deployment_type }}"
diff --git a/playbooks/byo/openshift-master/restart.yml b/playbooks/byo/openshift-master/restart.yml
index a78a6aa3d..0cf669ae3 100644
--- a/playbooks/byo/openshift-master/restart.yml
+++ b/playbooks/byo/openshift-master/restart.yml
@@ -1,4 +1,18 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../common/openshift-master/restart.yml
- vars_files:
- - ../../byo/openshift-cluster/cluster_hosts.yml
diff --git a/playbooks/byo/openshift-master/scaleup.yml b/playbooks/byo/openshift-master/scaleup.yml
index 18797d02a..fced79262 100644
--- a/playbooks/byo/openshift-master/scaleup.yml
+++ b/playbooks/byo/openshift-master/scaleup.yml
@@ -1,7 +1,21 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../common/openshift-master/scaleup.yml
- vars_files:
- - ../../byo/openshift-cluster/cluster_hosts.yml
vars:
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_debug_level: "{{ debug_level | default(2) }}"
diff --git a/playbooks/byo/openshift-node/scaleup.yml b/playbooks/byo/openshift-node/scaleup.yml
index 0343597b5..5737bb0e0 100644
--- a/playbooks/byo/openshift-node/scaleup.yml
+++ b/playbooks/byo/openshift-node/scaleup.yml
@@ -1,7 +1,21 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
+
- include: ../../common/openshift-node/scaleup.yml
- vars_files:
- - ../../byo/openshift-cluster/cluster_hosts.yml
vars:
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_debug_level: "{{ debug_level | default(2) }}"
diff --git a/playbooks/byo/openshift_facts.yml b/playbooks/byo/openshift_facts.yml
index 916dfd0a6..db8703db6 100644
--- a/playbooks/byo/openshift_facts.yml
+++ b/playbooks/byo/openshift_facts.yml
@@ -1,4 +1,22 @@
---
+- hosts: localhost
+ connection: local
+ become: no
+ gather_facts: no
+ tasks:
+ - include_vars: openshift-cluster/cluster_hosts.yml
+ - add_host:
+ name: "{{ item }}"
+ groups: l_oo_all_hosts
+ with_items: g_all_hosts
+
+- hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include_vars: openshift-cluster/cluster_hosts.yml
+
+- include: ../common/openshift-cluster/evaluate_groups.yml
+
- name: Gather Cluster facts
hosts: OSEv3
roles:
diff --git a/playbooks/common/openshift-cluster/additional_config.yml b/playbooks/common/openshift-cluster/additional_config.yml
index 1ac78468a..5ed1d3b3c 100644
--- a/playbooks/common/openshift-cluster/additional_config.yml
+++ b/playbooks/common/openshift-cluster/additional_config.yml
@@ -27,10 +27,6 @@
(osm_use_cockpit | bool or osm_use_cockpit is undefined )
- role: flannel_register
when: openshift.common.use_flannel | bool
- - role: pods
- when: openshift.common.deployment_type == 'online'
- - role: os_env_extras
- when: openshift.common.deployment_type == 'online'
- name: Create persistent volumes and create hosted services
hosts: oo_first_master
@@ -49,8 +45,8 @@
openshift_serviceaccounts_namespace: default
openshift_serviceaccounts_sccs:
- privileged
- - role: openshift_router
- when: deploy_infra | bool
- role: openshift_registry
registry_volume_claim: "{{ openshift.hosted.registry.storage.volume.name }}-claim"
when: deploy_infra | bool and attach_registry_volume | bool
+ - role: openshift_metrics
+ when: openshift.hosted.metrics.deploy | bool
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 2411e7360..903babc45 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -1,10 +1,12 @@
---
- include: evaluate_groups.yml
+- include: initialize_facts.yml
+
- include: validate_hostnames.yml
- name: Set oo_options
- hosts: oo_hosts_to_config
+ hosts: oo_all_hosts
tasks:
- set_fact:
openshift_docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}"
@@ -34,3 +36,5 @@
- include: additional_config.yml
- include: ../openshift-node/config.yml
+
+- include: openshift_hosted.yml
diff --git a/playbooks/common/openshift-cluster/enable_dnsmasq.yml b/playbooks/common/openshift-cluster/enable_dnsmasq.yml
new file mode 100644
index 000000000..f2bcc872f
--- /dev/null
+++ b/playbooks/common/openshift-cluster/enable_dnsmasq.yml
@@ -0,0 +1,66 @@
+---
+- include: evaluate_groups.yml
+
+- name: Load openshift_facts
+ hosts: oo_masters_to_config:oo_nodes_to_config
+ roles:
+ - openshift_facts
+ post_tasks:
+ - fail: msg="This playbook requires a master version of at least Origin 1.1 or OSE 3.1"
+ when: not openshift.common.version_gte_3_1_1_or_1_1_1 | bool
+
+- name: Reconfigure masters to listen on our new dns_port
+ hosts: oo_masters_to_config
+ handlers:
+ - include: ../../../roles/openshift_master/handlers/main.yml
+ vars:
+ os_firewall_allow:
+ - service: skydns tcp
+ port: "{{ openshift.master.dns_port }}/tcp"
+ - service: skydns udp
+ port: "{{ openshift.master.dns_port }}/udp"
+ roles:
+ - os_firewall
+ tasks:
+ - openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: common
+ local_facts:
+ use_dnsmasq: True
+ - role: master
+ local_facts:
+ dns_port: '8053'
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: dnsConfig.bindAddress
+ yaml_value: "{{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}"
+ notify: restart master
+ - meta: flush_handlers
+
+- name: Configure nodes for dnsmasq
+ hosts: oo_nodes_to_config
+ handlers:
+ - include: ../../../roles/openshift_node/handlers/main.yml
+ pre_tasks:
+ - openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: common
+ local_facts:
+ use_dnsmasq: True
+ - role: node
+ local_facts:
+ dns_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
+ vars:
+ openshift_deployment_type: "{{ deployment_type }}"
+ roles:
+ - openshift_node_dnsmasq
+ post_tasks:
+ - modify_yaml:
+ dest: "{{ openshift.common.config_base }}/node/node-config.yaml"
+ yaml_key: dnsIP
+ yaml_value: "{{ openshift.node.dns_ip }}"
+ notify: restart node
diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml
index ce0134c44..c5273b08f 100644
--- a/playbooks/common/openshift-cluster/evaluate_groups.yml
+++ b/playbooks/common/openshift-cluster/evaluate_groups.yml
@@ -34,15 +34,15 @@
name: "{{ item }}"
groups: oo_all_hosts
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
- with_items: "{{ g_all_hosts | default([]) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: g_all_hosts | default([])
- name: Evaluate oo_masters
add_host:
name: "{{ item }}"
groups: oo_masters
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_master_hosts | union(g_new_master_hosts) | default([]) }}"
- name: Evaluate oo_etcd_to_config
@@ -50,7 +50,7 @@
name: "{{ item }}"
groups: oo_etcd_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_etcd_hosts | default([]) }}"
- name: Evaluate oo_masters_to_config
@@ -58,7 +58,7 @@
name: "{{ item }}"
groups: oo_masters_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_new_master_hosts | default(g_master_hosts | default([], true), true) }}"
- name: Evaluate oo_nodes_to_config
@@ -66,7 +66,7 @@
name: "{{ item }}"
groups: oo_nodes_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_new_node_hosts | default(g_node_hosts | default([], true), true) }}"
# Skip adding the master to oo_nodes_to_config when g_new_node_hosts is
@@ -75,7 +75,7 @@
name: "{{ item }}"
groups: oo_nodes_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_master_hosts | default([]) }}"
when: g_nodeonmaster | default(false) == true and g_new_node_hosts is not defined
@@ -91,7 +91,7 @@
name: "{{ g_master_hosts[0] }}"
groups: oo_first_master
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
when: g_master_hosts|length > 0
- name: Evaluate oo_lb_to_config
@@ -99,7 +99,7 @@
name: "{{ item }}"
groups: oo_lb_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_lb_hosts | default([]) }}"
- name: Evaluate oo_nfs_to_config
@@ -107,5 +107,5 @@
name: "{{ item }}"
groups: oo_nfs_to_config
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_nfs_hosts | default([]) }}"
diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml
new file mode 100644
index 000000000..cda490b1f
--- /dev/null
+++ b/playbooks/common/openshift-cluster/initialize_facts.yml
@@ -0,0 +1,10 @@
+---
+- name: Initialize host facts
+ hosts: oo_all_hosts
+ roles:
+ - openshift_facts
+ tasks:
+ - openshift_facts:
+ role: common
+ local_facts:
+ hostname: "{{ openshift_hostname | default(None) }}"
diff --git a/playbooks/common/openshift-cluster/library b/playbooks/common/openshift-cluster/library
new file mode 120000
index 000000000..d0b7393d3
--- /dev/null
+++ b/playbooks/common/openshift-cluster/library
@@ -0,0 +1 @@
+../../../library/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
new file mode 100644
index 000000000..1cbc0f544
--- /dev/null
+++ b/playbooks/common/openshift-cluster/openshift_hosted.yml
@@ -0,0 +1,5 @@
+- name: Create Hosted Resources
+ hosts: oo_first_master
+ roles:
+ - role: openshift_hosted
+ openshift_hosted_router_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh b/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh
index 7a1edf38f..96944a78b 100644
--- a/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh
+++ b/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh
@@ -3,19 +3,19 @@
# Here we don't really care if this is a master, api, controller or node image.
# We just need to know the version of one of them.
unit_file=$(ls /etc/systemd/system/${1}*.service | head -n1)
-installed_container_name=$(basename -s .service ${unit_file})
-installed=$(docker exec ${installed_container_name} openshift version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v')
if [ ${1} == "origin" ]; then
image_name="openshift/origin"
elif grep aep $unit_file 2>&1 > /dev/null; then
- image_name="aep3/aep"
+ image_name="aep3/node"
elif grep openshift3 $unit_file 2>&1 > /dev/null; then
- image_name="openshift3/ose"
+ image_name="openshift3/node"
fi
+installed=$(docker run --rm --entrypoint=/bin/openshift ${image_name} version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v')
+
docker pull ${image_name} 2>&1 > /dev/null
-available=$(docker run --rm ${image_name} version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v')
+available=$(docker run --rm --entrypoint=/bin/openshift ${image_name} version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v')
echo "---"
echo "curr_version: ${installed}"
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
index 63c8ef756..5b2bf9f93 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
@@ -36,16 +36,17 @@
- name: Ensure AOS 3.0.2 or Origin 1.0.6
hosts: oo_first_master
tasks:
- fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later
+ - fail:
+ msg: "This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later"
when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') )
- name: Update cluster policy
hosts: oo_first_master
tasks:
- - name: oadm policy reconcile-cluster-roles --confirm
+ - name: oadm policy reconcile-cluster-roles --additive-only=true --confirm
command: >
{{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- policy reconcile-cluster-roles --confirm
+ policy reconcile-cluster-roles --additive-only=true --confirm
- name: Upgrade default router
hosts: oo_first_master
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
index 31ba8c4a9..a72749a2b 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
@@ -490,7 +490,7 @@
- name: Reconcile Cluster Roles
command: >
{{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- policy reconcile-cluster-roles --confirm
+ policy reconcile-cluster-roles --additive-only=true --confirm
run_once: true
- name: Reconcile Cluster Role Bindings
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
index 54bb251f7..5e62b43a3 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml
@@ -103,7 +103,7 @@
- name: Reconcile Cluster Roles
command: >
{{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- policy reconcile-cluster-roles --confirm
+ policy reconcile-cluster-roles --additive-only=true --confirm
run_once: true
- name: Reconcile Cluster Role Bindings
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/atomic-openshift-master.j2 b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/atomic-openshift-master.j2
new file mode 120000
index 000000000..cf20e8959
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/atomic-openshift-master.j2
@@ -0,0 +1 @@
+../../../../../roles/openshift_master/templates/atomic-openshift-master.j2 \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
index cc587bfa1..319758a06 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/containerized_upgrade.yml
@@ -1,7 +1,7 @@
- include_vars: ../../../../../roles/openshift_node/vars/main.yml
- name: Update systemd units
- include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=g_aos_versions.avail_version
+ include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=v{{ g_new_version }}
- name: Verifying the correct version was configured
shell: grep {{ verify_upgrade_version }} {{ item }}
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker
new file mode 120000
index 000000000..5a3dd12b3
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker
@@ -0,0 +1 @@
+../../../../../roles/openshift_master/templates/docker \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker-cluster b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker-cluster
new file mode 120000
index 000000000..3ee319365
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/docker-cluster
@@ -0,0 +1 @@
+../../../../../roles/openshift_master/templates/docker-cluster \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/native-cluster b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/native-cluster
new file mode 120000
index 000000000..f44f8eb4f
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/native-cluster
@@ -0,0 +1 @@
+../../../../../roles/openshift_master/templates/native-cluster \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/node_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/node_upgrade.yml
new file mode 100644
index 000000000..a911f12be
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/node_upgrade.yml
@@ -0,0 +1,24 @@
+- name: Prepare for Node evacuation
+ command: >
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+
+- name: Evacuate Node for Kubelet upgrade
+ command: >
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+
+- include: rpm_upgrade.yml
+ vars:
+ component: "node"
+ openshift_version: "{{ openshift_pkg_version | default('') }}"
+ when: not openshift.common.is_containerized | bool
+
+- include: containerized_upgrade.yml
+ when: openshift.common.is_containerized | bool
+
+- name: Set node schedulability
+ command: >
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=true
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+ when: openshift.node.schedulable | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/post.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/post.yml
index 3fd97ac14..12e2edfb9 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/post.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/post.yml
@@ -10,6 +10,7 @@
router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}"
oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig"
roles:
+ - openshift_manageiq
# Create the new templates shipped in 3.2, existing templates are left
# unmodified. This prevents the subsequent role definition for
# openshift_examples from failing when trying to replace templates that do
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
index d6abeb345..dd9843290 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml
@@ -2,10 +2,11 @@
###############################################################################
# Evaluate host groups and gather facts
###############################################################################
-- name: Load openshift_facts
+- name: Load openshift_facts and update repos
hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config:oo_lb_to_config
roles:
- openshift_facts
+ - openshift_repos
- name: Evaluate additional groups for upgrade
hosts: localhost
@@ -25,6 +26,7 @@
hosts: oo_first_master
vars:
target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}"
+ g_pacemaker_upgrade_url_segment: "{{ 'org/latest' if deployment_type =='origin' else '.com/enterprise/3.1' }}"
gather_facts: no
tasks:
- fail:
@@ -35,6 +37,12 @@
- fail:
msg: >
+ This upgrade does not support Pacemaker:
+ https://docs.openshift.{{ g_pacemaker_upgrade_url_segment }}/install_config/upgrading/pacemaker_to_native_ha.html
+ when: openshift.master.cluster_method is defined and openshift.master.cluster_method == 'pacemaker'
+
+ - fail:
+ msg: >
openshift_pkg_version is {{ openshift_pkg_version }} which is not a
valid version for a {{ target_version }} upgrade
when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<')
@@ -50,6 +58,11 @@
roles:
- openshift_facts
tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ ha: "{{ groups.oo_masters_to_config | length > 1 }}"
+
- name: Ensure Master is running
service:
name: "{{ openshift.common.service_type }}-master"
@@ -87,14 +100,18 @@
hosts: oo_masters_to_config:oo_nodes_to_config
vars:
target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}"
- openshift_docker_hosted_registry_insecure: True
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
+ upgrading: True
handlers:
- include: ../../../../../roles/openshift_master/handlers/main.yml
- include: ../../../../../roles/openshift_node/handlers/main.yml
roles:
- - openshift_cli
- tasks:
+ # We want the cli role to evaluate so that the containerized oc/oadm wrappers
+ # are modified to use the correct image tag. However, this can trigger a
+ # docker restart if new configuration is laid down which would immediately
+ # pull the latest image and defeat the purpose of these tasks.
+ - { role: openshift_cli }
+ pre_tasks:
- name: Clean package cache
command: "{{ ansible_pkg_mgr }} clean all"
when: not openshift.common.is_atomic | bool
@@ -135,20 +152,24 @@
- fail:
msg: Verifying the correct version was found
+ when: g_aos_versions.curr_version == ""
+
+ - fail:
+ msg: Verifying the correct version was found
when: verify_upgrade_version is defined and g_new_version != verify_upgrade_version
- include_vars: ../../../../../roles/openshift_master/vars/main.yml
when: inventory_hostname in groups.oo_masters_to_config
- name: Update systemd units
- include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=g_aos_versions.curr_version
+ include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=v{{ g_new_version }}
when: inventory_hostname in groups.oo_masters_to_config
- include_vars: ../../../../../roles/openshift_node/vars/main.yml
when: inventory_hostname in groups.oo_nodes_to_config
- name: Update systemd units
- include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=g_aos_versions.curr_version
+ include: ../../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version=v{{ g_new_version }}
when: inventory_hostname in groups.oo_nodes_to_config
# Note: the version number is hardcoded here in hopes of catching potential
@@ -199,8 +220,7 @@
- fail:
msg: This playbook requires access to Docker 1.9 or later
- when: not openshift.common.is_atomic | bool
- and (g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.9','<'))
+ when: g_docker_version.avail_version | default(g_docker_version.curr_version, true) | version_compare('1.9','<')
# TODO: add check to upgrade ostree to get latest Docker
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/rpm_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/rpm_upgrade.yml
index 7a2718e1b..5c96ad094 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/rpm_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/rpm_upgrade.yml
@@ -4,3 +4,6 @@
- name: Ensure python-yaml present for config upgrade
action: "{{ ansible_pkg_mgr }} name=PyYAML state=present"
when: not openshift.common.is_atomic | bool
+
+- name: Restart node service
+ service: name="{{ openshift.common.service_type }}-node" state=restarted
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
index b393b64fe..c93bf2a17 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml
@@ -1,33 +1,4 @@
---
-# This is a workaround for authenticated registries
-- name: Download new images
- hosts: oo_nodes_to_config
- roles:
- - openshift_facts
- tasks:
- - name: Pull Images
- command: >
- docker pull {{ item }}:v{{ g_new_version }}
- with_items:
- - "{{ openshift.node.node_image }}"
- - "{{ openshift.node.ovs_image }}"
- - "{{ openshift.common.pod_image }}"
- - "{{ openshift.common.router_image }}"
- - "{{ openshift.common.registry_image }}"
- - "{{ openshift.common.deployer_image }}"
-
-# This is a workaround for authenticated registries
-- name: Download new images
- hosts: oo_masters_to_config
- roles:
- - openshift_facts
- tasks:
- - name: Pull Images
- command: >
- docker pull {{ item }}:v{{ g_new_version }}
- with_items:
- - "{{ openshift.master.master_image }}"
-
###############################################################################
# The restart playbook should be run after this playbook completes.
###############################################################################
@@ -39,6 +10,32 @@
tasks:
- include: docker_upgrade.yml
when: not openshift.common.is_atomic | bool
+ - name: Set post docker install facts
+ openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: docker
+ local_facts:
+ openshift_image_tag: "v{{ g_new_version }}"
+ openshift_version: "{{ g_new_version }}"
+
+# The cli image is used by openshift_docker_facts to determine the currently installed
+# version. We need to explicitly pull the latest image to handle cases where
+# the locally cached 'latest' tag is older the g_new_version.
+- name: Download cli image
+ hosts: oo_masters_to_config:oo_nodes_to_config
+ roles:
+ - { role: openshift_docker_facts }
+ vars:
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
+ tasks:
+ - name: Pull Images
+ command: >
+ docker pull {{ item }}:latest
+ with_items:
+ - "{{ openshift.common.cli_image }}"
+ when: openshift.common.is_containerized | bool
###############################################################################
# Upgrade Masters
@@ -56,7 +53,7 @@
- include_vars: ../../../../../roles/openshift_master/vars/main.yml
- name: Update systemd units
- include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=g_aos_versions.avail_version
+ include: ../../../../../roles/openshift_master/tasks/systemd_units.yml openshift_version=v{{ g_new_version }}
# - name: Upgrade master configuration
# openshift_upgrade_config:
@@ -94,23 +91,13 @@
###############################################################################
- name: Upgrade nodes
hosts: oo_nodes_to_config
+ serial: 1
roles:
- openshift_facts
handlers:
- include: ../../../../../roles/openshift_node/handlers/main.yml
tasks:
- - include: rpm_upgrade.yml
- vars:
- component: "node"
- openshift_version: "{{ openshift_pkg_version | default('') }}"
- when: not openshift.common.is_containerized | bool
-
- - include: containerized_upgrade.yml
- when: openshift.common.is_containerized | bool
-
- # This will restart the node
- - name: Restart openvswitch service
- service: name="{{ openshift.common.service_type }}-node" state=restarted
+ - include: node_upgrade.yml
- set_fact:
node_update_complete: True
@@ -136,15 +123,16 @@
###############################################################################
# Reconcile Cluster Roles, Cluster Role Bindings and Security Context Constraints
###############################################################################
+
- name: Reconcile Cluster Roles and Cluster Role Bindings and Security Context Constraints
hosts: oo_masters_to_config
roles:
- - { role: openshift_cli, openshift_image_tag: "v{{ g_new_version }}" }
+ - { role: openshift_cli, openshift_image_tag: "v{{ g_new_version }}" }
vars:
origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}"
ent_reconcile_bindings: true
- openshift_docker_hosted_registry_insecure: True
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
+ upgrading: True
tasks:
- name: Verifying the correct commandline tools are available
shell: grep {{ verify_upgrade_version }} {{ openshift.common.admin_binary}}
@@ -153,7 +141,7 @@
- name: Reconcile Cluster Roles
command: >
{{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- policy reconcile-cluster-roles --confirm
+ policy reconcile-cluster-roles --additive-only=true --confirm
run_once: true
- name: Reconcile Cluster Role Bindings
@@ -170,7 +158,7 @@
- name: Reconcile Security Context Constraints
command: >
- {{ openshift.common.admin_binary}} policy reconcile-sccs --confirm
+ {{ openshift.common.admin_binary}} policy reconcile-sccs --confirm --additive-only=true
run_once: true
- set_fact:
diff --git a/playbooks/common/openshift-cluster/validate_hostnames.yml b/playbooks/common/openshift-cluster/validate_hostnames.yml
index 0f562e019..50e25984f 100644
--- a/playbooks/common/openshift-cluster/validate_hostnames.yml
+++ b/playbooks/common/openshift-cluster/validate_hostnames.yml
@@ -1,6 +1,4 @@
---
-- include: evaluate_groups.yml
-
- name: Gather and set facts for node hosts
hosts: oo_nodes_to_config
roles:
diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml
index 06fbd6862..6cb3a954f 100644
--- a/playbooks/common/openshift-etcd/config.yml
+++ b/playbooks/common/openshift-etcd/config.yml
@@ -22,6 +22,8 @@
etcd_cert_subdir: etcd-{{ openshift.common.hostname }}
etcd_cert_config_dir: /etc/etcd
etcd_cert_prefix:
+ etcd_hostname: "{{ openshift.common.hostname }}"
+ etcd_ip: "{{ openshift.common.ip }}"
- name: Create temp directory for syncing certs
hosts: localhost
@@ -43,7 +45,7 @@
| oo_filter_list(filter_attr='etcd_server_certs_missing') }}"
sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}"
roles:
- - etcd_certificates
+ - openshift_etcd_certificates
post_tasks:
- name: Create a tarball of the etcd certs
command: >
@@ -51,7 +53,7 @@
-C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .
args:
creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
- with_items: etcd_needing_server_certs
+ with_items: "{{ etcd_needing_server_certs | default([]) }}"
- name: Retrieve the etcd cert tarballs
fetch:
src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
@@ -59,7 +61,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: etcd_needing_server_certs
+ with_items: "{{ etcd_needing_server_certs | default([]) }}"
# Configure a first etcd host to avoid conflicts in choosing a leader
# if other members come online too quickly.
@@ -69,7 +71,7 @@
sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}"
etcd_url_scheme: https
etcd_peer_url_scheme: https
- etcd_peers_group: oo_etcd_to_config
+ etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
@@ -91,7 +93,7 @@
sync_tmpdir: "{{ hostvars.localhost.g_etcd_mktemp.stdout }}"
etcd_url_scheme: https
etcd_peer_url_scheme: https
- etcd_peers_group: oo_etcd_to_config
+ etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
@@ -103,7 +105,7 @@
dest: "{{ etcd_cert_config_dir }}"
when: etcd_server_certs_missing
roles:
- - etcd
+ - openshift_etcd
- role: nickhammond.logrotate
- name: Delete temporary directory on localhost
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index f1eaf8e16..91d66a9cb 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -35,6 +35,19 @@
- set_fact:
openshift_master_debug_level: "{{ t_oo_option_master_debug_level }}"
when: openshift_master_debug_level is not defined and t_oo_option_master_debug_level != ""
+
+ - set_fact:
+ openshift_master_default_subdomain: "{{ lookup('oo_option', 'openshift_master_default_subdomain') | default(None, true) }}"
+ when: openshift_master_default_subdomain is not defined
+ - set_fact:
+ openshift_hosted_metrics_deploy: "{{ lookup('oo_option', 'openshift_hosted_metrics_deploy') | default(false, true) }}"
+ when: openshift_hosted_metrics_deploy is not defined
+ - set_fact:
+ openshift_hosted_metrics_duration: "{{ lookup('oo_option', 'openshift_hosted_metrics_duration') | default(7) }}"
+ when: openshift_hosted_metrics_duration is not defined
+ - set_fact:
+ openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default(10) }}"
+ when: openshift_hosted_metrics_resolution is not defined
roles:
- openshift_facts
post_tasks:
@@ -53,7 +66,6 @@
console_url: "{{ openshift_master_console_url | default(None) }}"
console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
- portal_net: "{{ openshift_master_portal_net | default(None) }}"
ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
- openshift_facts:
@@ -75,6 +87,8 @@
etcd_cert_subdir: openshift-master-{{ openshift.common.hostname }}
etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"
etcd_cert_prefix: master.etcd-
+ etcd_hostname: "{{ openshift.common.hostname }}"
+ etcd_ip: "{{ openshift.common.ip }}"
when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
- name: Create temp directory for syncing certs
@@ -98,7 +112,7 @@
| oo_filter_list(filter_attr='etcd_client_certs_missing') }}"
sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
roles:
- - etcd_certificates
+ - openshift_etcd_certificates
post_tasks:
- name: Create a tarball of the etcd certs
command: >
@@ -106,7 +120,7 @@
-C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .
args:
creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
- with_items: etcd_needing_client_certs
+ with_items: "{{ etcd_needing_client_certs | default([]) }}"
- name: Retrieve the etcd cert tarballs
fetch:
src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
@@ -114,7 +128,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: etcd_needing_client_certs
+ with_items: "{{ etcd_needing_client_certs | default([]) }}"
- name: Copy the external etcd certs to the masters
hosts: oo_masters_to_config
@@ -164,7 +178,7 @@
- name: Check status of master certificates
stat:
path: "{{ openshift.common.config_base }}/master/{{ item }}"
- with_items: openshift_master_certs
+ with_items: "{{ openshift_master_certs }}"
register: g_master_cert_stat_result
- set_fact:
master_certs_missing: "{{ False in (g_master_cert_stat_result.results
@@ -190,6 +204,7 @@
| oo_collect('openshift.common.all_hostnames')
| oo_flatten | unique }}"
sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
roles:
- openshift_master_certificates
post_tasks:
@@ -199,7 +214,7 @@
state: absent
when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
with_nested:
- - masters_needing_certs
+ - "{{ masters_needing_certs | default([]) }}"
- - master.etcd-client.crt
- master.etcd-client.key
@@ -209,7 +224,7 @@
-C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} .
args:
creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz"
- with_items: masters_needing_certs
+ with_items: "{{ masters_needing_certs | default([]) }}"
- name: Retrieve the master cert tarball from the master
fetch:
@@ -218,7 +233,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: masters_needing_certs
+ with_items: "{{ masters_needing_certs | default([]) }}"
- name: Configure load balancers
hosts: oo_lb_to_config
@@ -332,6 +347,7 @@
openshift_master_count: "{{ openshift.master.master_count }}"
openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
@@ -353,13 +369,6 @@
group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}
changed_when: False
-# Additional instance config for online deployments
-- name: Additional instance config
- hosts: oo_masters_deployment_type_online
- roles:
- - pods
- - os_env_extras
-
- name: Delete temporary directory on localhost
hosts: localhost
connection: local
diff --git a/playbooks/common/openshift-master/library b/playbooks/common/openshift-master/library
new file mode 120000
index 000000000..d0b7393d3
--- /dev/null
+++ b/playbooks/common/openshift-master/library
@@ -0,0 +1 @@
+../../../library/ \ No newline at end of file
diff --git a/playbooks/common/openshift-master/library/modify_yaml.py b/playbooks/common/openshift-master/library/modify_yaml.py
deleted file mode 100755
index a4be10ca3..000000000
--- a/playbooks/common/openshift-master/library/modify_yaml.py
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# vim: expandtab:tabstop=4:shiftwidth=4
-
-''' modify_yaml ansible module '''
-
-import yaml
-
-DOCUMENTATION = '''
----
-module: modify_yaml
-short_description: Modify yaml key value pairs
-author: Andrew Butcher
-requirements: [ ]
-'''
-EXAMPLES = '''
-- modify_yaml:
- dest: /etc/origin/master/master-config.yaml
- yaml_key: 'kubernetesMasterConfig.masterCount'
- yaml_value: 2
-'''
-
-def main():
- ''' Modify key (supplied in jinja2 dot notation) in yaml file, setting
- the key to the desired value.
- '''
-
- # disabling pylint errors for global-variable-undefined and invalid-name
- # for 'global module' usage, since it is required to use ansible_facts
- # pylint: disable=global-variable-undefined, invalid-name,
- # redefined-outer-name
- global module
-
- module = AnsibleModule(
- argument_spec=dict(
- dest=dict(required=True),
- yaml_key=dict(required=True),
- yaml_value=dict(required=True),
- backup=dict(required=False, default=True, type='bool'),
- ),
- supports_check_mode=True,
- )
-
- dest = module.params['dest']
- yaml_key = module.params['yaml_key']
- yaml_value = module.safe_eval(module.params['yaml_value'])
- backup = module.params['backup']
-
- # Represent null values as an empty string.
- # pylint: disable=missing-docstring, unused-argument
- def none_representer(dumper, data):
- return yaml.ScalarNode(tag=u'tag:yaml.org,2002:null', value=u'')
- yaml.add_representer(type(None), none_representer)
-
- try:
- changes = []
-
- yaml_file = open(dest)
- yaml_data = yaml.safe_load(yaml_file.read())
- yaml_file.close()
-
- ptr = yaml_data
- for key in yaml_key.split('.'):
- if key not in ptr and key != yaml_key.split('.')[-1]:
- ptr[key] = {}
- elif key == yaml_key.split('.')[-1]:
- if (key in ptr and module.safe_eval(ptr[key]) != yaml_value) or (key not in ptr):
- ptr[key] = yaml_value
- changes.append((yaml_key, yaml_value))
- else:
- ptr = ptr[key]
-
- if len(changes) > 0:
- if backup:
- module.backup_local(dest)
- yaml_file = open(dest, 'w')
- yaml_string = yaml.dump(yaml_data, default_flow_style=False)
- yaml_string = yaml_string.replace('\'\'', '""')
- yaml_file.write(yaml_string)
- yaml_file.close()
-
- return module.exit_json(changed=(len(changes) > 0), changes=changes)
-
- # ignore broad-except error to avoid stack trace to ansible user
- # pylint: disable=broad-except
- except Exception, e:
- return module.fail_json(msg=str(e))
-
-# ignore pylint errors related to the module_utils import
-# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import
-# import module snippets
-from ansible.module_utils.basic import *
-
-if __name__ == '__main__':
- main()
diff --git a/playbooks/common/openshift-master/restart.yml b/playbooks/common/openshift-master/restart.yml
index 02449e40d..57a63cfee 100644
--- a/playbooks/common/openshift-master/restart.yml
+++ b/playbooks/common/openshift-master/restart.yml
@@ -97,7 +97,7 @@
name: "{{ item }}"
groups: oo_active_masters
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ groups.oo_masters_to_config | default([]) }}"
when: (hostvars[item]['is_active'] | default(false)) | bool
- name: Evaluate oo_current_masters
@@ -105,7 +105,7 @@
name: "{{ item }}"
groups: oo_current_masters
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ groups.oo_masters_to_config | default([]) }}"
when: (hostvars[item]['current_host'] | default(false)) | bool
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index 7ca941732..a41fca45a 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -66,7 +66,7 @@
-C {{ item.config_dir }} .
args:
creates: "{{ item.config_dir }}.tgz"
- with_items: nodes_needing_certs
+ with_items: "{{ nodes_needing_certs | default([]) }}"
- name: Retrieve the node config tarballs from the master
fetch:
@@ -75,7 +75,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: nodes_needing_certs
+ with_items: "{{ nodes_needing_certs | default([]) }}"
- name: Deploy node certificates
hosts: oo_nodes_to_config
@@ -105,7 +105,7 @@
name: "{{ item }}"
groups: oo_containerized_master_nodes
ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_sudo: "{{ g_sudo | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ groups.oo_nodes_to_config | default([]) }}"
when: hostvars[item].openshift.common.is_containerized | bool and (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config)
@@ -115,11 +115,7 @@
vars:
openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
- # TODO: configure these based on
- # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of
- # hardcoding
- openshift_docker_hosted_registry_insecure: True
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
roles:
- openshift_node
@@ -128,11 +124,7 @@
vars:
openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}"
- # TODO: configure these based on
- # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of
- # hardcoding
- openshift_docker_hosted_registry_insecure: True
- openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
roles:
- openshift_node
@@ -148,13 +140,15 @@
register: g_external_etcd_flannel_cert_stat_result
when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool)
- set_fact:
- etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results
+ etcd_client_flannel_certs_missing: "{{ False in g_external_etcd_flannel_cert_stat_result.results
| oo_collect(attribute='stat.exists')
- | list | intersect([false])}}"
+ | list }}"
etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }}
etcd_cert_config_dir: "{{ openshift.common.config_base }}/node"
etcd_cert_prefix: node.etcd-
- when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool)
+ etcd_hostname: "{{ openshift.common.hostname }}"
+ etcd_ip: "{{ openshift.common.ip }}"
+ when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 and (openshift.common.use_flannel | bool)
- name: Configure flannel etcd certificates
hosts: oo_first_etcd
@@ -164,11 +158,10 @@
pre_tasks:
- set_fact:
etcd_needing_client_certs: "{{ hostvars
- | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}"
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ | oo_select_keys(groups['oo_nodes_to_config'])
+ | oo_filter_list('etcd_client_flannel_certs_missing') | default([]) }}"
roles:
- - role: etcd_certificates
+ - role: openshift_etcd_certificates
when: openshift_use_flannel | default(false) | bool
post_tasks:
- name: Create a tarball of the etcd flannel certs
@@ -177,8 +170,7 @@
-C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .
args:
creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
- with_items: etcd_needing_client_certs
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ with_items: etcd_needing_client_certs | default([])
- name: Retrieve the etcd cert tarballs
fetch:
src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
@@ -186,8 +178,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: etcd_needing_client_certs
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ with_items: etcd_needing_client_certs | default([])
- name: Copy the external etcd flannel certs to the nodes
hosts: oo_nodes_to_config
@@ -198,12 +189,12 @@
file:
path: "{{ openshift.common.config_base }}/node"
state: directory
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ when: etcd_client_flannel_certs_missing | default(false) | bool
- name: Unarchive the tarball on the master
unarchive:
src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz"
dest: "{{ etcd_cert_config_dir }}"
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ when: etcd_client_flannel_certs_missing | default(false) | bool
- file:
path: "{{ etcd_cert_config_dir }}/{{ item }}"
owner: root
@@ -213,7 +204,7 @@
- node.etcd-client.crt
- node.etcd-client.key
- node.etcd-ca.crt
- when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing
+ when: etcd_client_flannel_certs_missing | default(false) | bool
- name: Additional node config
@@ -243,14 +234,6 @@
- file: name={{ mktemp.stdout }} state=absent
changed_when: False
-# Additional config for online type deployments
-- name: Additional instance config
- hosts: oo_nodes_deployment_type_online
- gather_facts: no
- roles:
- - os_env_extras
- - os_env_extras_node
-
- name: Set schedulability
hosts: oo_first_master
vars:
diff --git a/playbooks/common/openshift-node/scaleup.yml b/playbooks/common/openshift-node/scaleup.yml
index d36f7acea..1d79db353 100644
--- a/playbooks/common/openshift-node/scaleup.yml
+++ b/playbooks/common/openshift-node/scaleup.yml
@@ -1,6 +1,11 @@
---
- include: ../openshift-cluster/evaluate_groups.yml
+- name: Gather facts
+ hosts: oo_etcd_to_config:oo_masters_to_config:oo_nodes_to_config
+ roles:
+ - openshift_facts
+
- name: Configure docker hosts
hosts: oo_nodes_to_config
vars:
diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml
index ba37a3a1f..475d29293 100644
--- a/playbooks/gce/openshift-cluster/config.yml
+++ b/playbooks/gce/openshift-cluster/config.yml
@@ -5,14 +5,14 @@
- ../../gce/openshift-cluster/cluster_hosts.yml
vars:
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
g_nodeonmaster: true
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
openshift_deployment_type: "{{ deployment_type }}"
openshift_hostname: "{{ gce_private_ip }}"
openshift_registry_selector: 'type=infra'
- openshift_router_selector: 'type=infra'
+ openshift_hosted_router_selector: 'type=infra'
openshift_infra_nodes: "{{ g_infra_hosts }}"
openshift_master_cluster_method: 'native'
openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}"
diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml
index 992033d16..c29cac272 100644
--- a/playbooks/gce/openshift-cluster/list.yml
+++ b/playbooks/gce/openshift-cluster/list.yml
@@ -15,7 +15,7 @@
name: "{{ item }}"
groups: oo_list_hosts
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true))
- name: List Hosts
diff --git a/playbooks/gce/openshift-cluster/service.yml b/playbooks/gce/openshift-cluster/service.yml
index 914f38c1f..13b267976 100644
--- a/playbooks/gce/openshift-cluster/service.yml
+++ b/playbooks/gce/openshift-cluster/service.yml
@@ -15,14 +15,14 @@
name: "{{ item }}"
groups: g_service_nodes
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"
- add_host:
name: "{{ item }}"
groups: g_service_masters
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"
- include: ../../common/openshift-node/service.yml
diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
index 8ebf71cd4..e3efd8566 100644
--- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
@@ -39,7 +39,7 @@
hostname: "{{ item.name }}"
ansible_ssh_host: "{{ item.public_ip }}"
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}"
gce_public_ip: "{{ item.public_ip }}"
gce_private_ip: "{{ item.private_ip }}"
diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml
index d835c53ba..6a0ac088a 100644
--- a/playbooks/gce/openshift-cluster/terminate.yml
+++ b/playbooks/gce/openshift-cluster/terminate.yml
@@ -11,7 +11,7 @@
name: "{{ item }}"
groups: oo_hosts_to_terminate
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: (groups['tag_clusterid-' ~ cluster_id] | default([])) | difference(['localhost'])
- name: Unsubscribe VMs
diff --git a/playbooks/gce/openshift-cluster/update.yml b/playbooks/gce/openshift-cluster/update.yml
index 2dc540978..9b7a2777a 100644
--- a/playbooks/gce/openshift-cluster/update.yml
+++ b/playbooks/gce/openshift-cluster/update.yml
@@ -13,7 +13,7 @@
name: "{{ item }}"
groups: oo_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ g_all_hosts | default([]) }}"
- include: ../../common/openshift-cluster/update_repos_and_packages.yml
diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml
index d173213fc..13c754c1e 100644
--- a/playbooks/gce/openshift-cluster/vars.yml
+++ b/playbooks/gce/openshift-cluster/vars.yml
@@ -5,19 +5,14 @@ deployment_rhel7_ent_base:
image: "{{ lookup('oo_option', 'image_name') | default('rhel-7', True) }}"
machine_type: "{{ lookup('oo_option', 'machine_type') | default('n1-standard-1', True) }}"
ssh_user: "{{ lookup('env', 'gce_ssh_user') | default(ansible_ssh_user, true) }}"
- sudo: yes
+ become: yes
deployment_vars:
origin:
image: "{{ lookup('oo_option', 'image_name') | default('centos-7', True) }}"
machine_type: "{{ lookup('oo_option', 'machine_type') | default('n1-standard-1', True) }}"
ssh_user: "{{ lookup('env', 'gce_ssh_user') | default(ansible_ssh_user, true) }}"
- sudo: yes
- online:
- image: libra-rhel7
- machine_type: n1-standard-1
- ssh_user: root
- sudo: no
+ become: yes
enterprise: "{{ deployment_rhel7_ent_base }}"
openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml
index 0e003ef67..81a6fff0d 100644
--- a/playbooks/libvirt/openshift-cluster/config.yml
+++ b/playbooks/libvirt/openshift-cluster/config.yml
@@ -8,13 +8,13 @@
- ../../libvirt/openshift-cluster/cluster_hosts.yml
vars:
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
g_nodeonmaster: true
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
openshift_deployment_type: "{{ deployment_type }}"
openshift_registry_selector: 'type=infra'
- openshift_router_selector: 'type=infra'
+ openshift_hosted_router_selector: 'type=infra'
openshift_infra_nodes: "{{ g_infra_hosts }}"
openshift_master_cluster_method: 'native'
openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}"
diff --git a/playbooks/libvirt/openshift-cluster/launch.yml b/playbooks/libvirt/openshift-cluster/launch.yml
index 701d57d26..2475b9d6b 100644
--- a/playbooks/libvirt/openshift-cluster/launch.yml
+++ b/playbooks/libvirt/openshift-cluster/launch.yml
@@ -12,9 +12,6 @@
image_name: "{{ deployment_vars[deployment_type].image.name }}"
image_compression: "{{ deployment_vars[deployment_type].image.compression }}"
tasks:
- - fail: msg="Deployment type not supported for libvirt provider yet"
- when: deployment_type == 'online'
-
- include: tasks/configure_libvirt.yml
- include: ../../common/openshift-cluster/tasks/set_etcd_launch_facts.yml
diff --git a/playbooks/libvirt/openshift-cluster/list.yml b/playbooks/libvirt/openshift-cluster/list.yml
index 6cb81ee79..eb64544db 100644
--- a/playbooks/libvirt/openshift-cluster/list.yml
+++ b/playbooks/libvirt/openshift-cluster/list.yml
@@ -15,7 +15,7 @@
name: "{{ item }}"
groups: oo_list_hosts
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: groups[scratch_group] | default([]) | difference(['localhost'])
- name: List Hosts
diff --git a/playbooks/libvirt/openshift-cluster/service.yml b/playbooks/libvirt/openshift-cluster/service.yml
index cd07c8701..8bd24a8cf 100644
--- a/playbooks/libvirt/openshift-cluster/service.yml
+++ b/playbooks/libvirt/openshift-cluster/service.yml
@@ -18,7 +18,7 @@
add_host:
name: "{{ item }}"
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: g_service_masters
with_items: "{{ g_master_hosts | default([]) }}"
@@ -26,7 +26,7 @@
add_host:
name: "{{ item }}"
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: g_service_nodes
with_items: "{{ g_node_hosts | default([]) }}"
diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
index 937a765fa..7231f255a 100644
--- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
@@ -1,7 +1,7 @@
---
# TODO: Add support for choosing base image based on deployment_type and os
# wanted (os wanted needs support added in bin/cluster with sane defaults:
-# fedora/centos for origin, rhel for online/enterprise)
+# fedora/centos for origin, rhel for enterprise)
# TODO: create a role to encapsulate some of this complexity, possibly also
# create a module to manage the storage tasks, network tasks, and possibly
@@ -113,7 +113,7 @@
hostname: '{{ item.0 }}'
ansible_ssh_host: '{{ item.1 }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: "tag_environment-{{ cluster_env }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}, tag_clusterid-{{ cluster_id }}"
openshift_node_labels: "{{ node_label }}"
with_together:
diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml
index d6251ac83..baef911f9 100644
--- a/playbooks/libvirt/openshift-cluster/terminate.yml
+++ b/playbooks/libvirt/openshift-cluster/terminate.yml
@@ -14,7 +14,7 @@
name: "{{ item }}"
groups: oo_hosts_to_terminate
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: groups[cluster_group] | default([])
- name: Unsubscribe VMs
diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml
index 2dc540978..9b7a2777a 100644
--- a/playbooks/libvirt/openshift-cluster/update.yml
+++ b/playbooks/libvirt/openshift-cluster/update.yml
@@ -13,7 +13,7 @@
name: "{{ item }}"
groups: oo_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ g_all_hosts | default([]) }}"
- include: ../../common/openshift-cluster/update_repos_and_packages.yml
diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml
index aa0c69e08..4daaf1c91 100644
--- a/playbooks/libvirt/openshift-cluster/vars.yml
+++ b/playbooks/libvirt/openshift-cluster/vars.yml
@@ -20,7 +20,7 @@ deployment_rhel7_ent_base:
default('25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0', True) }}"
compression: ""
ssh_user: openshift
- sudo: yes
+ become: yes
deployment_vars:
origin:
@@ -34,14 +34,7 @@ deployment_vars:
sha256: "{{ lookup('oo_option', 'image_sha256') |
default('dd0f5e610e7c5ffacaca35ed7a78a19142a588f4543da77b61c1fb0d74400471', True) }}"
ssh_user: openshift
- sudo: yes
- online:
- image:
- url:
- name:
- sha256:
- ssh_user: root
- sudo: no
+ become: yes
enterprise: "{{ deployment_rhel7_ent_base }}"
openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml
index 093beaf03..9c0ca9af9 100644
--- a/playbooks/openstack/openshift-cluster/config.yml
+++ b/playbooks/openstack/openshift-cluster/config.yml
@@ -6,12 +6,12 @@
vars:
g_nodeonmaster: true
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ g_sudo: "{{ deployment_vars[deployment_type].become }}"
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: "{{ debug_level }}"
openshift_deployment_type: "{{ deployment_type }}"
openshift_registry_selector: 'type=infra'
- openshift_router_selector: 'type=infra'
+ openshift_hosted_router_selector: 'type=infra'
openshift_infra_nodes: "{{ g_infra_hosts }}"
openshift_master_cluster_method: 'native'
openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}"
diff --git a/playbooks/openstack/openshift-cluster/dns.yml b/playbooks/openstack/openshift-cluster/dns.yml
index 5e7671a48..31113d5f0 100644
--- a/playbooks/openstack/openshift-cluster/dns.yml
+++ b/playbooks/openstack/openshift-cluster/dns.yml
@@ -12,7 +12,7 @@
name: "{{ item }}"
groups: oo_dns_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ groups[cluster_id ~ '-dns'] }}"
- name: Evaluate oo_hosts_to_add_in_dns
@@ -20,7 +20,7 @@
name: "{{ item }}"
groups: oo_hosts_to_add_in_dns
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ groups['tag_clusterid_' ~ cluster_id] }}"
- name: Gather facts
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
index af774aa32..2f05c3adc 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
@@ -350,7 +350,6 @@ resources:
port_range_min: 10250
port_range_max: 10250
remote_mode: remote_group_id
- remote_group_id: { get_resource: master-secgrp }
- direction: ingress
protocol: udp
port_range_min: 4789
@@ -598,6 +597,10 @@ resources:
template: |
#cloud-config
write_files:
+ - path: /etc/sudoers.d/00-openshift-no-requiretty
+ permissions: 440
+ content: |
+ Defaults:openshift !requiretty
- path: /etc/sysconfig/network-scripts/ifcfg-eth0
content: |
DEVICE="eth0"
diff --git a/playbooks/openstack/openshift-cluster/files/user-data b/playbooks/openstack/openshift-cluster/files/user-data
index e789a5b69..eb65f7cec 100644
--- a/playbooks/openstack/openshift-cluster/files/user-data
+++ b/playbooks/openstack/openshift-cluster/files/user-data
@@ -5,3 +5,9 @@ system_info:
default_user:
name: openshift
sudo: ["ALL=(ALL) NOPASSWD: ALL"]
+
+write_files:
+ - path: /etc/sudoers.d/00-openshift-no-requiretty
+ permissions: 440
+ content: |
+ Defaults:openshift !requiretty
diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml
index 0afcad72e..3d4fe42d0 100644
--- a/playbooks/openstack/openshift-cluster/launch.yml
+++ b/playbooks/openstack/openshift-cluster/launch.yml
@@ -7,10 +7,6 @@
vars_files:
- vars.yml
tasks:
- - fail:
- msg: "Deployment type not supported for OpenStack provider yet"
- when: deployment_type == 'online'
-
# TODO: Write an Ansible module for dealing with HEAT stacks
# Dealing with the outputs is currently terrible
@@ -106,7 +102,7 @@
hostname: '{{ item[0] }}'
ansible_ssh_host: '{{ item[2] }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: 'tag_environment_{{ cluster_env }}, tag_host-type_etcd, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}'
openshift_node_labels:
type: "etcd"
@@ -120,7 +116,7 @@
hostname: '{{ item[0] }}'
ansible_ssh_host: '{{ item[2] }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: 'tag_environment_{{ cluster_env }}, tag_host-type_master, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}'
openshift_node_labels:
type: "master"
@@ -134,7 +130,7 @@
hostname: '{{ item[0] }}'
ansible_ssh_host: '{{ item[2] }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_compute, tag_clusterid_{{ cluster_id }}'
openshift_node_labels:
type: "compute"
@@ -148,7 +144,7 @@
hostname: '{{ item[0] }}'
ansible_ssh_host: '{{ item[2] }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_infra, tag_clusterid_{{ cluster_id }}'
openshift_node_labels:
type: "infra"
@@ -162,7 +158,7 @@
hostname: '{{ parsed_outputs.dns_name }}'
ansible_ssh_host: '{{ parsed_outputs.dns_floating_ip }}'
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
groups: '{{ cluster_id }}-dns'
- name: Wait for ssh
diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml
index 123ebd323..ba9c6bf9c 100644
--- a/playbooks/openstack/openshift-cluster/list.yml
+++ b/playbooks/openstack/openshift-cluster/list.yml
@@ -16,7 +16,7 @@
groups: oo_list_hosts
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
ansible_ssh_host: "{{ hostvars[item].ansible_ssh_host | default(item) }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: groups[scratch_group] | default([]) | difference(['localhost'])
- name: List Hosts
diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml
index a1fb41b53..5bd8476f1 100644
--- a/playbooks/openstack/openshift-cluster/terminate.yml
+++ b/playbooks/openstack/openshift-cluster/terminate.yml
@@ -10,7 +10,7 @@
name: "{{ item }}"
groups: oo_hosts_to_terminate
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | intersect(groups['tag_clusterid_' ~ cluster_id ]|default([]))
- name: Unsubscribe VMs
diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml
index 16027b15c..539af6524 100644
--- a/playbooks/openstack/openshift-cluster/update.yml
+++ b/playbooks/openstack/openshift-cluster/update.yml
@@ -15,7 +15,7 @@
name: "{{ item }}"
groups: oo_hosts_to_update
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ ansible_become: "{{ deployment_vars[deployment_type].become }}"
with_items: "{{ g_all_hosts | default([]) }}"
- include: ../../common/openshift-cluster/update_repos_and_packages.yml
diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml
index ee26d223e..84cba0506 100644
--- a/playbooks/openstack/openshift-cluster/vars.yml
+++ b/playbooks/openstack/openshift-cluster/vars.yml
@@ -21,17 +21,13 @@ openstack_flavor:
deployment_rhel7_ent_base:
image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}"
ssh_user: openshift
- sudo: yes
+ become: yes
deployment_vars:
origin:
image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}"
ssh_user: openshift
- sudo: yes
- online:
- image:
- ssh_user: root
- sudo: no
+ become: yes
enterprise: "{{ deployment_rhel7_ent_base }}"
openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
atomic-enterprise: "{{ deployment_rhel7_ent_base }}"