5 files changed, 131 insertions, 0 deletions

diff --git a/roles/flannel/README.md b/roles/flannel/README.md
new file mode 100644
index 000000000..b9e15e6e0
--- /dev/null
+++ b/roles/flannel/README.md
@@ -0,0 +1,45 @@
+Role Name
+=========
+
+Configure flannel on openshift nodes
+
+Requirements
+------------
+
+* Ansible 2.2
+* This role assumes it's being deployed on a RHEL/Fedora based host with package
+named 'flannel' available via yum or dnf (conditionally), in version superior
+to 0.3.
+
+Role Variables
+--------------
+
+| Name                 | Default value                           | Description                                   |
+|----------------------|-----------------------------------------|-----------------------------------------------|
+| flannel_interface    | ansible_default_ipv4.interface          | interface to use for inter-host communication |
+| flannel_etcd_key     | /openshift.com/network                  | etcd prefix                                   |
+| etcd_hosts           | etcd_urls                               | a list of etcd endpoints                      |
+| etcd_cert_config_dir | {{ openshift.common.config_base }}/node | SSL certificates directory                    |
+| etcd_peer_ca_file    | {{ etcd_conf_dir }}/ca.crt              | SSL CA to use for etcd                        |
+| etcd_peer_cert_file  | Openshift SSL cert                      | SSL cert to use for etcd                      |
+| etcd_peer_key_file   | Openshift SSL key                       | SSL key to use for etcd                       |
+
+Dependencies
+------------
+
+Example Playbook
+----------------
+
+    - hosts: openshift_node
+      roles:
+        - { role: flannel, etcd_urls: ['https://127.0.0.1:2379'] }
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Sylvain Baubeau <sbaubeau@redhat.com>
diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml
new file mode 100644
index 000000000..988731ef2
--- /dev/null
+++ b/roles/flannel/defaults/main.yaml
@@ -0,0 +1,7 @@
+---
+flannel_interface: "{{ ansible_default_ipv4.interface }}"
+flannel_etcd_key: /openshift.com/network
+etcd_hosts: "{{ etcd_urls }}"
+etcd_peer_ca_file: "{{ openshift.common.config_base }}/node/{{ 'ca' if (embedded_etcd | bool) else 'flannel.etcd-ca' }}.crt"
+etcd_peer_cert_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.crt"
+etcd_peer_key_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.key"
diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml
new file mode 100644
index 000000000..889069485
--- /dev/null
+++ b/roles/flannel/handlers/main.yml
@@ -0,0 +1,23 @@
+---
+- name: restart flanneld
+  become: yes
+  systemd: name=flanneld state=restarted
+
+- name: restart docker
+  become: yes
+  systemd:
+    name: "{{ openshift.docker.service_name }}"
+    state: restarted
+  register: l_docker_restart_docker_in_flannel_result
+  until: not l_docker_restart_docker_in_flannel_result | failed
+  retries: 3
+  delay: 30
+
+- name: restart node
+  systemd:
+    name: "{{ openshift.common.service_type }}-node"
+    state: restarted
+  register: l_restart_node_result
+  until: not l_restart_node_result | failed
+  retries: 3
+  delay: 30
diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml
new file mode 100644
index 000000000..51128dba6
--- /dev/null
+++ b/roles/flannel/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  author: Sylvain
+  description: flannel management
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 2.2
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
+  - system
+dependencies: []
diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml
new file mode 100644
index 000000000..3a8945a82
--- /dev/null
+++ b/roles/flannel/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+- name: Install flannel
+  become: yes
+  package: name=flannel state=present
+  when: not openshift.common.is_atomic | bool
+
+- name: Set flannel etcd options
+  become: yes
+  lineinfile:
+    dest: /etc/sysconfig/flanneld
+    backrefs: yes
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - { regexp: "^(FLANNEL_ETCD=)", line: '\1{{ etcd_hosts|join(",") }}' }
+    - { regexp: "^(FLANNEL_ETCD_ENDPOINTS=)", line: '\1{{ etcd_hosts|join(",") }}' }
+    - { regexp: "^(FLANNEL_ETCD_KEY=)", line: '\1{{ flannel_etcd_key }}' }
+    - { regexp: "^(FLANNEL_ETCD_PREFIX=)", line: '\1{{ flannel_etcd_key }}' }
+
+- name: Set flannel options
+  become: yes
+  lineinfile:
+    dest: /etc/sysconfig/flanneld
+    backrefs: yes
+    regexp: "^#?(FLANNEL_OPTIONS=)"
+    line: '\1--iface {{ flannel_interface }} --etcd-cafile={{ etcd_peer_ca_file }} --etcd-keyfile={{ etcd_peer_key_file }} --etcd-certfile={{ etcd_peer_cert_file }}'
+
+- name: Enable flanneld
+  become: yes
+  systemd:
+    name: flanneld
+    state: started
+    enabled: yes
+  register: start_result
+
+- name: Remove docker bridge ip
+  become: yes
+  shell: ip a del `ip a show docker0 | grep "inet[[:space:]]" | awk '{print $2}'` dev docker0
+  notify:
+    - restart docker
+    - restart node