diff options
Diffstat (limited to 'roles/openshift_master/tasks')
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 114 |
1 files changed, 76 insertions, 38 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 23f8b4649..94eb73346 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,10 +8,17 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined -- name: Set master OpenShift facts +- fail: + msg: "openshift_master_cluster_password must be set for multi-master installations" + when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined + +- name: Set master facts openshift_facts: role: master local_facts: + cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" + cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" + cluster_defer_ha: "{{ openshift_master_cluster_defer_ha | default(None) }}" debug_level: "{{ openshift_master_debug_level | default(openshift.common.debug_level) }}" api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" @@ -22,6 +29,7 @@ console_url: "{{ openshift_master_console_url | default(None) }}" console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + etcd_hosts: "{{ openshift_master_etcd_hosts | default(None)}}" etcd_port: "{{ openshift_master_etcd_port | default(None) }}" etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}" etcd_urls: "{{ openshift_master_etcd_urls | default(None) }}" @@ -41,39 +49,38 @@ oauth_grant_method: "{{ openshift_master_oauth_grant_method | default(None) }}" sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}" sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}" + default_subdomain: "{{ osm_default_subdomain | default(None) }}" + custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" + default_node_selector: "{{ osm_default_node_selector | default(None) }}" + project_request_message: "{{ osm_project_request_message | default(None) }}" + project_request_template: "{{ osm_project_request_template | default(None) }}" + mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}" + mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}" + uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}" + router_selector: "{{ openshift_router_selector | default(None) }}" + registry_selector: "{{ openshift_registry_selector | default(None) }}" + api_server_args: "{{ osm_api_server_args | default(None) }}" + controller_args: "{{ osm_controller_args | default(None) }}" + infra_nodes: "{{ num_infra | default(None) }}" + +- name: Install Master package + yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present + register: install_result # TODO: These values need to be configurable -- name: Set dns OpenShift facts +- name: Set dns facts openshift_facts: role: dns local_facts: - ip: "{{ openshift.common.ip }}" + ip: "{{ openshift_master_cluster_vip | default(openshift.common.ip, true) | default(None) }}" domain: cluster.local when: openshift.master.embedded_dns -- name: Install OpenShift Master package - yum: pkg=openshift-master state=present - register: install_result - -- name: Reload systemd units - command: systemctl daemon-reload - when: install_result | changed - - name: Create config parent directory if it doesn't exist file: path: "{{ openshift_master_config_dir }}" state: directory -- name: Create the master certificates if they do not already exist - command: > - {{ openshift.common.admin_binary }} create-master-certs - --hostnames={{ openshift.common.hostname }},{{ openshift.common.public_hostname }} - --master={{ openshift.master.api_url }} - --public-master={{ openshift.master.public_api_url }} - --cert-dir={{ openshift_master_config_dir }} --overwrite=false - args: - creates: "{{ openshift_master_config_dir }}/master.server.key" - - name: Create the policy file if it does not already exist command: > {{ openshift.common.admin_binary }} create-bootstrap-policy-file @@ -81,20 +88,28 @@ args: creates: "{{ openshift_master_policy }}" notify: - - restart openshift-master + - restart master - name: Create the scheduler config template: dest: "{{ openshift_master_scheduler_conf }}" src: scheduler.json.j2 + backup: true notify: - - restart openshift-master + - restart master - name: Install httpd-tools if needed yum: pkg=httpd-tools state=present when: item.kind == 'HTPasswdPasswordIdentityProvider' with_items: openshift.master.identity_providers +- name: Ensure htpasswd directory exists + file: + path: "{{ item.filename | dirname }}" + state: directory + when: item.kind == 'HTPasswdPasswordIdentityProvider' + with_items: openshift.master.identity_providers + - name: Create the htpasswd file if needed copy: dest: "{{ item.filename }}" @@ -109,12 +124,13 @@ template: dest: "{{ openshift_master_config_file }}" src: master.yaml.v1.j2 + backup: true notify: - - restart openshift-master + - restart master -- name: Configure OpenShift settings +- name: Configure master settings lineinfile: - dest: /etc/sysconfig/openshift-master + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master regexp: "{{ item.regex }}" line: "{{ item.line }}" with_items: @@ -123,39 +139,61 @@ - regex: '^CONFIG_FILE=' line: "CONFIG_FILE={{ openshift_master_config_file }}" notify: - - restart openshift-master + - restart master + +- name: Start and enable master + service: name={{ openshift.common.service_type }}-master enabled=yes state=started + when: not openshift_master_ha | bool + register: start_result + +- set_fact: + master_service_status_changed = start_result | changed + +- name: Install cluster packages + yum: pkg=pcs state=present + when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool + register: install_result + +- name: Start and enable cluster service + service: name=pcsd enabled=yes state=started + when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool + +- name: Set the cluster user password + shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster + when: install_result | changed -- name: Start and enable openshift-master - service: name=openshift-master enabled=yes state=started +- name: Lookup default group for ansible_ssh_user + command: "/usr/bin/id -g {{ ansible_ssh_user }}" + register: _ansible_ssh_user_gid -- name: Create the OpenShift client config dir(s) +- name: Create the client config dir(s) file: - path: "~{{ item }}/.config/openshift" + path: "~{{ item }}/.kube" state: directory mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" # TODO: Update this file if the contents of the source file are not present in # the dest file, will need to make sure to ignore things that could be added -- name: Copy the OpenShift admin client config(s) - command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.config/openshift/.config +- name: Copy the admin client config(s) + command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config args: - creates: ~{{ item }}/.config/openshift/.config + creates: ~{{ item }}/.kube/config with_items: - root - "{{ ansible_ssh_user }}" -- name: Update the permissions on the OpenShift admin client config(s) +- name: Update the permissions on the admin client config(s) file: - path: "~{{ item }}/.config/openshift/.config" + path: "~{{ item }}/.kube/config" state: file mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" |