summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/docker/tasks/main.yml36
-rw-r--r--roles/etcd/tasks/main.yml4
-rw-r--r--roles/etcd/templates/etcd.docker.service3
-rw-r--r--roles/openshift_cli/meta/main.yml5
-rw-r--r--roles/openshift_cli/tasks/main.yml8
-rw-r--r--roles/openshift_cloud_provider/defaults/main.yml7
-rw-r--r--roles/openshift_cloud_provider/tasks/main.yml3
-rw-r--r--roles/openshift_cloud_provider/tasks/openstack.yml9
-rw-r--r--roles/openshift_cloud_provider/templates/openstack/cloud.conf.j217
-rw-r--r--roles/openshift_common/meta/main.yml1
-rw-r--r--roles/openshift_docker/handlers/main.yml6
-rw-r--r--roles/openshift_docker/meta/main.yml4
-rw-r--r--roles/openshift_docker/tasks/main.yml55
-rw-r--r--roles/openshift_docker_facts/meta/main.yml15
-rw-r--r--roles/openshift_docker_facts/tasks/main.yml35
-rw-r--r--roles/openshift_etcd/meta/main.yml18
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py166
-rw-r--r--roles/openshift_master/meta/main.yml3
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j210
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j25
-rw-r--r--roles/openshift_master/templates/docker/master.docker.service.j23
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j24
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j27
-rw-r--r--roles/openshift_node/handlers/main.yml4
-rw-r--r--roles/openshift_node/meta/main.yml3
-rw-r--r--roles/openshift_node/tasks/main.yml8
-rw-r--r--roles/openshift_node/templates/openshift.docker.node.service8
-rw-r--r--roles/openshift_node/templates/openvswitch.docker.service1
28 files changed, 310 insertions, 138 deletions
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 74c8b22ff..4164a9ec0 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -16,3 +16,39 @@
- include: udev_workaround.yml
when: docker_udev_workaround | default(False) | bool
+
+- stat: path=/etc/sysconfig/docker
+ register: docker_check
+
+- name: Set registry params
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^{{ item.reg_conf_var }}=.*$'
+ line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
+ when: item.reg_fact_val is defined and docker_check.stat.isreg
+ with_items:
+ - reg_conf_var: ADD_REGISTRY
+ reg_fact_val: "{{ docker_additional_registries }}"
+ reg_flag: --add-registry
+ - reg_conf_var: BLOCK_REGISTRY
+ reg_fact_val: "{{ docker_blocked_registries }}"
+ reg_flag: --block-registry
+ - reg_conf_var: INSECURE_REGISTRY
+ reg_fact_val: "{{ docker_insecure_registries }}"
+ reg_flag: --insecure-registry
+ notify:
+ - restart docker
+
+- name: Set various docker options
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^OPTIONS=.*$'
+ line: "OPTIONS='\
+ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
+ {% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %}\
+ {% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
+ {% if docker_options is defined %} {{ docker_options }}{% endif %}\
+ {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'"
+ when: docker_check.stat.isreg
+ notify:
+ - restart docker
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 0be042f7f..d6956de71 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -36,6 +36,10 @@
state: stopped
enabled: no
+- name: Mask system etcd when containerized
+ when: openshift.common.is_containerized | bool
+ command: systemctl mask etcd
+
- name: Reload systemd units
command: systemctl daemon-reload
when: openshift.common.is_containerized | bool and ( install_etcd_result | changed )
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
index 8058fa188..defc070bd 100644
--- a/roles/etcd/templates/etcd.docker.service
+++ b/roles/etcd/templates/etcd.docker.service
@@ -1,12 +1,15 @@
[Unit]
Description=The Etcd Server container
After=docker.service
+Requires=docker.service
+PartOf=docker.service
[Service]
EnvironmentFile=/etc/etcd/etcd.conf
ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
ExecStop=/usr/bin/docker stop {{ etcd_service }}
+SyslogIdentifier=etcd_container
Restart=always
[Install]
diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml
index 1e8f8b719..4351e8f24 100644
--- a/roles/openshift_cli/meta/main.yml
+++ b/roles/openshift_cli/meta/main.yml
@@ -12,5 +12,6 @@ galaxy_info:
categories:
- cloud
dependencies:
-- { role: openshift_common }
-- { role: docker }
+- role: openshift_docker
+ when: openshift.common.is_containerized | bool
+- role: openshift_common
diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml
index 3b224416e..62a4dd690 100644
--- a/roles/openshift_cli/tasks/main.yml
+++ b/roles/openshift_cli/tasks/main.yml
@@ -4,7 +4,7 @@
local_facts:
deployment_type: "{{ openshift_deployment_type }}"
cli_image: "{{ osm_image | default(None) }}"
-
+
- name: Install clients
action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present"
when: not openshift.common.is_containerized | bool
@@ -13,16 +13,16 @@
command: >
docker pull {{ openshift.common.cli_image }}:{{ openshift_version }}
when: openshift.common.is_containerized | bool
-
+
- name: Create /usr/local/bin/openshift cli wrapper
template:
src: openshift.j2
dest: /usr/local/bin/openshift
mode: 0755
when: openshift.common.is_containerized | bool
-
+
- name: Create client symlinks
- file:
+ file:
path: "{{ item }}"
state: link
src: /usr/local/bin/openshift
diff --git a/roles/openshift_cloud_provider/defaults/main.yml b/roles/openshift_cloud_provider/defaults/main.yml
new file mode 100644
index 000000000..6c7403232
--- /dev/null
+++ b/roles/openshift_cloud_provider/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+ocp_os_auth_url: "{{ lookup('env', 'OS_AUTH_URL') }}"
+ocp_os_username: "{{ lookup('env', 'OS_USERNAME') }}"
+ocp_os_password: "{{ lookup('env', 'OS_PASSWORD') }}"
+ocp_os_tenant_id: "{{ lookup('env', 'OS_TENANT_ID') }}"
+ocp_os_tenant_name: "{{ lookup('env', 'OS_TENANT_NAME') }}"
+ocp_os_region: "{{ lookup('env', 'OS_REGION_NAME') }}"
diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml
new file mode 100644
index 000000000..e14f944e8
--- /dev/null
+++ b/roles/openshift_cloud_provider/tasks/main.yml
@@ -0,0 +1,3 @@
+---
+- include: openstack.yml
+ when: "openshift_cloud_provider is defined and openshift_cloud_provider == 'openstack' and 'provider' in openshift and openshift.provider.name == 'openstack'"
diff --git a/roles/openshift_cloud_provider/tasks/openstack.yml b/roles/openshift_cloud_provider/tasks/openstack.yml
new file mode 100644
index 000000000..a56f1891a
--- /dev/null
+++ b/roles/openshift_cloud_provider/tasks/openstack.yml
@@ -0,0 +1,9 @@
+- fail:
+ msg: "The Openstack integration requires OpenShift Enterprise 3.2 or Origin 1.2."
+ when: not openshift.common.version_gte_3_2_or_1_2 | bool
+
+- name: Create /etc/cloud.conf
+ template:
+ dest: /etc/cloud.conf
+ src: openstack/cloud.conf.j2
+ when: ocp_os_auth_url and ocp_os_username and ocp_os_password and (ocp_os_tenant_id or ocp_os_tenant_name) \ No newline at end of file
diff --git a/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2 b/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2
new file mode 100644
index 000000000..388f3a735
--- /dev/null
+++ b/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2
@@ -0,0 +1,17 @@
+[Global]
+auth-url = {{ ocp_os_auth_url }}
+username = {{ ocp_os_username }}
+password = {{ ocp_os_password }}
+{% if ocp_os_tenant_id %}
+tenant-id = {{ ocp_os_tenant_id }}
+{% else %}
+tenant-name = {{ ocp_os_tenant_name }}
+{% endif %}
+{% if ocp_os_region %}
+region = {{ ocp_os_region }}
+{% endif %}
+{% if ocp_os_lb_subnet_id is defined %}
++
++[LoadBalancer]
++subnet-id = {{ ocp_os_lb_subnet_id }}
++{% endif %} \ No newline at end of file
diff --git a/roles/openshift_common/meta/main.yml b/roles/openshift_common/meta/main.yml
index 81363ec68..d879db0aa 100644
--- a/roles/openshift_common/meta/main.yml
+++ b/roles/openshift_common/meta/main.yml
@@ -15,3 +15,4 @@ dependencies:
- { role: os_firewall }
- { role: openshift_facts }
- { role: openshift_repos }
+- { role: openshift_cloud_provider }
diff --git a/roles/openshift_docker/handlers/main.yml b/roles/openshift_docker/handlers/main.yml
deleted file mode 100644
index 92a6c325f..000000000
--- a/roles/openshift_docker/handlers/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-
-- name: restart openshift_docker
- service:
- name: docker
- state: restarted
diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml
index 1e8f8b719..60efd4e45 100644
--- a/roles/openshift_docker/meta/main.yml
+++ b/roles/openshift_docker/meta/main.yml
@@ -12,5 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
-- { role: openshift_common }
-- { role: docker }
+- role: openshift_docker_facts
+- role: docker
diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml
deleted file mode 100644
index a57cf815e..000000000
--- a/roles/openshift_docker/tasks/main.yml
+++ /dev/null
@@ -1,55 +0,0 @@
----
-- name: Set docker facts
- openshift_facts:
- role: "{{ item.role }}"
- local_facts: "{{ item.local_facts }}"
- with_items:
- - role: common
- local_facts:
- deployment_type: "{{ openshift_deployment_type }}"
- docker_additional_registries: "{{ docker_additional_registries }}"
- docker_insecure_registries: "{{ docker_insecure_registries }}"
- docker_blocked_registries: "{{ docker_blocked_registries }}"
- docker_options: "{{ openshift_docker_options | default('',True) }}"
- - role: node
- local_facts:
- portal_net: "{{ openshift_master_portal_net | default(None) }}"
- docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}"
- docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}"
-
-- stat: path=/etc/sysconfig/docker
- register: docker_check
-
-- name: Set registry params
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: '^{{ item.reg_conf_var }}=.*$'
- line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'"
- when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg"
- with_items:
- - reg_conf_var: ADD_REGISTRY
- reg_fact_val: "{{ openshift.common.docker_additional_registries }}"
- reg_flag: --add-registry
- - reg_conf_var: BLOCK_REGISTRY
- reg_fact_val: "{{ openshift.common.docker_blocked_registries }}"
- reg_flag: --block-registry
- - reg_conf_var: INSECURE_REGISTRY
- reg_fact_val: "{{ openshift.common.docker_insecure_registries }}"
- reg_flag: --insecure-registry
- notify:
- - restart openshift_docker
-
-# TODO: Enable secure registry when code available in origin
-# TODO: perhaps move this to openshift_docker?
-- name: Secure Registry and Logs Options
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: '^OPTIONS=.*$'
- line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }}\
- {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\
- {% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }}{% endif %}\
- {% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
- {% if openshift.common.docker_options is defined %} {{ openshift.common.docker_options }}{% endif %}'"
- when: docker_check.stat.isreg
- notify:
- - restart openshift_docker
diff --git a/roles/openshift_docker_facts/meta/main.yml b/roles/openshift_docker_facts/meta/main.yml
new file mode 100644
index 000000000..5b1be7a8d
--- /dev/null
+++ b/roles/openshift_docker_facts/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Jason DeTiberus
+ description: OpenShift Docker Facts
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 1.9
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- { role: openshift_facts }
diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml
new file mode 100644
index 000000000..3fb2cd34b
--- /dev/null
+++ b/roles/openshift_docker_facts/tasks/main.yml
@@ -0,0 +1,35 @@
+---
+- name: Set docker facts
+ openshift_facts:
+ role: "{{ item.role }}"
+ local_facts: "{{ item.local_facts }}"
+ with_items:
+ - role: common
+ local_facts:
+ deployment_type: "{{ openshift_deployment_type }}"
+ - role: docker
+ local_facts:
+ additional_registries: "{{ openshift_docker_additional_registries | default(None) }}"
+ blocked_registries: "{{ openshift_docker_blocked_registries | default(None) }}"
+ insecure_registries: "{{ openshift_docker_insecure_registries | default(None) }}"
+ log_driver: "{{ openshift_docker_log_driver | default(None) }}"
+ log_options: "{{ openshift_docker_log_options | default(None) }}"
+ options: "{{ openshift_docker_options | default(None) }}"
+ disable_push_dockerhub: "{{ openshift_disable_push_dockerhub | default(None) }}"
+ - role: node
+ local_facts:
+ portal_net: "{{ openshift_master_portal_net | default(None) }}"
+
+# TODO: append openshift.node.portal_net to docker_insecure_registries
+- set_fact:
+ docker_additional_registries: "{{ openshift.docker.additional_registries
+ | default(omit) }}"
+ docker_blocked_registries: "{{ openshift.docker.blocked_registries
+ | default(omit) }}"
+ docker_insecure_registries: "{{ openshift.docker.insecure_registries
+ | default(omit) }}"
+ docker_log_driver: "{{ openshift.docker.log_driver | default(omit) }}"
+ docker_log_options: "{{ openshift.docker.log_options | default(omit) }}"
+ docker_options: "{{ openshift.docker.options | default(omit) }}"
+ docker_push_dockerhub: "{{ openshift.docker.disable_push_dockerhub
+ | default(omit) }}"
diff --git a/roles/openshift_etcd/meta/main.yml b/roles/openshift_etcd/meta/main.yml
new file mode 100644
index 000000000..5e5f96d44
--- /dev/null
+++ b/roles/openshift_etcd/meta/main.yml
@@ -0,0 +1,18 @@
+---
+galaxy_info:
+ author: Jason DeTiberus
+ description: OpenShift etcd
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 1.9
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: openshift_facts
+- role: openshift_docker
+ when: openshift.common.is_containerized | bool
+- role: etcd
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index eb3a89035..b06900681 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -27,6 +27,38 @@ from distutils.version import LooseVersion
import struct
import socket
+
+def migrate_docker_facts(facts):
+ """ Apply migrations for docker facts """
+ params = {
+ 'common': (
+ 'additional_registries',
+ 'insecure_registries',
+ 'blocked_registries',
+ 'options'
+ ),
+ 'node': (
+ 'log_driver',
+ 'log_options'
+ )
+ }
+ if 'docker' not in facts:
+ facts['docker'] = {}
+ for role in params.keys():
+ if role in facts:
+ for param in params[role]:
+ old_param = 'docker_' + param
+ if old_param in facts[role]:
+ facts['docker'][param] = facts[role].pop(old_param)
+ return facts
+
+def migrate_local_facts(facts):
+ """ Apply migrations of local facts """
+ migrated_facts = copy.deepcopy(facts)
+ return migrate_docker_facts(migrated_facts)
+
+
+
def first_ip(network):
""" Return the first IPv4 address in network
@@ -296,6 +328,11 @@ def normalize_provider_facts(provider, metadata):
facts = dict(name=provider, metadata=metadata,
network=dict(interfaces=[], ipv6_enabled=False))
+ if os.path.exists('/etc/cloud.conf'):
+ for arg in ('api_server_args', 'controller_args', 'kubelet_args'):
+ facts[arg] = {'cloud-provider': [provider],
+ 'cloud-config': ['/etc/cloud.conf']}
+
if provider == 'gce':
facts = normalize_gce_facts(metadata, facts)
elif provider == 'ec2':
@@ -657,18 +694,13 @@ def set_deployment_facts_if_unset(facts):
data_dir = '/var/lib/openshift'
facts['common']['data_dir'] = data_dir
- # remove duplicate and empty strings from registry lists
- for cat in ['additional', 'blocked', 'insecure']:
- key = 'docker_{0}_registries'.format(cat)
- if key in facts['common']:
- facts['common'][key] = list(set(facts['common'][key]) - set(['']))
-
-
+ if 'docker' in facts:
+ deployment_type = facts['common']['deployment_type']
if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']:
- addtl_regs = facts['common'].get('docker_additional_registries', [])
+ addtl_regs = facts['docker'].get('additional_registries', [])
ent_reg = 'registry.access.redhat.com'
if ent_reg not in addtl_regs:
- facts['common']['docker_additional_registries'] = addtl_regs + [ent_reg]
+ facts['docker']['additional_registries'] = addtl_regs + [ent_reg]
for role in ('master', 'node'):
if role in facts:
@@ -1049,6 +1081,30 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
return facts
+def merge_provider_facts(facts):
+ """ Recursively merge provider facts dicts
+
+ Args:
+ facts (dict): existing facts
+ Returns:
+ dict: the facts dict updated with the provider config
+ """
+ if 'provider' not in facts:
+ return facts
+ if 'master' in facts:
+ for arg in ('api_server_args', 'controller_args'):
+ facts['master'][arg] = merge_facts(
+ facts['provider'].get(arg, {}),
+ facts['master'].get(arg, {}),
+ [], [])
+ if 'node' in facts:
+ facts['node']['kubelet_args'] = merge_facts(
+ facts['provider'].get('kubelet_args', {}),
+ facts['node'].get('kubelet_args', {}),
+ [], [])
+ return facts
+
+
def save_local_facts(filename, facts):
""" Save local facts
@@ -1221,7 +1277,7 @@ class OpenShiftFacts(object):
Raises:
OpenShiftFactsUnsupportedRoleError:
"""
- known_roles = ['common', 'master', 'node', 'etcd', 'hosted']
+ known_roles = ['common', 'master', 'node', 'etcd', 'hosted', 'docker']
# Disabling too-many-arguments, this should be cleaned up as a TODO item.
# pylint: disable=too-many-arguments
@@ -1265,13 +1321,20 @@ class OpenShiftFacts(object):
protected_facts_to_overwrite)
roles = local_facts.keys()
- defaults = self.get_defaults(roles)
+
+ if 'common' in local_facts and 'deployment_type' in local_facts['common']:
+ deployment_type = local_facts['common']['deployment_type']
+ else:
+ deployment_type = 'origin'
+
+ defaults = self.get_defaults(roles, deployment_type)
provider_facts = self.init_provider_facts()
facts = apply_provider_facts(defaults, provider_facts)
facts = merge_facts(facts,
local_facts,
additive_facts_to_overwrite,
protected_facts_to_overwrite)
+ facts = merge_provider_facts(facts)
facts['current_config'] = get_current_config(facts)
facts = set_url_facts_if_unset(facts)
facts = set_project_cfg_facts_if_unset(facts)
@@ -1292,7 +1355,7 @@ class OpenShiftFacts(object):
facts = set_installed_variant_rpm_facts(facts)
return dict(openshift=facts)
- def get_defaults(self, roles):
+ def get_defaults(self, roles, deployment_type):
""" Get default fact values
Args:
@@ -1301,8 +1364,7 @@ class OpenShiftFacts(object):
Returns:
dict: The generated default facts
"""
- defaults = dict()
-
+ defaults = {}
ip_addr = self.system_facts['default_ipv4']['address']
exit_code, output, _ = module.run_command(['hostname', '-f'])
hostname_f = output.strip() if exit_code == 0 else ''
@@ -1310,33 +1372,42 @@ class OpenShiftFacts(object):
self.system_facts['fqdn']]
hostname = choose_hostname(hostname_values, ip_addr)
- common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr,
- deployment_type='origin', hostname=hostname,
- public_hostname=hostname)
- common['client_binary'] = 'oc'
- common['admin_binary'] = 'oadm'
- common['dns_domain'] = 'cluster.local'
- common['install_examples'] = True
- defaults['common'] = common
+ defaults['common'] = dict(use_openshift_sdn=True, ip=ip_addr,
+ public_ip=ip_addr,
+ deployment_type=deployment_type,
+ hostname=hostname,
+ public_hostname=hostname,
+ client_binary='oc', admin_binary='oadm',
+ dns_domain='cluster.local',
+ install_examples=True,
+ debug_level=2)
if 'master' in roles:
- master = dict(api_use_ssl=True, api_port='8443', controllers_port='8444',
- console_use_ssl=True, console_path='/console',
- console_port='8443', etcd_use_ssl=True, etcd_hosts='',
- etcd_port='4001', portal_net='172.30.0.0/16',
- embedded_etcd=True, embedded_kube=True,
- embedded_dns=True, dns_port='53',
- bind_addr='0.0.0.0', session_max_seconds=3600,
- session_name='ssn', session_secrets_file='',
- access_token_max_seconds=86400,
- auth_token_max_seconds=500,
- oauth_grant_method='auto')
- defaults['master'] = master
+ defaults['master'] = dict(api_use_ssl=True, api_port='8443',
+ controllers_port='8444',
+ console_use_ssl=True,
+ console_path='/console',
+ console_port='8443', etcd_use_ssl=True,
+ etcd_hosts='', etcd_port='4001',
+ portal_net='172.30.0.0/16',
+ embedded_etcd=True, embedded_kube=True,
+ embedded_dns=True, dns_port='53',
+ bind_addr='0.0.0.0',
+ session_max_seconds=3600,
+ session_name='ssn',
+ session_secrets_file='',
+ access_token_max_seconds=86400,
+ auth_token_max_seconds=500,
+ oauth_grant_method='auto')
if 'node' in roles:
- node = dict(labels={}, annotations={}, portal_net='172.30.0.0/16',
- iptables_sync_period='5s', set_node_ip=False)
- defaults['node'] = node
+ defaults['node'] = dict(labels={}, annotations={},
+ portal_net='172.30.0.0/16',
+ iptables_sync_period='5s',
+ set_node_ip=False)
+
+ if 'docker' in roles:
+ defaults['docker'] = dict(disable_push_dockerhub=False)
defaults['hosted'] = dict(
registry=dict(
@@ -1356,6 +1427,7 @@ class OpenShiftFacts(object):
)
)
+
return defaults
def guess_host_provider(self):
@@ -1439,7 +1511,7 @@ class OpenShiftFacts(object):
additive_facts_to_overwrite=None,
openshift_env=None,
protected_facts_to_overwrite=None):
- """ Initialize the provider facts
+ """ Initialize the local facts
Args:
facts (dict): local facts to set
@@ -1481,15 +1553,23 @@ class OpenShiftFacts(object):
local_facts = get_local_facts_from_file(self.filename)
- for arg in ['labels', 'annotations']:
- if arg in facts_to_set and isinstance(facts_to_set[arg],
- basestring):
- facts_to_set[arg] = module.from_json(facts_to_set[arg])
+ migrated_facts = migrate_local_facts(local_facts)
- new_local_facts = merge_facts(local_facts,
+ new_local_facts = merge_facts(migrated_facts,
facts_to_set,
additive_facts_to_overwrite,
protected_facts_to_overwrite)
+
+ if 'docker' in new_local_facts:
+ # remove duplicate and empty strings from registry lists
+ for cat in ['additional', 'blocked', 'insecure']:
+ key = '{0}_registries'.format(cat)
+ if key in new_local_facts['docker']:
+ val = new_local_facts['docker'][key]
+ if isinstance(val, basestring):
+ val = [x.strip() for x in val.split(',')]
+ new_local_facts['docker'][key] = list(set(val) - set(['']))
+
for facts in new_local_facts.values():
keys_to_delete = []
if isinstance(facts, dict):
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index 8db99fc2a..4eda4a8e2 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -12,5 +12,4 @@ galaxy_info:
categories:
- cloud
dependencies:
-- { role: openshift_common }
-- { role: openshift_cli }
+- role: openshift_cli
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
index 9c1f5a300..f777f7657 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
@@ -1,12 +1,12 @@
[Unit]
Description=Atomic OpenShift Master API
Documentation=https://github.com/openshift/origin
-After=network.target
-After=etcd.service
+After=etcd_container.service
+Wants=etcd_container.service
Before={{ openshift.common.service_type }}-node.service
-Requires=network.target
-Requires=docker.service
+After=docker.service
PartOf=docker.service
+Requires=docker.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
@@ -18,7 +18,7 @@ ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api
LimitNOFILE=131072
LimitCORE=infinity
WorkingDirectory={{ openshift.common.data_dir }}
-SyslogIdentifier=atomic-openshift-master-api
+SyslogIdentifier={{ openshift.common.service_type }}-master-api
Restart=always
[Install]
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
index 915c0cb8c..4fc48ba15 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
@@ -1,9 +1,9 @@
[Unit]
Description=Atomic OpenShift Master Controllers
Documentation=https://github.com/openshift/origin
-After=network.target
+Wants={{ openshift.common.service_type }}-master-api.service
After={{ openshift.common.service_type }}-master-api.service
-Before={{ openshift.common.service_type }}-node.service
+After=docker.service
Requires=docker.service
PartOf=docker.service
@@ -22,4 +22,3 @@ Restart=on-failure
[Install]
WantedBy=multi-user.target
-WantedBy={{ openshift.common.service_type }}-node.service
diff --git a/roles/openshift_master/templates/docker/master.docker.service.j2 b/roles/openshift_master/templates/docker/master.docker.service.j2
index f88262567..e9f4a4d21 100644
--- a/roles/openshift_master/templates/docker/master.docker.service.j2
+++ b/roles/openshift_master/templates/docker/master.docker.service.j2
@@ -1,8 +1,9 @@
[Unit]
After=docker.service
-Before={{ openshift.common.service_type }}-node.service
Requires=docker.service
PartOf=docker.service
+After=etcd_container.service
+Wants=etcd_container.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
index ba19fb348..e61418eb6 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2
@@ -1,10 +1,10 @@
[Unit]
Description=Atomic OpenShift Master API
Documentation=https://github.com/openshift/origin
-After=network.target
+After=network-online.target
After=etcd.service
Before={{ openshift.common.service_type }}-node.service
-Requires=network.target
+Requires=network-online.target
[Service]
Type=notify
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
index b393bb9ff..ba4c1e0e8 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2
@@ -1,10 +1,10 @@
[Unit]
Description=Atomic OpenShift Master Controllers
Documentation=https://github.com/openshift/origin
-After=network.target
+After=network-online.target
After={{ openshift.common.service_type }}-master-api.service
-Before={{ openshift.common.service_type }}-node.service
-Requires=network.target
+Wants={{ openshift.common.service_type }}-master-api.service
+Requires=network-online.target
[Service]
{% if openshift.common.version_gte_3_1_1_or_1_1_1 | bool %}
@@ -23,4 +23,3 @@ Restart=on-failure
[Install]
WantedBy=multi-user.target
-WantedBy={{ openshift.common.service_type }}-node.service
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index 3fec4b1dd..1a1dc8ede 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -3,8 +3,6 @@
service: name={{ openshift.common.service_type }}-node state=restarted
when: not (node_service_status_changed | default(false) | bool)
-- name: restart docker
- service: name=docker state=restarted
-
- name: restart openvswitch
service: name=openvswitch state=restarted
+ when: not (ovs_service_status_changed | default(false) | bool)
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index c92008a77..702012489 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -12,4 +12,5 @@ galaxy_info:
categories:
- cloud
dependencies:
-- { role: openshift_common }
+- role: openshift_common
+- role: openshift_docker
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 83aa590fa..54ba2aa6a 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -85,6 +85,10 @@
- name: Start and enable openvswitch docker service
service: name=openvswitch.service enabled=yes state=started
when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
+ register: ovs_start_result
+
+- set_fact:
+ ovs_service_status_changed: "{{ ovs_start_result | changed }}"
# TODO: add the validate parameter when there is a validation command to run
- name: Create the Node config
@@ -134,7 +138,7 @@
- name: Start and enable node
service: name={{ openshift.common.service_type }}-node enabled=yes state=started
- register: start_result
+ register: node_start_result
- set_fact:
- node_service_status_changed: "{{ start_result | changed }}"
+ node_service_status_changed: "{{ node_start_result | changed }}"
diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service
index 83b697f73..fa14cd770 100644
--- a/roles/openshift_node/templates/openshift.docker.node.service
+++ b/roles/openshift_node/templates/openshift.docker.node.service
@@ -1,12 +1,13 @@
[Unit]
-After=docker.service
After={{ openshift.common.service_type }}-master.service
+After=docker.service
After=openvswitch.service
+PartOf=docker.service
+Requires=docker.service
{% if openshift.common.use_openshift_sdn %}
Requires=openvswitch.service
{% endif %}
-Requires=docker.service
-PartOf=docker.service
+Wants={{ openshift.common.service_type }}-master.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
@@ -14,6 +15,7 @@ ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:ro -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log {{ openshift.node.node_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+SyslogIdentifier={{ openshift.common.service_type }}-node
Restart=always
[Install]
diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service
index 7af2b7431..047f66fda 100644
--- a/roles/openshift_node/templates/openvswitch.docker.service
+++ b/roles/openshift_node/templates/openvswitch.docker.service
@@ -9,6 +9,7 @@ ExecStartPre=-/usr/bin/docker rm -f openvswitch
ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 5
ExecStop=/usr/bin/docker stop openvswitch
+SyslogIdentifier=openvswitch
Restart=always
[Install]