diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/openshift_repos/tasks/main.yaml | 7 | ||||
-rw-r--r-- | roles/openshift_repos/tasks/rhel_repos.yml | 34 | ||||
-rw-r--r-- | roles/rhel_subscribe/tasks/enterprise.yml | 18 | ||||
-rw-r--r-- | roles/rhel_subscribe/tasks/main.yml | 89 | ||||
-rw-r--r-- | roles/rhel_subscribe/tasks/satellite.yml | 5 |
5 files changed, 97 insertions, 56 deletions
diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 5e7bde1e1..83954eaf8 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -37,6 +37,13 @@ - when: r_openshift_repos_has_run is not defined block: + - include_tasks: rhel_repos.yml + when: + - ansible_distribution == 'RedHat' + - deployment_type == 'openshift-enterprise' + - (rhel_subscription_user or rhsub_user) is defined + - (rhel_subscription_password or rhsub_pass) is defined + - include_tasks: centos_repos.yml when: - ansible_os_family == "RedHat" diff --git a/roles/openshift_repos/tasks/rhel_repos.yml b/roles/openshift_repos/tasks/rhel_repos.yml new file mode 100644 index 000000000..c384cbe9a --- /dev/null +++ b/roles/openshift_repos/tasks/rhel_repos.yml @@ -0,0 +1,34 @@ +--- +- name: Ensure RHEL rhui repositories are disabled + command: bash -c "yum -q --noplugins repolist | grep -v 'repo id' | grep 'rhui'" + register: repo_rhui + changed_when: "repo_rhui.rc != 1" + failed_when: repo_rhui.rc == 11 + +- name: Disable RHEL rhui repositories + command: bash -c "yum-config-manager \ + --disable 'rhui-REGION-client-config-server-7' \ + --disable 'rhui-REGION-rhel-server-rh-common' \ + --disable 'rhui-REGION-rhel-server-releases' \ + --disable 'rhui-REGION-client-config-server-7'" + when: repo_rhui.changed + +- name: Ensure RHEL repositories are enabled + command: bash -c "yum -q --noplugins repolist | grep -v 'repo id' | grep 'Red Hat' | wc -l" + register: repo_rhel + changed_when: "'4' not in repo_rhel.stdout" + failed_when: repo_rhel.rc == 11 + +- name: Disable all repositories + command: bash -c "subscription-manager repos --disable='*'" + when: repo_rhel.changed + +- name: Enable RHEL repositories + command: subscription-manager repos \ + --enable="rhel-7-server-rpms" \ + --enable="rhel-7-server-extras-rpms" \ + --enable="rhel-7-server-ose-{{ (openshift_release | default('')).split('.')[0:2] | join('.') }}-rpms" \ + --enable="rhel-7-fast-datapath-rpms" + register: subscribe_repos + until: subscribe_repos | succeeded + when: repo_rhel.changed diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml deleted file mode 100644 index 8acdfb969..000000000 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- set_fact: - openshift_release: "{{ openshift_release[1:] }}" - when: - - openshift_release is defined - - openshift_release[0] == 'v' - -- name: Disable all repositories - command: subscription-manager repos --disable="*" - -- name: Enable RHEL repositories - command: subscription-manager repos \ - --enable="rhel-7-server-rpms" \ - --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-ose-{{ (openshift_release | default('')).split('.')[0:2] | join('.') }}-rpms" \ - --enable="rhel-7-fast-datapath-rpms" - register: subscribe_repos - until: subscribe_repos | succeeded diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index 3466b7e44..74ee8bbfe 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -1,30 +1,21 @@ --- -# TODO: Enhance redhat_subscription module -# to make it able to attach to a pool -# to make it able to enable repositories +- set_fact: + rhel_subscription_pass: "{{ lookup('env', 'rhel_subscription_pass') | default(rhsub_pass | default(omit, True)) }}" + rhel_subscription_pool: "{{ lookup('env', 'rhel_subscription_pool') | default(rhsub_pool | default('Red Hat OpenShift Container Platform, Premium*')) }}" + rhel_subscription_user: "{{ lookup('env', 'rhel_subscription_user') | default(rhsub_user | default(omit, True)) }}" + rhel_subscription_server: "{{ lookup('env', 'rhel_subscription_server') | default(rhsub_server | default(omit, True)) }}" - fail: msg: "This role is only supported for Red Hat hosts" when: ansible_distribution != 'RedHat' - fail: - msg: The rhsub_user variable is required for this role. - when: rhsub_user is not defined or not rhsub_user + msg: The rhel_subscription_user variable is required for this role. + when: rhel_subscription_user is not defined or not rhsub_user is not defined - fail: - msg: The rhsub_pass variable is required for this role. - when: rhsub_pass is not defined or not rhsub_pass - -- name: Detecting Atomic Host Operating System - stat: - path: /run/ostree-booted - register: ostree_booted - -- name: Satellite preparation - command: "rpm -Uvh http://{{ rhsub_server }}/pub/katello-ca-consumer-latest.noarch.rpm" - args: - creates: /etc/rhsm/ca/katello-server-ca.pem - when: rhsub_server is defined and rhsub_server + msg: The rhel_subscription_pass variable is required for this role. + when: rhel_subscription_pass is not defined or not rhsub_pass is not defined - name: Install Red Hat Subscription manager yum: @@ -33,36 +24,58 @@ register: result until: result | success -- name: RedHat subscriptions +- name: Is host already registered? + command: bash -c "subscription-manager version" + register: rh_subscribed + changed_when: "'not registered' in rh_subscribed.stdout" + ignore_errors: yes + +- name: Register host redhat_subscription: - username: "{{ rhsub_user }}" - password: "{{ rhsub_pass }}" + username: "{{ rhel_subscription_user }}" + password: "{{ rhel_subscription_pass }}" register: rh_subscription until: rh_subscription | succeeded + when: + - "'not registered' in rh_subscribed.stdout" + - rhel_subscription_user is defined + - rhel_subscription_pass is defined -- name: Retrieve the OpenShift Pool ID - command: subscription-manager list --available --matches="{{ rhsub_pool }}" --pool-only - register: openshift_pool_id - until: openshift_pool_id | succeeded - changed_when: False +- fail: + msg: 'Unable to register host with Red Hat Subscription Manager' + when: + - "'not registered' in rh_subscribed.stdout" + - rh_subscription.failed - name: Determine if OpenShift Pool Already Attached - command: subscription-manager list --consumed --matches="{{ rhsub_pool }}" --pool-only + command: bash -c "subscription-manager list --consumed --pool-only --matches '*OpenShift*' | grep {{ rhel_subscription_pool }}" register: openshift_pool_attached - until: openshift_pool_attached | succeeded - changed_when: False - when: openshift_pool_id.stdout == '' + changed_when: rhel_subscription_pool not in openshift_pool_attached.stdout + failed_when: openshift_pool_attached.rc == 2 + ignore_errors: yes + +- name: Retrieve the OpenShift Pool ID + command: bash -c "subscription-manager list --available --pool-only --matches '*OpenShift*' | grep {{ rhel_subscription_pool }}" + register: openshift_pool_retrieve + changed_when: rhel_subscription_pool in openshift_pool_retrieve.stdout + when: rhel_subscription_pool not in openshift_pool_attached.stdout + ignore_errors: yes - fail: - msg: "Unable to find pool matching {{ rhsub_pool }} in available or consumed pools" - when: openshift_pool_id.stdout == '' and openshift_pool_attached is defined and openshift_pool_attached.stdout == '' + msg: "Unable to find pool matching {{ rhel_subscription_pool }} in available pools" + when: + - rhel_subscription_pool not in openshift_pool_attached.stdout + - rhel_subscription_pool not in openshift_pool_retrieve.stdout - name: Attach to OpenShift Pool - command: subscription-manager attach --pool {{ openshift_pool_id.stdout_lines[0] }} - register: subscribe_pool - until: subscribe_pool | succeeded - when: openshift_pool_id.stdout != '' + command: bash -c "subscription-manager attach --pool {{ rhel_subscription_pool }}" + register: openshift_pool_attached + changed_when: "'Successfully attached a subscription' in openshift_pool_attached.stdout" + when: rhel_subscription_pool not in openshift_pool_attached.stdout -- include_tasks: enterprise.yml +- include_role: + role: rhel_subscribe + tasks_from: satellite when: - - not ostree_booted.stat.exists | bool + - (rhel_subscription_server or rhsub_server) is defined + - (rhel_subscription_server or rhsub_server) diff --git a/roles/rhel_subscribe/tasks/satellite.yml b/roles/rhel_subscribe/tasks/satellite.yml new file mode 100644 index 000000000..b2b2a621d --- /dev/null +++ b/roles/rhel_subscribe/tasks/satellite.yml @@ -0,0 +1,5 @@ +--- +- name: Satellite preparation + command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm" + args: + creates: /etc/rhsm/ca/katello-server-ca.pem |