summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/docker/tasks/main.yml2
-rw-r--r--roles/kubernetes_apiserver/tasks/main.yml2
-rw-r--r--roles/openshift_master/handlers/main.yml2
-rw-r--r--roles/openshift_master/tasks/main.yml11
-rw-r--r--roles/openshift_minion/defaults/main.yml2
-rw-r--r--roles/openshift_minion/handlers/main.yml4
-rw-r--r--roles/openshift_minion/tasks/main.yml29
-rw-r--r--roles/openshift_minion/vars/main.yml2
-rw-r--r--roles/openshift_node/README.md (renamed from roles/openshift_minion/README.md)0
-rw-r--r--roles/openshift_node/defaults/main.yml2
-rw-r--r--roles/openshift_node/files/sysconfig/kubeconfig40
-rw-r--r--roles/openshift_node/handlers/main.yml4
-rw-r--r--roles/openshift_node/meta/main.yml (renamed from roles/openshift_minion/meta/main.yml)0
-rw-r--r--roles/openshift_node/tasks/main.yml38
-rw-r--r--roles/openshift_node/vars/main.yml2
-rw-r--r--roles/repos/files/epel7-openshift.repo (renamed from roles/repos/files/epel7-origin.repo)0
-rw-r--r--roles/repos/files/oso-rhui-rhel-7-server.repo48
-rw-r--r--roles/repos/tasks/main.yaml5
18 files changed, 138 insertions, 55 deletions
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 2223bb675..2e9de3abe 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,7 +1,7 @@
---
# tasks file for docker
- name: Install docker
- yum: pkg=docker
+ yum: pkg=docker-io
- name: enable docker service
command: /usr/bin/systemctl enable docker.service
diff --git a/roles/kubernetes_apiserver/tasks/main.yml b/roles/kubernetes_apiserver/tasks/main.yml
index 81fdbbb40..995c2702e 100644
--- a/roles/kubernetes_apiserver/tasks/main.yml
+++ b/roles/kubernetes_apiserver/tasks/main.yml
@@ -9,7 +9,7 @@
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
with_items:
- - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' }
+ - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_node_ips | join(",") }}\"' }
- { regex: '^KUBE_API_ADDRESS=', line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' }
notify:
- restart kubernetes-apiserver
diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml
index 216af5dc9..5c30dccab 100644
--- a/roles/openshift_master/handlers/main.yml
+++ b/roles/openshift_master/handlers/main.yml
@@ -1,4 +1,4 @@
---
# handlers file for openshift_master
- name: restart openshift-master
- service: name=openshift state=restarted
+ service: name=openshift-master state=restarted
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 6826ef452..9f28a3469 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -1,20 +1,19 @@
---
# tasks file for openshift_master
- name: Install Origin
- yum: pkg=origin state=installed
+ yum: pkg=openshift-master state=installed
- # fixme: Once openshift stops resolving hostnames for minion queries remove this...
+ # fixme: Once openshift stops resolving hostnames for node queries remove this...
- name: Set hostname to IP Addr (WORKAROUND)
command: /usr/bin/hostname {{ oo_bind_ip }}
- name: Configure OpenShift Master settings
lineinfile:
- dest: /etc/sysconfig/openshift
+ dest: /etc/sysconfig/openshift-master
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
with_items:
- - { regex: '^ROLE=', line: 'ROLE=\"master\"' }
- - { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }} --loglevel=5\"' }
+ - { regex: '^OPTIONS=', line: 'OPTIONS=\"--public-master={{ oo_public_ip }} --nodes={{ oo_node_ips | join(",") }} --loglevel=5\"' }
notify:
- restart openshift-master
@@ -31,4 +30,4 @@
firewalld: port=8080/tcp permanent=true state=enabled
- name: Enable OpenShift
- service: name=openshift enabled=yes state=started
+ service: name=openshift-master enabled=yes state=started
diff --git a/roles/openshift_minion/defaults/main.yml b/roles/openshift_minion/defaults/main.yml
deleted file mode 100644
index dfcf3d98f..000000000
--- a/roles/openshift_minion/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# defaults file for openshift_minion
diff --git a/roles/openshift_minion/handlers/main.yml b/roles/openshift_minion/handlers/main.yml
deleted file mode 100644
index 2764456f4..000000000
--- a/roles/openshift_minion/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-# handlers file for openshift_minion
-- name: restart openshift-minion
- service: name=openshift state=restarted
diff --git a/roles/openshift_minion/tasks/main.yml b/roles/openshift_minion/tasks/main.yml
deleted file mode 100644
index 3821277bc..000000000
--- a/roles/openshift_minion/tasks/main.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-# tasks file for openshift_minion
-- name: Install OpenShift
- yum: pkg=origin state=installed
-
- # fixme: Once openshift stops resolving hostnames for minion queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
- command: /usr/bin/hostname {{ oo_bind_ip }}
-
-- name: Configure OpenShift Minion settings
- lineinfile:
- dest: /etc/sysconfig/openshift
- regexp: "{{ item.regex }}"
- line: "{{ item.line }}"
- with_items:
- - { regex: '^ROLE=', line: 'ROLE=\"node\"' }
- - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' }
- notify:
- - restart openshift-minion
-
-- name: Open firewalld port for OpenShift
- firewalld: port=10250/tcp permanent=false state=enabled
-
-- name: Save firewalld port for OpenShift
- firewalld: port=10250/tcp permanent=true state=enabled
-
-- name: Enable OpenShift
- service: name=openshift enabled=yes state=started
-
diff --git a/roles/openshift_minion/vars/main.yml b/roles/openshift_minion/vars/main.yml
deleted file mode 100644
index 715fba487..000000000
--- a/roles/openshift_minion/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-# vars file for openshift_minion
diff --git a/roles/openshift_minion/README.md b/roles/openshift_node/README.md
index 225dd44b9..225dd44b9 100644
--- a/roles/openshift_minion/README.md
+++ b/roles/openshift_node/README.md
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
new file mode 100644
index 000000000..af92e96d7
--- /dev/null
+++ b/roles/openshift_node/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for openshift_node
diff --git a/roles/openshift_node/files/sysconfig/kubeconfig b/roles/openshift_node/files/sysconfig/kubeconfig
new file mode 100644
index 000000000..81e660ae4
--- /dev/null
+++ b/roles/openshift_node/files/sysconfig/kubeconfig
@@ -0,0 +1,40 @@
+apiVersion: v1
+clusters:
+- cluster:
+ api-version: v1beta1
+ server: http://cow.org:8080
+ name: cow-cluster
+- cluster:
+ certificate-authority: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+- cluster:
+ insecure-skip-tls-verify: true
+ server: https://pig.org:443
+ name: pig-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+- context:
+ cluster: pig-cluster
+ namespace: saw-ns
+ user: black-user
+ name: queen-anne-context
+current-context: federal-context
+kind: Config
+preferences:
+ colors: true
+users:
+- name: black-user
+ user:
+ auth-path: path/to/my/existing/.kubernetes_auth_file
+- name: blue-user
+ user:
+ token: blue-token
+- name: green-user
+ user:
+ client-certificate: path/to/my/client/cert
+ client-key: path/to/my/client/key
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
new file mode 100644
index 000000000..afbb5a53f
--- /dev/null
+++ b/roles/openshift_node/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+# handlers file for openshift_node
+- name: restart openshift-node
+ service: name=openshift-node state=restarted
diff --git a/roles/openshift_minion/meta/main.yml b/roles/openshift_node/meta/main.yml
index c5c362c60..c5c362c60 100644
--- a/roles/openshift_minion/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
new file mode 100644
index 000000000..9da269888
--- /dev/null
+++ b/roles/openshift_node/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+# tasks file for openshift_node
+- name: Install OpenShift
+ yum: pkg=openshift-node state=installed
+
+ # fixme: Once openshift stops resolving hostnames for node queries remove this...
+- name: Set hostname to IP Addr (WORKAROUND)
+ command: /usr/bin/hostname {{ oo_bind_ip }}
+
+- name: Retrieve OpenShift Master credentials
+ local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ oo_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ /tmp/openshift
+ ignore_errors: yes
+
+- file: path=/var/lib/openshift/openshift.local.certificates/admin state=directory
+
+- name: Store OpenShift Master credentials
+ local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' /tmp/openshift/ root@{{ oo_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
+ ignore_errors: yes
+
+- name: Configure OpenShift Node settings
+ lineinfile:
+ dest: /etc/sysconfig/openshift-node
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
+ with_items:
+ - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' }
+ notify:
+ - restart openshift-node
+
+- name: Open firewalld port for OpenShift
+ firewalld: port=10250/tcp permanent=false state=enabled
+
+- name: Save firewalld port for OpenShift
+ firewalld: port=10250/tcp permanent=true state=enabled
+
+- name: Enable OpenShift
+ service: name=openshift-node enabled=yes state=started
+
diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml
new file mode 100644
index 000000000..3184e8ac7
--- /dev/null
+++ b/roles/openshift_node/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for openshift_node
diff --git a/roles/repos/files/epel7-origin.repo b/roles/repos/files/epel7-openshift.repo
index c7629872d..c7629872d 100644
--- a/roles/repos/files/epel7-origin.repo
+++ b/roles/repos/files/epel7-openshift.repo
diff --git a/roles/repos/files/oso-rhui-rhel-7-server.repo b/roles/repos/files/oso-rhui-rhel-7-server.repo
index d32070634..fa182cb0a 100644
--- a/roles/repos/files/oso-rhui-rhel-7-server.repo
+++ b/roles/repos/files/oso-rhui-rhel-7-server.repo
@@ -1,13 +1,45 @@
-[oso-rhel-7-server]
-name=Red Hat Enterprise Linux 7 Server from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases
+[oso-rhui-rhel-server-releases]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
enabled=1
gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
-[oso-rhel-7-server-optional]
-name=Red Hat Enterprise Linux 7 Server - Optional from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases-optional
+[oso-rhui-rhel-server-releases-optional]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease - Optional
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
enabled=1
gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras-htb]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras HTB
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+ https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml
index 3b66bb392..cb4b5ad40 100644
--- a/roles/repos/tasks/main.yaml
+++ b/roles/repos/tasks/main.yaml
@@ -10,4 +10,7 @@
copy: src=epel7-kubernetes.repo dest=/etc/yum.repos.d/epel7-kubernetes.repo
- name: Ensure the origin repo is available
- copy: src=epel7-origin.repo dest=/etc/yum.repos.d/epel7-origin.repo
+ copy: src=epel7-openshift.repo dest=/etc/yum.repos.d/epel7-openshift.repo
+
+- name: Ensure the rhel repo is available
+ copy: src=oso-rhui-rhel-7-server.repo dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo