diff options
Diffstat (limited to 'roles')
79 files changed, 331 insertions, 362 deletions
diff --git a/roles/container_runtime/defaults/main.yml b/roles/container_runtime/defaults/main.yml index bd96965ac..d7eb8663f 100644 --- a/roles/container_runtime/defaults/main.yml +++ b/roles/container_runtime/defaults/main.yml @@ -59,6 +59,7 @@ docker_default_storage_path: /var/lib/docker # Set local versions of facts that must be in json format for container-daemon.json # NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson l_docker_log_options: "{{ l2_docker_log_options | to_json }}" +l_docker_log_options_dict: "{{ l2_docker_log_options | oo_list_to_dict | to_json }}" l_docker_additional_registries: "{{ l2_docker_additional_registries | to_json }}" l_docker_blocked_registries: "{{ l2_docker_blocked_registries | to_json }}" l_docker_insecure_registries: "{{ l2_docker_insecure_registries | to_json }}" @@ -81,6 +82,7 @@ l_insecure_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l2_docker_insecure l_crio_registries: "{{ l2_docker_additional_registries + ['docker.io'] }}" l_additional_crio_registries: "{{ '\"{}\"'.format('\", \"'.join(l_crio_registries)) }}" + openshift_crio_image_tag_default: "latest" l_crt_crio_image_tag_dict: @@ -127,3 +129,5 @@ l_docker_image_tag: "{{ l_crt_docker_image_tag_dict[openshift_deployment_type] } l_docker_image_default: "{{ l_docker_image_prepend }}/{{ openshift_docker_service_name }}:{{ l_docker_image_tag }}" l_docker_image: "{{ openshift_docker_systemcontainer_image_override | default(l_docker_image_default) }}" + +l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}" diff --git a/roles/container_runtime/tasks/systemcontainer_crio.yml b/roles/container_runtime/tasks/systemcontainer_crio.yml index 5ea7df650..61f122f3c 100644 --- a/roles/container_runtime/tasks/systemcontainer_crio.yml +++ b/roles/container_runtime/tasks/systemcontainer_crio.yml @@ -4,7 +4,7 @@ fail: msg='Cannot use CRI-O with node configured as a Docker container' when: - openshift.common.is_containerized | bool - - not openshift.common.is_node_system_container | bool + - not l_is_node_system_container | bool - include_tasks: common/pre.yml diff --git a/roles/container_runtime/templates/daemon.json b/roles/container_runtime/templates/daemon.json index 383963bd3..1a72d812a 100644 --- a/roles/container_runtime/templates/daemon.json +++ b/roles/container_runtime/templates/daemon.json @@ -5,10 +5,10 @@ "disable-legacy-registry": false, "exec-opts": ["native.cgroupdriver=systemd"], "insecure-registries": {{ l_docker_insecure_registries }}, -{% if openshift_docker_log_driver is defined %} +{% if openshift_docker_log_driver %} "log-driver": "{{ openshift_docker_log_driver }}", {%- endif %} - "log-opts": {{ l_docker_log_options }}, + "log-opts": {{ l_docker_log_options_dict }}, "runtimes": { "oci": { "path": "/usr/libexec/docker/docker-runc-current" diff --git a/roles/etcd/tasks/migration/add_ttls.yml b/roles/etcd/tasks/migration/add_ttls.yml index 4bdc6bcc3..a4b0ff31d 100644 --- a/roles/etcd/tasks/migration/add_ttls.yml +++ b/roles/etcd/tasks/migration/add_ttls.yml @@ -11,7 +11,7 @@ - name: Re-introduce leases (as a replacement for key TTLs) command: > - oadm migrate etcd-ttl \ + {{ openshift.common.client_binary }} adm migrate etcd-ttl \ --cert {{ r_etcd_common_master_peer_cert_file }} \ --key {{ r_etcd_common_master_peer_key_file }} \ --cacert {{ r_etcd_common_master_peer_ca_file }} \ diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml index 80e4d391d..705d39f9a 100644 --- a/roles/flannel/handlers/main.yml +++ b/roles/flannel/handlers/main.yml @@ -15,7 +15,7 @@ - name: restart node systemd: - name: "{{ openshift.common.service_type }}-node" + name: "{{ openshift_service_type }}-node" state: restarted register: l_restart_node_result until: not l_restart_node_result | failed diff --git a/roles/kuryr/tasks/node.yaml b/roles/kuryr/tasks/node.yaml index ffe814713..08f2d5adc 100644 --- a/roles/kuryr/tasks/node.yaml +++ b/roles/kuryr/tasks/node.yaml @@ -36,7 +36,7 @@ - name: Configure OpenShift node with disabled service proxy lineinfile: - dest: "/etc/sysconfig/{{ openshift.common.service_type }}-node" + dest: "/etc/sysconfig/{{ openshift_service_type }}-node" regexp: '^OPTIONS="?(.*?)"?$' backrefs: yes backup: yes @@ -44,5 +44,5 @@ - name: force node restart to disable the proxy service: - name: "{{ openshift.common.service_type }}-node" + name: "{{ openshift_service_type }}-node" state: restarted diff --git a/roles/nuage_master/handlers/main.yaml b/roles/nuage_master/handlers/main.yaml index cb83c8ead..7b55dda56 100644 --- a/roles/nuage_master/handlers/main.yaml +++ b/roles/nuage_master/handlers/main.yaml @@ -1,6 +1,6 @@ --- - name: restart master api - systemd: name={{ openshift.common.service_type }}-master-api state=restarted + systemd: name={{ openshift_service_type }}-master-api state=restarted when: > (openshift_master_ha | bool) and (not master_api_service_status_changed | default(false)) @@ -8,7 +8,7 @@ # TODO: need to fix up ignore_errors here # We retry the controllers because the API may not be 100% initialized yet. - name: restart master controllers - command: "systemctl restart {{ openshift.common.service_type }}-master-controllers" + command: "systemctl restart {{ openshift_service_type }}-master-controllers" retries: 3 delay: 5 register: result diff --git a/roles/nuage_node/handlers/main.yaml b/roles/nuage_node/handlers/main.yaml index e68ae74bd..ede6f2125 100644 --- a/roles/nuage_node/handlers/main.yaml +++ b/roles/nuage_node/handlers/main.yaml @@ -1,7 +1,7 @@ --- - name: restart node become: yes - systemd: name={{ openshift.common.service_type }}-node daemon-reload=yes state=restarted + systemd: name={{ openshift_service_type }}-node daemon-reload=yes state=restarted - name: save iptable rules become: yes diff --git a/roles/nuage_node/vars/main.yaml b/roles/nuage_node/vars/main.yaml index fdf01b7c2..88d62de49 100644 --- a/roles/nuage_node/vars/main.yaml +++ b/roles/nuage_node/vars/main.yaml @@ -23,5 +23,5 @@ cni_conf_dir: "/etc/cni/net.d/" cni_bin_dir: "/opt/cni/bin/" nuage_plugin_crt_dir: /usr/share/vsp-openshift -openshift_atomic_node_config_file: /etc/sysconfig/{{ openshift.common.service_type }}-node +openshift_atomic_node_config_file: /etc/sysconfig/{{ openshift_service_type }}-node nuage_atomic_docker_additional_mounts: "NUAGE_ADDTL_BIND_MOUNTS=-v /var/usr/share/vsp-openshift:/var/usr/share/vsp-openshift -v /etc/default:/etc/default -v /var/run:/var/run -v /opt/cni/bin:/opt/cni/bin -v /etc/cni/net.d:/etc/cni/net.d" diff --git a/roles/openshift_builddefaults/tasks/main.yml b/roles/openshift_builddefaults/tasks/main.yml index e0b51eee0..612b6522d 100644 --- a/roles/openshift_builddefaults/tasks/main.yml +++ b/roles/openshift_builddefaults/tasks/main.yml @@ -4,11 +4,6 @@ role: builddefaults # TODO: add ability to define builddefaults env vars sort of like this # may need to move the config generation to a filter however. - # openshift_env: "{{ hostvars - # | oo_merge_hostvars(vars, inventory_hostname) - # | oo_openshift_env }}" - # openshift_env_structures: - # - 'openshift.builddefaults.env.*' local_facts: http_proxy: "{{ openshift_builddefaults_http_proxy | default(None) }}" https_proxy: "{{ openshift_builddefaults_https_proxy | default(None) }}" diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index 05e0a1352..eb00f13db 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -9,7 +9,7 @@ - name: Install the base package for admin tooling package: - name: "{{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: not openshift.common.is_containerized | bool register: install_result diff --git a/roles/openshift_cli/library/openshift_container_binary_sync.py b/roles/openshift_cli/library/openshift_container_binary_sync.py index 08045794a..440b8ec28 100644 --- a/roles/openshift_cli/library/openshift_container_binary_sync.py +++ b/roles/openshift_cli/library/openshift_container_binary_sync.py @@ -27,7 +27,7 @@ class BinarySyncError(Exception): # pylint: disable=too-few-public-methods,too-many-instance-attributes class BinarySyncer(object): """ - Syncs the openshift, oc, oadm, and kubectl binaries/symlinks out of + Syncs the openshift, oc, and kubectl binaries/symlinks out of a container onto the host system. """ @@ -108,7 +108,10 @@ class BinarySyncer(object): # Ensure correct symlinks created: self._sync_symlink('kubectl', 'openshift') - self._sync_symlink('oadm', 'openshift') + + # Remove old oadm binary + if os.path.exists(os.path.join(self.bin_dir, 'oadm')): + os.remove(os.path.join(self.bin_dir, 'oadm')) def _sync_symlink(self, binary_name, link_to): """ Ensure the given binary name exists and links to the expected binary. """ diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 140c6ea26..a90143aa3 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install clients - package: name={{ openshift.common.service_type }}-clients state=present + package: name={{ openshift_service_type }}-clients state=present when: not openshift.common.is_containerized | bool register: result until: result | success diff --git a/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 index 53e8b448b..3d51abc52 100644 --- a/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 +++ b/roles/openshift_docker_gc/templates/dockergc-ds.yaml.j2 @@ -5,7 +5,7 @@ items: kind: ServiceAccount metadata: name: dockergc - # You must grant privileged via: oadm policy add-scc-to-user -z dockergc privileged + # You must grant privileged via: oc adm policy add-scc-to-user -z dockergc privileged # in order for the dockergc to access the docker socket and root directory - apiVersion: extensions/v1beta1 kind: DaemonSet diff --git a/roles/openshift_excluder/README.md b/roles/openshift_excluder/README.md index 80cb88d45..7b43d5adf 100644 --- a/roles/openshift_excluder/README.md +++ b/roles/openshift_excluder/README.md @@ -28,7 +28,7 @@ Role Variables | r_openshift_excluder_verify_upgrade | false | true, false | When upgrading, this variable should be set to true when calling the role | | r_openshift_excluder_package_state | present | present, latest | Use 'latest' to upgrade openshift_excluder package | | r_openshift_excluder_docker_package_state | present | present, latest | Use 'latest' to upgrade docker_excluder package | -| r_openshift_excluder_service_type | None | | (Required) Defined as openshift.common.service_type e.g. atomic-openshift | +| r_openshift_excluder_service_type | None | | (Required) Defined as openshift_service_type e.g. atomic-openshift | | r_openshift_excluder_upgrade_target | None | | Required when r_openshift_excluder_verify_upgrade is true, defined as openshift_upgrade_target by Upgrade playbooks e.g. '3.6'| Dependencies @@ -46,15 +46,12 @@ Example Playbook # Disable all excluders - role: openshift_excluder r_openshift_excluder_action: disable - r_openshift_excluder_service_type: "{{ openshift.common.service_type }}" # Enable all excluders - role: openshift_excluder r_openshift_excluder_action: enable - r_openshift_excluder_service_type: "{{ openshift.common.service_type }}" # Disable all excluders and verify appropriate excluder packages are available for upgrade - role: openshift_excluder r_openshift_excluder_action: disable - r_openshift_excluder_service_type: "{{ openshift.common.service_type }}" r_openshift_excluder_verify_upgrade: true r_openshift_excluder_upgrade_target: "{{ openshift_upgrade_target }}" r_openshift_excluder_package_state: latest diff --git a/roles/openshift_excluder/defaults/main.yml b/roles/openshift_excluder/defaults/main.yml index d4f151142..3a910e490 100644 --- a/roles/openshift_excluder/defaults/main.yml +++ b/roles/openshift_excluder/defaults/main.yml @@ -2,7 +2,7 @@ # keep the 'current' package or update to 'latest' if available? r_openshift_excluder_package_state: present r_openshift_excluder_docker_package_state: present - +r_openshift_excluder_service_type: "{{ openshift_service_type }}" # Legacy variables are included for backwards compatibility with v3.5 # Inventory variables Legacy # openshift_enable_excluders enable_excluders diff --git a/roles/openshift_excluder/meta/main.yml b/roles/openshift_excluder/meta/main.yml index 871081c19..a9653edda 100644 --- a/roles/openshift_excluder/meta/main.yml +++ b/roles/openshift_excluder/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud dependencies: +- role: openshift_facts - role: lib_utils diff --git a/roles/openshift_excluder/tasks/main.yml b/roles/openshift_excluder/tasks/main.yml index 93d6ef149..f0e87ba25 100644 --- a/roles/openshift_excluder/tasks/main.yml +++ b/roles/openshift_excluder/tasks/main.yml @@ -19,11 +19,6 @@ msg: "openshift_excluder role can only be called with 'enable' or 'disable'" when: r_openshift_excluder_action not in ['enable', 'disable'] - - name: Fail if r_openshift_excluder_service_type is not defined - fail: - msg: "r_openshift_excluder_service_type must be specified for this role" - when: r_openshift_excluder_service_type is not defined - - name: Fail if r_openshift_excluder_upgrade_target is not defined fail: msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades" diff --git a/roles/openshift_facts/defaults/main.yml b/roles/openshift_facts/defaults/main.yml index a182d23c5..53a3bc87e 100644 --- a/roles/openshift_facts/defaults/main.yml +++ b/roles/openshift_facts/defaults/main.yml @@ -98,3 +98,9 @@ openshift_prometheus_alertbuffer_storage_create_pvc: False openshift_router_selector: "region=infra" openshift_hosted_router_selector: "{{ openshift_router_selector }}" openshift_hosted_registry_selector: "{{ openshift_router_selector }}" + +openshift_service_type_dict: + origin: origin + openshift-enterprise: atomic-openshift + +openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index b371d347c..520c00340 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -94,8 +94,7 @@ def migrate_admission_plugin_facts(facts): # Merge existing kube_admission_plugin_config with admission_plugin_config. facts['master']['admission_plugin_config'] = merge_facts(facts['master']['admission_plugin_config'], facts['master']['kube_admission_plugin_config'], - additive_facts_to_overwrite=[], - protected_facts_to_overwrite=[]) + additive_facts_to_overwrite=[]) # Remove kube_admission_plugin_config fact facts['master'].pop('kube_admission_plugin_config', None) return facts @@ -538,7 +537,7 @@ def set_aggregate_facts(facts): def set_deployment_facts_if_unset(facts): """ Set Facts that vary based on deployment_type. This currently - includes common.service_type, master.registry_url, node.registry_url, + includes master.registry_url, node.registry_url, node.storage_plugin_deps Args: @@ -550,14 +549,6 @@ def set_deployment_facts_if_unset(facts): # disabled to avoid breaking up facts related to deployment type into # multiple methods for now. # pylint: disable=too-many-statements, too-many-branches - if 'common' in facts: - deployment_type = facts['common']['deployment_type'] - if 'service_type' not in facts['common']: - service_type = 'atomic-openshift' - if deployment_type == 'origin': - service_type = 'origin' - facts['common']['service_type'] = service_type - for role in ('master', 'node'): if role in facts: deployment_type = facts['common']['deployment_type'] @@ -854,7 +845,7 @@ values provided as a list. Hence the gratuitous use of ['foo'] below. # If we've added items to the kubelet_args dict then we need # to merge the new items back into the main facts object. if kubelet_args != {}: - facts = merge_facts({'node': {'kubelet_args': kubelet_args}}, facts, [], []) + facts = merge_facts({'node': {'kubelet_args': kubelet_args}}, facts, []) return facts @@ -876,7 +867,7 @@ def build_controller_args(facts): controller_args['cloud-provider'] = ['gce'] controller_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] if controller_args != {}: - facts = merge_facts({'master': {'controller_args': controller_args}}, facts, [], []) + facts = merge_facts({'master': {'controller_args': controller_args}}, facts, []) return facts @@ -898,7 +889,7 @@ def build_api_server_args(facts): api_server_args['cloud-provider'] = ['gce'] api_server_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] if api_server_args != {}: - facts = merge_facts({'master': {'api_server_args': api_server_args}}, facts, [], []) + facts = merge_facts({'master': {'api_server_args': api_server_args}}, facts, []) return facts @@ -1021,8 +1012,13 @@ def get_container_openshift_version(facts): If containerized, see if we can determine the installed version via the systemd environment files. """ + deployment_type = facts['common']['deployment_type'] + service_type_dict = {'origin': 'origin', + 'openshift-enterprise': 'atomic-openshift'} + service_type = service_type_dict[deployment_type] + for filename in ['/etc/sysconfig/%s-master-controllers', '/etc/sysconfig/%s-node']: - env_path = filename % facts['common']['service_type'] + env_path = filename % service_type if not os.path.exists(env_path): continue @@ -1085,7 +1081,7 @@ def apply_provider_facts(facts, provider_facts): # Disabling pylint too many branches. This function needs refactored # but is a very core part of openshift_facts. # pylint: disable=too-many-branches, too-many-nested-blocks -def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overwrite): +def merge_facts(orig, new, additive_facts_to_overwrite): """ Recursively merge facts dicts Args: @@ -1093,14 +1089,11 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw new (dict): facts to update additive_facts_to_overwrite (list): additive facts to overwrite in jinja '.' notation ex: ['master.named_certificates'] - protected_facts_to_overwrite (list): protected facts to overwrite in jinja - '.' notation ex: ['master.master_count'] Returns: dict: the merged facts """ additive_facts = ['named_certificates'] - protected_facts = ['ha'] # Facts we do not ever want to merge. These originate in inventory variables # and contain JSON dicts. We don't ever want to trigger a merge @@ -1132,14 +1125,7 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw if '.' in item and item.startswith(key + '.'): relevant_additive_facts.append(item) - # Collect the subset of protected facts to overwrite - # if key matches. These will be passed to the - # subsequent merge_facts call. - relevant_protected_facts = [] - for item in protected_facts_to_overwrite: - if '.' in item and item.startswith(key + '.'): - relevant_protected_facts.append(item) - facts[key] = merge_facts(value, new[key], relevant_additive_facts, relevant_protected_facts) + facts[key] = merge_facts(value, new[key], relevant_additive_facts) # Key matches an additive fact and we are not overwriting # it so we will append the new value to the existing value. elif key in additive_facts and key not in [x.split('.')[-1] for x in additive_facts_to_overwrite]: @@ -1149,18 +1135,6 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw if item not in new_fact: new_fact.append(item) facts[key] = new_fact - # Key matches a protected fact and we are not overwriting - # it so we will determine if it is okay to change this - # fact. - elif key in protected_facts and key not in [x.split('.')[-1] for x in protected_facts_to_overwrite]: - # ha (bool) can not change unless it has been passed - # as a protected fact to overwrite. - if key == 'ha': - if safe_get_bool(value) != safe_get_bool(new[key]): - # pylint: disable=line-too-long - module.fail_json(msg='openshift_facts received a different value for openshift.master.ha') # noqa: F405 - else: - facts[key] = value # No other condition has been met. Overwrite the old fact # with the new value. else: @@ -1433,7 +1407,6 @@ def set_container_facts_if_unset(facts): facts['node']['ovs_system_image'] = ovs_image if safe_get_bool(facts['common']['is_containerized']): - facts['common']['admin_binary'] = '/usr/local/bin/oadm' facts['common']['client_binary'] = '/usr/local/bin/oc' return facts @@ -1494,8 +1467,6 @@ class OpenShiftFacts(object): local_facts (dict): local facts to set additive_facts_to_overwrite (list): additive facts to overwrite in jinja '.' notation ex: ['master.named_certificates'] - protected_facts_to_overwrite (list): protected facts to overwrite in jinja - '.' notation ex: ['master.master_count'] Raises: OpenShiftFactsUnsupportedRoleError: @@ -1511,10 +1482,7 @@ class OpenShiftFacts(object): # Disabling too-many-arguments, this should be cleaned up as a TODO item. # pylint: disable=too-many-arguments,no-value-for-parameter def __init__(self, role, filename, local_facts, - additive_facts_to_overwrite=None, - openshift_env=None, - openshift_env_structures=None, - protected_facts_to_overwrite=None): + additive_facts_to_overwrite=None): self.changed = False self.filename = filename if role not in self.known_roles: @@ -1536,34 +1504,23 @@ class OpenShiftFacts(object): self.system_facts = get_all_facts(module)['ansible_facts'] # noqa: F405 self.facts = self.generate_facts(local_facts, - additive_facts_to_overwrite, - openshift_env, - openshift_env_structures, - protected_facts_to_overwrite) + additive_facts_to_overwrite) def generate_facts(self, local_facts, - additive_facts_to_overwrite, - openshift_env, - openshift_env_structures, - protected_facts_to_overwrite): + additive_facts_to_overwrite): """ Generate facts Args: local_facts (dict): local_facts for overriding generated defaults additive_facts_to_overwrite (list): additive facts to overwrite in jinja '.' notation ex: ['master.named_certificates'] - openshift_env (dict): openshift_env facts for overriding generated defaults - protected_facts_to_overwrite (list): protected facts to overwrite in jinja - '.' notation ex: ['master.master_count'] Returns: dict: The generated facts """ + local_facts = self.init_local_facts(local_facts, - additive_facts_to_overwrite, - openshift_env, - openshift_env_structures, - protected_facts_to_overwrite) + additive_facts_to_overwrite) roles = local_facts.keys() if 'common' in local_facts and 'deployment_type' in local_facts['common']: @@ -1581,8 +1538,7 @@ class OpenShiftFacts(object): facts = apply_provider_facts(defaults, provider_facts) facts = merge_facts(facts, local_facts, - additive_facts_to_overwrite, - protected_facts_to_overwrite) + additive_facts_to_overwrite) facts = migrate_oauth_template_facts(facts) facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) @@ -1627,7 +1583,7 @@ class OpenShiftFacts(object): hostname=hostname, public_hostname=hostname, portal_net='172.30.0.0/16', - client_binary='oc', admin_binary='oadm', + client_binary='oc', dns_domain='cluster.local', config_base='/etc/origin') @@ -1732,65 +1688,17 @@ class OpenShiftFacts(object): ) return provider_facts - @staticmethod - def split_openshift_env_fact_keys(openshift_env_fact, openshift_env_structures): - """ Split openshift_env facts based on openshift_env structures. - - Args: - openshift_env_fact (string): the openshift_env fact to split - ex: 'openshift_cloudprovider_openstack_auth_url' - openshift_env_structures (list): a list of structures to determine fact keys - ex: ['openshift.cloudprovider.openstack.*'] - Returns: - list: a list of keys that represent the fact - ex: ['openshift', 'cloudprovider', 'openstack', 'auth_url'] - """ - # By default, we'll split an openshift_env fact by underscores. - fact_keys = openshift_env_fact.split('_') - - # Determine if any of the provided variable structures match the fact. - matching_structure = None - if openshift_env_structures is not None: - for structure in openshift_env_structures: - if re.match(structure, openshift_env_fact): - matching_structure = structure - # Fact didn't match any variable structures so return the default fact keys. - if matching_structure is None: - return fact_keys - - final_keys = [] - structure_keys = matching_structure.split('.') - for structure_key in structure_keys: - # Matched current key. Add to final keys. - if structure_key == fact_keys[structure_keys.index(structure_key)]: - final_keys.append(structure_key) - # Wildcard means we will be taking everything from here to the end of the fact. - elif structure_key == '*': - final_keys.append('_'.join(fact_keys[structure_keys.index(structure_key):])) - # Shouldn't have gotten here, return the fact keys. - else: - return fact_keys - return final_keys - # Disabling too-many-branches and too-many-locals. # This should be cleaned up as a TODO item. # pylint: disable=too-many-branches, too-many-locals def init_local_facts(self, facts=None, - additive_facts_to_overwrite=None, - openshift_env=None, - openshift_env_structures=None, - protected_facts_to_overwrite=None): + additive_facts_to_overwrite=None): """ Initialize the local facts Args: facts (dict): local facts to set additive_facts_to_overwrite (list): additive facts to overwrite in jinja '.' notation ex: ['master.named_certificates'] - openshift_env (dict): openshift env facts to set - protected_facts_to_overwrite (list): protected facts to overwrite in jinja - '.' notation ex: ['master.master_count'] - - Returns: dict: The result of merging the provided facts with existing local facts @@ -1802,45 +1710,13 @@ class OpenShiftFacts(object): if facts is not None: facts_to_set[self.role] = facts - if openshift_env != {} and openshift_env is not None: - for fact, value in iteritems(openshift_env): - oo_env_facts = dict() - current_level = oo_env_facts - keys = self.split_openshift_env_fact_keys(fact, openshift_env_structures)[1:] - - if len(keys) > 0 and keys[0] != self.role: - continue - - # Build a dictionary from the split fact keys. - # After this loop oo_env_facts is the resultant dictionary. - # For example: - # fact = "openshift_metrics_install_metrics" - # value = 'true' - # keys = ['metrics', 'install', 'metrics'] - # result = {'metrics': {'install': {'metrics': 'true'}}} - for i, _ in enumerate(keys): - # This is the last key. Set the value. - if i == (len(keys) - 1): - current_level[keys[i]] = value - # This is a key other than the last key. Set as - # dictionary and continue. - else: - current_level[keys[i]] = dict() - current_level = current_level[keys[i]] - - facts_to_set = merge_facts(orig=facts_to_set, - new=oo_env_facts, - additive_facts_to_overwrite=[], - protected_facts_to_overwrite=[]) - local_facts = get_local_facts_from_file(self.filename) migrated_facts = migrate_local_facts(local_facts) new_local_facts = merge_facts(migrated_facts, facts_to_set, - additive_facts_to_overwrite, - protected_facts_to_overwrite) + additive_facts_to_overwrite) new_local_facts = self.remove_empty_facts(new_local_facts) @@ -1948,9 +1824,6 @@ def main(): choices=OpenShiftFacts.known_roles), local_facts=dict(default=None, type='dict', required=False), additive_facts_to_overwrite=dict(default=[], type='list', required=False), - openshift_env=dict(default={}, type='dict', required=False), - openshift_env_structures=dict(default=[], type='list', required=False), - protected_facts_to_overwrite=dict(default=[], type='list', required=False) ), supports_check_mode=True, add_file_common_args=True, @@ -1966,19 +1839,13 @@ def main(): role = module.params['role'] # noqa: F405 local_facts = module.params['local_facts'] # noqa: F405 additive_facts_to_overwrite = module.params['additive_facts_to_overwrite'] # noqa: F405 - openshift_env = module.params['openshift_env'] # noqa: F405 - openshift_env_structures = module.params['openshift_env_structures'] # noqa: F405 - protected_facts_to_overwrite = module.params['protected_facts_to_overwrite'] # noqa: F405 fact_file = '/etc/ansible/facts.d/openshift.fact' openshift_facts = OpenShiftFacts(role, fact_file, local_facts, - additive_facts_to_overwrite, - openshift_env, - openshift_env_structures, - protected_facts_to_overwrite) + additive_facts_to_overwrite) file_params = module.params.copy() # noqa: F405 file_params['path'] = fact_file diff --git a/roles/openshift_health_checker/HOWTO_CHECKS.md b/roles/openshift_health_checker/HOWTO_CHECKS.md index 6c5662a4e..94961f2d4 100644 --- a/roles/openshift_health_checker/HOWTO_CHECKS.md +++ b/roles/openshift_health_checker/HOWTO_CHECKS.md @@ -12,7 +12,7 @@ Checks are typically implemented as two parts: The checks are called from Ansible playbooks via the `openshift_health_check` action plugin. See -[playbooks/byo/openshift-preflight/check.yml](../../playbooks/byo/openshift-preflight/check.yml) +[playbooks/openshift-checks/pre-install.yml](../../playbooks/openshift-checks/pre-install.yml) for an example. The action plugin dynamically discovers all checks and executes only those diff --git a/roles/openshift_health_checker/defaults/main.yml b/roles/openshift_health_checker/defaults/main.yml new file mode 100644 index 000000000..f25a0dc79 --- /dev/null +++ b/roles/openshift_health_checker/defaults/main.yml @@ -0,0 +1,6 @@ +--- +openshift_service_type_dict: + origin: origin + openshift-enterprise: atomic-openshift + +openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}" diff --git a/roles/openshift_health_checker/openshift_checks/package_availability.py b/roles/openshift_health_checker/openshift_checks/package_availability.py index 090e438ff..980e23f27 100644 --- a/roles/openshift_health_checker/openshift_checks/package_availability.py +++ b/roles/openshift_health_checker/openshift_checks/package_availability.py @@ -15,7 +15,9 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck): return super(PackageAvailability, self).is_active() and self.get_var("ansible_pkg_mgr") == "yum" def run(self): - rpm_prefix = self.get_var("openshift", "common", "service_type") + rpm_prefix = self.get_var("openshift_service_type") + if self._templar is not None: + rpm_prefix = self._templar.template(rpm_prefix) group_names = self.get_var("group_names", default=[]) packages = set() diff --git a/roles/openshift_health_checker/openshift_checks/package_version.py b/roles/openshift_health_checker/openshift_checks/package_version.py index 13a91dadf..f3a628e28 100644 --- a/roles/openshift_health_checker/openshift_checks/package_version.py +++ b/roles/openshift_health_checker/openshift_checks/package_version.py @@ -41,7 +41,9 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck): return super(PackageVersion, self).is_active() and master_or_node def run(self): - rpm_prefix = self.get_var("openshift", "common", "service_type") + rpm_prefix = self.get_var("openshift_service_type") + if self._templar is not None: + rpm_prefix = self._templar.template(rpm_prefix) openshift_release = self.get_var("openshift_release", default='') deployment_type = self.get_var("openshift_deployment_type") check_multi_minor_release = deployment_type in ['openshift-enterprise'] diff --git a/roles/openshift_health_checker/test/docker_image_availability_test.py b/roles/openshift_health_checker/test/docker_image_availability_test.py index ec46c3b4b..fc333dfd4 100644 --- a/roles/openshift_health_checker/test/docker_image_availability_test.py +++ b/roles/openshift_health_checker/test/docker_image_availability_test.py @@ -8,12 +8,12 @@ def task_vars(): return dict( openshift=dict( common=dict( - service_type='origin', is_containerized=False, is_atomic=False, ), docker=dict(), ), + openshift_service_type='origin', openshift_deployment_type='origin', openshift_image_tag='', group_names=['oo_nodes_to_config', 'oo_masters_to_config'], diff --git a/roles/openshift_health_checker/test/etcd_traffic_test.py b/roles/openshift_health_checker/test/etcd_traffic_test.py index dd6f4ad81..a29dc166b 100644 --- a/roles/openshift_health_checker/test/etcd_traffic_test.py +++ b/roles/openshift_health_checker/test/etcd_traffic_test.py @@ -37,8 +37,9 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words) task_vars = dict( group_names=group_names, openshift=dict( - common=dict(service_type="origin", is_containerized=False), - ) + common=dict(is_containerized=False), + ), + openshift_service_type="origin" ) result = EtcdTraffic(execute_module, task_vars).run() diff --git a/roles/openshift_health_checker/test/ovs_version_test.py b/roles/openshift_health_checker/test/ovs_version_test.py index 6f0457549..dd98ff4d8 100644 --- a/roles/openshift_health_checker/test/ovs_version_test.py +++ b/roles/openshift_health_checker/test/ovs_version_test.py @@ -10,10 +10,11 @@ def test_openshift_version_not_supported(): openshift_release = '111.7.0' task_vars = dict( - openshift=dict(common=dict(service_type='origin')), + openshift=dict(common=dict()), openshift_release=openshift_release, openshift_image_tag='v' + openshift_release, openshift_deployment_type='origin', + openshift_service_type='origin' ) with pytest.raises(OpenShiftCheckException) as excinfo: @@ -27,9 +28,10 @@ def test_invalid_openshift_release_format(): return {} task_vars = dict( - openshift=dict(common=dict(service_type='origin')), + openshift=dict(common=dict()), openshift_image_tag='v0', openshift_deployment_type='origin', + openshift_service_type='origin' ) with pytest.raises(OpenShiftCheckException) as excinfo: @@ -47,9 +49,10 @@ def test_invalid_openshift_release_format(): ]) def test_ovs_package_version(openshift_release, expected_ovs_version): task_vars = dict( - openshift=dict(common=dict(service_type='origin')), + openshift=dict(common=dict()), openshift_release=openshift_release, openshift_image_tag='v' + openshift_release, + openshift_service_type='origin' ) return_value = {} # note: check.execute_module modifies return hash contents diff --git a/roles/openshift_health_checker/test/package_availability_test.py b/roles/openshift_health_checker/test/package_availability_test.py index 9815acb38..a1e6e0879 100644 --- a/roles/openshift_health_checker/test/package_availability_test.py +++ b/roles/openshift_health_checker/test/package_availability_test.py @@ -19,13 +19,13 @@ def test_is_active(pkg_mgr, is_containerized, is_active): @pytest.mark.parametrize('task_vars,must_have_packages,must_not_have_packages', [ ( - dict(openshift=dict(common=dict(service_type='openshift'))), + dict(openshift_service_type='origin'), set(), set(['openshift-master', 'openshift-node']), ), ( dict( - openshift=dict(common=dict(service_type='origin')), + openshift_service_type='origin', group_names=['oo_masters_to_config'], ), set(['origin-master']), @@ -33,7 +33,7 @@ def test_is_active(pkg_mgr, is_containerized, is_active): ), ( dict( - openshift=dict(common=dict(service_type='atomic-openshift')), + openshift_service_type='atomic-openshift', group_names=['oo_nodes_to_config'], ), set(['atomic-openshift-node']), @@ -41,7 +41,7 @@ def test_is_active(pkg_mgr, is_containerized, is_active): ), ( dict( - openshift=dict(common=dict(service_type='atomic-openshift')), + openshift_service_type='atomic-openshift', group_names=['oo_masters_to_config', 'oo_nodes_to_config'], ), set(['atomic-openshift-master', 'atomic-openshift-node']), diff --git a/roles/openshift_health_checker/test/package_version_test.py b/roles/openshift_health_checker/test/package_version_test.py index 3cf4ce033..ea8e02b97 100644 --- a/roles/openshift_health_checker/test/package_version_test.py +++ b/roles/openshift_health_checker/test/package_version_test.py @@ -4,9 +4,12 @@ from openshift_checks.package_version import PackageVersion, OpenShiftCheckExcep def task_vars_for(openshift_release, deployment_type): + service_type_dict = {'origin': 'origin', + 'openshift-enterprise': 'atomic-openshift'} + service_type = service_type_dict[deployment_type] return dict( ansible_pkg_mgr='yum', - openshift=dict(common=dict(service_type=deployment_type)), + openshift_service_type=service_type, openshift_release=openshift_release, openshift_image_tag='v' + openshift_release, openshift_deployment_type=deployment_type, @@ -29,7 +32,7 @@ def test_openshift_version_not_supported(): def test_invalid_openshift_release_format(): task_vars = dict( ansible_pkg_mgr='yum', - openshift=dict(common=dict(service_type='origin')), + openshift_service_type='origin', openshift_image_tag='v0', openshift_deployment_type='origin', ) diff --git a/roles/openshift_hosted/tasks/registry.yml b/roles/openshift_hosted/tasks/registry.yml index de302c740..429f0c514 100644 --- a/roles/openshift_hosted/tasks/registry.yml +++ b/roles/openshift_hosted/tasks/registry.yml @@ -126,7 +126,7 @@ selector: "{{ openshift_hosted_registry_selector }}" replicas: "{{ openshift_hosted_registry_replicas | default(l_default_replicas) }}" service_account: "{{ openshift_hosted_registry_serviceaccount }}" - images: "{{ penshift_hosted_registry_registryurl }}" + images: "{{ openshift_hosted_registry_registryurl }}" env_vars: "{{ openshift_hosted_registry_env_vars }}" volume_mounts: "{{ openshift_hosted_registry_volumes }}" edits: "{{ openshift_hosted_registry_edits }}" diff --git a/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2 new file mode 100644 index 000000000..3c874d910 --- /dev/null +++ b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-endpoints.yml.j2 @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }} +subsets: +- addresses: +{% for ip in openshift_hosted_registry_storage_glusterfs_ips %} + - ip: {{ ip }} +{% endfor %} + ports: + - port: 1 diff --git a/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2 new file mode 100644 index 000000000..f18c94a4f --- /dev/null +++ b/roles/openshift_hosted/templates/v3.8/glusterfs-registry-service.yml.j2 @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }} +spec: + ports: + - port: 1 +status: + loadBalancer: {} diff --git a/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2 b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2 new file mode 100644 index 000000000..3c874d910 --- /dev/null +++ b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-endpoints.yml.j2 @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }} +subsets: +- addresses: +{% for ip in openshift_hosted_registry_storage_glusterfs_ips %} + - ip: {{ ip }} +{% endfor %} + ports: + - port: 1 diff --git a/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2 b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2 new file mode 100644 index 000000000..f18c94a4f --- /dev/null +++ b/roles/openshift_hosted/templates/v3.9/glusterfs-registry-service.yml.j2 @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ openshift_hosted_registry_storage_glusterfs_endpoints }} +spec: + ports: + - port: 1 +status: + loadBalancer: {} diff --git a/roles/openshift_logging/handlers/main.yml b/roles/openshift_logging/handlers/main.yml index e0329ee7c..1f4b5a116 100644 --- a/roles/openshift_logging/handlers/main.yml +++ b/roles/openshift_logging/handlers/main.yml @@ -1,12 +1,12 @@ --- - name: restart master api - systemd: name={{ openshift.common.service_type }}-master-api state=restarted + systemd: name={{ openshift_service_type }}-master-api state=restarted when: (not (master_api_service_status_changed | default(false) | bool)) notify: Verify API Server # We retry the controllers because the API may not be 100% initialized yet. - name: restart master controllers - command: "systemctl restart {{ openshift.common.service_type }}-master-controllers" + command: "systemctl restart {{ openshift_service_type }}-master-controllers" retries: 3 delay: 5 register: result diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2 index 0bfa9e85b..bf04094a3 100644 --- a/roles/openshift_logging_elasticsearch/templates/es.j2 +++ b/roles/openshift_logging_elasticsearch/templates/es.j2 @@ -9,6 +9,7 @@ metadata: logging-infra: "{{logging_component}}" spec: replicas: {{es_replicas|default(1)}} + revisionHistoryLimit: 0 selector: provider: openshift component: "{{component}}" diff --git a/roles/openshift_management/README.md b/roles/openshift_management/README.md index 96de82669..974d9781a 100644 --- a/roles/openshift_management/README.md +++ b/roles/openshift_management/README.md @@ -164,14 +164,14 @@ away. If you want to install CFME/MIQ at the same time you install your OCP/Origin cluster, ensure that `openshift_management_install_management` is set to `true` in your inventory. Call the standard -`playbooks/byo/config.yml` playbook to begin the cluster and CFME/MIQ +`playbooks/deploy_cluster.yml` playbook to begin the cluster and CFME/MIQ installation. If you are installing CFME/MIQ on an *already provisioned cluster* then you can call the CFME/MIQ playbook directly: ``` -$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/config.yml +$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/openshift-management/config.yml ``` *Note: Use `miq-template` in the following examples for ManageIQ installs* @@ -489,7 +489,7 @@ This playbook will: ``` -$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/add_container_provider.yml +$ ansible-playbook -v -i <YOUR_INVENTORY> playbooks/openshift-management/add_container_provider.yml ``` ## Multiple Providers @@ -567,7 +567,7 @@ the config file path. ``` $ ansible-playbook -v -e container_providers_config=/tmp/cp.yml \ - playbooks/byo/openshift-management/add_many_container_providers.yml + playbooks/openshift-management/add_many_container_providers.yml ``` Afterwards you will find two new container providers in your @@ -579,7 +579,7 @@ to see an overview. This role includes a playbook to uninstall and erase the CFME/MIQ installation: -* `playbooks/byo/openshift-management/uninstall.yml` +* `playbooks/openshift-management/uninstall.yml` NFS export definitions and data stored on NFS exports are not automatically removed. You are urged to manually erase any data from diff --git a/roles/openshift_management/defaults/main.yml b/roles/openshift_management/defaults/main.yml index e768961ce..b5e234b7f 100644 --- a/roles/openshift_management/defaults/main.yml +++ b/roles/openshift_management/defaults/main.yml @@ -88,7 +88,7 @@ openshift_management_storage_nfs_local_hostname: false # name and password AND are trying to use integration scripts. # # For example, adding this cluster as a container provider, -# playbooks/byo/openshift-management/add_container_provider.yml +# playbooks/openshift-management/add_container_provider.yml openshift_management_username: admin openshift_management_password: smartvm diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index e6b8b8ac8..557bfe022 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: restart master api systemd: - name: "{{ openshift.common.service_type }}-master-api" + name: "{{ openshift_service_type }}-master-api" state: restarted when: - not (master_api_service_status_changed | default(false) | bool) @@ -10,7 +10,7 @@ # We retry the controllers because the API may not be 100% initialized yet. - name: restart master controllers - command: "systemctl restart {{ openshift.common.service_type }}-master-controllers" + command: "systemctl restart {{ openshift_service_type }}-master-controllers" retries: 3 delay: 5 register: result diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 5f4e6df71..9be5508aa 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -16,7 +16,7 @@ - name: Install Master package package: - name: "{{ openshift.common.service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: - not openshift.common.is_containerized | bool @@ -141,7 +141,7 @@ # The template file will stomp any other settings made. - block: - name: check whether our docker-registry setting exists in the env file - command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift.common.service_type }}-master" + command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift_service_type }}-master" failed_when: false changed_when: false register: l_already_set @@ -203,7 +203,7 @@ - name: Start and enable master api on first master systemd: - name: "{{ openshift.common.service_type }}-master-api" + name: "{{ openshift_service_type }}-master-api" enabled: yes state: started when: @@ -214,7 +214,7 @@ delay: 60 - name: Dump logs from master-api if it failed - command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api + command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api when: - l_start_result | failed @@ -230,7 +230,7 @@ - name: Start and enable master api all masters systemd: - name: "{{ openshift.common.service_type }}-master-api" + name: "{{ openshift_service_type }}-master-api" enabled: yes state: started when: @@ -241,7 +241,7 @@ delay: 60 - name: Dump logs from master-api if it failed - command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api + command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-api when: - l_start_result | failed @@ -258,7 +258,7 @@ - name: Start and enable master controller service systemd: - name: "{{ openshift.common.service_type }}-master-controllers" + name: "{{ openshift_service_type }}-master-controllers" enabled: yes state: started register: l_start_result @@ -267,7 +267,7 @@ delay: 60 - name: Dump logs from master-controllers if it failed - command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-controllers + command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-master-controllers when: - l_start_result | failed diff --git a/roles/openshift_master/tasks/registry_auth.yml b/roles/openshift_master/tasks/registry_auth.yml index ca04d2243..8b342a5b4 100644 --- a/roles/openshift_master/tasks/registry_auth.yml +++ b/roles/openshift_master/tasks/registry_auth.yml @@ -32,7 +32,7 @@ when: - openshift_docker_alternative_creds | default(False) | bool - oreg_auth_user is defined - - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool + - (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool register: master_oreg_auth_credentials_create_alt notify: - restart master api diff --git a/roles/openshift_master/tasks/restart.yml b/roles/openshift_master/tasks/restart.yml index 4f8b758fd..715347101 100644 --- a/roles/openshift_master/tasks/restart.yml +++ b/roles/openshift_master/tasks/restart.yml @@ -1,7 +1,7 @@ --- - name: Restart master API service: - name: "{{ openshift.common.service_type }}-master-api" + name: "{{ openshift_service_type }}-master-api" state: restarted when: openshift_master_ha | bool - name: Wait for master API to come back online @@ -14,7 +14,7 @@ when: openshift_master_ha | bool - name: Restart master controllers service: - name: "{{ openshift.common.service_type }}-master-controllers" + name: "{{ openshift_service_type }}-master-controllers" state: restarted # Ignore errrors since it is possible that type != simple for # pre-3.1.1 installations. diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml index 450f6d803..f6c5ce0dd 100644 --- a/roles/openshift_master/tasks/system_container.yml +++ b/roles/openshift_master/tasks/system_container.yml @@ -8,12 +8,12 @@ - name: Check Master system container package command: > - atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-master + atomic containers list --no-trunc -a -f container={{ openshift_service_type }}-master # HA - name: Install or Update HA api master system container oc_atomic_container: - name: "{{ openshift.common.service_type }}-master-api" + name: "{{ openshift_service_type }}-master-api" image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" state: latest values: @@ -21,7 +21,7 @@ - name: Install or Update HA controller master system container oc_atomic_container: - name: "{{ openshift.common.service_type }}-master-controllers" + name: "{{ openshift_service_type }}-master-controllers" image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" state: latest values: diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index ee76413e3..76b6f46aa 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -13,7 +13,7 @@ - name: Disable the legacy master service if it exists systemd: - name: "{{ openshift.common.service_type }}-master" + name: "{{ openshift_service_type }}-master" state: stopped enabled: no masked: yes @@ -21,7 +21,7 @@ - name: Remove the legacy master service if it exists file: - path: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master.service" + path: "{{ containerized_svc_dir }}/{{ openshift_service_type }}-master.service" state: absent ignore_errors: true when: @@ -40,7 +40,7 @@ - name: Create the ha systemd unit files template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-{{ item }}.service.j2" - dest: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master-{{ item }}.service" + dest: "{{ containerized_svc_dir }}/{{ openshift_service_type }}-master-{{ item }}.service" when: - not l_is_master_system_container | bool with_items: @@ -55,7 +55,7 @@ - name: enable master services systemd: - name: "{{ openshift.common.service_type }}-master-{{ item }}" + name: "{{ openshift_service_type }}-master-{{ item }}" enabled: yes with_items: - api @@ -64,13 +64,13 @@ - not l_is_master_system_container | bool - name: Preserve Master API Proxy Config options - command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api + command: grep PROXY /etc/sysconfig/{{ openshift_service_type }}-master-api register: l_master_api_proxy failed_when: false changed_when: false - name: Preserve Master API AWS options - command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-api + command: grep AWS_ /etc/sysconfig/{{ openshift_service_type }}-master-api register: master_api_aws failed_when: false changed_when: false @@ -78,7 +78,7 @@ - name: Create the master api service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + dest: /etc/sysconfig/{{ openshift_service_type }}-master-api backup: true notify: - restart master api @@ -89,7 +89,7 @@ - "'http_proxy' not in openshift.common" - "'https_proxy' not in openshift.common" lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + dest: /etc/sysconfig/{{ openshift_service_type }}-master-api line: "{{ item }}" with_items: "{{ l_master_api_proxy.stdout_lines | default([]) }}" @@ -98,19 +98,19 @@ - master_api_aws.rc == 0 - not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined) lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + dest: /etc/sysconfig/{{ openshift_service_type }}-master-api line: "{{ item }}" with_items: "{{ master_api_aws.stdout_lines | default([]) }}" no_log: True - name: Preserve Master Controllers Proxy Config options - command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + command: grep PROXY /etc/sysconfig/{{ openshift_service_type }}-master-controllers register: master_controllers_proxy failed_when: false changed_when: false - name: Preserve Master Controllers AWS options - command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + command: grep AWS_ /etc/sysconfig/{{ openshift_service_type }}-master-controllers register: master_controllers_aws failed_when: false changed_when: false @@ -118,14 +118,14 @@ - name: Create the master controllers service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers backup: true notify: - restart master controllers - name: Restore Master Controllers Proxy Config Options lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers line: "{{ item }}" with_items: "{{ master_controllers_proxy.stdout_lines | default([]) }}" when: @@ -135,7 +135,7 @@ - name: Restore Master Controllers AWS Options lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + dest: /etc/sysconfig/{{ openshift_service_type }}-master-controllers line: "{{ item }}" with_items: "{{ master_controllers_aws.stdout_lines | default([]) }}" when: diff --git a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml index caab3045a..f50b91ff5 100644 --- a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml @@ -12,11 +12,11 @@ package: name={{ master_pkgs | join(',') }} state=present vars: master_pkgs: - - "{{ openshift.common.service_type }}{{ openshift_pkg_version }}" - - "{{ openshift.common.service_type }}-master{{ openshift_pkg_version }}" - - "{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}" - - "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version }}" - - "{{ openshift.common.service_type }}-clients{{ openshift_pkg_version }}" - - "tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version }}" + - "{{ openshift_service_type }}{{ openshift_pkg_version }}" + - "{{ openshift_service_type }}-master{{ openshift_pkg_version }}" + - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}" + - "{{ openshift_service_type }}-sdn-ovs{{ openshift_pkg_version }}" + - "{{ openshift_service_type }}-clients{{ openshift_pkg_version }}" + - "tuned-profiles-{{ openshift_service_type }}-node{{ openshift_pkg_version }}" register: result until: result | success diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 index cec3d3fb1..5e46d9121 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 @@ -3,18 +3,18 @@ Description=Atomic OpenShift Master API Documentation=https://github.com/openshift/origin After=etcd_container.service Wants=etcd_container.service -Before={{ openshift.common.service_type }}-node.service +Before={{ openshift_service_type }}-node.service After={{ openshift_docker_service_name }}.service PartOf={{ openshift_docker_service_name }}.service Requires={{ openshift_docker_service_name }}.service [Service] -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-api Environment=GOTRACEBACK=crash -ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api +ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type}}-master-api ExecStart=/usr/bin/docker run --rm --privileged --net=host \ - --name {{ openshift.common.service_type }}-master-api \ - --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api \ + --name {{ openshift_service_type }}-master-api \ + --env-file=/etc/sysconfig/{{ openshift_service_type }}-master-api \ -v {{ r_openshift_master_data_dir }}:{{ r_openshift_master_data_dir }} \ -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock \ -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} \ @@ -24,14 +24,14 @@ ExecStart=/usr/bin/docker run --rm --privileged --net=host \ {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api \ --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 -ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api +ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-api LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ r_openshift_master_data_dir }} -SyslogIdentifier={{ openshift.common.service_type }}-master-api +SyslogIdentifier={{ openshift_service_type }}-master-api Restart=always RestartSec=5s [Install] WantedBy={{ openshift_docker_service_name }}.service -WantedBy={{ openshift.common.service_type }}-node.service +WantedBy={{ openshift_service_type }}-node.service diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 index a0248151d..899575f1a 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 @@ -1,19 +1,19 @@ [Unit] Description=Atomic OpenShift Master Controllers Documentation=https://github.com/openshift/origin -Wants={{ openshift.common.service_type }}-master-api.service -After={{ openshift.common.service_type }}-master-api.service +Wants={{ openshift_service_type }}-master-api.service +After={{ openshift_service_type }}-master-api.service After={{ openshift_docker_service_name }}.service Requires={{ openshift_docker_service_name }}.service PartOf={{ openshift_docker_service_name }}.service [Service] -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-controllers Environment=GOTRACEBACK=crash -ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers +ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type}}-master-controllers ExecStart=/usr/bin/docker run --rm --privileged --net=host \ - --name {{ openshift.common.service_type }}-master-controllers \ - --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers \ + --name {{ openshift_service_type }}-master-controllers \ + --env-file=/etc/sysconfig/{{ openshift_service_type }}-master-controllers \ -v {{ r_openshift_master_data_dir }}:{{ r_openshift_master_data_dir }} \ -v /var/run/docker.sock:/var/run/docker.sock \ -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} \ @@ -23,11 +23,11 @@ ExecStart=/usr/bin/docker run --rm --privileged --net=host \ {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers \ --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 -ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers +ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-controllers LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ r_openshift_master_data_dir }} -SyslogIdentifier={{ openshift.common.service_type }}-master-controllers +SyslogIdentifier={{ openshift_service_type }}-master-controllers Restart=always RestartSec=5s diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 index 02bfd6f62..ed8a47df8 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 @@ -3,12 +3,12 @@ Description=Atomic OpenShift Master API Documentation=https://github.com/openshift/origin After=network-online.target After=etcd.service -Before={{ openshift.common.service_type }}-node.service +Before={{ openshift_service_type }}-node.service Requires=network-online.target [Service] Type=notify -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-api Environment=GOTRACEBACK=crash ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS LimitNOFILE=131072 @@ -20,4 +20,4 @@ RestartSec=5s [Install] WantedBy=multi-user.target -WantedBy={{ openshift.common.service_type }}-node.service +WantedBy={{ openshift_service_type }}-node.service diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 index fae021845..b36963f73 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 @@ -2,19 +2,19 @@ Description=Atomic OpenShift Master Controllers Documentation=https://github.com/openshift/origin After=network-online.target -After={{ openshift.common.service_type }}-master-api.service -Wants={{ openshift.common.service_type }}-master-api.service +After={{ openshift_service_type }}-master-api.service +Wants={{ openshift_service_type }}-master-api.service Requires=network-online.target [Service] Type=notify -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-master-controllers Environment=GOTRACEBACK=crash ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ r_openshift_master_data_dir }} -SyslogIdentifier={{ openshift.common.service_type }}-master-controllers +SyslogIdentifier={{ openshift_service_type }}-master-controllers Restart=always RestartSec=5s diff --git a/roles/openshift_metrics/handlers/main.yml b/roles/openshift_metrics/handlers/main.yml index e0329ee7c..1f4b5a116 100644 --- a/roles/openshift_metrics/handlers/main.yml +++ b/roles/openshift_metrics/handlers/main.yml @@ -1,12 +1,12 @@ --- - name: restart master api - systemd: name={{ openshift.common.service_type }}-master-api state=restarted + systemd: name={{ openshift_service_type }}-master-api state=restarted when: (not (master_api_service_status_changed | default(false) | bool)) notify: Verify API Server # We retry the controllers because the API may not be 100% initialized yet. - name: restart master controllers - command: "systemctl restart {{ openshift.common.service_type }}-master-controllers" + command: "systemctl restart {{ openshift_service_type }}-master-controllers" retries: 3 delay: 5 register: result diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md index 67f697924..87ceb8103 100644 --- a/roles/openshift_node/README.md +++ b/roles/openshift_node/README.md @@ -33,9 +33,9 @@ Notes Currently we support re-labeling nodes but we don't re-schedule running pods nor remove existing labels. That means you will have to trigger the re-schedulling manually. To re-schedule your pods, just follow the steps below: ``` -oadm manage-node --schedulable=false ${NODE} -oadm manage-node --drain ${NODE} -oadm manage-node --schedulable=true ${NODE} +oc adm manage-node --schedulable=false ${NODE} +oc adm manage-node --drain ${NODE} +oc adm manage-node --schedulable=true ${NODE} ```` > If you are using version less than 1.5/3.5 you must replace `--drain` with `--evacuate`. diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index f3867fe4a..fff927944 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -14,7 +14,11 @@ r_openshift_node_use_firewalld: "{{ os_firewall_use_firewalld | default(False) } l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}" openshift_deployment_type: "{{ openshift_deployment_type | default('origin') }}" -openshift_service_type: "{{ 'origin' if openshift_deployment_type == 'origin' else 'atomic-openshift' }}" +openshift_service_type_dict: + origin: origin + openshift-enterprise: atomic-openshift + +openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}" system_images_registry_dict: openshift-enterprise: "registry.access.redhat.com" diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 229c6bbed..170a3dc6e 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -34,7 +34,7 @@ - name: restart node systemd: - name: "{{ openshift.common.service_type }}-node" + name: "{{ openshift_service_type }}-node" state: restarted register: l_openshift_node_restart_node_result until: not l_openshift_node_restart_node_result | failed diff --git a/roles/openshift_node/tasks/aws.yml b/roles/openshift_node/tasks/aws.yml index 38c2b794d..a7f1fc116 100644 --- a/roles/openshift_node/tasks/aws.yml +++ b/roles/openshift_node/tasks/aws.yml @@ -1,7 +1,7 @@ --- - name: Configure AWS Cloud Provider Settings lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-node + dest: /etc/sysconfig/{{ openshift_service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" create: true diff --git a/roles/openshift_node/tasks/config.yml b/roles/openshift_node/tasks/config.yml index 741a2234f..e5c80bd09 100644 --- a/roles/openshift_node/tasks/config.yml +++ b/roles/openshift_node/tasks/config.yml @@ -38,7 +38,7 @@ - name: Configure Node Environment Variables lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-node + dest: /etc/sysconfig/{{ openshift_service_type }}-node regexp: "^{{ item.key }}=" line: "{{ item.key }}={{ item.value }}" create: true @@ -76,7 +76,7 @@ - name: Start and enable node dep systemd: daemon_reload: yes - name: "{{ openshift.common.service_type }}-node-dep" + name: "{{ openshift_service_type }}-node-dep" enabled: yes state: started @@ -84,7 +84,7 @@ block: - name: Start and enable node systemd: - name: "{{ openshift.common.service_type }}-node" + name: "{{ openshift_service_type }}-node" enabled: yes state: started daemon_reload: yes @@ -95,7 +95,7 @@ ignore_errors: true - name: Dump logs from node service if it failed - command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-node + command: journalctl --no-pager -n 100 -u {{ openshift_service_type }}-node when: node_start_result | failed - name: Abort if node failed to start diff --git a/roles/openshift_node/tasks/config/configure-node-settings.yml b/roles/openshift_node/tasks/config/configure-node-settings.yml index 527580481..ebc1426d3 100644 --- a/roles/openshift_node/tasks/config/configure-node-settings.yml +++ b/roles/openshift_node/tasks/config/configure-node-settings.yml @@ -1,7 +1,7 @@ --- - name: Configure Node settings lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-node + dest: /etc/sysconfig/{{ openshift_service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" create: true diff --git a/roles/openshift_node/tasks/config/configure-proxy-settings.yml b/roles/openshift_node/tasks/config/configure-proxy-settings.yml index d60794305..7ddd319d2 100644 --- a/roles/openshift_node/tasks/config/configure-proxy-settings.yml +++ b/roles/openshift_node/tasks/config/configure-proxy-settings.yml @@ -1,7 +1,7 @@ --- - name: Configure Proxy Settings lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-node + dest: /etc/sysconfig/{{ openshift_service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" create: true diff --git a/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml b/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml index ee91a88ab..9f1145d12 100644 --- a/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml +++ b/roles/openshift_node/tasks/config/install-node-deps-docker-service-file.yml @@ -1,7 +1,7 @@ --- - name: Install Node dependencies docker service file template: - dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service" + dest: "/etc/systemd/system/{{ openshift_service_type }}-node-dep.service" src: openshift.docker.node.dep.service notify: - reload systemd units diff --git a/roles/openshift_node/tasks/config/install-node-docker-service-file.yml b/roles/openshift_node/tasks/config/install-node-docker-service-file.yml index f92ff79b5..649fc5f6b 100644 --- a/roles/openshift_node/tasks/config/install-node-docker-service-file.yml +++ b/roles/openshift_node/tasks/config/install-node-docker-service-file.yml @@ -1,7 +1,7 @@ --- - name: Install Node docker service file template: - dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service" src: openshift.docker.node.service notify: - reload systemd units diff --git a/roles/openshift_node/tasks/docker/upgrade.yml b/roles/openshift_node/tasks/docker/upgrade.yml index d743d2188..c13a6cf6c 100644 --- a/roles/openshift_node/tasks/docker/upgrade.yml +++ b/roles/openshift_node/tasks/docker/upgrade.yml @@ -1,6 +1,6 @@ --- # input variables: -# - openshift.common.service_type +# - openshift_service_type # - openshift.common.is_containerized # - docker_upgrade_nuke_images # - docker_version diff --git a/roles/openshift_node/tasks/install.yml b/roles/openshift_node/tasks/install.yml index 1ed4a05c1..f93aed246 100644 --- a/roles/openshift_node/tasks/install.yml +++ b/roles/openshift_node/tasks/install.yml @@ -3,14 +3,14 @@ block: - name: Install Node package package: - name: "{{ openshift.common.service_type }}-node{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present register: result until: result | success - name: Install sdn-ovs package package: - name: "{{ openshift.common.service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: - openshift_node_use_openshift_sdn | bool diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index d9f3e920d..32c5f495f 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -44,6 +44,15 @@ - name: include node installer include_tasks: install.yml +- name: Restart cri-o + systemd: + name: cri-o + enabled: yes + state: restarted + when: openshift_use_crio + register: task_result + failed_when: task_result|failed and 'could not find the requested service' not in task_result.msg|lower + - name: restart NetworkManager to ensure resolv.conf is present systemd: name: NetworkManager diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml index 98a391890..98978ec6f 100644 --- a/roles/openshift_node/tasks/node_system_container.yml +++ b/roles/openshift_node/tasks/node_system_container.yml @@ -8,10 +8,10 @@ - name: Install or Update node system container oc_atomic_container: - name: "{{ openshift.common.service_type }}-node" + name: "{{ openshift_service_type }}-node" image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}" values: - "DNS_DOMAIN={{ openshift.common.dns_domain }}" - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" - - "MASTER_SERVICE={{ openshift.common.service_type }}.service" + - "MASTER_SERVICE={{ openshift_service_type }}.service" state: latest diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 397e1ba18..c532147b1 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -1,7 +1,7 @@ --- - name: Install Node service file template: - dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service" src: "{{ openshift.common.is_containerized | bool | ternary('openshift.docker.node.service', 'node.service.j2') }}" when: not l_is_node_system_container | bool notify: diff --git a/roles/openshift_node/tasks/upgrade.yml b/roles/openshift_node/tasks/upgrade.yml index 561b56918..9f333645a 100644 --- a/roles/openshift_node/tasks/upgrade.yml +++ b/roles/openshift_node/tasks/upgrade.yml @@ -17,7 +17,7 @@ name: "{{ item }}" state: stopped with_items: - - "{{ openshift.common.service_type }}-node" + - "{{ openshift_service_type }}-node" - openvswitch failed_when: false @@ -26,8 +26,8 @@ name: "{{ item }}" state: stopped with_items: - - "{{ openshift.common.service_type }}-master-controllers" - - "{{ openshift.common.service_type }}-master-api" + - "{{ openshift_service_type }}-master-controllers" + - "{{ openshift_service_type }}-master-api" - etcd_container failed_when: false when: openshift.common.is_containerized | bool @@ -80,9 +80,9 @@ with_items: - etcd_container - openvswitch - - "{{ openshift.common.service_type }}-master-api" - - "{{ openshift.common.service_type }}-master-controllers" - - "{{ openshift.common.service_type }}-node" + - "{{ openshift_service_type }}-master-api" + - "{{ openshift_service_type }}-master-controllers" + - "{{ openshift_service_type }}-node" failed_when: false when: openshift.common.is_containerized | bool @@ -91,7 +91,7 @@ name: "{{ item }}" state: stopped with_items: - - "{{ openshift.common.service_type }}-node" + - "{{ openshift_service_type }}-node" - openvswitch failed_when: false when: not openshift.common.is_containerized | bool diff --git a/roles/openshift_node/tasks/upgrade/restart.yml b/roles/openshift_node/tasks/upgrade/restart.yml index 3f1abceab..65c301783 100644 --- a/roles/openshift_node/tasks/upgrade/restart.yml +++ b/roles/openshift_node/tasks/upgrade/restart.yml @@ -1,6 +1,6 @@ --- # input variables: -# - openshift.common.service_type +# - openshift_service_type # - openshift.common.is_containerized # - openshift.common.hostname # - openshift.master.api_port @@ -27,9 +27,9 @@ with_items: - etcd_container - openvswitch - - "{{ openshift.common.service_type }}-master-api" - - "{{ openshift.common.service_type }}-master-controllers" - - "{{ openshift.common.service_type }}-node" + - "{{ openshift_service_type }}-master-api" + - "{{ openshift_service_type }}-master-controllers" + - "{{ openshift_service_type }}-node" failed_when: false - name: Wait for master API to come back online diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml index fcbe1a598..120b93bc3 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml @@ -1,13 +1,13 @@ --- # input variables: -# - openshift.common.service_type +# - openshift_service_type # - component # - openshift_pkg_version # - openshift.common.is_atomic # We verified latest rpm available is suitable, so just yum update. - name: Upgrade packages - package: "name={{ openshift.common.service_type }}-{{ component }}{{ openshift_pkg_version }} state=present" + package: "name={{ openshift_service_type }}-{{ component }}{{ openshift_pkg_version }} state=present" register: result until: result | success @@ -19,7 +19,7 @@ - name: Install Node service file template: - dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service" src: "node.service.j2" register: l_node_unit diff --git a/roles/openshift_node/templates/openshift.docker.node.dep.service b/roles/openshift_node/templates/openshift.docker.node.dep.service index 5964ac095..8b43beb07 100644 --- a/roles/openshift_node/templates/openshift.docker.node.dep.service +++ b/roles/openshift_node/templates/openshift.docker.node.dep.service @@ -1,11 +1,11 @@ [Unit] Requires={{ openshift_docker_service_name }}.service After={{ openshift_docker_service_name }}.service -PartOf={{ openshift.common.service_type }}-node.service -Before={{ openshift.common.service_type }}-node.service +PartOf={{ openshift_service_type }}-node.service +Before={{ openshift_service_type }}-node.service {% if openshift_use_crio %}Wants=cri-o.service{% endif %} [Service] -ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro --volume=/etc/containers/registries:/etc/containers/registries:ro\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; fi" +ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro --volume=/etc/containers/registries:/etc/containers/registries:ro\" > /etc/sysconfig/{{ openshift_service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift_service_type }}-node-dep; fi" ExecStop= -SyslogIdentifier={{ openshift.common.service_type }}-node-dep +SyslogIdentifier={{ openshift_service_type }}-node-dep diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service index 3b33ca542..b174c7023 100644 --- a/roles/openshift_node/templates/openshift.docker.node.service +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -1,5 +1,5 @@ [Unit] -After={{ openshift.common.service_type }}-master.service +After={{ openshift_service_type }}-master.service After={{ openshift_docker_service_name }}.service After=openvswitch.service PartOf={{ openshift_docker_service_name }}.service @@ -10,20 +10,20 @@ PartOf=openvswitch.service After=ovsdb-server.service After=ovs-vswitchd.service {% endif %} -Wants={{ openshift.common.service_type }}-master.service -Requires={{ openshift.common.service_type }}-node-dep.service -After={{ openshift.common.service_type }}-node-dep.service +Wants={{ openshift_service_type }}-master.service +Requires={{ openshift_service_type }}-node-dep.service +After={{ openshift_service_type }}-node-dep.service Requires=dnsmasq.service After=dnsmasq.service [Service] -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node -EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep -ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-node +EnvironmentFile=/etc/sysconfig/{{ openshift_service_type }}-node-dep +ExecStartPre=-/usr/bin/docker rm -f {{ openshift_service_type }}-node ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/ ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1 -ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node \ - --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node \ +ExecStart=/usr/bin/docker run --name {{ openshift_service_type }}-node \ + --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift_service_type }}-node \ -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} \ -e HOST=/rootfs -e HOST_ETC=/host-etc \ -v {{ openshift_node_data_dir }}:{{ openshift_node_data_dir }}:rslave \ @@ -40,10 +40,10 @@ ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node \ {% if l_bind_docker_reg_auth %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\ {{ openshift.node.node_image }}:${IMAGE_VERSION} ExecStartPost=/usr/bin/sleep 10 -ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node +ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-node ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string: -SyslogIdentifier={{ openshift.common.service_type }}-node +SyslogIdentifier={{ openshift_service_type }}-node Restart=always RestartSec=5s diff --git a/roles/openshift_provisioners/tasks/install_efs.yaml b/roles/openshift_provisioners/tasks/install_efs.yaml index 6e8792446..e543d753c 100644 --- a/roles/openshift_provisioners/tasks/install_efs.yaml +++ b/roles/openshift_provisioners/tasks/install_efs.yaml @@ -66,7 +66,7 @@ - name: "Set anyuid permissions for efs" command: > - {{ openshift.common.admin_binary}} --config={{ mktemp.stdout }}/admin.kubeconfig policy + {{ openshift.common.client_binary}} adm --config={{ mktemp.stdout }}/admin.kubeconfig policy add-scc-to-user anyuid system:serviceaccount:{{openshift_provisioners_project}}:provisioners-efs register: efs_output failed_when: efs_output.rc == 1 and 'exists' not in efs_output.stderr diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml index 30e83e79b..0c2fcb2c5 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml @@ -23,7 +23,7 @@ state: absent labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}" with_items: "{{ groups.all }}" - when: glusterfs_wipe + when: "'openshift' in hostvars[item] and glusterfs_wipe" - name: Delete pre-existing GlusterFS config file: diff --git a/roles/openshift_version/defaults/main.yml b/roles/openshift_version/defaults/main.yml index 01a1a7472..354699637 100644 --- a/roles/openshift_version/defaults/main.yml +++ b/roles/openshift_version/defaults/main.yml @@ -1,2 +1,10 @@ --- openshift_protect_installed_version: True + +openshift_service_type_dict: + origin: origin + openshift-enterprise: atomic-openshift + +openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}" + +openshift_use_crio_only: False diff --git a/roles/openshift_version/meta/main.yml b/roles/openshift_version/meta/main.yml index 5d7683120..d0ad4b7d2 100644 --- a/roles/openshift_version/meta/main.yml +++ b/roles/openshift_version/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: lib_utils +- role: openshift_facts diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml index 4f9158ade..ae0f68a5b 100644 --- a/roles/openshift_version/tasks/main.yml +++ b/roles/openshift_version/tasks/main.yml @@ -101,13 +101,13 @@ when: is_containerized | bool - block: - - name: Get available {{ openshift.common.service_type}} version + - name: Get available {{ openshift_service_type}} version repoquery: - name: "{{ openshift.common.service_type}}" + name: "{{ openshift_service_type}}" ignore_excluders: true register: rpm_results - fail: - msg: "Package {{ openshift.common.service_type}} not found" + msg: "Package {{ openshift_service_type}} not found" when: not rpm_results.results.package_found - set_fact: openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}" @@ -196,7 +196,7 @@ - openshift_version.startswith(openshift_release) | bool msg: |- You requested openshift_release {{ openshift_release }}, which is not matched by - the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }} + the latest OpenShift RPM we detected as {{ openshift_service_type }}-{{ openshift_version }} on host {{ inventory_hostname }}. We will only install the latest RPMs, so please ensure you are getting the release you expect. You may need to adjust your Ansible inventory, modify the repositories diff --git a/roles/openshift_version/tasks/set_version_rpm.yml b/roles/openshift_version/tasks/set_version_rpm.yml index c40777bf1..c7ca5ceae 100644 --- a/roles/openshift_version/tasks/set_version_rpm.yml +++ b/roles/openshift_version/tasks/set_version_rpm.yml @@ -8,14 +8,14 @@ - openshift_version is not defined - block: - - name: Get available {{ openshift.common.service_type}} version + - name: Get available {{ openshift_service_type}} version repoquery: - name: "{{ openshift.common.service_type}}" + name: "{{ openshift_service_type}}" ignore_excluders: true register: rpm_results - fail: - msg: "Package {{ openshift.common.service_type}} not found" + msg: "Package {{ openshift_service_type}} not found" when: not rpm_results.results.package_found - set_fact: diff --git a/roles/rhel_subscribe/README.md b/roles/rhel_subscribe/README.md new file mode 100644 index 000000000..15eaf4f30 --- /dev/null +++ b/roles/rhel_subscribe/README.md @@ -0,0 +1,29 @@ +RHEL Subscribe +============== + +Subscribes the RHEL servers and add the OpenShift enterprise repos. + +Role variables +-------------- + +### `rhsub_user` + +Username for the subscription-manager. + +### `rhsub_pass` + +Password for the subscription-manager. + +### `rhsub_pool` + +Name of the pool to attach (optional). + +### `rhsub_server` + +Custom hostname for the Satellite server (optional). + +### `openshift_release` + +Version for the OpenShift Enterprise repositories. + +Example: `3.6` diff --git a/roles/rhel_subscribe/defaults/main.yml b/roles/rhel_subscribe/defaults/main.yml new file mode 100644 index 000000000..80b2ab919 --- /dev/null +++ b/roles/rhel_subscribe/defaults/main.yml @@ -0,0 +1,2 @@ +--- +rhsub_pool: 'Red Hat OpenShift Container Platform, Premium*' diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml index fa74c9953..8acdfb969 100644 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ b/roles/rhel_subscribe/tasks/enterprise.yml @@ -1,25 +1,18 @@ --- -- name: Disable all repositories - command: subscription-manager repos --disable="*" - -- set_fact: - default_ose_version: '3.6' - when: deployment_type == 'openshift-enterprise' - - set_fact: - ose_version: "{{ lookup('env', 'ose_version') | default(default_ose_version, True) }}" - -- fail: - msg: "{{ ose_version }} is not a valid version for {{ deployment_type }} deployment type" + openshift_release: "{{ openshift_release[1:] }}" when: - - deployment_type == 'openshift-enterprise' - - ose_version not in ['3.1', '3.2', '3.3', '3.4', '3.5', '3.6'] ) + - openshift_release is defined + - openshift_release[0] == 'v' + +- name: Disable all repositories + command: subscription-manager repos --disable="*" - name: Enable RHEL repositories command: subscription-manager repos \ --enable="rhel-7-server-rpms" \ --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-ose-{{ ose_version }}-rpms" \ + --enable="rhel-7-server-ose-{{ (openshift_release | default('')).split('.')[0:2] | join('.') }}-rpms" \ --enable="rhel-7-fast-datapath-rpms" register: subscribe_repos until: subscribe_repos | succeeded diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index f83cf9157..3466b7e44 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -3,23 +3,17 @@ # to make it able to attach to a pool # to make it able to enable repositories -- set_fact: - rhel_subscription_pool: "{{ lookup('env', 'rhel_subscription_pool') | default(rhsub_pool | default('Red Hat OpenShift Container Platform, Premium*')) }}" - rhel_subscription_user: "{{ lookup('env', 'rhel_subscription_user') | default(rhsub_user | default(omit, True)) }}" - rhel_subscription_pass: "{{ lookup('env', 'rhel_subscription_pass') | default(rhsub_pass | default(omit, True)) }}" - rhel_subscription_server: "{{ lookup('env', 'rhel_subscription_server') | default(rhsub_server | default(omit, True)) }}" - - fail: msg: "This role is only supported for Red Hat hosts" when: ansible_distribution != 'RedHat' - fail: - msg: Either rhsub_user or the rhel_subscription_user env variable are required for this role. - when: rhel_subscription_user is not defined + msg: The rhsub_user variable is required for this role. + when: rhsub_user is not defined or not rhsub_user - fail: - msg: Either rhsub_pass or the rhel_subscription_pass env variable are required for this role. - when: rhel_subscription_pass is not defined + msg: The rhsub_pass variable is required for this role. + when: rhsub_pass is not defined or not rhsub_pass - name: Detecting Atomic Host Operating System stat: @@ -27,10 +21,10 @@ register: ostree_booted - name: Satellite preparation - command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm" + command: "rpm -Uvh http://{{ rhsub_server }}/pub/katello-ca-consumer-latest.noarch.rpm" args: creates: /etc/rhsm/ca/katello-server-ca.pem - when: rhel_subscription_server is defined and rhel_subscription_server + when: rhsub_server is defined and rhsub_server - name: Install Red Hat Subscription manager yum: @@ -41,26 +35,26 @@ - name: RedHat subscriptions redhat_subscription: - username: "{{ rhel_subscription_user }}" - password: "{{ rhel_subscription_pass }}" + username: "{{ rhsub_user }}" + password: "{{ rhsub_pass }}" register: rh_subscription until: rh_subscription | succeeded - name: Retrieve the OpenShift Pool ID - command: subscription-manager list --available --matches="{{ rhel_subscription_pool }}" --pool-only + command: subscription-manager list --available --matches="{{ rhsub_pool }}" --pool-only register: openshift_pool_id until: openshift_pool_id | succeeded changed_when: False - name: Determine if OpenShift Pool Already Attached - command: subscription-manager list --consumed --matches="{{ rhel_subscription_pool }}" --pool-only + command: subscription-manager list --consumed --matches="{{ rhsub_pool }}" --pool-only register: openshift_pool_attached until: openshift_pool_attached | succeeded changed_when: False when: openshift_pool_id.stdout == '' - fail: - msg: "Unable to find pool matching {{ rhel_subscription_pool }} in available or consumed pools" + msg: "Unable to find pool matching {{ rhsub_pool }} in available or consumed pools" when: openshift_pool_id.stdout == '' and openshift_pool_attached is defined and openshift_pool_attached.stdout == '' - name: Attach to OpenShift Pool @@ -71,5 +65,4 @@ - include_tasks: enterprise.yml when: - - deployment_type == 'openshift-enterprise' - not ostree_booted.stat.exists | bool |