From e7bba72cd95159179b5afd4f2b9e6f6d48cba0df Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Thu, 2 Jun 2016 17:25:10 +0200 Subject: Add flag to manage htpasswd, or not. Setting `openshift_master_manage_htpasswd` falsy will disable managing the htpasswd file. It won't get overwritten/generated. --- roles/openshift_master/tasks/main.yml | 2 +- roles/openshift_master_facts/tasks/main.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 63a54a0d9..8ae169dfb 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -93,7 +93,7 @@ src: htpasswd.j2 mode: 0600 backup: yes - when: item.kind == 'HTPasswdPasswordIdentityProvider' + when: item.kind == 'HTPasswdPasswordIdentityProvider' and openshift.master.manage_htpasswd | bool with_items: "{{ openshift.master.identity_providers }}" - name: Create the ldap ca file if needed diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index 896dd5e35..d51c5a0a3 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -42,6 +42,7 @@ auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}" identity_providers: "{{ openshift_master_identity_providers | default(None) }}" htpasswd_users: "{{ openshift_master_htpasswd_users | default(lookup('file', openshift_master_htpasswd_file) | oo_htpasswd_users_from_file if openshift_master_htpasswd_file is defined else None) }}" + manage_htpasswd: "{{ openshift_master_manage_htpasswd | default(true) }}" ldap_ca: "{{ openshift_master_ldap_ca | default(lookup('file', openshift_master_ldap_ca_file) if openshift_master_ldap_ca_file is defined else None) }}" openid_ca: "{{ openshift_master_openid_ca | default(lookup('file', openshift_master_openid_ca_file) if openshift_master_openid_ca_file is defined else None) }}" request_header_ca: "{{ openshift_master_request_header_ca | default(lookup('file', openshift_master_request_header_ca_file) if openshift_master_request_header_ca_file is defined else None) }}" -- cgit v1.2.3 From 4538443750921273532d97ff653729e95bc52ad9 Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Thu, 2 Jun 2016 19:36:59 +0200 Subject: ensure htpasswd file exists Also move file mode to the file-exists check to not specify twice. --- roles/openshift_master/tasks/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 8ae169dfb..476ed4b0c 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -91,11 +91,19 @@ template: dest: "{{ item.filename }}" src: htpasswd.j2 - mode: 0600 backup: yes when: item.kind == 'HTPasswdPasswordIdentityProvider' and openshift.master.manage_htpasswd | bool with_items: "{{ openshift.master.identity_providers }}" +- name: Ensure htpasswd file exists + copy: + dest: "{{ item.filename }}" + force: no + content: "" + mode: 0600 + when: item.kind == 'HTPasswdPasswordIdentityProvider' + with_items: "{{ openshift.master.identity_providers }}" + - name: Create the ldap ca file if needed copy: dest: "{{ item.ca if 'ca' in item and '/' in item.ca else openshift_master_config_dir ~ '/' ~ item.ca | default('ldap_ca.crt') }}" -- cgit v1.2.3 From 7e4bb24498bb21c57ff141058caefeaa23f86549 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 6 Jun 2016 11:46:34 -0400 Subject: Automatic commit of package [openshift-ansible] release [3.0.97-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 46 +++++++++++++++++++++++++++++++++++++++- 2 files changed, 46 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 9e57340b4..1c588ea84 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.94-1 ./ +3.0.97-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 6f9083154..5089ddaaf 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.94 +Version: 3.0.97 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -205,6 +205,50 @@ Atomic OpenShift Utilities includes %changelog +* Mon Jun 06 2016 Scott Dodson 3.0.97-1 +- Only run node specific bits on nodes (sdodson@redhat.com) +- Update main.yaml (detiber@gmail.com) +- Hardcoded values in "launch_instances" - isue # 1970 (daniel@dumdan.com) +- XPAAS v1.3.1 content for Origin 1.1 / OSE 3.1 (sdodson@redhat.com) +- XPAAS v1.3.1 release for Origin 1.2 / OSE 3.2 (sdodson@redhat.com) +- Configure default docker logging options. (abutcher@redhat.com) +- Run rhel_subscribe on l_oo_all_hosts rather than all (sdodson@redhat.com) +- Fix error with stopping services that may not exist. (dgoodwin@redhat.com) +- Add haproxy_frontend_port to vars for openshift-loadbalancer. + (abutcher@redhat.com) +- Move os_firewall_allow from defaults to role dependencies. + (abutcher@redhat.com) +- Ensure registry url evaluated when creating router. (abutcher@redhat.com) +- Document protocol in readme aws. (abutcher@redhat.com) +- Revert openshift-certificates changes. (abutcher@redhat.com) +- wait metrics-deployer complete (need to configure nodes before hosted + services) (you@example.com) +- switch to using sig release packages (jdetiber@redhat.com) +- temporarily disable gpg checking until we have a way to cleanly enable it + (jdetiber@redhat.com) +- Switch to using CentOS SIG repos for Origin installs (jdetiber@redhat.com) +- Separate master and haproxy config playbooks. (abutcher@redhat.com) +- Cleanup bin, test and roles/openshift_ansible_inventory following move to + openshift-tools (abutcher@redhat.com) +- Catch more uninstall targets (sdodson@redhat.com) +- Adding openshift_clock parameters to example inventory files + (jstuever@redhat.com) +- Enable openshift_clock role for openshift_master, openshift_node, and + openshift_etcd (jstuever@redhat.com) +- Add openshift_clock role to manage system clocks (jstuever@redhat.com) +- Allow clock role in openshift_facts (jstuever@redhat.com) +- Consolidate ca/master/node certificates roles into openshift_certificates. + (abutcher@redhat.com) +- allow for overriding dns_flavor for openstack provider (jdetiber@redhat.com) +- add user-data file back to openstack provisioner (jdetiber@redhat.com) +- g_all_hosts with templated with_items causes errors with ansible 1.9.4 under + some conditions (jdetiber@redhat.com) +- openstack_fixes (jdetiber@redhat.com) +- libvirt_fixes (jdetiber@redhat.com) +- gce fixes (jdetiber@redhat.com) +- aws provider fixes (jdetiber@redhat.com) +- Call evaluate_groups from update_repos_and_packages (jdetiber@redhat.com) + * Thu May 26 2016 Scott Dodson 3.0.94-1 - Use grep to decide when to add our comment (sdodson@redhat.com) -- cgit v1.2.3 From 3f79a488fd05a91a48ea86dc4a60adffae1d66aa Mon Sep 17 00:00:00 2001 From: jawed Date: Tue, 7 Jun 2016 14:37:12 +0200 Subject: fix dns openstack flavor instead of openshift flavor --- playbooks/openstack/openshift-cluster/launch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 6429a6755..b9aae2f4c 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -46,7 +46,7 @@ -P master_flavor={{ openstack_flavor["master"] }} -P node_flavor={{ openstack_flavor["node"] }} -P infra_flavor={{ openstack_flavor["infra"] }} - -P dns_flavor={{ openshift_flavor["dns"] }} + -P dns_flavor={{ openstack_flavor["dns"] }} openshift-ansible-{{ cluster_id }}-stack' - name: Wait for OpenStack Stack readiness -- cgit v1.2.3 From 86b13b58701267272b2143f7783bb65607aabaf0 Mon Sep 17 00:00:00 2001 From: jawed Date: Tue, 7 Jun 2016 17:41:18 +0200 Subject: add skydns port 8053 to openstack master sec group --- playbooks/openstack/openshift-cluster/files/heat_stack.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 1d54a9c39..422e6dafe 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -286,6 +286,14 @@ resources: protocol: udp port_range_min: 53 port_range_max: 53 + - direction: ingress + protocol: tcp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: udp + port_range_min: 8053 + port_range_max: 8053 - direction: ingress protocol: tcp port_range_min: 24224 -- cgit v1.2.3 From 5701ba78c681e6f9efd841e76382e3aeb9853c9b Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 7 Jun 2016 13:56:30 -0400 Subject: Ansible 2.1 support. --- filter_plugins/openshift_master.py | 12 ++++++++---- roles/openshift_facts/library/openshift_facts.py | 10 +++++++++- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/filter_plugins/openshift_master.py b/filter_plugins/openshift_master.py index bb79b27d1..b3f284a8e 100644 --- a/filter_plugins/openshift_master.py +++ b/filter_plugins/openshift_master.py @@ -13,11 +13,15 @@ from distutils.version import LooseVersion # pylint: disable=no-name-in-module,import-error try: - # ansible-2.0 - from ansible.runner.filter_plugins.core import bool as ansible_bool + # ansible-2.1 + from ansible.plugins.filter.core import to_bool as ansible_bool except ImportError: - # ansible-1.9.x - from ansible.plugins.filter.core import bool as ansible_bool + try: + #ansible-2.0.x + from ansible.runner.filter_plugins.core import bool as ansible_bool + except ImportError: + # ansible-1.9.x + from ansible.plugins.filter.core import bool as ansible_bool class IdentityProviderBase(object): """ IdentityProviderBase diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 3de0c23d3..2f8af2454 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1573,7 +1573,15 @@ class OpenShiftFacts(object): "Role %s is not supported by this module" % role ) self.role = role - self.system_facts = ansible_facts(module) + + try: + # ansible-2.1 + # pylint: disable=too-many-function-args + self.system_facts = ansible_facts(module, ['hardware', 'network', 'virtual', 'facter']) + except TypeError: + # ansible-1.9.x,ansible-2.0.x + self.system_facts = ansible_facts(module) + self.facts = self.generate_facts(local_facts, additive_facts_to_overwrite, openshift_env, -- cgit v1.2.3 From 5fb5bf96d0d616d8d952a85d831d6bb38978842d Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 24 May 2016 17:07:30 -0400 Subject: Use unique play names to make things easier to debug --- .../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml | 2 +- playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml | 2 +- playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index a72749a2b..3a4c58e43 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -54,7 +54,7 @@ - script: ../files/pre-upgrade-check -- name: Verify upgrade can proceed +- name: Verify upgrade targets hosts: oo_masters_to_config:oo_nodes_to_config vars: target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml index 66935e061..85d7073f2 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml @@ -29,7 +29,7 @@ valid version for a {{ target_version }} upgrade when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<') -- name: Verify upgrade can proceed +- name: Verify upgrade targets hosts: oo_masters_to_config:oo_nodes_to_config vars: target_version: "{{ '1.1.1' if deployment_type == 'origin' else '3.1.1' }}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml index dd9843290..6bff16674 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml @@ -53,7 +53,7 @@ valid version for a {{ target_version }} upgrade when: openshift_image_tag is defined and openshift_image_tag.split('v',1).1 | version_compare(target_version ,'<') -- name: Verify upgrade can proceed +- name: Verify master processes hosts: oo_masters_to_config roles: - openshift_facts @@ -84,7 +84,7 @@ enabled: yes when: openshift.master.ha is defined and openshift.master.ha | bool and openshift.common.is_containerized | bool -- name: Verify upgrade can proceed +- name: Verify node processes hosts: oo_nodes_to_config roles: - openshift_facts @@ -96,7 +96,7 @@ enabled: yes when: openshift.common.is_containerized | bool -- name: Verify upgrade can proceed +- name: Verify upgrade targets hosts: oo_masters_to_config:oo_nodes_to_config vars: target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}" -- cgit v1.2.3 From 98fa177034fd31b638afba5f826e83cb44e830a9 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 24 May 2016 17:08:39 -0400 Subject: At least backup things --- roles/openshift_master/tasks/systemd_units.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index a81270bab..2b527c03b 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -42,6 +42,7 @@ template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + backup: true when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" notify: - restart master api @@ -50,6 +51,7 @@ template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + backup: true when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" notify: - restart master controllers @@ -65,5 +67,6 @@ template: src: "atomic-openshift-master.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master + backup: true notify: - restart master -- cgit v1.2.3 From a2fad7dd125bb4f1b0123beab81cbff9075397d4 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 31 May 2016 14:05:35 -0400 Subject: Preserve proxy config if it's undefined --- roles/docker/tasks/main.yml | 1 + roles/openshift_master/tasks/systemd_units.yml | 43 ++++++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index b9b2666fb..5f94500a0 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -85,6 +85,7 @@ reg_fact_val: "{{ docker_no_proxy | default('') | join(',') }}" notify: - restart docker + when: "{{ 'http_proxy' in openshift.common or 'https_proxy' in openshift.common and docker_check.stat.isreg }}" - name: Set various docker options lineinfile: diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 2b527c03b..458b56fd1 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -38,6 +38,13 @@ when: create_ha_unit_files | changed # end workaround for missing systemd unit files +- name: Preserve Master API Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api + register: master_api_proxy + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + failed_when: false + changed_when: false + - name: Create the master api service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" @@ -47,6 +54,21 @@ notify: - restart master api +- name: Restore Master API Proxy Config Options + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + and master_api_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + line: "{{ item }}" + with_items: "{{ master_api_proxy.stdout_lines | default([]) }}" + +- name: Preserve Master Controllers Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api + register: master_controllers_proxy + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + failed_when: false + changed_when: false + - name: Create the master controllers service env file template: src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" @@ -56,6 +78,14 @@ notify: - restart master controllers +- name: Restore Master Controllers Proxy Config Options + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + line: "{{ item }}" + with_items: "{{ master_controllers_proxy.stdout_lines | default([]) }}" + when: openshift.master.ha is defined and openshift.master.ha | bool and openshift_master_cluster_method == "native" + and master_controllers_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common + - name: Install Master docker service file template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-master.service" @@ -63,6 +93,12 @@ register: install_result when: openshift.common.is_containerized | bool and openshift.master.ha is defined and not openshift.master.ha | bool +- name: Preserve Master Proxy Config options + command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master + register: master_proxy + failed_when: false + changed_when: false + - name: Create the master service env file template: src: "atomic-openshift-master.j2" @@ -70,3 +106,10 @@ backup: true notify: - restart master + +- name: Restore Master Proxy Config Options + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master + line: "{{ item }}" + with_items: "{{ master_proxy.stdout_lines | default([]) }}" + when: master_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common \ No newline at end of file -- cgit v1.2.3 From ad758bbdfbd93cf8c3731a3271473db51b5da3a8 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 8 Jun 2016 10:08:28 -0400 Subject: Add openshift_loadbalancer_facts role to set lb facts prior to running dependencies. --- playbooks/common/openshift-loadbalancer/config.yml | 2 -- roles/openshift_loadbalancer/defaults/main.yml | 2 -- roles/openshift_loadbalancer/meta/main.yml | 4 +-- roles/openshift_loadbalancer/tasks/main.yml | 30 ------------------- roles/openshift_loadbalancer_facts/README.md | 34 ++++++++++++++++++++++ roles/openshift_loadbalancer_facts/meta/main.yml | 13 +++++++++ roles/openshift_loadbalancer_facts/tasks/main.yml | 30 +++++++++++++++++++ 7 files changed, 79 insertions(+), 36 deletions(-) create mode 100644 roles/openshift_loadbalancer_facts/README.md create mode 100644 roles/openshift_loadbalancer_facts/meta/main.yml create mode 100644 roles/openshift_loadbalancer_facts/tasks/main.yml diff --git a/playbooks/common/openshift-loadbalancer/config.yml b/playbooks/common/openshift-loadbalancer/config.yml index 51cea53a3..f4392173a 100644 --- a/playbooks/common/openshift-loadbalancer/config.yml +++ b/playbooks/common/openshift-loadbalancer/config.yml @@ -1,7 +1,5 @@ --- - name: Configure load balancers hosts: oo_lb_to_config - vars: - haproxy_frontend_port: "{{ openshift_master_api_port | default(8443) }}" roles: - role: openshift_loadbalancer diff --git a/roles/openshift_loadbalancer/defaults/main.yml b/roles/openshift_loadbalancer/defaults/main.yml index 5c480f7c2..d096019af 100644 --- a/roles/openshift_loadbalancer/defaults/main.yml +++ b/roles/openshift_loadbalancer/defaults/main.yml @@ -1,6 +1,4 @@ --- -haproxy_frontend_port: 8443 - haproxy_frontends: - name: main binds: diff --git a/roles/openshift_loadbalancer/meta/main.yml b/roles/openshift_loadbalancer/meta/main.yml index 96a737d2f..ed846a1ba 100644 --- a/roles/openshift_loadbalancer/meta/main.yml +++ b/roles/openshift_loadbalancer/meta/main.yml @@ -10,11 +10,11 @@ galaxy_info: versions: - 7 dependencies: -- role: openshift_facts +- role: openshift_loadbalancer_facts - role: os_firewall os_firewall_allow: - service: haproxy stats port: "9000/tcp" - service: haproxy balance - port: "{{ haproxy_frontend_port }}/tcp" + port: "{{ openshift.loadbalancer.frontend_port }}/tcp" - role: openshift_repos diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml index 5514aa70b..03a7c0e4a 100644 --- a/roles/openshift_loadbalancer/tasks/main.yml +++ b/roles/openshift_loadbalancer/tasks/main.yml @@ -1,34 +1,4 @@ --- -- name: Set haproxy frontend port - openshift_facts: - role: loadbalancer - local_facts: - frontend_port: "{{ openshift_master_api_port | default(None) }}" - -- name: Set loadbalancer facts - openshift_facts: - role: loadbalancer - local_facts: - limit_nofile: "{{ openshift_loadbalancer_limit_nofile | default(None) }}" - default_maxconn: "{{ openshift_loadbalancer_default_maxconn | default(None) }}" - global_maxconn: "{{ openshift_loadbalancer_global_maxconn | default(None) }}" - frontends: - - name: atomic-openshift-api - mode: tcp - options: - - tcplog - binds: - - "*:{{ openshift.loadbalancer.frontend_port }}" - default_backend: atomic-openshift-api - backends: - - name: atomic-openshift-api - mode: tcp - option: tcplog - balance: source - servers: "{{ hostvars - | oo_select_keys(groups['oo_masters']) - | oo_haproxy_backend_masters(openshift.loadbalancer.frontend_port) }}" - - name: Install haproxy action: "{{ ansible_pkg_mgr }} name=haproxy state=present" when: not openshift.common.is_containerized | bool diff --git a/roles/openshift_loadbalancer_facts/README.md b/roles/openshift_loadbalancer_facts/README.md new file mode 100644 index 000000000..57537cc03 --- /dev/null +++ b/roles/openshift_loadbalancer_facts/README.md @@ -0,0 +1,34 @@ +OpenShift HAProxy Loadbalancer Facts +==================================== + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Andrew Butcher (abutcher@redhat.com) diff --git a/roles/openshift_loadbalancer_facts/meta/main.yml b/roles/openshift_loadbalancer_facts/meta/main.yml new file mode 100644 index 000000000..4c5b6552b --- /dev/null +++ b/roles/openshift_loadbalancer_facts/meta/main.yml @@ -0,0 +1,13 @@ +--- +galaxy_info: + author: Andrew Butcher + description: OpenShift loadbalancer facts + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 +dependencies: +- role: openshift_facts diff --git a/roles/openshift_loadbalancer_facts/tasks/main.yml b/roles/openshift_loadbalancer_facts/tasks/main.yml new file mode 100644 index 000000000..dc244c0be --- /dev/null +++ b/roles/openshift_loadbalancer_facts/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Set haproxy frontend port + openshift_facts: + role: loadbalancer + local_facts: + frontend_port: "{{ openshift_master_api_port | default(None) }}" + +- name: Set loadbalancer facts + openshift_facts: + role: loadbalancer + local_facts: + limit_nofile: "{{ openshift_loadbalancer_limit_nofile | default(None) }}" + default_maxconn: "{{ openshift_loadbalancer_default_maxconn | default(None) }}" + global_maxconn: "{{ openshift_loadbalancer_global_maxconn | default(None) }}" + frontends: + - name: atomic-openshift-api + mode: tcp + options: + - tcplog + binds: + - "*:{{ openshift.loadbalancer.frontend_port }}" + default_backend: atomic-openshift-api + backends: + - name: atomic-openshift-api + mode: tcp + option: tcplog + balance: source + servers: "{{ hostvars + | oo_select_keys(groups['oo_masters']) + | oo_haproxy_backend_masters(openshift.loadbalancer.frontend_port) }}" -- cgit v1.2.3