From 1a16667b6a2e99ca6dc6b83c5794fb9995501280 Mon Sep 17 00:00:00 2001 From: Jan Chaloupka Date: Wed, 1 Mar 2017 12:54:19 +0100 Subject: - update excluders to latest, in non-upgrade scenarios do not update - check both available excluder versions are at most of upgrade target version - get excluder status through status command - make excluders enablement configurable --- .../openshift-cluster/upgrades/v3_3/upgrade.yml | 2 +- .../upgrades/v3_3/upgrade_control_plane.yml | 2 +- .../upgrades/v3_3/upgrade_nodes.yml | 2 +- .../openshift-cluster/upgrades/v3_4/upgrade.yml | 2 +- .../upgrades/v3_4/upgrade_control_plane.yml | 2 +- .../upgrades/v3_4/upgrade_nodes.yml | 2 +- .../openshift-cluster/upgrades/v3_5/upgrade.yml | 2 +- .../upgrades/v3_5/upgrade_control_plane.yml | 2 +- .../upgrades/v3_5/upgrade_nodes.yml | 2 +- playbooks/common/openshift-cluster/config.yml | 3 + .../common/openshift-cluster/disable_excluder.yml | 14 ++- .../initialize_openshift_version.yml | 3 + .../common/openshift-cluster/reset_excluder.yml | 2 +- .../upgrades/disable_excluder.yml | 21 +++++ .../upgrades/pre/validate_excluder.yml | 22 +++++ roles/openshift_excluder/README.md | 17 +++- roles/openshift_excluder/defaults/main.yml | 4 + roles/openshift_excluder/tasks/adjust.yml | 23 +++++ roles/openshift_excluder/tasks/disable.yml | 26 ++++++ roles/openshift_excluder/tasks/enable.yml | 21 +++++ roles/openshift_excluder/tasks/exclude.yml | 27 ++++-- roles/openshift_excluder/tasks/init.yml | 12 +++ roles/openshift_excluder/tasks/install.yml | 29 +++--- roles/openshift_excluder/tasks/reset.yml | 12 --- roles/openshift_excluder/tasks/status.yml | 103 +++++++++++++-------- roles/openshift_excluder/tasks/unexclude.yml | 23 +++-- 26 files changed, 284 insertions(+), 96 deletions(-) create mode 100644 playbooks/common/openshift-cluster/upgrades/disable_excluder.yml create mode 100644 playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml create mode 100644 roles/openshift_excluder/defaults/main.yml create mode 100644 roles/openshift_excluder/tasks/adjust.yml create mode 100644 roles/openshift_excluder/tasks/disable.yml create mode 100644 roles/openshift_excluder/tasks/enable.yml create mode 100644 roles/openshift_excluder/tasks/init.yml delete mode 100644 roles/openshift_excluder/tasks/reset.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml index b1510e062..d268850d8 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml @@ -46,7 +46,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml index b61d9e58a..d11e51640 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml @@ -54,7 +54,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml index f0b2a2c75..5a0f143ac 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml @@ -47,7 +47,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml index 82a1d0935..25d8cd2ba 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml @@ -46,7 +46,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml index 7ae1b3e6e..d52f3c111 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml @@ -54,7 +54,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml index ec63ea60e..07c734a40 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml @@ -47,7 +47,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml index 69cabcd33..a35227283 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml @@ -46,7 +46,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml index 719057d2b..069b31ad1 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml @@ -54,7 +54,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml index 259be6f8e..f858de3d5 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml @@ -47,7 +47,7 @@ tags: - pre_upgrade -- include: ../../../../common/openshift-cluster/disable_excluder.yml +- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml tags: - pre_upgrade diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 113b401f9..82f711f40 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -27,6 +27,9 @@ when: openshift_docker_selinux_enabled is not defined - include: disable_excluder.yml + vars: + # the excluders needs to be disabled no matter what status says + with_status_check: false tags: - always diff --git a/playbooks/common/openshift-cluster/disable_excluder.yml b/playbooks/common/openshift-cluster/disable_excluder.yml index eb146bab8..b2e025cb8 100644 --- a/playbooks/common/openshift-cluster/disable_excluder.yml +++ b/playbooks/common/openshift-cluster/disable_excluder.yml @@ -3,9 +3,15 @@ hosts: l_oo_all_hosts gather_facts: no tasks: + + # During installation the excluders are installed with present state. + # So no pre-validation check here as the excluders are either to be installed (present = latest) + # or they are not going to be updated if already installed + + # disable excluders based on their status - include_role: name: openshift_excluder - tasks_from: status - - include_role: - name: openshift_excluder - tasks_from: unexclude + tasks_from: disable + vars: + openshift_excluder_package_state: present + docker_excluder_package_state: present diff --git a/playbooks/common/openshift-cluster/initialize_openshift_version.yml b/playbooks/common/openshift-cluster/initialize_openshift_version.yml index 6b40176e1..7f37c606f 100644 --- a/playbooks/common/openshift-cluster/initialize_openshift_version.yml +++ b/playbooks/common/openshift-cluster/initialize_openshift_version.yml @@ -19,6 +19,9 @@ when: "not openshift.common.is_atomic | bool and 'Plugin \"search-disabled-repos\" requires API 2.7. Supported API is 2.6.' in yum_ver_test.stdout" - include: disable_excluder.yml + vars: + # the excluders needs to be disabled no matter what status says + with_status_check: false tags: - always diff --git a/playbooks/common/openshift-cluster/reset_excluder.yml b/playbooks/common/openshift-cluster/reset_excluder.yml index fe86f4c23..7c544ee32 100644 --- a/playbooks/common/openshift-cluster/reset_excluder.yml +++ b/playbooks/common/openshift-cluster/reset_excluder.yml @@ -5,4 +5,4 @@ tasks: - include_role: name: openshift_excluder - tasks_from: reset + tasks_from: enable diff --git a/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml b/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml new file mode 100644 index 000000000..2a85dc92e --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml @@ -0,0 +1,21 @@ +--- +- name: Record excluder state and disable + hosts: l_oo_all_hosts + gather_facts: no + tasks: + - include: pre/validate_excluder.yml + vars: + #repoquery_cmd: repoquery_cmd + #openshift_upgrade_target: openshift_upgrade_target + excluder: "{{ item }}" + with_items: + - "{{ openshift.common.service_type }}-docker-excluder" + - "{{ openshift.common.service_type }}-excluder" + + # disable excluders based on their status + - include_role: + name: openshift_excluder + tasks_from: disable + vars: + openshift_excluder_package_state: latest + docker_excluder_package_state: latest diff --git a/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml b/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml new file mode 100644 index 000000000..5078638b7 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml @@ -0,0 +1,22 @@ +--- +# input variables: +# - repoquery_cmd +# - excluder +# - openshift_upgrade_target +- name: Get available excluder version + command: > + {{ repoquery_cmd }} --qf '%{version}' "{{ excluder }}" + register: excluder_version + failed_when: false + changed_when: false + +- name: Docker excluder version detected + debug: + msg: "{{ excluder }}: {{ excluder_version.stdout }}" + +- name: Check the available {{ excluder }} version is at most of the upgrade target version + fail: + msg: "Available {{ excluder }} version {{ excluder_version.stdout }} is higher than the upgrade target version {{ openshift_upgrade_target }}" + when: + - "{{ excluder_version.stdout != '' }}" + - "{{ excluder_version.stdout.split('.')[0:2] | join('.') | version_compare(openshift_upgrade_target, '>', strict=True) }}" diff --git a/roles/openshift_excluder/README.md b/roles/openshift_excluder/README.md index 6c90b4e96..e76a15952 100644 --- a/roles/openshift_excluder/README.md +++ b/roles/openshift_excluder/README.md @@ -15,8 +15,11 @@ Facts | Name | Default Value | Description | -----------------------------|---------------|----------------------------------------| -| docker_excluder_enabled | none | Records the status of docker excluder | -| openshift_excluder_enabled | none | Records the status of the openshift excluder | +| enable_docker_excluder | enable_excluders | Enable docker excluder. If not set, the docker excluder is ignored. | +| enable_openshift_excluder | enable_excluders | Enable openshift excluder. If not set, the openshift excluder is ignored. | +| enable_excluders | None | Enable all excluders +| enable_docker_excluder_override | None | indication the docker excluder needs to be enabled | +| disable_openshift_excluder_override | None | indication the openshift excluder needs to be disabled | Role Variables -------------- @@ -25,6 +28,16 @@ None Dependencies ------------ +Tasks to include +---------------- + +- exclude: enable excluders (assuming excluders are installed) +- unexclude: disable excluders (assuming excluders are installed) +- install: install excluders (installation is followed by excluder enabling) +- enable: enable excluders (optionally with installation step) +- disabled: disable excluders (optionally with installation and status step, the status check that can override which excluder gets enabled/disabled) +- status: determine status of excluders + Example Playbook ---------------- diff --git a/roles/openshift_excluder/defaults/main.yml b/roles/openshift_excluder/defaults/main.yml new file mode 100644 index 000000000..0d275e954 --- /dev/null +++ b/roles/openshift_excluder/defaults/main.yml @@ -0,0 +1,4 @@ +--- +# keep the 'current' package or update to 'latest' if available? +openshift_excluder_package_state: present +docker_excluder_package_state: present diff --git a/roles/openshift_excluder/tasks/adjust.yml b/roles/openshift_excluder/tasks/adjust.yml new file mode 100644 index 000000000..6f4070c3d --- /dev/null +++ b/roles/openshift_excluder/tasks/adjust.yml @@ -0,0 +1,23 @@ +--- +# Depending on enablement of individual excluders and their status +# some excluders needs to be disabled, resp. enabled +# By default, all excluders are disabled unless overrided. +- block: + - include: init.yml + # All excluders that are to be enabled are enabled + - include: exclude.yml + vars: + # Enable the docker excluder only if it is overrided + enable_docker_excluder: "{{ enable_docker_excluder_override | default(false) | bool }}" + # excluder is to be disabled by default + enable_openshift_excluder: false + # All excluders that are to be disabled are disabled + - include: unexclude.yml + vars: + # If the docker override is not set, default to the generic behaviour + disable_docker_excluder: "{{ not enable_docker_excluder_override | default(not docker_excluder_on) | bool }}" + # disable openshift excluder is never overrided to be enabled + # disable it if the docker excluder is enabled + disable_openshift_excluder: "{{ openshift_excluder_on | bool }}" + when: + - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/disable.yml b/roles/openshift_excluder/tasks/disable.yml new file mode 100644 index 000000000..a8deb3eb1 --- /dev/null +++ b/roles/openshift_excluder/tasks/disable.yml @@ -0,0 +1,26 @@ +--- +# input variables +# - with_status_check +# - with_install +# - excluder_package_state +# - docker_excluder_package_state +- include: init.yml + +# Install any excluder that is enabled +- include: install.yml + vars: + # Both docker_excluder_on and openshift_excluder_on are set in openshift_excluder->init task + install_docker_excluder: "{{ docker_excluder_on | bool }}" + install_openshift_excluder: "{{ openshift_excluder_on | bool }}" + when: docker_excluder_on or openshift_excluder_on + + # if the docker excluder is not enabled, we don't care about its status + # it the docker excluder is enabled, we install it and in case its status is non-zero + # it is enabled no matter what + +# Check the current state of all excluders +- include: status.yml + when: with_status_check | default(docker_excluder_on or openshift_excluder_on) | bool + + # And finally adjust an excluder in order to update host components correctly +- include: adjust.yml diff --git a/roles/openshift_excluder/tasks/enable.yml b/roles/openshift_excluder/tasks/enable.yml new file mode 100644 index 000000000..ef6fc4a01 --- /dev/null +++ b/roles/openshift_excluder/tasks/enable.yml @@ -0,0 +1,21 @@ +--- +# input variables: +# - with_install +- block: + - include: init.yml + + - include: install.yml + vars: + install_docker_excluder: "{{ docker_excluder_on | bool }}" + install_openshift_excluder: "{{ openshift_excluder_on | bool }}" + when: with_install | default(docker_excluder_on or openshift_excluder_on) | bool + + - include: exclude.yml + vars: + # Enable the docker excluder only if it is overrided, resp. enabled by default (in that order) + enable_docker_excluder: "{{ enable_docker_excluder_override | default(docker_excluder_on) | bool }}" + # Enable the openshift excluder only if it is not overrided, resp. enabled by default (in that order) + enable_openshift_excluder: "{{ not disable_openshift_excluder_override | default(not openshift_excluder_on) | bool }}" + + when: + - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/exclude.yml b/roles/openshift_excluder/tasks/exclude.yml index 570183aef..ee0ad8a0b 100644 --- a/roles/openshift_excluder/tasks/exclude.yml +++ b/roles/openshift_excluder/tasks/exclude.yml @@ -1,11 +1,20 @@ --- -- include: install.yml - when: not openshift.common.is_containerized | bool +# input variables: +# - enable_docker_excluder +# - enable_openshift_excluder +- block: + - name: Enable docker excluder + command: "{{ openshift.common.service_type }}-docker-excluder exclude" + # if the docker override is set, it means the docker excluder needs to be enabled no matter what + # if the docker override is not set, the excluder is set based on enable_docker_excluder + when: + - enable_docker_excluder | default(false) | bool -- name: Enable docker excluder - command: "{{ openshift.common.service_type }}-docker-excluder exclude" - when: not openshift.common.is_containerized | bool - -- name: Enable excluder - command: "{{ openshift.common.service_type }}-excluder exclude" - when: not openshift.common.is_containerized | bool + - name: Enable openshift excluder + command: "{{ openshift.common.service_type }}-excluder exclude" + # if the openshift override is set, it means the openshift excluder is disabled no matter what + # if the openshift override is not set, the excluder is set based on enable_openshift_excluder + when: + - enable_openshift_excluder | default(false) | bool + when: + - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/init.yml b/roles/openshift_excluder/tasks/init.yml new file mode 100644 index 000000000..dee779925 --- /dev/null +++ b/roles/openshift_excluder/tasks/init.yml @@ -0,0 +1,12 @@ +--- +- name: Evalute if docker excluder is to be enabled + set_fact: + docker_excluder_on: "{{ enable_docker_excluder | default(enable_excluders | default(false)) | bool }}" + +- debug: var=docker_excluder_on + +- name: Evalute if openshift excluder is to be enabled + set_fact: + openshift_excluder_on: "{{ enable_openshift_excluder | default(enable_excluders | default(false)) | bool }}" + +- debug: var=openshift_excluder_on diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml index ee4cb2c05..01fe5da55 100644 --- a/roles/openshift_excluder/tasks/install.yml +++ b/roles/openshift_excluder/tasks/install.yml @@ -1,16 +1,21 @@ --- -- name: Install latest excluder - package: - name: "{{ openshift.common.service_type }}-excluder" - state: latest - when: - - openshift_excluder_enabled | default(false) | bool - - not openshift.common.is_containerized | bool +# input Variables +# - install_docker_excluder +# - install_openshift_excluder +- block: + + - name: Install docker excluder + package: + name: "{{ openshift.common.service_type }}-docker-excluder" + state: "{{ docker_excluder_package_state }}" + when: + - install_docker_excluder | default(true) | bool -- name: Install latest docker excluder - package: - name: "{{ openshift.common.service_type }}-excluder" - state: latest + - name: Install openshift excluder + package: + name: "{{ openshift.common.service_type }}-excluder" + state: "{{ openshift_excluder_package_state }}" + when: + - install_openshift_excluder | default(true) | bool when: - - docker_excluder_enabled | default(false) | bool - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/reset.yml b/roles/openshift_excluder/tasks/reset.yml deleted file mode 100644 index 486a23fd0..000000000 --- a/roles/openshift_excluder/tasks/reset.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Enable docker excluder - command: "{{ openshift.common.service_type }}-docker-excluder exclude" - when: - - docker_excluder_enabled | default(false) | bool - - not openshift.common.is_containerized | bool - -- name: Enable excluder - command: "{{ openshift.common.service_type }}-excluder exclude" - when: - - openshift_excluder_enabled | default(false) | bool - - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/status.yml b/roles/openshift_excluder/tasks/status.yml index ef118d94c..40bf98c18 100644 --- a/roles/openshift_excluder/tasks/status.yml +++ b/roles/openshift_excluder/tasks/status.yml @@ -1,8 +1,4 @@ --- -# Latest versions of the excluders include a status function, old packages dont -# So, if packages are installed, upgrade them to the latest so we get the status -# If they're not installed when we should assume they're disabled - - name: Determine if excluder packages are installed rpm_q: name: "{{ openshift.common.service_type }}-excluder" @@ -10,49 +6,78 @@ register: openshift_excluder_installed failed_when: false +# docker excluder needs to be enable by default - name: Determine if docker packages are installed rpm_q: - name: "{{ openshift.common.service_type }}-excluder" + name: "{{ openshift.common.service_type }}-docker-excluder" state: present register: docker_excluder_installed failed_when: false -- name: Update to latest excluder packages - package: - name: "{{ openshift.common.service_type }}-excluder" - state: latest - when: - - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}" - - not openshift.common.is_containerized | bool +# The excluder status function returns 0 when everything is excluded +# and 1 if any packages are missing from the exclusions list and outputs a warning to stderr +# # atomic-openshift-excluder status ; echo $? +# exclude -- All packages excluded +# 0 +# # atomic-openshift-excluder unexclude +# # atomic-openshift-excluder status ; echo $? +# unexclude -- At least one package not excluded +# 1 -- name: Update to the latest docker-excluder packages - package: - name: "{{ openshift.common.service_type }}-docker-excluder" - state: latest - when: - - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}" - - not openshift.common.is_containerized | bool +- block: + - include: init.yml + - block: + - name: Record openshift excluder status + command: "{{ openshift.common.service_type }}-excluder status" + register: excluder_status + failed_when: false -- name: Record excluder status - command: "{{ openshift.common.service_type }}-excluder" - register: excluder_status - when: - - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}" - - not openshift.common.is_containerized | bool - failed_when: false + # Even though the openshift excluder is enabled + # if the status is non-zero, disabled the excluder + - name: Override openshift excluder enablement if the status is non-zero + set_fact: + disable_openshift_excluder_override: true + when: + - "{{ excluder_status.rc | default(0) != 0 }}" -- name: Record docker excluder status - command: "{{ openshift.common.service_type }}-docker-excluder" - register: docker_excluder_status - when: - - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}" - - not openshift.common.is_containerized | bool - failed_when: false + - debug: + msg: "Disabling openshift excluder" + when: + - "{{ excluder_status.rc | default(0) != 0 }}" + + when: + - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}" + - "{{ openshift_excluder_on }}" + + - block: + - name: Record docker excluder status + command: "{{ openshift.common.service_type }}-docker-excluder status" + register: docker_excluder_status + failed_when: false -- name: Set excluder status facts - set_fact: - docker_excluder_enabled: "{{ 'false' if docker_excluder_status.rc | default(0) == 0 or docker_excluder_installed.installed_versions | default(0) | length == 0 else 'true' }}" - openshift_excluder_enabled: "{{ 'false' if docker_excluder_status.rc | default(0) == 0 or openshift_excluder_installed.installed_versions | default(0) | length == 0 else 'true' }}" + # If the docker excluder is installed and the status is non-zero + # always enable the docker excluder + - name: Override docker excluder enablement if the status is non-zero + set_fact: + enable_docker_excluder_override: true + when: + - "{{ docker_excluder_status.rc | default(0) != 0 }}" -- debug: var=docker_excluder_enabled -- debug: var=openshift_excluder_enabled + - debug: + msg: "Enabling docker excluder" + when: + - "{{ docker_excluder_status.rc | default(0) != 0 }}" + + # As the docker excluder status is not satisfied, + # re-enable entire docker excluder again + # At the same time keep the override set in a case other task would + - name: Enable docker excluder + command: "{{ openshift.common.service_type }}-docker-excluder exclude" + + # Run the docker excluder status even if the excluder is disabled. + # In order to determine of the excluder needs to be enabled. + when: + - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}" + + when: + - not openshift.common.is_containerized | bool diff --git a/roles/openshift_excluder/tasks/unexclude.yml b/roles/openshift_excluder/tasks/unexclude.yml index 38f0759aa..4df92bc65 100644 --- a/roles/openshift_excluder/tasks/unexclude.yml +++ b/roles/openshift_excluder/tasks/unexclude.yml @@ -1,12 +1,19 @@ --- -- name: disable docker excluder - command: "{{ openshift.common.service_type }}-docker-excluder unexclude" - when: - - docker_excluder_enabled | bool - - not openshift.common.is_containerized | bool +# input variables: +# - disable_docker_excluder +# - disable_openshift_excluder +- block: + - include: init.yml + + - name: disable docker excluder + command: "{{ openshift.common.service_type }}-docker-excluder unexclude" + when: + - disable_docker_excluder | default(false) | bool + + - name: disable openshift excluder + command: "{{ openshift.common.service_type }}-excluder unexclude" + when: + - disable_openshift_excluder | default(false) | bool -- name: disable excluder - command: "{{ openshift.common.service_type }}-excluder unexclude" when: - - openshift_excluder_enabled | bool - not openshift.common.is_containerized | bool -- cgit v1.2.3