From 6a4b7a5eb6c4b5e747bab795e2428d7c3992f559 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 1 Apr 2015 15:09:19 -0400 Subject: Configuration updates for latest builds and major refactor Configuration updates for latest builds - Switch to using create-node-config - Switch sdn services to use etcd over SSL - This re-uses the client certificate deployed on each node - Additional node registration changes - Do not assume that metadata service is available in openshift_facts module - Call systemctl daemon-reload after installing openshift-master, openshift-sdn-master, openshift-node, openshift-sdn-node - Fix bug overriding openshift_hostname and openshift_public_hostname in byo playbooks - Start moving generated configs to /etc/openshift - Some custom module cleanup - Add known issue with ansible-1.9 to README_OSE.md - Update to genericize the kubernetes_register_node module - Default to use kubectl for commands - Allow for overriding kubectl_cmd - In openshift_register_node role, override kubectl_cmd to openshift_kube - Set default openshift_registry_url for enterprise when deployment_type is enterprise - Fix openshift_register_node for client config change - Ensure that master certs directory is created - Add roles and filter_plugin symlinks to playbooks/common/openshift-master and node - Allow non-root user with sudo nopasswd access - Updates for README_OSE.md - Update byo inventory for adding additional comments - Updates for node cert/config sync to work with non-root user using sudo - Move node config/certs to /etc/openshift/node - Don't use path for mktemp. addresses: https://github.com/openshift/openshift-ansible/issues/154 Create common playbooks - create common/openshift-master/config.yml - create common/openshift-node/config.yml - update playbooks to use new common playbooks - update launch playbooks to call update playbooks - fix openshift_registry and openshift_node_ip usage Set default deployment type to origin - openshift_repo updates for enabling origin deployments - also separate repo and gpgkey file structure - remove kubernetes repo since it isn't currently needed - full deployment type support for bin/cluster - honor OS_DEPLOYMENT_TYPE env variable - add --deployment-type option, which will override OS_DEPLOYMENT_TYPE if set - if neither OS_DEPLOYMENT_TYPE or --deployment-type is set, defaults to origin installs Additional changes: - Add separate config action to bin/cluster that runs ansible config but does not update packages - Some more duplication reduction in cluster playbooks. - Rename task files in playbooks dirs to have tasks in their name for clarity. - update aws/gce scripts to use a directory for inventory (otherwise when there are no hosts returned from dynamic inventory there is an error) libvirt refactor and update - add libvirt dynamic inventory - updates to use dynamic inventory for libvirt --- .../openshift-cluster/tasks/launch_instances.yml | 69 ++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 playbooks/aws/openshift-cluster/tasks/launch_instances.yml (limited to 'playbooks/aws/openshift-cluster/tasks') diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml new file mode 100644 index 000000000..58b4082df --- /dev/null +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -0,0 +1,69 @@ +--- +# TODO: modify machine_image based on deployment_type +- set_fact: + machine_type: "{{ lookup('env', 'ec2_instance_type') | default('m3.large', true) }}" + machine_image: "{{ lookup('env', 'ec2_ami') | default(deployment_vars[deployment_type].image, true) }}" + machine_region: "{{ lookup('env', 'ec2_region') | default(deployment_vars[deployment_type].region, true) }}" + machine_keypair: "{{ lookup('env', 'ec2_keypair')|default('libra', true) }}" + created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}" + security_group: "{{ lookup('env', 'ec2_security_group')|default('public', true) }}" + env: "{{ cluster }}" + host_type: "{{ type }}" + env_host_type: "{{ cluster }}-openshift-{{ type }}" + +- name: Launch instance(s) + ec2: + state: present + region: "{{ machine_region }}" + keypair: "{{ machine_keypair }}" + group: "{{ security_group }}" + instance_type: "{{ machine_type }}" + image: "{{ machine_image }}" + count: "{{ instances | oo_len }}" + wait: yes + instance_tags: + created-by: "{{ created_by }}" + env: "{{ env }}" + host-type: "{{ host_type }}" + env-host-type: "{{ env_host_type }}" + deployment-type: "{{ deployment_type }}" + register: ec2 + +- name: Add Name tag to instances + ec2_tag: resource={{ item.1.id }} region={{ machine_region }} state=present + with_together: + - instances + - ec2.instances + args: + tags: + Name: "{{ item.0 }}" + +- set_fact: + instance_groups: tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }}, tag_deployment-type_{{ deployment_type }} + +- name: Add new instances groups and variables + add_host: + hostname: "{{ item.0 }}" + ansible_ssh_host: "{{ item.1.dns_name }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: "{{ instance_groups }}" + ec2_private_ip_address: "{{ item.1.private_ip }}" + ec2_ip_address: "{{ item.1.public_ip }}" + with_together: + - instances + - ec2.instances + +- name: Wait for ssh + wait_for: "port=22 host={{ item.dns_name }}" + with_items: ec2.instances + +- name: Wait for user setup + command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.0].ansible_ssh_user }}@{{ item.1.dns_name }} echo {{ hostvars[item.0].ansible_ssh_user }} user is setup" + register: result + until: result.rc == 0 + retries: 20 + delay: 10 + with_together: + - instances + - ec2.instances -- cgit v1.2.3 From 0ecefd20d06e67823cb033d4ac7ec4b57e613af6 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Mon, 20 Apr 2015 23:45:15 -0400 Subject: Remove deployment-type tags --- playbooks/aws/openshift-cluster/tasks/launch_instances.yml | 3 +-- playbooks/gce/openshift-cluster/tasks/launch_instances.yml | 1 - playbooks/libvirt/openshift-cluster/templates/domain.xml | 1 - 3 files changed, 1 insertion(+), 4 deletions(-) (limited to 'playbooks/aws/openshift-cluster/tasks') diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 58b4082df..77ee25424 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -26,7 +26,6 @@ env: "{{ env }}" host-type: "{{ host_type }}" env-host-type: "{{ env_host_type }}" - deployment-type: "{{ deployment_type }}" register: ec2 - name: Add Name tag to instances @@ -39,7 +38,7 @@ Name: "{{ item.0 }}" - set_fact: - instance_groups: tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }}, tag_deployment-type_{{ deployment_type }} + instance_groups: tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }} - name: Add new instances groups and variables add_host: diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index a68edefae..9a9848f05 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -15,7 +15,6 @@ - env-{{ cluster }} - host-type-{{ type }} - env-host-type-{{ cluster }}-openshift-{{ type }} - - deployment-type-{{ deployment_type }} register: gce - name: Add new instances to groups and set variables needed diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index 7656249da..df200e374 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -3,7 +3,6 @@ 1 - deployment-type-{{ deployment_type }} env-{{ cluster }} env-host-type-{{ cluster }}-openshift-{{ type }} host-type-{{ type }} -- cgit v1.2.3 From 71ff62e46f464916f57345f4945f2e28cf5cdcdc Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 21 Apr 2015 10:40:55 -0400 Subject: add vpc support to ec2 cluster, add more overrides for variables --- .../openshift-cluster/tasks/launch_instances.yml | 26 +++++++++++++++------- playbooks/aws/openshift-cluster/vars.yml | 15 +++++++++++++ 2 files changed, 33 insertions(+), 8 deletions(-) (limited to 'playbooks/aws/openshift-cluster/tasks') diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 58b4082df..28582c84c 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -1,25 +1,35 @@ --- -# TODO: modify machine_image based on deployment_type - set_fact: - machine_type: "{{ lookup('env', 'ec2_instance_type') | default('m3.large', true) }}" - machine_image: "{{ lookup('env', 'ec2_ami') | default(deployment_vars[deployment_type].image, true) }}" - machine_region: "{{ lookup('env', 'ec2_region') | default(deployment_vars[deployment_type].region, true) }}" - machine_keypair: "{{ lookup('env', 'ec2_keypair')|default('libra', true) }}" created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}" - security_group: "{{ lookup('env', 'ec2_security_group')|default('public', true) }}" env: "{{ cluster }}" - host_type: "{{ type }}" env_host_type: "{{ cluster }}-openshift-{{ type }}" + host_type: "{{ type }}" + machine_type: "{{ lookup('env', 'ec2_instance_type') + | default(deployment_vars[deployment_type].type, true) }}" + machine_image: "{{ lookup('env', 'ec2_ami') + | default(deployment_vars[deployment_type].image, true) }}" + machine_region: "{{ lookup('env', 'ec2_region') + | default(deployment_vars[deployment_type].region, true) }}" + machine_keypair: "{{ lookup('env', 'ec2_keypair') + | default(deployment_vars[deployment_type].keypair, true) }}" + machine_subnet: "{{ lookup('env', 'ec2_vpc_subnet') + | default(deployment_vars[deployment_type].vpc_subnet, true) }}" + machine_public_ip: "{{ lookup('env', 'ec2_public_ip') + | default(deployment_vars[deployment_type].assign_public_ip, true) }}" + security_groups: "{{ lookup('env', 'ec2_security_groups') + | default(deployment_vars[deployment_type].security_groups, true) }}" - name: Launch instance(s) ec2: state: present region: "{{ machine_region }}" keypair: "{{ machine_keypair }}" - group: "{{ security_group }}" + group: "{{ security_groups }}" instance_type: "{{ machine_type }}" image: "{{ machine_image }}" count: "{{ instances | oo_len }}" + vpc_subnet_id: "{{ machine_subnet | default(omit, true) }}" + assign_public_ip: "{{ machine_public_ip | default(omit, true) }}" wait: yes instance_tags: created-by: "{{ created_by }}" diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index f0df3d6f5..bd6215869 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -6,15 +6,30 @@ deployment_vars: region: us-east-1 ssh_user: fedora sudo: yes + keypair: libra + type: m3.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: online: # private ami image: ami-307b3658 region: us-east-1 ssh_user: root sudo: no + keypair: libra + type: m3.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: enterprise: # rhel-7.1, requires cloud access subscription image: ami-10663b78 region: us-east-1 ssh_user: ec2-user sudo: yes + keypair: libra + type: m3.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: -- cgit v1.2.3 From 6792e2c58ea21bd67a36ff4571301782c9f64009 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 22 Apr 2015 14:10:15 -0400 Subject: Allow variable overriding for ec2 deployment_vars - users can now override the deployment_vars variables with the assocated ec2_* variables - added deployment_type and env specific vars files that load some ec2_* overrides - added the ability to search for amis by ami_name - this allows us to specify a base name with a wildcard to have the playbook choose the latest available image for that image name - added a copy of the ec2_find_ami module that will be in ansible 2.0 until we can make ansible 2.0 a requirement. --- filter_plugins/oo_filters.py | 83 +++--- playbooks/aws/openshift-cluster/launch.yml | 1 + .../aws/openshift-cluster/library/ec2_ami_find.py | 302 +++++++++++++++++++++ .../openshift-cluster/tasks/launch_instances.yml | 76 ++++-- playbooks/aws/openshift-cluster/vars.defaults.yml | 1 + .../aws/openshift-cluster/vars.online.int.yml | 9 + .../aws/openshift-cluster/vars.online.prod.yml | 9 + .../aws/openshift-cluster/vars.online.stage.yml | 9 + playbooks/aws/openshift-cluster/vars.yml | 13 +- 9 files changed, 445 insertions(+), 58 deletions(-) create mode 100644 playbooks/aws/openshift-cluster/library/ec2_ami_find.py create mode 100644 playbooks/aws/openshift-cluster/vars.defaults.yml create mode 100644 playbooks/aws/openshift-cluster/vars.online.int.yml create mode 100644 playbooks/aws/openshift-cluster/vars.online.prod.yml create mode 100644 playbooks/aws/openshift-cluster/vars.online.stage.yml (limited to 'playbooks/aws/openshift-cluster/tasks') diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index cf30cde9a..d22b6d188 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -1,14 +1,17 @@ #!/usr/bin/python # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 +''' +Custom filters for use in openshift-ansible +''' -from ansible import errors, runner -import json +from ansible import errors +from operator import itemgetter import pdb -import re def oo_pdb(arg): - ''' This pops you into a pdb instance where arg is the data passed in from the filter. + ''' This pops you into a pdb instance where arg is the data passed in + from the filter. Ex: "{{ hostvars | oo_pdb }}" ''' pdb.set_trace() @@ -21,7 +24,8 @@ def oo_len(arg): return len(arg) def get_attr(data, attribute=None): - ''' This looks up dictionary attributes of the form a.b.c and returns the value. + ''' This looks up dictionary attributes of the form a.b.c and returns + the value. Ex: data = {'a': {'b': {'c': 5}}} attribute = "a.b.c" returns 5 @@ -41,12 +45,13 @@ def oo_flatten(data): if not issubclass(type(data), list): raise errors.AnsibleFilterError("|failed expects to flatten a List") - return [ item for sublist in data for item in sublist ] + return [item for sublist in data for item in sublist] -def oo_collect(data, attribute=None, filters={}): - ''' This takes a list of dict and collects all attributes specified into a list - If filter is specified then we will include all items that match _ALL_ of filters. +def oo_collect(data, attribute=None, filters=None): + ''' This takes a list of dict and collects all attributes specified into a + list If filter is specified then we will include all items that match + _ALL_ of filters. Ex: data = [ {'a':1, 'b':5, 'z': 'z'}, # True, return {'a':2, 'z': 'z'}, # True, return {'a':3, 'z': 'z'}, # True, return @@ -56,15 +61,18 @@ def oo_collect(data, attribute=None, filters={}): filters = {'z': 'z'} returns [1, 2, 3] ''' - if not issubclass(type(data), list): raise errors.AnsibleFilterError("|failed expects to filter on a List") if not attribute: raise errors.AnsibleFilterError("|failed expects attribute to be set") - if filters: - retval = [get_attr(d, attribute) for d in data if all([ d[key] == filters[key] for key in filters ]) ] + if filters is not None: + if not issubclass(type(filters), dict): + raise errors.AnsibleFilterError("|fialed expects filter to be a" + " dict") + retval = [get_attr(d, attribute) for d in data if ( + all([d[key] == filters[key] for key in filters]))] else: retval = [get_attr(d, attribute) for d in data] @@ -78,7 +86,7 @@ def oo_select_keys(data, keys): ''' if not issubclass(type(data), dict): - raise errors.AnsibleFilterError("|failed expects to filter on a Dictionary") + raise errors.AnsibleFilterError("|failed expects to filter on a dict") if not issubclass(type(keys), list): raise errors.AnsibleFilterError("|failed expects first param is a list") @@ -98,30 +106,43 @@ def oo_prepend_strings_in_list(data, prepend): if not issubclass(type(data), list): raise errors.AnsibleFilterError("|failed expects first param is a list") if not all(isinstance(x, basestring) for x in data): - raise errors.AnsibleFilterError("|failed expects first param is a list of strings") + raise errors.AnsibleFilterError("|failed expects first param is a list" + " of strings") retval = [prepend + s for s in data] return retval -def oo_get_deployment_type_from_groups(data): - ''' This takes a list of groups and returns the associated - deployment-type +def oo_ami_selector(data, image_name): + ''' This takes a list of amis and an image name and attempts to return + the latest ami. ''' if not issubclass(type(data), list): raise errors.AnsibleFilterError("|failed expects first param is a list") - regexp = re.compile('^tag_deployment-type[-_]') - matches = filter(regexp.match, data) - if len(matches) > 0: - return regexp.sub('', matches[0]) - return "Unknown" -class FilterModule (object): + if not data: + return None + else: + if image_name is None or not image_name.endswith('_*'): + ami = sorted(data, key=itemgetter('name'), reverse=True)[0] + return ami['ami_id'] + else: + ami_info = [(ami, ami['name'].split('_')[-1]) for ami in data] + ami = sorted(ami_info, key=itemgetter(1), reverse=True)[0][0] + return ami['ami_id'] + +# disabling pylint checks for too-few-public-methods and no-self-use since we +# need to expose a FilterModule object that has a filters method that returns +# a mapping of filter names to methods. +# pylint: disable=too-few-public-methods, no-self-use +class FilterModule(object): + ''' FilterModule ''' def filters(self): + ''' returns a mapping of filters to methods ''' return { - "oo_select_keys": oo_select_keys, - "oo_collect": oo_collect, - "oo_flatten": oo_flatten, - "oo_len": oo_len, - "oo_pdb": oo_pdb, - "oo_prepend_strings_in_list": oo_prepend_strings_in_list, - "oo_get_deployment_type_from_groups": oo_get_deployment_type_from_groups - } + "oo_select_keys": oo_select_keys, + "oo_collect": oo_collect, + "oo_flatten": oo_flatten, + "oo_len": oo_len, + "oo_pdb": oo_pdb, + "oo_prepend_strings_in_list": oo_prepend_strings_in_list, + "oo_ami_selector": oo_ami_selector + } diff --git a/playbooks/aws/openshift-cluster/launch.yml b/playbooks/aws/openshift-cluster/launch.yml index a0de00fc3..3eb5496e4 100644 --- a/playbooks/aws/openshift-cluster/launch.yml +++ b/playbooks/aws/openshift-cluster/launch.yml @@ -5,6 +5,7 @@ gather_facts: no vars_files: - vars.yml + - ["vars.{{ deployment_type }}.{{ cluster_id }}.yml", vars.defaults.yml] tasks: - fail: msg: Deployment type not supported for aws provider yet diff --git a/playbooks/aws/openshift-cluster/library/ec2_ami_find.py b/playbooks/aws/openshift-cluster/library/ec2_ami_find.py new file mode 100644 index 000000000..29e594a65 --- /dev/null +++ b/playbooks/aws/openshift-cluster/library/ec2_ami_find.py @@ -0,0 +1,302 @@ +#!/usr/bin/python +#pylint: skip-file +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +DOCUMENTATION = ''' +--- +module: ec2_ami_find +version_added: 2.0 +short_description: Searches for AMIs to obtain the AMI ID and other information +description: + - Returns list of matching AMIs with AMI ID, along with other useful information + - Can search AMIs with different owners + - Can search by matching tag(s), by AMI name and/or other criteria + - Results can be sorted and sliced +author: Tom Bamford +notes: + - This module is not backwards compatible with the previous version of the ec2_search_ami module which worked only for Ubuntu AMIs listed on cloud-images.ubuntu.com. + - See the example below for a suggestion of how to search by distro/release. +options: + region: + description: + - The AWS region to use. + required: true + aliases: [ 'aws_region', 'ec2_region' ] + owner: + description: + - Search AMIs owned by the specified owner + - Can specify an AWS account ID, or one of the special IDs 'self', 'amazon' or 'aws-marketplace' + - If not specified, all EC2 AMIs in the specified region will be searched. + - You can include wildcards in many of the search options. An asterisk (*) matches zero or more characters, and a question mark (?) matches exactly one character. You can escape special characters using a backslash (\) before the character. For example, a value of \*amazon\?\\ searches for the literal string *amazon?\. + required: false + default: null + ami_id: + description: + - An AMI ID to match. + default: null + required: false + ami_tags: + description: + - A hash/dictionary of tags to match for the AMI. + default: null + required: false + architecture: + description: + - An architecture type to match (e.g. x86_64). + default: null + required: false + hypervisor: + description: + - A hypervisor type type to match (e.g. xen). + default: null + required: false + is_public: + description: + - Whether or not the image(s) are public. + choices: ['yes', 'no'] + default: null + required: false + name: + description: + - An AMI name to match. + default: null + required: false + platform: + description: + - Platform type to match. + default: null + required: false + sort: + description: + - Optional attribute which with to sort the results. + - If specifying 'tag', the 'tag_name' parameter is required. + choices: ['name', 'description', 'tag'] + default: null + required: false + sort_tag: + description: + - Tag name with which to sort results. + - Required when specifying 'sort=tag'. + default: null + required: false + sort_order: + description: + - Order in which to sort results. + - Only used when the 'sort' parameter is specified. + choices: ['ascending', 'descending'] + default: 'ascending' + required: false + sort_start: + description: + - Which result to start with (when sorting). + - Corresponds to Python slice notation. + default: null + required: false + sort_end: + description: + - Which result to end with (when sorting). + - Corresponds to Python slice notation. + default: null + required: false + state: + description: + - AMI state to match. + default: 'available' + required: false + virtualization_type: + description: + - Virtualization type to match (e.g. hvm). + default: null + required: false + no_result_action: + description: + - What to do when no results are found. + - "'success' reports success and returns an empty array" + - "'fail' causes the module to report failure" + choices: ['success', 'fail'] + default: 'success' + required: false +requirements: + - boto + +''' + +EXAMPLES = ''' +# Note: These examples do not set authentication details, see the AWS Guide for details. + +# Search for the AMI tagged "project:website" +- ec2_ami_find: + owner: self + tags: + project: website + no_result_action: fail + register: ami_find + +# Search for the latest Ubuntu 14.04 AMI +- ec2_ami_find: + name: "ubuntu/images/ebs/ubuntu-trusty-14.04-amd64-server-*" + owner: 099720109477 + sort: name + sort_order: descending + sort_end: 1 + register: ami_find + +# Launch an EC2 instance +- ec2: + image: "{{ ami_search.results[0].ami_id }}" + instance_type: m3.medium + key_name: mykey + wait: yes +''' + +try: + import boto.ec2 + HAS_BOTO=True +except ImportError: + HAS_BOTO=False + +import json + +def main(): + argument_spec = ec2_argument_spec() + argument_spec.update(dict( + region = dict(required=True, + aliases = ['aws_region', 'ec2_region']), + owner = dict(required=False, default=None), + ami_id = dict(required=False), + ami_tags = dict(required=False, type='dict', + aliases = ['search_tags', 'image_tags']), + architecture = dict(required=False), + hypervisor = dict(required=False), + is_public = dict(required=False), + name = dict(required=False), + platform = dict(required=False), + sort = dict(required=False, default=None, + choices=['name', 'description', 'tag']), + sort_tag = dict(required=False), + sort_order = dict(required=False, default='ascending', + choices=['ascending', 'descending']), + sort_start = dict(required=False), + sort_end = dict(required=False), + state = dict(required=False, default='available'), + virtualization_type = dict(required=False), + no_result_action = dict(required=False, default='success', + choices = ['success', 'fail']), + ) + ) + + module = AnsibleModule( + argument_spec=argument_spec, + ) + + if not HAS_BOTO: + module.fail_json(msg='boto required for this module, install via pip or your package manager') + + ami_id = module.params.get('ami_id') + ami_tags = module.params.get('ami_tags') + architecture = module.params.get('architecture') + hypervisor = module.params.get('hypervisor') + is_public = module.params.get('is_public') + name = module.params.get('name') + owner = module.params.get('owner') + platform = module.params.get('platform') + sort = module.params.get('sort') + sort_tag = module.params.get('sort_tag') + sort_order = module.params.get('sort_order') + sort_start = module.params.get('sort_start') + sort_end = module.params.get('sort_end') + state = module.params.get('state') + virtualization_type = module.params.get('virtualization_type') + no_result_action = module.params.get('no_result_action') + + filter = {'state': state} + + if ami_id: + filter['image_id'] = ami_id + if ami_tags: + for tag in ami_tags: + filter['tag:'+tag] = ami_tags[tag] + if architecture: + filter['architecture'] = architecture + if hypervisor: + filter['hypervisor'] = hypervisor + if is_public: + filter['is_public'] = is_public + if name: + filter['name'] = name + if platform: + filter['platform'] = platform + if virtualization_type: + filter['virtualization_type'] = virtualization_type + + ec2 = ec2_connect(module) + + images_result = ec2.get_all_images(owners=owner, filters=filter) + + if no_result_action == 'fail' and len(images_result) == 0: + module.fail_json(msg="No AMIs matched the attributes: %s" % json.dumps(filter)) + + results = [] + for image in images_result: + data = { + 'ami_id': image.id, + 'architecture': image.architecture, + 'description': image.description, + 'is_public': image.is_public, + 'name': image.name, + 'owner_id': image.owner_id, + 'platform': image.platform, + 'root_device_name': image.root_device_name, + 'root_device_type': image.root_device_type, + 'state': image.state, + 'tags': image.tags, + 'virtualization_type': image.virtualization_type, + } + + if image.kernel_id: + data['kernel_id'] = image.kernel_id + if image.ramdisk_id: + data['ramdisk_id'] = image.ramdisk_id + + results.append(data) + + if sort == 'tag': + if not sort_tag: + module.fail_json(msg="'sort_tag' option must be given with 'sort=tag'") + results.sort(key=lambda e: e['tags'][sort_tag], reverse=(sort_order=='descending')) + elif sort: + results.sort(key=lambda e: e[sort], reverse=(sort_order=='descending')) + + try: + if sort and sort_start and sort_end: + results = results[int(sort_start):int(sort_end)] + elif sort and sort_start: + results = results[int(sort_start):] + elif sort and sort_end: + results = results[:int(sort_end)] + except TypeError: + module.fail_json(msg="Please supply numeric values for sort_start and/or sort_end") + + module.exit_json(results=results) + +# import module snippets +from ansible.module_utils.basic import * +from ansible.module_utils.ec2 import * + +if __name__ == '__main__': + main() + diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 34172396a..39ad9d089 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -4,32 +4,64 @@ env: "{{ cluster }}" env_host_type: "{{ cluster }}-openshift-{{ type }}" host_type: "{{ type }}" - machine_type: "{{ lookup('env', 'ec2_instance_type') - | default(deployment_vars[deployment_type].type, true) }}" - machine_image: "{{ lookup('env', 'ec2_ami') - | default(deployment_vars[deployment_type].image, true) }}" - machine_region: "{{ lookup('env', 'ec2_region') - | default(deployment_vars[deployment_type].region, true) }}" - machine_keypair: "{{ lookup('env', 'ec2_keypair') - | default(deployment_vars[deployment_type].keypair, true) }}" - machine_subnet: "{{ lookup('env', 'ec2_vpc_subnet') - | default(deployment_vars[deployment_type].vpc_subnet, true) }}" - machine_public_ip: "{{ lookup('env', 'ec2_public_ip') - | default(deployment_vars[deployment_type].assign_public_ip, true) }}" - security_groups: "{{ lookup('env', 'ec2_security_groups') - | default(deployment_vars[deployment_type].security_groups, true) }}" + +- set_fact: + ec2_region: "{{ lookup('env', 'ec2_region') + | default(deployment_vars[deployment_type].region, true) }}" + when: ec2_region is not defined +- set_fact: + ec2_image_name: "{{ lookup('env', 'ec2_image_name') + | default(deployment_vars[deployment_type].image_name, true) }}" + when: ec2_image_name is not defined and ec2_image is not defined +- set_fact: + ec2_image: "{{ lookup('env', 'ec2_image') + | default(deployment_vars[deployment_type].image, true) }}" + when: ec2_image is not defined and not ec2_image_name +- set_fact: + ec2_instance_type: "{{ lookup('env', 'ec2_instance_type') + | default(deployment_vars[deployment_type].type, true) }}" + when: ec2_instance_type is not defined +- set_fact: + ec2_keypair: "{{ lookup('env', 'ec2_keypair') + | default(deployment_vars[deployment_type].keypair, true) }}" + when: ec2_keypair is not defined +- set_fact: + ec2_vpc_subnet: "{{ lookup('env', 'ec2_vpc_subnet') + | default(deployment_vars[deployment_type].vpc_subnet, true) }}" + when: ec2_vpc_subnet is not defined +- set_fact: + ec2_assign_public_ip: "{{ lookup('env', 'ec2_assign_public_ip') + | default(deployment_vars[deployment_type].assign_public_ip, true) }}" + when: ec2_assign_public_ip is not defined +- set_fact: + ec2_security_groups: "{{ lookup('env', 'ec2_security_groups') + | default(deployment_vars[deployment_type].security_groups, true) }}" + when: ec2_security_groups is not defined + +- name: Find amis for deployment_type + ec2_ami_find: + region: "{{ ec2_region }}" + ami_id: "{{ ec2_image | default(omit, true) }}" + name: "{{ ec2_image_name | default(omit, true) }}" + register: ami_result + +- fail: msg="Could not find requested ami" + when: not ami_result.results + +- set_fact: + latest_ami: "{{ ami_result.results | oo_ami_selector(ec2_image_name) }}" - name: Launch instance(s) ec2: state: present - region: "{{ machine_region }}" - keypair: "{{ machine_keypair }}" - group: "{{ security_groups }}" - instance_type: "{{ machine_type }}" - image: "{{ machine_image }}" + region: "{{ ec2_region }}" + keypair: "{{ ec2_keypair }}" + group: "{{ ec2_security_groups }}" + instance_type: "{{ ec2_instance_type }}" + image: "{{ latest_ami }}" count: "{{ instances | oo_len }}" - vpc_subnet_id: "{{ machine_subnet | default(omit, true) }}" - assign_public_ip: "{{ machine_public_ip | default(omit, true) }}" + vpc_subnet_id: "{{ ec2_vpc_subnet | default(omit, true) }}" + assign_public_ip: "{{ ec2_assign_public_ip | default(omit, true) }}" wait: yes instance_tags: created-by: "{{ created_by }}" @@ -39,7 +71,7 @@ register: ec2 - name: Add Name tag to instances - ec2_tag: resource={{ item.1.id }} region={{ machine_region }} state=present + ec2_tag: resource={{ item.1.id }} region={{ ec2_region }} state=present with_together: - instances - ec2.instances diff --git a/playbooks/aws/openshift-cluster/vars.defaults.yml b/playbooks/aws/openshift-cluster/vars.defaults.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/playbooks/aws/openshift-cluster/vars.defaults.yml @@ -0,0 +1 @@ +--- diff --git a/playbooks/aws/openshift-cluster/vars.online.int.yml b/playbooks/aws/openshift-cluster/vars.online.int.yml new file mode 100644 index 000000000..12f79a9c1 --- /dev/null +++ b/playbooks/aws/openshift-cluster/vars.online.int.yml @@ -0,0 +1,9 @@ +--- +ec2_image: ami-906240f8 +ec2_image_name: libra-ops-rhel7* +ec2_region: us-east-1 +ec2_keypair: mmcgrath_libra +ec2_instance_type: m3.large +ec2_security_groups: [ 'int-v3' ] +ec2_vpc_subnet: subnet-987c0def +ec2_assign_public_ip: yes diff --git a/playbooks/aws/openshift-cluster/vars.online.prod.yml b/playbooks/aws/openshift-cluster/vars.online.prod.yml new file mode 100644 index 000000000..12f79a9c1 --- /dev/null +++ b/playbooks/aws/openshift-cluster/vars.online.prod.yml @@ -0,0 +1,9 @@ +--- +ec2_image: ami-906240f8 +ec2_image_name: libra-ops-rhel7* +ec2_region: us-east-1 +ec2_keypair: mmcgrath_libra +ec2_instance_type: m3.large +ec2_security_groups: [ 'int-v3' ] +ec2_vpc_subnet: subnet-987c0def +ec2_assign_public_ip: yes diff --git a/playbooks/aws/openshift-cluster/vars.online.stage.yml b/playbooks/aws/openshift-cluster/vars.online.stage.yml new file mode 100644 index 000000000..12f79a9c1 --- /dev/null +++ b/playbooks/aws/openshift-cluster/vars.online.stage.yml @@ -0,0 +1,9 @@ +--- +ec2_image: ami-906240f8 +ec2_image_name: libra-ops-rhel7* +ec2_region: us-east-1 +ec2_keypair: mmcgrath_libra +ec2_instance_type: m3.large +ec2_security_groups: [ 'int-v3' ] +ec2_vpc_subnet: subnet-987c0def +ec2_assign_public_ip: yes diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index f87e7aba3..07e453f89 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -3,6 +3,7 @@ deployment_vars: origin: # fedora, since centos requires marketplace image: ami-acd999c4 + image_name: region: us-east-1 ssh_user: fedora sudo: yes @@ -13,18 +14,20 @@ deployment_vars: assign_public_ip: online: # private ami - image: ami-906240f8 + image: ami-7a9e9812 + image_name: openshift-rhel7_* region: us-east-1 ssh_user: root sudo: no - keypair: mmcgrath_libra + keypair: libra type: m3.large - security_groups: [ 'int-v3' ] - vpc_subnet: subnet-987c0def - assign_public_ip: yes + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: enterprise: # rhel-7.1, requires cloud access subscription image: ami-10663b78 + image_name: region: us-east-1 ssh_user: ec2-user sudo: yes -- cgit v1.2.3 From 378e8a8c9d7e7be7f52691e957f07096ee0b2c82 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 16 Apr 2015 01:49:29 -0400 Subject: lvm-direct support for aws - Create a separate docker volume in aws openshift-cluster playbooks - default to using ephemeral storage, but allow to be overriden - allow root volume settingsto be overriden as well - add user-data cloud-config to bootstrap the installation/configuration of docker-storage-setup - pylint cleanup for oo_filters.py - remove left over traces to the deployment_type tags which were previously removed - oo_get_deployment_type_from_groups filter in oo_filters.py - cluster list playbooks references to oo_get_deployment_type_from_groups filter --- README_AWS.md | 21 ++++++++- filter_plugins/oo_filters.py | 50 +++++++++++++++++++++- playbooks/aws/openshift-cluster/list.yml | 2 +- .../openshift-cluster/tasks/launch_instances.yml | 22 ++++++++++ .../aws/openshift-cluster/templates/user_data.j2 | 29 +++++++++++++ playbooks/gce/openshift-cluster/list.yml | 2 +- playbooks/libvirt/openshift-cluster/list.yml | 2 +- 7 files changed, 123 insertions(+), 5 deletions(-) create mode 100644 playbooks/aws/openshift-cluster/templates/user_data.j2 (limited to 'playbooks/aws/openshift-cluster/tasks') diff --git a/README_AWS.md b/README_AWS.md index 37f4c5f51..888abe939 100644 --- a/README_AWS.md +++ b/README_AWS.md @@ -40,11 +40,25 @@ Alternatively, you can configure your ssh-agent to hold the credentials to conne By default, a cluster is launched with the following configuration: - Instance type: m3.large -- AMI: ami-307b3658 +- AMI: ami-307b3658 (for online deployments, ami-acd999c4 for origin deployments and ami-10663b78 for enterprise deployments) - Region: us-east-1 - Keypair name: libra - Security group: public +Master specific defaults: +- Master root volume size: 10 (in GiBs) +- Master root volume type: gp2 +- Master root volume iops: 500 (only applicable when volume type is io1) + +Node specific defaults: +- Node root volume size: 10 (in GiBs) +- Node root volume type: gp2 +- Node root volume iops: 500 (only applicable when volume type is io1) +- Docker volume size: 25 (in GiBs) +- Docker volume ephemeral: true (Whether the docker volume is ephemeral) +- Docker volume type: gp2 (only applicable if ephemeral is false) +- Docker volume iops: 500 (only applicable when volume type is io1) + If needed, these values can be changed by setting environment variables on your system. - export ec2_instance_type='m3.large' @@ -52,6 +66,11 @@ If needed, these values can be changed by setting environment variables on your - export ec2_region='us-east-1' - export ec2_keypair='libra' - export ec2_security_group='public' +- export os_master_root_vol_size='20' +- export os_master_root_vol_type='standard' +- export os_node_root_vol_size='15' +- export os_docker_vol_size='50' +- export os_docker_vol_ephemeral='false' Install Dependencies -------------------- diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index d22b6d188..097038450 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -129,6 +129,53 @@ def oo_ami_selector(data, image_name): ami = sorted(ami_info, key=itemgetter(1), reverse=True)[0][0] return ami['ami_id'] +def oo_ec2_volume_definition(data, host_type, docker_ephemeral=False): + ''' This takes a dictionary of volume definitions and returns a valid ec2 + volume definition based on the host_type and the values in the + dictionary. + The dictionary should look similar to this: + { 'master': + { 'root': + { 'volume_size': 10, 'device_type': 'gp2', + 'iops': 500 + } + }, + 'node': + { 'root': + { 'volume_size': 10, 'device_type': 'io1', + 'iops': 1000 + }, + 'docker': + { 'volume_size': 40, 'device_type': 'gp2', + 'iops': 500, 'ephemeral': 'true' + } + } + } + ''' + if not issubclass(type(data), dict): + raise errors.AnsibleFilterError("|failed expects first param is a dict") + if host_type not in ['master', 'node']: + raise errors.AnsibleFilterError("|failed expects either master or node" + " host type") + + root_vol = data[host_type]['root'] + root_vol['device_name'] = '/dev/sda1' + root_vol['delete_on_termination'] = True + if root_vol['device_type'] != 'io1': + root_vol.pop('iops', None) + if host_type == 'node': + docker_vol = data[host_type]['docker'] + docker_vol['device_name'] = '/dev/xvdb' + docker_vol['delete_on_termination'] = True + if docker_vol['device_type'] != 'io1': + docker_vol.pop('iops', None) + if docker_ephemeral: + docker_vol.pop('device_type', None) + docker_vol.pop('delete_on_termination', None) + docker_vol['ephemeral'] = 'ephemeral0' + return [root_vol, docker_vol] + return [root_vol] + # disabling pylint checks for too-few-public-methods and no-self-use since we # need to expose a FilterModule object that has a filters method that returns # a mapping of filter names to methods. @@ -144,5 +191,6 @@ class FilterModule(object): "oo_len": oo_len, "oo_pdb": oo_pdb, "oo_prepend_strings_in_list": oo_prepend_strings_in_list, - "oo_ami_selector": oo_ami_selector + "oo_ami_selector": oo_ami_selector, + "oo_ec2_volume_definition": oo_ec2_volume_definition } diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml index 5c04bc320..04fcdc0a1 100644 --- a/playbooks/aws/openshift-cluster/list.yml +++ b/playbooks/aws/openshift-cluster/list.yml @@ -21,4 +21,4 @@ gather_facts: no tasks: - debug: - msg: "public ip:{{ hostvars[inventory_hostname].ec2_ip_address }} private ip:{{ hostvars[inventory_hostname].ec2_private_ip_address }} deployment-type: {{ hostvars[inventory_hostname].group_names | oo_get_deployment_type_from_groups }}" + msg: "public ip:{{ hostvars[inventory_hostname].ec2_ip_address }} private ip:{{ hostvars[inventory_hostname].ec2_private_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 39ad9d089..666a8d1fb 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -1,6 +1,7 @@ --- - set_fact: created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}" + docker_vol_ephemeral: "{{ lookup('env', 'os_docker_vol_ephemeral') | default(false, true) }}" env: "{{ cluster }}" env_host_type: "{{ cluster }}-openshift-{{ type }}" host_type: "{{ type }}" @@ -50,6 +51,25 @@ - set_fact: latest_ami: "{{ ami_result.results | oo_ami_selector(ec2_image_name) }}" + user_data: "{{ lookup('template', '../templates/user_data.j2') if type == 'node' else None | default('omit') }}" + volume_defs: + master: + root: + volume_size: "{{ lookup('env', 'os_master_root_vol_size') | default(25, true) }}" + device_type: "{{ lookup('env', 'os_master_root_vol_type') | default('gp2', true) }}" + iops: "{{ lookup('env', 'os_master_root_vol_iops') | default(500, true) }}" + node: + root: + volume_size: "{{ lookup('env', 'os_node_root_vol_size') | default(25, true) }}" + device_type: "{{ lookup('env', 'os_node_root_vol_type') | default('gp2', true) }}" + iops: "{{ lookup('env', 'os_node_root_vol_iops') | default(500, true) }}" + docker: + volume_size: "{{ lookup('env', 'os_docker_vol_size') | default(32, true) }}" + device_type: "{{ lookup('env', 'os_docker_vol_type') | default('gp2', true) }}" + iops: "{{ lookup('env', 'os_docker_vol_iops') | default(500, true) }}" + +- set_fact: + volumes: "{{ volume_defs | oo_ec2_volume_definition(host_type, docker_vol_ephemeral | bool) }}" - name: Launch instance(s) ec2: @@ -62,12 +82,14 @@ count: "{{ instances | oo_len }}" vpc_subnet_id: "{{ ec2_vpc_subnet | default(omit, true) }}" assign_public_ip: "{{ ec2_assign_public_ip | default(omit, true) }}" + user_data: "{{ user_data }}" wait: yes instance_tags: created-by: "{{ created_by }}" env: "{{ env }}" host-type: "{{ host_type }}" env-host-type: "{{ env_host_type }}" + volumes: "{{ volumes }}" register: ec2 - name: Add Name tag to instances diff --git a/playbooks/aws/openshift-cluster/templates/user_data.j2 b/playbooks/aws/openshift-cluster/templates/user_data.j2 new file mode 100644 index 000000000..7dbc8f552 --- /dev/null +++ b/playbooks/aws/openshift-cluster/templates/user_data.j2 @@ -0,0 +1,29 @@ +#cloud-config +yum_repos: + jdetiber-copr: + name: Copr repo for origin owned by jdetiber + baseurl: https://copr-be.cloud.fedoraproject.org/results/jdetiber/origin/epel-7-$basearch/ + skip_if_unavailable: true + gpgcheck: true + gpgkey: https://copr-be.cloud.fedoraproject.org/results/jdetiber/origin/pubkey.gpg + enabled: true + +packages: +- xfsprogs # can be dropped after docker-storage-setup properly requires it: https://github.com/projectatomic/docker-storage-setup/pull/8 +- docker-storage-setup + +mounts: +- [ xvdb ] +- [ ephemeral0 ] + +write_files: +- content: | + DEVS=/dev/xvdb + VG=docker_vg + path: /etc/sysconfig/docker-storage-setup + owner: root:root + permissions: '0644' + +runcmd: +- systemctl daemon-reload +- systemctl enable lvm2-lvmetad.service docker-storage-setup.service diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index bab2fb9f8..962381306 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -21,4 +21,4 @@ gather_facts: no tasks: - debug: - msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }} deployment-type: {{ hostvars[inventory_hostname].group_names | oo_get_deployment_type_from_groups }}" + msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" diff --git a/playbooks/libvirt/openshift-cluster/list.yml b/playbooks/libvirt/openshift-cluster/list.yml index 25a25f791..eaedc4d0d 100644 --- a/playbooks/libvirt/openshift-cluster/list.yml +++ b/playbooks/libvirt/openshift-cluster/list.yml @@ -20,4 +20,4 @@ hosts: oo_list_hosts tasks: - debug: - msg: 'public:{{ansible_default_ipv4.address}} private:{{ansible_default_ipv4.address}} deployment-type: {{ hostvars[inventory_hostname].group_names | oo_get_deployment_type_from_groups }}' + msg: 'public:{{ansible_default_ipv4.address}} private:{{ansible_default_ipv4.address}}' -- cgit v1.2.3