From df8f5f0e251a014ab30dabd62c17e151b7fe36e8 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 12 Jul 2017 13:09:45 +0200 Subject: Options for bastion, SSH config, static inventory autogeneration * At the provisioning stage, allow users to auto-generate SSH config, when using a static inventory. * Run playbooks to provsion and post-provision as a separate, when using a bastion. This re-applies the SSH config, which ansible can't do on the fly. * Support a pre-installed bastion node, colocated with the 1st infra node. * With a bastion enabled, reduce floating IP footprint to infra and dns nodes only, effectively isolating a cluster in a private network. Signed-off-by: Bogdan Dobrelya --- playbooks/provisioning/openstack/post-provision-openstack.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'playbooks/provisioning/openstack/post-provision-openstack.yml') diff --git a/playbooks/provisioning/openstack/post-provision-openstack.yml b/playbooks/provisioning/openstack/post-provision-openstack.yml index a807c4d2f..c7df74a87 100644 --- a/playbooks/provisioning/openstack/post-provision-openstack.yml +++ b/playbooks/provisioning/openstack/post-provision-openstack.yml @@ -4,7 +4,11 @@ become: False gather_facts: False tasks: - - wait_for_connection: + - when: not openstack_use_bastion|default(False)|bool + wait_for_connection: + - when: openstack_use_bastion|default(False)|bool + delegate_to: bastion + wait_for_connection: - hosts: cluster_hosts gather_facts: True -- cgit v1.2.3 From 5820aa4371aec8218426cdceab3360c6955fe018 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=98ystein=20Bedin?= Date: Wed, 2 Aug 2017 14:40:08 +0000 Subject: Moving common DNS roles out of the playbook area (#605) --- playbooks/provisioning/openstack/post-provision-openstack.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'playbooks/provisioning/openstack/post-provision-openstack.yml') diff --git a/playbooks/provisioning/openstack/post-provision-openstack.yml b/playbooks/provisioning/openstack/post-provision-openstack.yml index c7df74a87..f683b77be 100644 --- a/playbooks/provisioning/openstack/post-provision-openstack.yml +++ b/playbooks/provisioning/openstack/post-provision-openstack.yml @@ -52,9 +52,8 @@ become: true pre_tasks: - include: pre_tasks.yml - - name: "Generate dns-server views" - include: openstack_dns_views.yml roles: + - role: dns-views - role: infra-ansible/roles/dns-server - name: Build and process DNS Records @@ -63,9 +62,8 @@ become: False pre_tasks: - include: pre_tasks.yml - - name: "Generate dns records" - include: openstack_dns_records.yml roles: + - role: dns-records - role: infra-ansible/roles/dns - name: Switch the stack subnet to the configured private DNS server -- cgit v1.2.3 From 7be1f76a53518dd48092a996841971eb4fd43f27 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 24 Aug 2017 11:03:07 +0200 Subject: Do not repeat pre_tasks for post-provision playbook (#689) Move repeating pre_tasks to pre-install (OpenShift Pre-Requisites) step. Signed-off-by: Bogdan Dobrelya --- playbooks/provisioning/openstack/post-provision-openstack.yml | 6 ------ 1 file changed, 6 deletions(-) (limited to 'playbooks/provisioning/openstack/post-provision-openstack.yml') diff --git a/playbooks/provisioning/openstack/post-provision-openstack.yml b/playbooks/provisioning/openstack/post-provision-openstack.yml index f683b77be..28f3e5fcf 100644 --- a/playbooks/provisioning/openstack/post-provision-openstack.yml +++ b/playbooks/provisioning/openstack/post-provision-openstack.yml @@ -25,8 +25,6 @@ hosts: cluster_hosts gather_facts: False become: true - pre_tasks: - - include: pre_tasks.yml roles: - role: hostnames @@ -50,8 +48,6 @@ hosts: dns gather_facts: False become: true - pre_tasks: - - include: pre_tasks.yml roles: - role: dns-views - role: infra-ansible/roles/dns-server @@ -60,8 +56,6 @@ hosts: localhost gather_facts: True become: False - pre_tasks: - - include: pre_tasks.yml roles: - role: dns-records - role: infra-ansible/roles/dns -- cgit v1.2.3