From 7a2891780e827513859628c7703cc1e7be53683f Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 23 Nov 2015 15:21:23 -0500 Subject: Add openshift_cli role This role ensures that the clients package is installed or if it's a containerized install places a wrapper script in /usr/local/bin/openshift and symlinks for oc, oadm, and kubectl. --- roles/openshift_cli/meta/main.yml | 16 +++++++++++++++ roles/openshift_cli/tasks/main.yml | 32 ++++++++++++++++++++++++++++++ roles/openshift_cli/templates/openshift.j2 | 16 +++++++++++++++ 3 files changed, 64 insertions(+) create mode 100644 roles/openshift_cli/meta/main.yml create mode 100644 roles/openshift_cli/tasks/main.yml create mode 100644 roles/openshift_cli/templates/openshift.j2 (limited to 'roles/openshift_cli') diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml new file mode 100644 index 000000000..1e8f8b719 --- /dev/null +++ b/roles/openshift_cli/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift Docker + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- { role: openshift_common } +- { role: docker } diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml new file mode 100644 index 000000000..c0ea66e70 --- /dev/null +++ b/roles/openshift_cli/tasks/main.yml @@ -0,0 +1,32 @@ +--- +- openshift_facts: + role: common + local_facts: + deployment_type: "{{ openshift_deployment_type }}" + +- name: Install clients + yum: pkg={{ openshift.common.service_type }}-clients state=installed + when: not openshift.common.is_containerized | bool + +- name: Pull CLI Image + command: > + docker pull {{ openshift.common.cli_image }} + when: openshift.common.is_containerized | bool + +- name: Create /usr/local/bin/openshift cli wrapper + template: + src: openshift.j2 + dest: /usr/local/bin/openshift + mode: 0755 + when: openshift.common.is_containerized | bool + +- name: Create client symlinks + file: + path: "{{ item }}" + state: link + src: /usr/local/bin/openshift + with_items: + - /usr/local/bin/oadm + - /usr/local/bin/oc + - /usr/local/bin/kubectl + when: openshift.common.is_containerized | bool \ No newline at end of file diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 new file mode 100644 index 000000000..cade4d1a7 --- /dev/null +++ b/roles/openshift_cli/templates/openshift.j2 @@ -0,0 +1,16 @@ +#!/bin/bash +if [ ! -d ~/.kube ]; then + mkdir -m 0700 ~/.kube +fi +cmd=`basename $0` +user=`id -u` +group=`id -g` + +# docker can only split stderr and stdin when run without -t +# https://github.com/docker/docker/issues/725 +# ansible checks various streams DO NOT CROSS THE STREAMS +if [ -z $TERM ]; then + $t = '-it' +fi + +docker run ${t} -a STDERR -a STDOUT -a STDIN --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} ${@} \ No newline at end of file -- cgit v1.2.3 From 48778f29f265380a3e6fa2e882621ebc3781736b Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 16 Dec 2015 14:14:42 -0500 Subject: Add some guards to wait for images to be pulled before moving on --- roles/openshift_cli/tasks/main.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'roles/openshift_cli') diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index c0ea66e70..8d7686ffd 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -8,10 +8,26 @@ yum: pkg={{ openshift.common.service_type }}-clients state=installed when: not openshift.common.is_containerized | bool +- name: List Docker images + command: > + docker images + register: docker_images + - name: Pull CLI Image command: > docker pull {{ openshift.common.cli_image }} + when: openshift.common.is_containerized | bool and openshift.common.cli_image not in docker_images.stdout + +- name: Wait for CLI image + command: > + docker images + register: docker_images + until: openshift.common.cli_image in docker_images.stdout + retries: 30 + delay: 10 + changed_when: false when: openshift.common.is_containerized | bool + - name: Create /usr/local/bin/openshift cli wrapper template: -- cgit v1.2.3 From fdb1b0c6b600e3fe91e48c812b66658e3d9dad68 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 5 Jan 2016 11:31:52 -0500 Subject: Fix multi-word arguments & cli wrapper stdin plumbing Fixes https://bugzilla.redhat.com/1295677 Fixes `echo "foo" | oc create -f -` --- roles/openshift_cli/templates/openshift.j2 | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'roles/openshift_cli') diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 index cade4d1a7..d773e9b1c 100644 --- a/roles/openshift_cli/templates/openshift.j2 +++ b/roles/openshift_cli/templates/openshift.j2 @@ -6,11 +6,4 @@ cmd=`basename $0` user=`id -u` group=`id -g` -# docker can only split stderr and stdin when run without -t -# https://github.com/docker/docker/issues/725 -# ansible checks various streams DO NOT CROSS THE STREAMS -if [ -z $TERM ]; then - $t = '-it' -fi - -docker run ${t} -a STDERR -a STDOUT -a STDIN --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} ${@} \ No newline at end of file +docker run -i -a STDERR -a STDOUT -a STDIN --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} "${@}" -- cgit v1.2.3 From 635df52db7ed51593135f53feae1cf7d48ad2a71 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 7 Jan 2016 13:16:38 -0500 Subject: Add a banner to CLI wrapper instructing users that it's only for bootstrapping Also remove -a STDIN,STDOUT,STDERR that's the default --- roles/openshift_cli/templates/openshift.j2 | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'roles/openshift_cli') diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 index d773e9b1c..a7c148a22 100644 --- a/roles/openshift_cli/templates/openshift.j2 +++ b/roles/openshift_cli/templates/openshift.j2 @@ -6,4 +6,18 @@ cmd=`basename $0` user=`id -u` group=`id -g` -docker run -i -a STDERR -a STDOUT -a STDIN --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} "${@}" +>&2 echo """ +================================================================================ +ATTENTION: You are running ${cmd} via a wrapper around 'docker run {{ openshift.common.cli_image }}'. +This wrapper is intended only to be used to bootstrap an environment. Please +install client tools on another host once you have granted cluster-admin +privileges to a user. +{% if openshift.common.deployment_type in ['openshift-enterprise','atomic-enterprise'] %} +See https://docs.openshift.com/enterprise/latest/cli_reference/get_started_cli.html +{% else %} +See https://docs.openshift.org/latest/cli_reference/get_started_cli.html +{% endif %} +================================================================================= +""" + +docker run -i --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }} "${@}" -- cgit v1.2.3