--- - fail: msg: Interface {{ etcd_interface }} not found when: "'ansible_' ~ etcd_interface not in hostvars[inventory_hostname]" - fail: msg: IPv4 address not found for {{ etcd_interface }} when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4" - name: Install etcd action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" when: not openshift.common.is_containerized | bool - name: Pull etcd container command: > docker pull {{ openshift.etcd.etcd_image }} when: openshift.common.is_containerized | bool - name: Install etcd container service file template: dest: "/etc/systemd/system/etcd_container.service" src: etcd.docker.service register: install_etcd_result when: openshift.common.is_containerized | bool - name: Ensure etcd datadir exists when: openshift.common.is_containerized | bool file: path: "{{ etcd_data_dir }}" state: directory mode: 0700 - name: Disable system etcd when containerized when: openshift.common.is_containerized | bool service: name: etcd state: stopped enabled: no - name: Reload systemd units command: systemctl daemon-reload when: openshift.common.is_containerized and ( install_etcd_result | changed ) - name: Validate permissions on the config dir file: path: "{{ etcd_conf_dir }}" state: directory owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" mode: 0700 - name: Validate permissions on certificate files file: path: "{{ item }}" mode: 0600 owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_url_scheme == 'https' with_items: - "{{ etcd_ca_file }}" - "{{ etcd_cert_file }}" - "{{ etcd_key_file }}" - name: Validate permissions on peer certificate files file: path: "{{ item }}" mode: 0600 owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_peer_url_scheme == 'https' with_items: - "{{ etcd_peer_ca_file }}" - "{{ etcd_peer_cert_file }}" - "{{ etcd_peer_key_file }}" - name: Write etcd global config file template: src: etcd.conf.j2 dest: /etc/etcd/etcd.conf backup: true notify: - restart etcd - name: Enable etcd service: name: "{{ etcd_service }}" state: started enabled: yes register: start_result - set_fact: etcd_service_status_changed = start_result | changed