From 47f350bc3aa85a8bd406d95faf084df2abf74ae9 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Sun, 18 Mar 2018 22:59:31 +0100 Subject: Second revision: includes hostpath mounts, gluster block storage, kaas apps, etc. --- roles/ands_kaas/tasks/do_apps.yml | 16 ++++++++++++++ roles/ands_kaas/tasks/do_project.yml | 20 +++++++++++++++-- roles/ands_kaas/tasks/do_storage.yml | 43 ++++++++++++++++++++++++++++++++++++ roles/ands_kaas/tasks/file.yml | 9 ++++++++ roles/ands_kaas/tasks/main.yml | 4 ++-- roles/ands_kaas/tasks/project.yml | 32 ++++++++++++++++++++++++++- roles/ands_kaas/tasks/template.yml | 9 +++++++- roles/ands_kaas/tasks/templates.yml | 5 +++++ roles/ands_kaas/tasks/volume.yml | 16 +++++++++++++- 9 files changed, 147 insertions(+), 7 deletions(-) create mode 100644 roles/ands_kaas/tasks/do_apps.yml create mode 100644 roles/ands_kaas/tasks/do_storage.yml (limited to 'roles/ands_kaas/tasks') diff --git a/roles/ands_kaas/tasks/do_apps.yml b/roles/ands_kaas/tasks/do_apps.yml new file mode 100644 index 0000000..6738b7f --- /dev/null +++ b/roles/ands_kaas/tasks/do_apps.yml @@ -0,0 +1,16 @@ +- name: "Process KaaS apps" + include_tasks: "template.yml" + run_once: true + with_items: "{{ kaas_project_apps }}" + loop_control: + loop_var: appname + when: + - app.provision | default(true) + - (ands_configure_app == ands_none) or (app.name == ands_configure_app) + vars: + app: "{{ kaas_project_config[appname] }}" + name: "{{ app.name | default((app.pods.keys() | list)[0]) }}" + instantiate: "{{ app.instantiate | default(false) }}" + load: "{{ app.load | default(false) }}" + pods: "{{ app.pods }}" + tmpl_name: "50-kaas-pods.yml.j2" diff --git a/roles/ands_kaas/tasks/do_project.yml b/roles/ands_kaas/tasks/do_project.yml index 5cafe25..f5b3276 100644 --- a/roles/ands_kaas/tasks/do_project.yml +++ b/roles/ands_kaas/tasks/do_project.yml @@ -10,11 +10,16 @@ loop_control: loop_var: osv vars: - query: "[*].volumes.{{osv.value.volume}}.mount" - mntpath: "{{ (ands_storage_domains | json_query(query)) }}" + vt_query: "[*].volumes.{{osv.value.volume}}.type" + voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + mp_query: "[*].volumes.{{osv.value.volume}}.mount" + mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" + rp_query: "[*].volumes.{{osv.value.volume}}.path" + realpath: "{{ (kaas_storage_domains | json_query(rp_query)) }}" osvpath: "{{ osv.value.path | default('') }}" prefix: "{{ ( osvpath[:1] == '/' ) | ternary('', '/' ~ kaas_project ~ '/') }}" path: "{{ mntpath[0] ~ prefix ~ osvpath }}" + hostpath: "{{ realpath[0] is defined | ternary((realpath[0] | default('')) ~ prefix ~ osvpath, '') }}" name: "{{osv.key}}" volume: "{{osv.value}}" when: ( mntpath | length ) > 0 @@ -35,8 +40,17 @@ loop_control: loop_var: file vars: + osv: "{{ kaas_project_volumes[file.osv] }}" + vt_query: "[*].volumes.{{osv.volume}}.type" + voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + mp_query: "[*].volumes.{{osv.volume}}.mount" + mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" + rp_query: "[*].volumes.{{osv.volume}}.path" + realpath: "{{ (kaas_storage_domains | json_query(rp_query)) }}" pvar: "kaas_{{ file.osv }}_path" path: "{{ hostvars[inventory_hostname][pvar] }}/{{ file.path }}" + hvar: "kaas_{{ file.osv }}_hostpath" + hostpath: "{{ hostvars[inventory_hostname][hvar] }}/{{ file.path }}" when: file.osv in kaas_project_volumes - name: Load OpenSSL keys @@ -60,3 +74,5 @@ when: - kaas_project_config.oc is undefined +- name: Install Applications + include_tasks: do_apps.yml diff --git a/roles/ands_kaas/tasks/do_storage.yml b/roles/ands_kaas/tasks/do_storage.yml new file mode 100644 index 0000000..ee118fd --- /dev/null +++ b/roles/ands_kaas/tasks/do_storage.yml @@ -0,0 +1,43 @@ +- name: Configure KaaS volumes + include_tasks: volume.yml + with_dict: "{{ kaas_project_volumes }}" + loop_control: + loop_var: osv + vars: + vt_query: "[*].volumes.{{osv.value.volume}}.type" + voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + mp_query: "[*].volumes.{{osv.value.volume}}.mount" + mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" + rp_query: "[*].volumes.{{osv.value.volume}}.path" + realpath: "{{ (kaas_storage_domains | json_query(rp_query)) }}" + osvpath: "{{ osv.value.path | default('') }}" + prefix: "{{ ( osvpath[:1] == '/' ) | ternary('', '/' ~ kaas_project ~ '/') }}" + path: "{{ mntpath[0] ~ prefix ~ osvpath }}" + hostpath: "{{ realpath[0] is defined | ternary((realpath[0] | default('')) ~ prefix ~ osvpath, '') }}" + name: "{{osv.key}}" + volume: "{{osv.value}}" + when: + - ( mntpath | length ) > 0 + - (osv.type | default("host")) in [ "host" ] + + +- name: Configure KaaS files + include_tasks: file.yml + with_items: "{{ kaas_project_config.files | default(kaas_openshift_files) | default([]) }}" + loop_control: + loop_var: file + vars: + osv: "{{ kaas_project_volumes[file.osv] }}" + vt_query: "[*].volumes.{{osv.volume}}.type" + voltype: "{{ (kaas_storage_domains | json_query(vt_query)) }}" + mp_query: "[*].volumes.{{osv.volume}}.mount" + mntpath: "{{ (kaas_storage_domains | json_query(mp_query)) }}" + rp_query: "[*].volumes.{{osv.volume}}.path" + realpath: "{{ (kaas_storage_domains | json_query(rp_query)) }}" + pvar: "kaas_{{ file.osv }}_path" + path: "{{ hostvars[inventory_hostname][pvar] }}/{{ file.path }}" + hvar: "kaas_{{ file.osv }}_hostpath" + hostpath: "{{ hostvars[inventory_hostname][hvar] }}/{{ file.path }}" + when: + - file.osv in kaas_project_volumes + - (osv.type | default("host")) in [ "host" ] diff --git a/roles/ands_kaas/tasks/file.yml b/roles/ands_kaas/tasks/file.yml index 488823b..393fe08 100644 --- a/roles/ands_kaas/tasks/file.yml +++ b/roles/ands_kaas/tasks/file.yml @@ -21,3 +21,12 @@ owner: "{{ owner }}" group: "{{ group }}" state: "{{ file.state | default('directory') }}" + + +- name: "Setting selinux context in {{ path }}" + sefcontext: target="{{ hostpath }}" setype="svirt_sandbox_file_t" state="present" reload="yes" + when: voltype[0] == "host" + +- name: "Apply selinux context in {{ path }}" + shell: restorecon "{{ hostpath }}" + when: voltype[0] == "host" diff --git a/roles/ands_kaas/tasks/main.yml b/roles/ands_kaas/tasks/main.yml index 85110cb..f1cff02 100644 --- a/roles/ands_kaas/tasks/main.yml +++ b/roles/ands_kaas/tasks/main.yml @@ -2,11 +2,11 @@ - name: Provision OpenShift resources & configurations # include_tasks: only_templates.yml include_tasks: project.yml - run_once: true -# delegate_to: "{{ groups.masters[0] }}" + run_once: "{{ do_subrole in [ 'project', 'apps' ] }}" with_items: "{{ (kaas_single_project is defined) | ternary([kaas_single_project], kaas_projects) }}" loop_control: loop_var: kaas_project vars: + do_subrole: "{{ subrole | default('project') }}" kaas_template_path: "{{ kaas_template_root }}/{{ kaas_project }}" kaas_project_path: "{{playbook_dir}}/projects/{{ kaas_project }}" diff --git a/roles/ands_kaas/tasks/project.yml b/roles/ands_kaas/tasks/project.yml index b8574cf..ecb2035 100644 --- a/roles/ands_kaas/tasks/project.yml +++ b/roles/ands_kaas/tasks/project.yml @@ -18,6 +18,33 @@ var_name: "var_{{kaas_project}}_config" when: hostvars[inventory_hostname][var_name] is not defined + +- name: Get information about block volumes + delegate_to: "{{ groups.masters[0] }}" + shell: gluster-block info {{ item.value.volume }}/{{ item.key }} | grep -oP '^GBID:\s*\K.*' + register: iqn_info + with_dict: "{{ kaas_block_volumes }}" + when: item.value.project == kaas_project + +- name: Get information about block volumes + delegate_to: "{{ groups.masters[0] }}" + shell: gluster-block info {{ item.value.volume }}/{{ item.key }} | grep -oP '^EXPORTED NODE.*:\s*\K.*' | tr ' ' '\n' + register: portal_info + with_dict: "{{ kaas_block_volumes }}" + when: item.value.project == kaas_project + + +- set_fact: + kaas_block_iqn: "{{ {} }}" + kaas_block_portals: "{{ {} }}" + +- set_fact: "kaas_block_iqn={{ kaas_block_iqn | combine({item.item.key: item.stdout}) }}" + with_items: "{{ iqn_info.results }}" + +- set_fact: "kaas_block_portals={{ kaas_block_portals | combine({item.item.key: item.stdout_lines}) }}" + with_items: "{{ portal_info.results }}" + + #- debug: msg="{{kaas_project_path}}" #- debug: # msg="{{kaas_project_config}}" @@ -25,11 +52,14 @@ # var_name: "var_{{kaas_project}}_config" # kaas_project_config: "{{hostvars[inventory_hostname][var_name]}}" -- include_tasks: do_project.yml +- include_tasks: "do_{{ do_subrole | default('project') }}.yml" vars: var_name: "var_{{kaas_project}}_config" kaas_project_config: "{{ hostvars[inventory_hostname][var_name] }}" kaas_project_volumes: "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}" kaas_project_pods: "{{ kaas_project_config.pods | default({}) }}" + kaas_project_apps: "{{ kaas_project_config.apps | default([]) }}" kaas_project_gids: "{{ kaas_project_config.gids | default(kaas_openshift_gids) }}" kaas_project_uids: "{{ kaas_project_config.uids | default(kaas_openshift_uids) }}" + kaas_blockvol_info: "{{ block_info }}" + \ No newline at end of file diff --git a/roles/ands_kaas/tasks/template.yml b/roles/ands_kaas/tasks/template.yml index 6c90b3d..418331a 100644 --- a/roles/ands_kaas/tasks/template.yml +++ b/roles/ands_kaas/tasks/template.yml @@ -1,6 +1,9 @@ - name: "Populate template {{ tmpl_name }}" - template: src="{{ item }}" dest="{{ kaas_template_path }}/{{ item | basename | regex_replace('\.j2','') }}" owner=root group=root mode="0644" + template: src="{{ item }}" dest="{{ kaas_template_path }}/{{ dest_name }}" owner=root group=root mode="0644" register: result + vars: + default_name: "{{ item | basename | regex_replace('\\.j2','') }}" + dest_name: "{{ (name is defined) | ternary ( (name | default('')) + '.yml', default_name ) }}" with_first_found: - paths: - "{{ role_path }}/templates/" @@ -10,8 +13,12 @@ - name: "Configure KaaS resources defined in {{ tmpl_name }}" include_role: name="openshift_resource" + when: instantiate == true vars: template: "{{ tmpl_name | basename | regex_replace('\\.j2','') }}" template_path: "{{ kaas_template_path }}" project: "{{ kaas_project }}" recreate: "{{ result | changed | ternary (true, false) }}" + +# alternatively load template +# TODO diff --git a/roles/ands_kaas/tasks/templates.yml b/roles/ands_kaas/tasks/templates.yml index 9fc378f..4417cf3 100644 --- a/roles/ands_kaas/tasks/templates.yml +++ b/roles/ands_kaas/tasks/templates.yml @@ -19,6 +19,11 @@ with_items: "{{ sorted_tmpl }}" vars: sorted_tmpl: "{{ (results.results[0] is defined) | ternary (results | json_query('results[*].stdout_lines') | sum(start=[]) | map('basename') | sort | unique, []) }}" + instantiate: true + load: false + pods: "{{ kaas_project_pods }}" loop_control: loop_var: tmpl_name + + diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml index 783654a..2c695f2 100644 --- a/roles/ands_kaas/tasks/volume.yml +++ b/roles/ands_kaas/tasks/volume.yml @@ -2,6 +2,9 @@ - name: "Configure {{ name }} fact" set_fact: "kaas_{{ name }}_path={{ path }}" +- name: "Configure {{ name }} fact" + set_fact: "kaas_{{ name }}_hostpath={{ hostpath }}" + - name: "Ensure {{ path }} exists" file: path: "{{ path }}" @@ -41,5 +44,16 @@ - mkdir | changed - chmod | skipped +- name: "Setting SELinux context for non standard locations" + sefcontext: target="{{ hostpath }}" setype="svirt_sandbox_file_t" state="present" reload="yes" + when: + - mkdir | changed + - chmod | skipped + - voltype[0] == "host" - +- name: "Apply SELinux context for non standard locations" + shell: restorecon "{{ hostpath }}" + when: + - mkdir | changed + - chmod | skipped + - voltype[0] == "host" -- cgit v1.2.3