summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBogdan Dobrelya <bdobreli@redhat.com>2017-06-29 17:59:22 +0200
committerBogdan Dobrelya <bdobreli@redhat.com>2017-06-30 14:11:01 +0200
commitb28d6d787fbdc6f242aff77830a85693c148faa7 (patch)
tree22cabf61e09f0204ced7484178da940f3e77dc2c
parentb699e06f99486a8fb6a086ca6b16b61a01425981 (diff)
downloadopenshift-b28d6d787fbdc6f242aff77830a85693c148faa7.tar.gz
openshift-b28d6d787fbdc6f242aff77830a85693c148faa7.tar.bz2
openshift-b28d6d787fbdc6f242aff77830a85693c148faa7.tar.xz
openshift-b28d6d787fbdc6f242aff77830a85693c148faa7.zip
Manage packages to install/update for openstack provider
Allow required packages and yum update all steps to be optionally disabled. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
-rw-r--r--playbooks/provisioning/openstack/README.md10
-rw-r--r--roles/openshift-prep/defaults/main.yml11
-rw-r--r--roles/openshift-prep/tasks/prerequisites.yml13
3 files changed, 25 insertions, 9 deletions
diff --git a/playbooks/provisioning/openstack/README.md b/playbooks/provisioning/openstack/README.md
index 57b72c7f3..43e5e4878 100644
--- a/playbooks/provisioning/openstack/README.md
+++ b/playbooks/provisioning/openstack/README.md
@@ -76,6 +76,10 @@ stacks. Set it to true, if you experience issues with sec group rules
quotas. It trades security for number of rules, by sharing the same set
of firewall rules for master, node, etcd and infra nodes.
+The `required_packages` variable also provides a list of the additional
+prerequisite packages to be installed before to deploy an OpenShift cluster.
+Those are ignored though, if the `manage_packages: False`.
+
#### Security notes
Configure required `*_ingress_cidr` variables to restrict public access
@@ -87,6 +91,12 @@ nodes' ephemeral ports range.
Note, the command ``curl https://api.ipify.org`` helps fiding an external
IP address of your box (the ansible admin node).
+There is also the `manage_packages` variable (defaults to True) you
+may want to turn off in order to speed up the provisioning tasks. This may
+be the case for development environments. When turned off, the servers will
+be provisioned omitting the ``yum update`` command. This brings security
+implications though, and is not recommended for production deployments.
+
### Update the DNS names in `inventory/hosts`
The different server groups are currently grouped by the domain name,
diff --git a/roles/openshift-prep/defaults/main.yml b/roles/openshift-prep/defaults/main.yml
new file mode 100644
index 000000000..fac25dcc1
--- /dev/null
+++ b/roles/openshift-prep/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+# Defines either to install required packages and update all
+manage_packages: true
+required_packages:
+ - wget
+ - git
+ - net-tools
+ - bind-utils
+ - bridge-utils
+ - bash-completion
+ - vim-enhanced
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
index 60507636f..433c1c4e3 100644
--- a/roles/openshift-prep/tasks/prerequisites.yml
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -6,19 +6,14 @@
yum:
name: "{{ item }}"
state: latest
- with_items:
- - wget
- - git
- - net-tools
- - bind-utils
- - bridge-utils
- - bash-completion
- - vim-enhanced
+ with_items: "{{ required_packages }}"
+ when: manage_packages|bool
- name: "Update all packages (this can take a very long time)"
yum:
- name: "*"
+ name: '*'
state: latest
+ when: manage_packages|bool
- name: "Verify hostname"
shell: hostnamectl status | awk "/Static hostname/"'{ print $3 }'