summaryrefslogtreecommitdiffstats
path: root/roles/static_inventory
diff options
context:
space:
mode:
authorBogdan Dobrelya <bdobreli@redhat.com>2017-07-12 13:09:45 +0200
committerBogdan Dobrelya <bdobreli@redhat.com>2017-07-25 17:41:15 +0200
commitdf8f5f0e251a014ab30dabd62c17e151b7fe36e8 (patch)
tree4c43dfdfefcc139249458606c9c4edefc1c38c32 /roles/static_inventory
parent677fd46cf37cab5f995170b3567939d784ebb07a (diff)
downloadopenshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.gz
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.bz2
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.tar.xz
openshift-df8f5f0e251a014ab30dabd62c17e151b7fe36e8.zip
Options for bastion, SSH config, static inventory autogeneration
* At the provisioning stage, allow users to auto-generate SSH config, when using a static inventory. * Run playbooks to provsion and post-provision as a separate, when using a bastion. This re-applies the SSH config, which ansible can't do on the fly. * Support a pre-installed bastion node, colocated with the 1st infra node. * With a bastion enabled, reduce floating IP footprint to infra and dns nodes only, effectively isolating a cluster in a private network. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Diffstat (limited to 'roles/static_inventory')
-rw-r--r--roles/static_inventory/tasks/openstack.yml7
-rw-r--r--roles/static_inventory/templates/inventory.j25
2 files changed, 4 insertions, 8 deletions
diff --git a/roles/static_inventory/tasks/openstack.yml b/roles/static_inventory/tasks/openstack.yml
index 95d0d172f..499adf08c 100644
--- a/roles/static_inventory/tasks/openstack.yml
+++ b/roles/static_inventory/tasks/openstack.yml
@@ -23,11 +23,9 @@
q2: "[] | [?metadata.clusterid=='{{stack_name}}'] | [?public_v4!='']"
when:
- refresh_inventory|bool
- - use_bastion|bool
- name: Add cluster nodes w/o floating IPs to inventory
- with_items: "{{ registered_nodes }}"
- when: not item in registered_nodes_floating
+ with_items: "{{ registered_nodes|difference(registered_nodes_floating) }}"
add_host:
name: '{{ item.name }}'
groups: '{{ item.metadata.group }}'
@@ -40,11 +38,10 @@
- name: Add cluster nodes with floating IPs to inventory
with_items: "{{ registered_nodes_floating }}"
- when: item in registered_nodes_floating
add_host:
name: '{{ item.name }}'
groups: '{{ item.metadata.group }}'
- ansible_host: "{% if use_bastion|bool %}{{ item.name }}{% else %}{{ item.private_v4 }}{% endif %}"
+ ansible_host: "{% if use_bastion|bool %}{{ item.name }}{% else %}{{ item.public_v4 }}{% endif %}"
ansible_fqdn: '{{ item.name }}'
ansible_user: '{{ ssh_user }}'
ansible_private_key_file: '{{ private_ssh_key }}'
diff --git a/roles/static_inventory/templates/inventory.j2 b/roles/static_inventory/templates/inventory.j2
index ac74db35c..24dc9d4a8 100644
--- a/roles/static_inventory/templates/inventory.j2
+++ b/roles/static_inventory/templates/inventory.j2
@@ -14,9 +14,8 @@
%} ansible_user={{ hostvars[host]['ansible_user'] }}{% endif %}
{% if 'ansible_private_key_file' in hostvars[host]
%} ansible_private_key_file={{ hostvars[host]['ansible_private_key_file'] }}{% endif %}
-{% if 'ansible_ssh_extra_args' in hostvars[host]
-%} ansible_ssh_extra_args={{ hostvars[host]['ansible_ssh_extra_args']|quote }}{% endif %}
- openshift_hostname={{ host }}
+{% if use_bastion|bool and 'ansible_ssh_extra_args' in hostvars[host]
+%} ansible_ssh_extra_args={{ hostvars[host]['ansible_ssh_extra_args']|quote }}{% endif %} openshift_hostname={{ host }}
{% endif %}
{% endfor %}