diff options
8 files changed, 525 insertions, 4 deletions
diff --git a/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-app-example.yaml b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-app-example.yaml new file mode 100644 index 000000000..14bdd1dca --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-app-example.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: cloudforms +spec: + capacity: + storage: 2Gi + accessModes: + - ReadWriteOnce + nfs: + path: /opt/nfs/volumes-app + server: 10.19.0.216 + persistentVolumeReclaimPolicy: Recycle diff --git a/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-example.yaml b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-example.yaml new file mode 100644 index 000000000..709d8d976 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-pv-example.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nfs-pv01 +spec: + capacity: + storage: 2Gi + accessModes: + - ReadWriteOnce + nfs: + path: /opt/nfs/volumes + server: 10.19.0.216 + persistentVolumeReclaimPolicy: Recycle diff --git a/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml new file mode 100644 index 000000000..c8e3d4083 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml @@ -0,0 +1,479 @@ +apiVersion: v1 +kind: Template +labels: + template: cloudforms +metadata: + name: cloudforms + annotations: + description: "CloudForms appliance with persistent storage" + tags: "instant-app,cloudforms,cfme" + iconClass: "icon-rails" +objects: +- apiVersion: v1 + kind: Service + metadata: + annotations: + description: "Exposes and load balances CloudForms pods" + service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]' + name: ${NAME} + spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + - name: https + port: 443 + protocol: TCP + targetPort: 443 + selector: + name: ${NAME} +- apiVersion: v1 + kind: Route + metadata: + name: ${NAME} + spec: + host: ${APPLICATION_DOMAIN} + port: + targetPort: https + tls: + termination: passthrough + to: + kind: Service + name: ${NAME} +- apiVersion: v1 + kind: ImageStream + metadata: + name: cfme-openshift-app + annotations: + description: "Keeps track of changes in the CloudForms app image" + spec: + dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-app +- apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: ${DATABASE_SERVICE_NAME} + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: ${DATABASE_VOLUME_CAPACITY} +- apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: ${NAME} + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: ${APPLICATION_VOLUME_CAPACITY} +- apiVersion: v1 + kind: "DeploymentConfig" + metadata: + name: ${NAME} + annotations: + description: "Defines how to deploy the CloudForms appliance" + spec: + template: + metadata: + labels: + name: ${NAME} + name: ${NAME} + spec: + volumes: + - + name: "cfme-app-volume" + persistentVolumeClaim: + claimName: ${NAME} + containers: + - image: cloudforms/cfme-openshift-app:${APPLICATION_IMG_TAG} + imagePullPolicy: IfNotPresent + name: cloudforms + livenessProbe: + httpGet: + path: / + port: 80 + initialDelaySeconds: 480 + timeoutSeconds: 3 + readinessProbe: + httpGet: + path: / + port: 80 + initialDelaySeconds: 200 + timeoutSeconds: 3 + ports: + - containerPort: 80 + protocol: TCP + - containerPort: 443 + protocol: TCP + securityContext: + privileged: true + volumeMounts: + - + name: "cfme-app-volume" + mountPath: "/persistent" + env: + - + name: "APPLICATION_INIT_DELAY" + value: "${APPLICATION_INIT_DELAY}" + - + name: "DATABASE_SERVICE_NAME" + value: "${DATABASE_SERVICE_NAME}" + - + name: "DATABASE_REGION" + value: "${DATABASE_REGION}" + - + name: "MEMCACHED_SERVICE_NAME" + value: "${MEMCACHED_SERVICE_NAME}" + - + name: "POSTGRESQL_USER" + value: "${DATABASE_USER}" + - + name: "POSTGRESQL_PASSWORD" + value: "${DATABASE_PASSWORD}" + - + name: "POSTGRESQL_DATABASE" + value: "${DATABASE_NAME}" + - + name: "POSTGRESQL_MAX_CONNECTIONS" + value: "${POSTGRESQL_MAX_CONNECTIONS}" + - + name: "POSTGRESQL_SHARED_BUFFERS" + value: "${POSTGRESQL_SHARED_BUFFERS}" + resources: + requests: + memory: "${MEMORY_APPLICATION_MIN}" + lifecycle: + preStop: + exec: + command: + - /opt/rh/cfme-container-scripts/sync-pv-data + replicas: 1 + selector: + name: ${NAME} + triggers: + - type: "ConfigChange" + - type: "ImageChange" + imageChangeParams: + automatic: false + containerNames: + - "cloudforms" + from: + kind: "ImageStreamTag" + name: "cfme-openshift-app:${APPLICATION_IMG_TAG}" + strategy: + type: "Recreate" + recreateParams: + timeoutSeconds: 1200 +- apiVersion: v1 + kind: "Service" + metadata: + name: "${MEMCACHED_SERVICE_NAME}" + annotations: + description: "Exposes the memcached server" + spec: + ports: + - + name: "memcached" + port: 11211 + targetPort: 11211 + selector: + name: "${MEMCACHED_SERVICE_NAME}" +- apiVersion: v1 + kind: ImageStream + metadata: + name: cfme-openshift-memcached + annotations: + description: "Keeps track of changes in the CloudForms memcached image" + spec: + dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-memcached +- apiVersion: v1 + kind: "DeploymentConfig" + metadata: + name: "${MEMCACHED_SERVICE_NAME}" + annotations: + description: "Defines how to deploy memcached" + spec: + strategy: + type: "Recreate" + triggers: + - + type: "ImageChange" + imageChangeParams: + automatic: false + containerNames: + - "memcached" + from: + kind: "ImageStreamTag" + name: "cfme-openshift-memcached:${MEMCACHED_IMG_TAG}" + - + type: "ConfigChange" + replicas: 1 + selector: + name: "${MEMCACHED_SERVICE_NAME}" + template: + metadata: + name: "${MEMCACHED_SERVICE_NAME}" + labels: + name: "${MEMCACHED_SERVICE_NAME}" + spec: + volumes: [] + containers: + - + name: "memcached" + image: "cloudforms/cfme-openshift-memcached:${MEMCACHED_IMG_TAG}" + ports: + - + containerPort: 11211 + readinessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 5 + tcpSocket: + port: 11211 + livenessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 30 + tcpSocket: + port: 11211 + volumeMounts: [] + env: + - + name: "MEMCACHED_MAX_MEMORY" + value: "${MEMCACHED_MAX_MEMORY}" + - + name: "MEMCACHED_MAX_CONNECTIONS" + value: "${MEMCACHED_MAX_CONNECTIONS}" + - + name: "MEMCACHED_SLAB_PAGE_SIZE" + value: "${MEMCACHED_SLAB_PAGE_SIZE}" + resources: + limits: + memory: "${MEMORY_MEMCACHED_LIMIT}" +- apiVersion: v1 + kind: "Service" + metadata: + name: "${DATABASE_SERVICE_NAME}" + annotations: + description: "Exposes the database server" + spec: + ports: + - + name: "postgresql" + port: 5432 + targetPort: 5432 + selector: + name: "${DATABASE_SERVICE_NAME}" +- apiVersion: v1 + kind: ImageStream + metadata: + name: cfme-openshift-postgresql + annotations: + description: "Keeps track of changes in the CloudForms postgresql image" + spec: + dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-postgresql +- apiVersion: v1 + kind: "DeploymentConfig" + metadata: + name: "${DATABASE_SERVICE_NAME}" + annotations: + description: "Defines how to deploy the database" + spec: + strategy: + type: "Recreate" + triggers: + - + type: "ImageChange" + imageChangeParams: + automatic: false + containerNames: + - "postgresql" + from: + kind: "ImageStreamTag" + name: "cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}" + - + type: "ConfigChange" + replicas: 1 + selector: + name: "${DATABASE_SERVICE_NAME}" + template: + metadata: + name: "${DATABASE_SERVICE_NAME}" + labels: + name: "${DATABASE_SERVICE_NAME}" + spec: + volumes: + - + name: "cfme-pgdb-volume" + persistentVolumeClaim: + claimName: ${DATABASE_SERVICE_NAME} + containers: + - + name: "postgresql" + image: "cloudforms/cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}" + ports: + - + containerPort: 5432 + readinessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 15 + exec: + command: + - "/bin/sh" + - "-i" + - "-c" + - "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'" + livenessProbe: + timeoutSeconds: 1 + initialDelaySeconds: 60 + tcpSocket: + port: 5432 + volumeMounts: + - + name: "cfme-pgdb-volume" + mountPath: "/var/lib/pgsql/data" + env: + - + name: "POSTGRESQL_USER" + value: "${DATABASE_USER}" + - + name: "POSTGRESQL_PASSWORD" + value: "${DATABASE_PASSWORD}" + - + name: "POSTGRESQL_DATABASE" + value: "${DATABASE_NAME}" + - + name: "POSTGRESQL_MAX_CONNECTIONS" + value: "${POSTGRESQL_MAX_CONNECTIONS}" + - + name: "POSTGRESQL_SHARED_BUFFERS" + value: "${POSTGRESQL_SHARED_BUFFERS}" + resources: + limits: + memory: "${MEMORY_POSTGRESQL_LIMIT}" + +parameters: + - + name: "NAME" + displayName: Name + required: true + description: "The name assigned to all of the frontend objects defined in this template." + value: cloudforms + - + name: "DATABASE_SERVICE_NAME" + displayName: "PostgreSQL Service Name" + required: true + description: "The name of the OpenShift Service exposed for the PostgreSQL container." + value: "postgresql" + - + name: "DATABASE_USER" + displayName: "PostgreSQL User" + required: true + description: "PostgreSQL user that will access the database." + value: "root" + - + name: "DATABASE_PASSWORD" + displayName: "PostgreSQL Password" + required: true + description: "Password for the PostgreSQL user." + value: "smartvm" + - + name: "DATABASE_NAME" + required: true + displayName: "PostgreSQL Database Name" + description: "Name of the PostgreSQL database accessed." + value: "vmdb_production" + - + name: "DATABASE_REGION" + required: true + displayName: "Application Database Region" + description: "Database region that will be used for application." + value: "0" + - + name: "MEMCACHED_SERVICE_NAME" + required: true + displayName: "Memcached Service Name" + description: "The name of the OpenShift Service exposed for the Memcached container." + value: "memcached" + - + name: "MEMCACHED_MAX_MEMORY" + displayName: "Memcached Max Memory" + description: "Memcached maximum memory for memcached object storage in MB." + value: "64" + - + name: "MEMCACHED_MAX_CONNECTIONS" + displayName: "Memcached Max Connections" + description: "Memcached maximum number of connections allowed." + value: "1024" + - + name: "MEMCACHED_SLAB_PAGE_SIZE" + displayName: "Memcached Slab Page Size" + description: "Memcached size of each slab page." + value: "1m" + - + name: "POSTGRESQL_MAX_CONNECTIONS" + displayName: "PostgreSQL Max Connections" + description: "PostgreSQL maximum number of database connections allowed." + value: "100" + - + name: "POSTGRESQL_SHARED_BUFFERS" + displayName: "PostgreSQL Shared Buffer Amount" + description: "Amount of memory dedicated for PostgreSQL shared memory buffers." + value: "64MB" + - + name: "MEMORY_APPLICATION_MIN" + displayName: "Application Memory Minimum" + required: true + description: "Minimum amount of memory the Application container will need." + value: "4096Mi" + - + name: "MEMORY_POSTGRESQL_LIMIT" + displayName: "PostgreSQL Memory Limit" + required: true + description: "Maximum amount of memory the PostgreSQL container can use." + value: "2048Mi" + - + name: "MEMORY_MEMCACHED_LIMIT" + displayName: "Memcached Memory Limit" + required: true + description: "Maximum amount of memory the Memcached container can use." + value: "256Mi" + - + name: "POSTGRESQL_IMG_TAG" + displayName: "PostgreSQL Image Tag" + description: "This is the PostgreSQL image tag/version requested to deploy." + value: "latest" + - + name: "MEMCACHED_IMG_TAG" + displayName: "Memcached Image Tag" + description: "This is the Memcached image tag/version requested to deploy." + value: "latest" + - + name: "APPLICATION_IMG_TAG" + displayName: "Application Image Tag" + description: "This is the Application image tag/version requested to deploy." + value: "latest" + - + name: "APPLICATION_DOMAIN" + displayName: "Application Hostname" + description: "The exposed hostname that will route to the application service, if left blank a value will be defaulted." + value: "" + - + name: "APPLICATION_INIT_DELAY" + displayName: "Application Init Delay" + required: true + description: "Delay in seconds before we attempt to initialize the application." + value: "30" + - + name: "APPLICATION_VOLUME_CAPACITY" + displayName: "Application Volume Capacity" + required: true + description: "Volume space available for application data." + value: "1Gi" + - + name: "DATABASE_VOLUME_CAPACITY" + displayName: "Database Volume Capacity" + required: true + description: "Volume space available for database." + value: "1Gi" diff --git a/roles/openshift_repos/templates/yum_repo.j2 b/roles/openshift_repos/templates/yum_repo.j2 index 2d9243545..0ec0045eb 100644 --- a/roles/openshift_repos/templates/yum_repo.j2 +++ b/roles/openshift_repos/templates/yum_repo.j2 @@ -2,9 +2,9 @@ [{{ repo.id }}] name={{ repo.name | default(repo.id) }} baseurl={{ repo.baseurl }} -{% set enable_repo = repo.enabled | default('1') %} +{% set enable_repo = repo.enabled | default(1,True) %} enabled={{ 1 if ( enable_repo == 1 or enable_repo == True ) else 0 }} -{% set enable_gpg_check = repo.gpgcheck | default('1') %} +{% set enable_gpg_check = repo.gpgcheck | default(1,True) %} gpgcheck={{ 1 if ( enable_gpg_check == 1 or enable_gpg_check == True ) else 0 }} {% for key, value in repo.iteritems() %} {% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined %} diff --git a/roles/openshift_storage_nfs_lvm/README.md b/roles/openshift_storage_nfs_lvm/README.md index 8b8471745..cc674d3fd 100644 --- a/roles/openshift_storage_nfs_lvm/README.md +++ b/roles/openshift_storage_nfs_lvm/README.md @@ -48,6 +48,13 @@ osnl_volume_num_start: 3 # How many volumes/partitions to build, with the size we stated. osnl_number_of_volumes: 2 +# osnl_volume_reclaim_policy +# Volume reclaim policy of a PersistentVolume tells the cluster +# what to do with the volume after it is released. +# +# Valid values are "Retain" or "Recycle" (default). +osnl_volume_reclaim_policy: "Recycle" + ``` ## Dependencies @@ -71,6 +78,7 @@ exported via NFS. json files are created in /root. osnl_volume_size: 5 osnl_volume_num_start: 3 osnl_number_of_volumes: 2 + osnl_volume_reclaim_policy: "Recycle" ## Full example @@ -96,6 +104,7 @@ exported via NFS. json files are created in /root. osnl_volume_size: 5 osnl_volume_num_start: 3 osnl_number_of_volumes: 2 + osnl_volume_reclaim_policy: "Recycle" * Run the playbook: ``` diff --git a/roles/openshift_storage_nfs_lvm/defaults/main.yml b/roles/openshift_storage_nfs_lvm/defaults/main.yml index f81cdc724..48352187c 100644 --- a/roles/openshift_storage_nfs_lvm/defaults/main.yml +++ b/roles/openshift_storage_nfs_lvm/defaults/main.yml @@ -8,3 +8,10 @@ osnl_mount_dir: /exports/openshift # Volume Group to use. osnl_volume_group: openshiftvg + +# Volume reclaim policy of a PersistentVolume tells the cluster +# what to do with the volume after it is released. +# +# Valid values are "Retain" or "Recycle". +# See https://docs.openshift.com/enterprise/3.0/architecture/additional_concepts/storage.html#pv-recycling-policy +osnl_volume_reclaim_policy: "Recycle" diff --git a/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 b/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 index 3c4d2f56c..19e150f7d 100644 --- a/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 +++ b/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 @@ -12,7 +12,7 @@ "storage": "{{ osnl_volume_size }}Gi" }, "accessModes": [ "ReadWriteOnce", "ReadWriteMany" ], - "persistentVolumeReclaimPolicy": "Recycle", + "persistentVolumeReclaimPolicy": "{{ osnl_volume_reclaim_policy }}", "nfs": { "Server": "{{ inventory_hostname }}", "Path": "{{ osnl_mount_dir }}/{{ item }}" diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 113aca0e1..ce6e54664 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -212,7 +212,7 @@ def write_host(host, role, inventory, schedulable=None): if installer_host in [host.connect_to, host.hostname, host.public_hostname]: facts += ' ansible_connection=local' if os.geteuid() != 0: - no_pwd_sudo = subprocess.call(['sudo', '-n', 'echo', 'openshift']) + no_pwd_sudo = subprocess.call(['sudo', '-n', 'echo', '-n']) if no_pwd_sudo == 1: print('The atomic-openshift-installer requires sudo access without a password.') sys.exit(1) |