diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | openshift-ansible.spec | 14 | ||||
| -rw-r--r-- | playbooks/common/openshift-master/scaleup.yml | 2 | ||||
| -rw-r--r-- | playbooks/common/openshift-node/config.yml | 2 | ||||
| -rw-r--r-- | roles/etcd_common/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/flannel/tasks/main.yml | 19 | ||||
| -rw-r--r-- | roles/openshift_master/handlers/main.yml | 2 | ||||
| -rw-r--r-- | roles/openshift_metrics/handlers/main.yml | 2 | ||||
| -rw-r--r-- | roles/openshift_node/tasks/systemd_units.yml | 19 | ||||
| -rw-r--r-- | roles/openshift_node/templates/openvswitch-avoid-oom.conf | 3 | ||||
| -rw-r--r-- | utils/src/ooinstall/cli_installer.py | 77 | ||||
| -rw-r--r-- | utils/src/ooinstall/oo_config.py | 4 |
12 files changed, 111 insertions, 37 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 5cab6c846..1a1d3cabe 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.4.15-1 ./ +3.4.16-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 11ef1ae0d..6d8132740 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.4.15 +Version: 3.4.16 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -249,6 +249,18 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 02 2016 Scott Dodson <sdodson@redhat.com> 3.4.16-1 +- Fix HA environments incorrectly detecting mixed installed environments + (tbielawa@redhat.com) +- Deploy an OOM systemd override for openvswitch. (dgoodwin@redhat.com) +- Only restart dnsmasq if the DNS servers have changed (tbielawa@redhat.com) +- Update installation summary for etcd members (smunilla@redhat.com) +- Fix changed_when (sdodson@redhat.com) +- add io labels (tdawson@redhat.com) +- Touch all ini_file files before using them (sdodson@redhat.com) +- Remove commit offset strings from parsed versions (tbielawa@redhat.com) +- Update variant_version (smunilla@redhat.com) + * Mon Oct 31 2016 Troy Dawson <tdawson@redhat.com> 3.4.15-1 - Bump documented openshift_release for 1.4/3.4. (dgoodwin@redhat.com) - Add requirements, fix a small formatting issue. diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml index 56ed09e1b..18e5c665f 100644 --- a/playbooks/common/openshift-master/scaleup.yml +++ b/playbooks/common/openshift-master/scaleup.yml @@ -33,7 +33,7 @@ service: name={{ openshift.common.service_type }}-master-controllers state=restarted - name: verify api server command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 5191662f7..4824eeef3 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -165,7 +165,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml index 1ff1d6ef8..93633e3e6 100644 --- a/roles/etcd_common/defaults/main.yml +++ b/roles/etcd_common/defaults/main.yml @@ -25,7 +25,7 @@ etcd_ca_new_certs_dir: "{{ etcd_ca_dir }}/certs" etcd_ca_db: "{{ etcd_ca_dir }}/index.txt" etcd_ca_serial: "{{ etcd_ca_dir }}/serial" etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber" -etcd_ca_default_days: 365 +etcd_ca_default_days: 1825 # etcd server & certificate vars etcd_hostname: "{{ inventory_hostname }}" diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 6b6dfb423..d41eb0de8 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -4,21 +4,18 @@ action: "{{ ansible_pkg_mgr }} name=flannel state=present" when: not openshift.common.is_containerized | bool -- name: Set flannel etcd url +- name: Set flannel etcd options become: yes lineinfile: dest: /etc/sysconfig/flanneld backrefs: yes - regexp: "^(FLANNEL_ETCD=)" - line: '\1{{ etcd_hosts|join(",") }}' - -- name: Set flannel etcd key - become: yes - lineinfile: - dest: /etc/sysconfig/flanneld - backrefs: yes - regexp: "^(FLANNEL_ETCD_KEY=)" - line: '\1{{ flannel_etcd_key }}' + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + with_items: + - { regexp: "^(FLANNEL_ETCD=)", line: '\1{{ etcd_hosts|join(",") }}' } + - { regexp: "^(FLANNEL_ETCD_ENDPOINTS=)", line: '\1{{ etcd_hosts|join(",") }}' } + - { regexp: "^(FLANNEL_ETCD_KEY=)", line: '\1{{ flannel_etcd_key }}' } + - { regexp: "^(FLANNEL_ETCD_KEY_PREFIX=)", line: '\1{{ flannel_etcd_key }}' } - name: Set flannel options become: yes diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 913f3b0ae..e119db1a2 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -17,7 +17,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/roles/openshift_metrics/handlers/main.yml b/roles/openshift_metrics/handlers/main.yml index 913f3b0ae..e119db1a2 100644 --- a/roles/openshift_metrics/handlers/main.yml +++ b/roles/openshift_metrics/handlers/main.yml @@ -17,7 +17,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 27c9b48f0..f722a6e69 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -24,11 +24,26 @@ notify: - restart openvswitch +# May be a temporary workaround. +# https://bugzilla.redhat.com/show_bug.cgi?id=1331590 +- name: Create OpenvSwitch service.d directory + file: path=/etc/systemd/system/openvswitch.service.d/ state=directory + when: openshift.common.use_openshift_sdn | default(true) | bool + +- name: Install OpenvSwitch service OOM fix + template: + dest: "/etc/systemd/system/openvswitch.service.d/01-avoid-oom.conf" + src: openvswitch-avoid-oom.conf + when: openshift.common.use_openshift_sdn | default(true) | bool + register: install_oom_fix_result + notify: + - restart openvswitch + - name: Install OpenvSwitch docker service file template: dest: "/etc/systemd/system/openvswitch.service" src: openvswitch.docker.service - when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | default(true) | bool notify: - restart openvswitch @@ -67,6 +82,6 @@ - name: Reload systemd units command: systemctl daemon-reload - when: openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed) + when: (openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed)) or install_oom_fix_result | changed notify: - restart node diff --git a/roles/openshift_node/templates/openvswitch-avoid-oom.conf b/roles/openshift_node/templates/openvswitch-avoid-oom.conf new file mode 100644 index 000000000..3229bc56b --- /dev/null +++ b/roles/openshift_node/templates/openvswitch-avoid-oom.conf @@ -0,0 +1,3 @@ +# Avoid the OOM killer for openvswitch and it's children: +[Service] +OOMScoreAdjust=-1000 diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 7c7770207..286e50f64 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -43,6 +43,16 @@ UPGRADE_MAPPINGS = { 'major_playbook': 'v3_3/upgrade.yml', 'major_version': '3.3', }, + '3.3': { + 'minor_version': '3.3', + 'minor_playbook': 'v3_3/upgrade.yml', + 'major_playbook': 'v3_4/upgrade.yml', + 'major_version': '3.4', + }, + '3.4': { + 'minor_version': '3.4', + 'minor_playbook': 'v3_4/upgrade.yml', + }, } @@ -108,11 +118,6 @@ a high-availability (HA) deployment. If you choose an HA deployment, then you are prompted to identify a *separate* system to act as the load balancer for your cluster once you define all masters and nodes. -If only one master is specified, an etcd instance is embedded within the -OpenShift master service to use as the datastore. This can be later replaced -with a separate etcd instance, if required. If multiple masters are specified, -then a separate etcd cluster is configured with each master serving as a member. - Any masters configured as part of this installation process are also configured as nodes. This enables the master to proxy to pods from the API. By default, this node is unschedulable, but this can be changed @@ -170,10 +175,13 @@ http://docs.openshift.com/enterprise/latest/architecture/infrastructure_componen if masters_set or num_masters != 2: more_hosts = click.confirm('Do you want to add additional hosts?') - master_lb = collect_master_lb(hosts) - if master_lb: - hosts.append(master_lb) - roles.add('master_lb') + if num_masters > 2: + master_lb = collect_master_lb(hosts) + if master_lb: + hosts.append(master_lb) + roles.add('master_lb') + else: + set_cluster_hostname(oo_cfg) if not existing_env: collect_storage_host(hosts) @@ -253,11 +261,8 @@ def print_host_summary(all_hosts, host): click.echo(" - Load Balancer (Preconfigured)") else: click.echo(" - Load Balancer (HAProxy)") - if host.is_master(): - if host.is_etcd_member(all_hosts): - click.echo(" - Etcd Member") - else: - click.echo(" - Etcd (Embedded)") + if host.is_etcd(): + click.echo(" - Etcd") if host.is_storage(): click.echo(" - Storage") if host.new_host: @@ -300,8 +305,7 @@ hostname. return hostname lb_hostname = click.prompt('Enter hostname or IP address', - value_proc=validate_prompt_lb, - default='') + value_proc=validate_prompt_lb) if lb_hostname: host_props['connect_to'] = lb_hostname install_haproxy = \ @@ -313,6 +317,22 @@ hostname. return None +def set_cluster_hostname(oo_cfg): + message = """ +You have chosen to install a single master cluster (non-HA). + +In a single master cluster, the cluster host name (Ansible variable openshift_master_cluster_public_hostname) is set by default to the host name of the single master. In a multiple master (HA) cluster, the FQDN of a host must be provided that will be configured as a proxy. This could be either an existing load balancer configured to balance all masters on +port 8443 or a new host that would have HAProxy installed on it. + +(Optional) +If you want to override the cluster host name now to something other than the default (the host name of the single master), or if you think you might add masters later to become an HA cluster and want to future proof your cluster host name choice, please provide a FQDN. Otherwise, press ENTER to continue and accept the default. +""" + click.echo(message) + cluster_hostname = click.prompt('Enter hostname or IP address', + default='') + oo_cfg.deployment.variables['openshift_master_cluster_hostname'] = cluster_hostname + + def collect_storage_host(hosts): """ Get a valid host for storage from the user and append it to the list of @@ -683,8 +703,10 @@ def get_installed_hosts(hosts, callback_facts): for host in [h for h in hosts if h.is_master() or h.is_node()]: if host.connect_to in callback_facts.keys(): if is_installed_host(host, callback_facts): + INSTALLER_LOG.debug("%s is already installed", str(host)) installed_hosts.append(host) else: + INSTALLER_LOG.debug("%s is not installed", str(host)) uninstalled_hosts.append(host) return installed_hosts, uninstalled_hosts @@ -717,6 +739,17 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): installed_hosts, uninstalled_hosts = get_installed_hosts(oo_cfg.deployment.hosts, callback_facts) nodes = [host for host in oo_cfg.deployment.hosts if host.is_node()] + not_balancers = [host for host in oo_cfg.deployment.hosts if not host.is_master_lb()] + + in_hosts = [str(h) for h in installed_hosts] + un_hosts = [str(h) for h in uninstalled_hosts] + all_hosts = [str(h) for h in oo_cfg.deployment.hosts] + no_bals = [str(h) for h in not_balancers] + + INSTALLER_LOG.debug("installed hosts: %s", ", ".join(in_hosts)) + INSTALLER_LOG.debug("uninstalled hosts: %s", ", ".join(un_hosts)) + INSTALLER_LOG.debug("deployment hosts: %s", ", ".join(all_hosts)) + INSTALLER_LOG.debug("not balancers: %s", ", ".join(no_bals)) # Case (1): All uninstalled hosts if len(uninstalled_hosts) == len(nodes): @@ -724,7 +757,7 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): hosts_to_run_on = list(oo_cfg.deployment.hosts) else: # Case (2): All installed hosts - if len(installed_hosts) == len(list(oo_cfg.deployment.hosts)): + if len(installed_hosts) == len(not_balancers): message = """ All specified hosts in specified environment are installed. """ @@ -735,6 +768,16 @@ A mix of installed and uninstalled hosts have been detected in your environment. Please make sure your environment was installed successfully before adding new nodes. """ + # Still inside the case 2/3 else condition + mixed_msg = """ +\tInstalled hosts: +\t\t{inst_hosts} + +\tUninstalled hosts: +\t\t{uninst_hosts}""".format(inst_hosts=", ".join(in_hosts), uninst_hosts=", ".join(un_hosts)) + click.echo(mixed_msg) + + # Out of the case 2/3 if/else click.echo(message) if not unattended: diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index e6bff7133..64eb340f3 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -120,6 +120,10 @@ class Host(object): def is_storage(self): return 'storage' in self.roles + def is_etcd(self): + """ Does this host have the etcd role """ + return 'etcd' in self.roles + def is_etcd_member(self, all_hosts): """ Will this host be a member of a standalone etcd cluster. """ if not self.is_master(): |