diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rwxr-xr-x | cluster.sh | 48 | ||||
| -rw-r--r-- | filter_plugins/oo_filters.py | 15 | ||||
| -rw-r--r-- | lib/ansible_helper.rb | 7 | ||||
| -rw-r--r-- | lib/aws_command.rb | 2 | ||||
| -rw-r--r-- | lib/gce_command.rb | 3 | ||||
| -rw-r--r-- | playbooks/aws/os2-atomic-proxy/launch.yml | 32 | ||||
| -rw-r--r-- | playbooks/aws/os2-atomic-proxy/vars.stg.yml | 7 | ||||
| -rw-r--r-- | roles/atomic_base/tasks/bash.yml | 13 | ||||
| -rw-r--r-- | roles/atomic_base/tasks/ostree.yml | 18 | ||||
| -rw-r--r-- | roles/atomic_proxy/tasks/setup_puppet.yml | 36 | ||||
| -rw-r--r-- | roles/base_os/tasks/main.yaml | 25 | ||||
| -rw-r--r-- | roles/kubernetes_apiserver/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/kubernetes_kubelet/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/kubernetes_proxy/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/openshift_master/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/openshift_minion/tasks/main.yml | 8 | ||||
| -rw-r--r-- | roles/repos/tasks/main.yaml | 11 |
18 files changed, 155 insertions, 104 deletions
@@ -8,7 +8,7 @@ Setup - Install base dependencies: - Fedora: ``` - yum install -y ansible rubygem-thor rubygem-parseconfig + yum install -y ansible rubygem-thor rubygem-parseconfig util-linux ``` - Setup for a specific cloud: diff --git a/cluster.sh b/cluster.sh index bd70a3a13..97b957a57 100755 --- a/cluster.sh +++ b/cluster.sh @@ -13,9 +13,10 @@ fi UPPER_CASE_PROVIDER=$(echo $PROVIDER | tr '[:lower:]' '[:upper:]') -# FIXME: Add options -MASTER_PLAYBOOK=openshift-master -MINION_PLAYBOOK=openshift-minion +# Use OO_MASTER_PLAYBOOK/OO_MINION_PLAYBOOK environment variables for playbooks if defined, +# otherwise use openshift default values. +MASTER_PLAYBOOK=${OO_MASTER_PLAYBOOK:-'openshift-master'} +MINION_PLAYBOOK=${OO_MINION_PLAYBOOK:-'openshift-minion'} # @formatter:off @@ -24,7 +25,14 @@ function usage { ${0} : [create|terminate|update|list] { ${UPPER_CASE_PROVIDER} environment tag} Supported environment tags: - $(grep 'SUPPORTED_ENVS.*=' ./lib/${PROVIDER}_command.rb) + $(grep --no-messages 'SUPPORTED_ENVS.*=' ./lib/${PROVIDER}_command.rb) + $([ $? -ne 0 ] && echo "No supported environment tags found for ${PROVIDER}") + + Optional arguments for create: + [-p|--provider, -m|--masters, -n|--minions, --master-playbook, --minion-playbook] + + Optional arguments for terminate|update: + [-p|--provider, --master-playbook, --minion-playbook] EOT } # @formatter:on @@ -51,16 +59,32 @@ function terminate_cluster { [ -f ./cloud.rb ] || (echo 1>&2 'Cannot find ./cloud.rb' && exit 1) -while getopts ':p:m:n:' flag; do - case "${flag}" in - p) PROVIDER="${OPTARG}" ;; - m) MASTERS="${OPTARG}" ;; - n) MINIONS="${OPTARG}" ;; - *) echo -e 2>&1 "unsupported option $OPTARG\n" - usage - exit 1 ;; +function check_argval { + if [[ $1 == -* ]]; then + echo "Invalid value: '$1'" + usage + exit 1 + fi +} + +# Using GNU getopt to support both small and long formats +OPTIONS=`getopt -o p:m:n:h --long provider:,masters:,minions:,master-playbook:,minion-playbook:,help \ + -n "$0" -- "$@"` +eval set -- "$OPTIONS" + +while true; do + case "$1" in + -h|--help) (usage; exit 1) ; shift ;; + -p|--provider) PROVIDER="$2" ; check_argval $2 ; shift 2 ;; + -m|--masters) MASTERS="$2" ; check_argval $2 ; shift 2 ;; + -n|--minions) MINIONS="$2" ; check_argval $2 ; shift 2 ;; + --master-playbook) MASTER_PLAYBOOK="$2" ; check_argval $2 ; shift 2 ;; + --minion-playbook) MINION_PLAYBOOK="$2" ; check_argval $2 ; shift 2 ;; + --) shift ; break ;; + *) break ;; esac done + shift $((OPTIND-1)) [ -z "${1:-}" ] && (usage; exit 1) diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 703506b88..b57056375 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -31,10 +31,16 @@ def get_attr(data, attribute=None): return ptr -def oo_collect(data, attribute=None): +def oo_collect(data, attribute=None, filters={}): ''' This takes a list of dict and collects all attributes specified into a list - Ex: data = [ {'a':1,'b':5}, {'a':2}, {'a':3} ] + If filter is specified then we will include all items that match _ALL_ of filters. + Ex: data = [ {'a':1, 'b':5, 'z': 'z'}, # True, return + {'a':2, 'z': 'z'}, # True, return + {'a':3, 'z': 'z'}, # True, return + {'a':4, 'z': 'b'}, # FAILED, obj['z'] != obj['z'] + ] attribute = 'a' + filters = {'z': 'z'} returns [1, 2, 3] ''' @@ -44,7 +50,10 @@ def oo_collect(data, attribute=None): if not attribute: raise errors.AnsibleFilterError("|failed expects attribute to be set") - retval = [get_attr(d, attribute) for d in data] + if filters: + retval = [get_attr(d, attribute) for d in data if all([ d[key] == filters[key] for key in filters ]) ] + else: + retval = [get_attr(d, attribute) for d in data] return retval diff --git a/lib/ansible_helper.rb b/lib/ansible_helper.rb index 080c9d00b..395bb51a8 100644 --- a/lib/ansible_helper.rb +++ b/lib/ansible_helper.rb @@ -89,13 +89,6 @@ extra_vars: #{@extra_vars.to_json} ah.inventory = 'inventory/aws/ec2.py' return ah end - - - def ignore_bug_6407 - puts - puts %q[ .---- Spurious warning "It is unnecessary to use '{{' in loops" (ansible bug 6407) ----.] - puts %q[ V V] - end end end end diff --git a/lib/aws_command.rb b/lib/aws_command.rb index 288a539a1..1c3efc91c 100644 --- a/lib/aws_command.rb +++ b/lib/aws_command.rb @@ -42,7 +42,6 @@ module OpenShift puts puts "Creating #{options[:count]} #{options[:type]} instance(s) in AWS..." - ah.ignore_bug_6407 # Make sure we're completely up to date before launching clear_cache() @@ -91,7 +90,6 @@ module OpenShift puts puts "Configuring #{options[:type]} instance(s) in AWS..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/aws/#{host_type}/config.yml") end diff --git a/lib/gce_command.rb b/lib/gce_command.rb index 8be8fb357..54dbf29ba 100644 --- a/lib/gce_command.rb +++ b/lib/gce_command.rb @@ -43,7 +43,6 @@ module OpenShift puts puts "Creating #{options[:count]} #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{options[:type]}/launch.yml") end @@ -80,7 +79,6 @@ module OpenShift puts puts "Configuring #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{host_type}/config.yml") end @@ -118,7 +116,6 @@ module OpenShift puts puts "Terminating #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{host_type}/terminate.yml") end diff --git a/playbooks/aws/os2-atomic-proxy/launch.yml b/playbooks/aws/os2-atomic-proxy/launch.yml index 23bf67bb7..fd6b0f39a 100644 --- a/playbooks/aws/os2-atomic-proxy/launch.yml +++ b/playbooks/aws/os2-atomic-proxy/launch.yml @@ -8,12 +8,35 @@ inst_region: us-east-1 atomic_ami: ami-8e239fe6 user_data_file: user_data.txt + oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files + oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files vars_files: - vars.yml + - "vars.{{ oo_env }}.yml" tasks: - - name: Launch instances + - name: Launch instances in VPC + ec2: + state: present + region: "{{ inst_region }}" + keypair: mmcgrath_libra + group_id: "{{ oo_security_group_ids }}" + instance_type: m3.large + image: "{{ atomic_ami }}" + count: "{{ oo_new_inst_names | oo_len }}" + user_data: "{{ lookup('file', user_data_file) }}" + wait: yes + assign_public_ip: "{{ oo_assign_public_ip }}" + vpc_subnet_id: "{{ oo_vpc_subnet_id }}" + when: oo_vpc_subnet_id + register: ec2_vpc + + - set_fact: + ec2: "{{ ec2_vpc }}" + when: oo_vpc_subnet_id + + - name: Launch instances in Classic ec2: state: present region: "{{ inst_region }}" @@ -24,7 +47,12 @@ count: "{{ oo_new_inst_names | oo_len }}" user_data: "{{ lookup('file', user_data_file) }}" wait: yes - register: ec2 + when: not oo_vpc_subnet_id + register: ec2_classic + + - set_fact: + ec2: "{{ ec2_classic }}" + when: not oo_vpc_subnet_id - name: Add new instances public IPs to the atomic proxy host group add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances" diff --git a/playbooks/aws/os2-atomic-proxy/vars.stg.yml b/playbooks/aws/os2-atomic-proxy/vars.stg.yml index 8d994c2fc..1cecfc9b2 100644 --- a/playbooks/aws/os2-atomic-proxy/vars.stg.yml +++ b/playbooks/aws/os2-atomic-proxy/vars.stg.yml @@ -1,3 +1,10 @@ --- oo_env_long: staging oo_zabbix_hostgroups: ['STG Environment'] +oo_vpc_subnet_id: subnet-700bdd07 +oo_assign_public_ip: yes +oo_security_group_ids: + - sg-02c2f267 # Libra (vpc) + - sg-f0bfbe95 # stg (vpc) + - sg-a3bfbec6 # stg_proxy (vpc) + - sg-d4bfbeb1 # stg_proxy_atomic (vpc) diff --git a/roles/atomic_base/tasks/bash.yml b/roles/atomic_base/tasks/bash.yml index 6e577971a..547ae83c3 100644 --- a/roles/atomic_base/tasks/bash.yml +++ b/roles/atomic_base/tasks/bash.yml @@ -5,9 +5,10 @@ - name: Link to .profile to .bashrc file: src=/root/.bashrc dest=/root/.profile owner=root group=root state=link -- name: Setup Timezone [{{ oo_timezone }}] - file: > - src=/usr/share/zoneinfo/{{ oo_timezone }} - dest=/etc/localtime - owner=root - group=root state=link +- name: "Setup Timezone [{{ oo_timezone }}]" + file: + src: "/usr/share/zoneinfo/{{ oo_timezone }}" + dest: /etc/localtime + owner: root + group: root + state: link diff --git a/roles/atomic_base/tasks/ostree.yml b/roles/atomic_base/tasks/ostree.yml index b9d366f1b..aacaa5efd 100644 --- a/roles/atomic_base/tasks/ostree.yml +++ b/roles/atomic_base/tasks/ostree.yml @@ -1,18 +1,18 @@ --- - name: Copy ostree repo config - copy: > - src=ostree/repo_config - dest=/ostree/repo/config - owner=root - group=root - mode=0644 + copy: + src: ostree/repo_config + dest: /ostree/repo/config + owner: root + group: root + mode: 0644 - name: "WORK AROUND: Stat redhat repo file" stat: path=/etc/yum.repos.d/redhat.repo register: redhat_repo - name: "WORK AROUND: subscription manager failures" - file: > - path=/etc/yum.repos.d/redhat.repo - state=touch + file: + path: /etc/yum.repos.d/redhat.repo + state: touch when: redhat_repo.stat.exists == False diff --git a/roles/atomic_proxy/tasks/setup_puppet.yml b/roles/atomic_proxy/tasks/setup_puppet.yml index e711d06c1..7a599f06d 100644 --- a/roles/atomic_proxy/tasks/setup_puppet.yml +++ b/roles/atomic_proxy/tasks/setup_puppet.yml @@ -1,24 +1,24 @@ --- - name: make puppet conf dir - file: > - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet - mode=755 - owner=root - group=root - state=directory + file: + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet" + mode: 755 + owner: root + group: root + state: directory - name: upload puppet auth config - copy: > - src=puppet/auth.conf - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf - mode=0644 - owner=root - group=root + copy: + src: puppet/auth.conf + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf" + mode: 0644 + owner: root + group: root - name: upload puppet config - template: > - src=puppet/puppet.conf.j2 - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf - mode=0644 - owner=root - group=root + template: + src: puppet/puppet.conf.j2 + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf" + mode: 0644 + owner: root + group: root diff --git a/roles/base_os/tasks/main.yaml b/roles/base_os/tasks/main.yaml index ff8cfbe33..01d2898c5 100644 --- a/roles/base_os/tasks/main.yaml +++ b/roles/base_os/tasks/main.yaml @@ -2,25 +2,30 @@ # basic role, configures irbrc, vimrc - name: Ensure irbrc is installed for user root - copy: > - src=irbrc - dest=/root/.irbrc + copy: + src: irbrc + dest: /root/.irbrc - name: Ensure vimrc is installed for user root - copy: > - src=vimrc - dest=/root/.vimrc + copy: + src: vimrc + dest: /root/.vimrc - name: Ensure vimrc is installed for user root - copy: > - src=vimrc - dest=/root/.vimrc + copy: + src: vimrc + dest: /root/.vimrc - name: Install firewalld - yum: pkg=firewalld state=installed + yum: + pkg: firewalld + state: installed - name: enable firewalld service command: /usr/bin/systemctl enable firewalld.service - name: start firewalld service command: /usr/bin/systemctl start firewalld.service + +- name: need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail + pause: seconds=10 diff --git a/roles/kubernetes_apiserver/tasks/main.yml b/roles/kubernetes_apiserver/tasks/main.yml index 622ecd5ca..81fdbbb40 100644 --- a/roles/kubernetes_apiserver/tasks/main.yml +++ b/roles/kubernetes_apiserver/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes - name: Configure apiserver settings - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' } - { regex: '^KUBE_API_ADDRESS=', line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' } diff --git a/roles/kubernetes_kubelet/tasks/main.yml b/roles/kubernetes_kubelet/tasks/main.yml index 48eab7f84..b48c0039a 100644 --- a/roles/kubernetes_kubelet/tasks/main.yml +++ b/roles/kubernetes_kubelet/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes state=installed - name: Configure kubelet - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' } - { regex: '^KUBE_KUBELET_ADDRESS=', line: 'KUBE_KUBELET_ADDRESS=\"0.0.0.0\"' } diff --git a/roles/kubernetes_proxy/tasks/main.yml b/roles/kubernetes_proxy/tasks/main.yml index 901b5f3ad..407c9ab46 100644 --- a/roles/kubernetes_proxy/tasks/main.yml +++ b/roles/kubernetes_proxy/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes state=installed - name: Configure kubernetes-proxy etcd servers - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' } notify: diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 3cfb2dd7d..6826ef452 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,10 +8,10 @@ command: /usr/bin/hostname {{ oo_bind_ip }} - name: Configure OpenShift Master settings - lineinfile: > - dest=/etc/sysconfig/openshift - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/openshift + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^ROLE=', line: 'ROLE=\"master\"' } - { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }} --loglevel=5\"' } diff --git a/roles/openshift_minion/tasks/main.yml b/roles/openshift_minion/tasks/main.yml index e328eb5d5..3821277bc 100644 --- a/roles/openshift_minion/tasks/main.yml +++ b/roles/openshift_minion/tasks/main.yml @@ -8,10 +8,10 @@ command: /usr/bin/hostname {{ oo_bind_ip }} - name: Configure OpenShift Minion settings - lineinfile: > - dest=/etc/sysconfig/openshift - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/openshift + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^ROLE=', line: 'ROLE=\"node\"' } - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' } diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml index 48c123ab1..3b66bb392 100644 --- a/roles/repos/tasks/main.yaml +++ b/roles/repos/tasks/main.yaml @@ -1,16 +1,5 @@ --- # The following role lays down the correct repository and gpg key for yum - -#- name: Ensure oso rhui rhel 7 server repository exists in yum.repos.d -# copy: > -# src=oso-rhui-rhel-7-server.repo -# dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo -# -#- name: Ensure Red Hat GPG Key is in place for the previous repo -# copy: > -# src=RPM-GPG-KEY-redhat-release -# dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release - - name: Ensure rhel 7 libra candidate exists in yum.repos.d copy: src=rhel-7-libra-candidate.repo dest=/etc/yum.repos.d/rhel-7-libra-candidate.repo |