diff options
| -rw-r--r-- | playbooks/aws/openshift-cluster/uninstall_elb.yml | 9 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/elb.yml | 24 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/elb_single.yml | 34 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/iam_cert.yml | 9 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/uninstall_elb.yml | 11 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/uninstall_iam_cert.yml | 25 | ||||
| -rw-r--r-- | roles/openshift_aws/tasks/vpc_and_subnet_id.yml | 8 |
7 files changed, 91 insertions, 29 deletions
diff --git a/playbooks/aws/openshift-cluster/uninstall_elb.yml b/playbooks/aws/openshift-cluster/uninstall_elb.yml new file mode 100644 index 000000000..c1b724f0c --- /dev/null +++ b/playbooks/aws/openshift-cluster/uninstall_elb.yml @@ -0,0 +1,9 @@ +--- +- name: Delete elb + hosts: localhost + connection: local + tasks: + - name: deprovision elb + include_role: + name: openshift_aws + tasks_from: uninstall_elb.yml diff --git a/roles/openshift_aws/tasks/elb.yml b/roles/openshift_aws/tasks/elb.yml index d8257cf31..3eb7b73b3 100644 --- a/roles/openshift_aws/tasks/elb.yml +++ b/roles/openshift_aws/tasks/elb.yml @@ -2,26 +2,8 @@ - name: "dump the elb listeners for {{ l_elb_dict_item.key }}" debug: msg: "{{ l_elb_dict_item.value }}" + verbosity: 1 -- name: "Create ELB {{ l_elb_dict_item.key }}" - ec2_elb_lb: - name: "{{ item.value.name }}" - state: present - cross_az_load_balancing: "{{ item.value.cross_az_load_balancing }}" - security_group_names: "{{ l_elb_security_groups[l_elb_dict_item.key] }}" - idle_timeout: "{{ item.value.idle_timout }}" - region: "{{ openshift_aws_region }}" - subnets: - - "{{ subnetout.subnets[0].id }}" - health_check: "{{ item.value.health_check }}" - listeners: "{{ item.value.listeners }}" - scheme: "{{ (item.key == 'internal') | ternary('internal','internet-facing') }}" - tags: "{{ item.value.tags }}" - wait: True - register: new_elb +- name: Create ELB(s) + include_tasks: elb_single.yml with_dict: "{{ l_elb_dict_item.value }}" - -- debug: - msg: "{{ item }}" - with_items: - - "{{ new_elb }}" diff --git a/roles/openshift_aws/tasks/elb_single.yml b/roles/openshift_aws/tasks/elb_single.yml new file mode 100644 index 000000000..864757549 --- /dev/null +++ b/roles/openshift_aws/tasks/elb_single.yml @@ -0,0 +1,34 @@ +--- +- name: "dump the elb listeners for {{ item.key }}" + debug: + msg: "{{ item.value }}" + verbosity: 1 + +- name: "Create ELB {{ item.value.name }}" + ec2_elb_lb: + name: "{{ item.value.name }}" + state: present + cross_az_load_balancing: "{{ item.value.cross_az_load_balancing }}" + security_group_names: "{{ l_elb_security_groups[l_elb_dict_item.key] }}" + idle_timeout: "{{ item.value.idle_timout }}" + region: "{{ openshift_aws_region }}" + subnets: + - "{{ subnetout.subnets[0].id }}" + health_check: "{{ item.value.health_check }}" + listeners: "{{ item.value.listeners }}" + scheme: "{{ (item.key == 'internal') | ternary('internal','internet-facing') }}" + tags: "{{ item.value.tags }}" + wait: True + register: new_elb + retries: 20 + delay: 5 + until: new_elb | succeeded + ignore_errors: yes + +- fail: + msg: "couldn't create ELB {{ item.value.name }}" + when: not new_elb | succeeded + +- debug: + msg: "{{ new_elb }}" + verbosity: 1 diff --git a/roles/openshift_aws/tasks/iam_cert.yml b/roles/openshift_aws/tasks/iam_cert.yml index f74a62b8b..42d7d951c 100644 --- a/roles/openshift_aws/tasks/iam_cert.yml +++ b/roles/openshift_aws/tasks/iam_cert.yml @@ -18,7 +18,9 @@ - openshift_aws_iam_cert_key_path != '' - openshift_aws_elb_cert_arn == '' -- debug: msg="{{ elb_cert_chain }}" +- debug: + msg: "{{ elb_cert_chain }}" + verbosity: 1 - name: set_fact openshift_aws_elb_cert_arn set_fact: @@ -28,8 +30,3 @@ - openshift_aws_iam_cert_path != '' - openshift_aws_iam_cert_key_path != '' - openshift_aws_elb_cert_arn == '' - -- name: wait for cert to propagate - pause: - seconds: 5 - when: elb_cert_chain.changed diff --git a/roles/openshift_aws/tasks/uninstall_elb.yml b/roles/openshift_aws/tasks/uninstall_elb.yml new file mode 100644 index 000000000..147e9a905 --- /dev/null +++ b/roles/openshift_aws/tasks/uninstall_elb.yml @@ -0,0 +1,11 @@ +--- +- name: delete elbs + ec2_elb_lb: + name: "{{ item }}" + region: "{{ openshift_aws_region }}" + state: absent + with_items: "{{ openshift_aws_elb_dict | json_query('*.*.name') | sum(start = []) }}" + +- when: openshift_aws_create_iam_cert | bool + name: delete the iam_cert for elb certificate + include_tasks: uninstall_iam_cert.yml diff --git a/roles/openshift_aws/tasks/uninstall_iam_cert.yml b/roles/openshift_aws/tasks/uninstall_iam_cert.yml new file mode 100644 index 000000000..7b47673ee --- /dev/null +++ b/roles/openshift_aws/tasks/uninstall_iam_cert.yml @@ -0,0 +1,25 @@ +--- +- when: + - openshift_aws_create_iam_cert | bool + - openshift_aws_iam_cert_path != '' + - openshift_aws_iam_cert_key_path != '' + - openshift_aws_elb_cert_arn == '' + block: + - name: delete AWS IAM certificates + iam_cert23: + state: absent + name: "{{ openshift_aws_iam_cert_name }}" + register: elb_cert_chain + retries: 20 + delay: 10 + until: elb_cert_chain | succeeded + ignore_errors: yes + + - debug: + var: elb_cert_chain + verbosity: 1 + + - name: check for iam cert error + fail: + msg: "Couldn't delete IAM cert {{ openshift_aws_iam_cert_name }}" + when: not elb_cert_chain | succeeded diff --git a/roles/openshift_aws/tasks/vpc_and_subnet_id.yml b/roles/openshift_aws/tasks/vpc_and_subnet_id.yml index 1b754f863..c2c345faf 100644 --- a/roles/openshift_aws/tasks/vpc_and_subnet_id.yml +++ b/roles/openshift_aws/tasks/vpc_and_subnet_id.yml @@ -7,7 +7,9 @@ register: vpcout - name: debug vcpout - debug: var=vpcout + debug: + var: vpcout + verbosity: 1 - name: fetch the default subnet id ec2_vpc_subnet_facts: @@ -18,4 +20,6 @@ register: subnetout - name: debug subnetout - debug: var=subnetout + debug: + var: subnetout + verbosity: 1 |