diff options
| -rw-r--r-- | README_AEP.md | 4 | ||||
| -rw-r--r-- | README_OSE.md | 2 | ||||
| -rwxr-xr-x | bin/cluster | 5 | ||||
| -rw-r--r-- | playbooks/aws/openshift-cluster/vars.yml | 29 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/update_repos_and_packages.yml | 2 | ||||
| -rw-r--r-- | playbooks/gce/openshift-cluster/vars.yml | 15 | ||||
| -rw-r--r-- | playbooks/libvirt/openshift-cluster/vars.yml | 31 | ||||
| -rw-r--r-- | playbooks/openstack/openshift-cluster/vars.yml | 12 | ||||
| -rw-r--r-- | roles/oso_host_monitoring/handlers/main.yml | 6 | ||||
| -rw-r--r-- | roles/oso_host_monitoring/tasks/main.yml | 20 | ||||
| -rw-r--r-- | roles/oso_host_monitoring/templates/oso-f22-host-monitoring.service.j2 | 43 | ||||
| -rw-r--r-- | roles/oso_host_monitoring/templates/oso-rhel7-host-monitoring.service.j2 (renamed from roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2) | 48 | ||||
| -rw-r--r-- | roles/rhel_subscribe/tasks/enterprise.yml | 18 | ||||
| -rw-r--r-- | roles/rhel_subscribe/tasks/main.yml | 2 |
14 files changed, 105 insertions, 132 deletions
diff --git a/README_AEP.md b/README_AEP.md index 584a7afff..7cdb1c5d5 100644 --- a/README_AEP.md +++ b/README_AEP.md @@ -81,10 +81,10 @@ deployment_type=atomic-enterprise # Pre-release registry URL; note that in the future these images # may have an atomicenterprise/aep- prefix or so. -oreg_url=rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version} +oreg_url=rcm-img-docker:5001/openshift3/ose-${component}:${version} # Pre-release additional repo -openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm-devops.usersys.redhat.com/puddle/build/AtomicOpenShift/3.1/2015-10-27.1', 'enabled': 1, 'gpgcheck': 0}] +openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm/puddle/build/AtomicOpenShift/3.1/2015-10-27.1', 'enabled': 1, 'gpgcheck': 0}] # host group for masters [masters] diff --git a/README_OSE.md b/README_OSE.md index 66fba33e5..fdb6a75b8 100644 --- a/README_OSE.md +++ b/README_OSE.md @@ -82,7 +82,7 @@ deployment_type=enterprise # Pre-release additional repo openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': -'http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os', +'http://buildvm/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] # Origin copr repo diff --git a/bin/cluster b/bin/cluster index 3081ebd4a..c2765ff92 100755 --- a/bin/cluster +++ b/bin/cluster @@ -294,11 +294,8 @@ if __name__ == '__main__': meta_parser.add_argument('cluster_id', help='prefix for cluster VM names') meta_parser.add_argument('-t', '--deployment-type', - choices=['origin', 'online', 'enterprise'], + choices=['origin', 'online', 'enterprise', 'atomic-enterprise', 'openshift-enterprise'], help='Deployment type. (default: origin)') - meta_parser.add_argument('-T', '--product-type', - choices=['openshift', 'atomic-enterprise'], - help='Product type. (default: openshift)') meta_parser.add_argument('-o', '--option', action='append', help='options') diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index c8ee9bad4..ae12286bd 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -1,5 +1,19 @@ --- debug_level: 2 + +deployment_rhel7_ent_base: + # rhel-7.1, requires cloud access subscription + image: ami-10663b78 + image_name: + region: us-east-1 + ssh_user: ec2-user + sudo: yes + keypair: libra + type: m4.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: + deployment_vars: origin: # centos-7, requires marketplace @@ -25,15 +39,6 @@ deployment_vars: security_groups: [ 'public' ] vpc_subnet: assign_public_ip: - enterprise: - # rhel-7.1, requires cloud access subscription - image: ami-10663b78 - image_name: - region: us-east-1 - ssh_user: ec2-user - sudo: yes - keypair: libra - type: m4.large - security_groups: [ 'public' ] - vpc_subnet: - assign_public_ip: + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 9a303c62d..88736ee03 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -4,7 +4,7 @@ openshift_deployment_type: "{{ deployment_type }}" roles: - role: rhel_subscribe - when: deployment_type == "enterprise" and + when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and ansible_distribution == "RedHat" and lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index bdb39923e..7fb13c7a6 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -3,6 +3,13 @@ do_we_use_openshift_sdn: true sdn_network_plugin: redhat/openshift-ovs-subnet debug_level: 2 # os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation + +deployment_rhel7_ent_base: + image: rhel-7 + machine_type: n1-standard-1 + ssh_user: + sudo: yes + deployment_vars: origin: image: preinstalled-slave-50g-v5 @@ -14,8 +21,6 @@ deployment_vars: machine_type: n1-standard-1 ssh_user: root sudo: no - enterprise: - image: rhel-7 - machine_type: n1-standard-1 - ssh_user: - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index 8b170f99e..da628786b 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -5,6 +5,19 @@ libvirt_network: openshift-ansible libvirt_uri: 'qemu:///system' debug_level: 2 +# Automatic download of the qcow2 image for RHEL cannot be done directly from the RedHat portal because it requires authentication. +# The default value of image_url for enterprise and openshift-enterprise deployment types below won't work. +deployment_rhel7_ent_base: + image: + url: "{{ lookup('oo_option', 'image_url') | + default('https://access.cdn.redhat.com//content/origin/files/sha256/25/25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0/rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + name: "{{ lookup('oo_option', 'image_name') | + default('rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + sha256: "{{ lookup('oo_option', 'image_sha256') | + default('25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0', True) }}" + ssh_user: openshift + sudo: yes + deployment_vars: origin: image: @@ -25,18 +38,6 @@ deployment_vars: sha256: ssh_user: root sudo: no - enterprise: - image: - url: "{{ lookup('oo_option', 'image_url') | - default('https://access.cdn.redhat.com//content/origin/files/sha256/ff/ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3/rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - name: "{{ lookup('oo_option', 'image_name') | - default('rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - sha256: "{{ lookup('oo_option', 'image_sha256') | - default('ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3', True) }}" - ssh_user: openshift - sudo: yes -# origin: -# fedora: -# url: "http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.qcow2" -# name: Fedora-Cloud-Base-20141203-21.x86_64.qcow2 -# sha256: 3a99bb89f33e3d4ee826c8160053cdb8a72c80cd23350b776ce73cd244467d86 + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index f8d15999e..76cde1706 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -20,6 +20,11 @@ openstack_flavor: infra: "{{ lookup('oo_option', 'infra_flavor' ) | default('m1.small', True) }}" node: "{{ lookup('oo_option', 'node_flavor' ) | default('m1.medium', True) }}" +deployment_rhel7_ent_base: + image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}" + ssh_user: openshift + sudo: yes + deployment_vars: origin: image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}" @@ -29,7 +34,6 @@ deployment_vars: image: ssh_user: root sudo: no - enterprise: - image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.1-20150224.0.x86_64', True) }}" - ssh_user: openshift - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/roles/oso_host_monitoring/handlers/main.yml b/roles/oso_host_monitoring/handlers/main.yml index 7863ad15b..3a5d8024c 100644 --- a/roles/oso_host_monitoring/handlers/main.yml +++ b/roles/oso_host_monitoring/handlers/main.yml @@ -4,9 +4,3 @@ name: "{{ osohm_host_monitoring }}" state: restarted enabled: yes - -- name: "Restart the {{ osohm_zagg_client }} service" - service: - name: "{{ osohm_zagg_client }}" - state: restarted - enabled: yes diff --git a/roles/oso_host_monitoring/tasks/main.yml b/roles/oso_host_monitoring/tasks/main.yml index 6ddfa3dcb..a0a453416 100644 --- a/roles/oso_host_monitoring/tasks/main.yml +++ b/roles/oso_host_monitoring/tasks/main.yml @@ -5,7 +5,6 @@ with_items: - osohm_zagg_web_url - osohm_host_monitoring - - osohm_zagg_client - osohm_docker_registry_url - osohm_default_zagg_server_user - osohm_default_zagg_server_password @@ -37,29 +36,12 @@ - "Restart the {{ osohm_host_monitoring }} service" register: systemd_host_monitoring -- name: "Copy {{ osohm_zagg_client }} systemd file" - template: - src: "{{ osohm_zagg_client }}.service.j2" - dest: "/etc/systemd/system/{{ osohm_zagg_client }}.service" - owner: root - group: root - mode: 0644 - notify: - - "Restart the {{ osohm_zagg_client }} service" - register: zagg_systemd - - name: reload systemd command: /usr/bin/systemctl --system daemon-reload - when: systemd_host_monitoring | changed or zagg_systemd | changed + when: systemd_host_monitoring | changed - name: "Start the {{ osohm_host_monitoring }} service" service: name: "{{ osohm_host_monitoring }}" state: started enabled: yes - -- name: "Start the {{ osohm_zagg_client }} service" - service: - name: "{{ osohm_zagg_client }}" - state: started - enabled: yes diff --git a/roles/oso_host_monitoring/templates/oso-f22-host-monitoring.service.j2 b/roles/oso_host_monitoring/templates/oso-f22-host-monitoring.service.j2 deleted file mode 100644 index d18ad90fe..000000000 --- a/roles/oso_host_monitoring/templates/oso-f22-host-monitoring.service.j2 +++ /dev/null @@ -1,43 +0,0 @@ -# This is a systemd file to run this docker container under systemd. -# To make this work: -# * pull the image (probably from ops docker registry) -# * place this file in /etc/systemd/system without the .systemd extension -# * run the commands: -# systemctl daemon-reload -# systemctl enable pcp-docker -# systemctl start pcp-docker -# -# -[Unit] -Description=PCP Collector Contatainer -Requires=docker.service -After=docker.service - - -[Service] -Type=simple -TimeoutStartSec=5m -Environment=HOME=/etc/docker/ops -#Slice=container-small.slice - -# systemd syntax '=-' ignore errors from return codes. -ExecStartPre=-/usr/bin/docker kill "{{ osohm_host_monitoring }}" -ExecStartPre=-/usr/bin/docker rm "{{ osohm_host_monitoring }}" -ExecStartPre=-/usr/bin/docker pull "{{ osohm_docker_registry_url }}{{ osohm_host_monitoring }}" - - -ExecStart=/usr/bin/docker run --rm --name="{{ osohm_host_monitoring }}" \ - --privileged --net=host --pid=host --ipc=host \ - -v /sys:/sys:ro -v /etc/localtime:/etc/localtime:ro \ - -v /var/lib/docker:/var/lib/docker:ro -v /run:/run \ - -v /var/log:/var/log \ - {{ osohm_docker_registry_url }}{{ osohm_host_monitoring }} - -ExecReload=-/usr/bin/docker stop "{{ osohm_host_monitoring }}" -ExecReload=-/usr/bin/docker rm "{{ osohm_host_monitoring }}" -ExecStop=-/usr/bin/docker stop "{{ osohm_host_monitoring }}" -Restart=always -RestartSec=30 - -[Install] -WantedBy=default.target diff --git a/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 b/roles/oso_host_monitoring/templates/oso-rhel7-host-monitoring.service.j2 index bcc8a5e03..753cad69f 100644 --- a/roles/oso_host_monitoring/templates/oso-rhel7-zagg-client.service.j2 +++ b/roles/oso_host_monitoring/templates/oso-rhel7-host-monitoring.service.j2 @@ -4,12 +4,12 @@ # * place this file in /etc/systemd/system without the .systemd extension # * run the commands: # systemctl daemon-reload -# systemctl enable zagg-client-docker -# systemctl start zagg-client-docker +# systemctl enable oso-rhel7-host-monitoring +# systemctl start oso-rhel7-host-monitoring # # [Unit] -Description=Zagg Client Contatainer +Description=Openshift Host Monitoring Container Requires=docker.service After=docker.service @@ -21,40 +21,52 @@ Environment=HOME=/etc/docker/ops #Slice=container-small.slice # systemd syntax '=-' ignore errors from return codes. -ExecStartPre=-/usr/bin/docker kill "{{ osohm_zagg_client }}" -ExecStartPre=-/usr/bin/docker rm "{{ osohm_zagg_client }}" -ExecStartPre=-/usr/bin/docker pull "{{ osohm_docker_registry_url }}{{ osohm_zagg_client }}" +ExecStartPre=-/usr/bin/docker kill "{{ osohm_host_monitoring }}" +ExecStartPre=-/usr/bin/docker rm "{{ osohm_host_monitoring }}" +ExecStartPre=-/usr/bin/docker pull "{{ osohm_docker_registry_url }}{{ osohm_host_monitoring }}" +# mwoodson note 1-7-16: +# pcp recommends mounting /run in their Dockerfile +# /run conflicts with cron which also runs in this container. +# I am leaving /run out for now. the guys in #pcp said that they mounted /run +# to shared the pcp socket that is created in /run. We are not using this, +# as far as I know. +# This problem goes away with systemd being run in the containers and not using +# cron but using systemd timers +# -v /run:/run \ -ExecStart=/usr/bin/docker run --name {{ osohm_zagg_client }} \ +ExecStart=/usr/bin/docker run --name {{ osohm_host_monitoring }} \ --privileged \ --pid=host \ --net=host \ - -e ZAGG_URL={{ osohm_zagg_web_url }} \ - -e ZAGG_USER={{ osohm_default_zagg_server_user }} \ - -e ZAGG_PASSWORD={{ osohm_default_zagg_server_password }} \ + --ipc=host \ + -e ZAGG_URL={{ osohm_zagg_web_url }} \ + -e ZAGG_USER={{ osohm_default_zagg_server_user }} \ + -e ZAGG_PASSWORD={{ osohm_default_zagg_server_password }} \ -e ZAGG_CLIENT_HOSTNAME={{ ec2_tag_Name }} \ - -e ZAGG_SSL_VERIFY={{ osohm_zagg_verify_ssl }} \ + -e ZAGG_SSL_VERIFY={{ osohm_zagg_verify_ssl }} \ -e OSO_CLUSTER_GROUP={{ cluster_group }} \ - -e OSO_CLUSTER_ID={{ oo_clusterid }} \ + -e OSO_CLUSTER_ID={{ oo_clusterid }} \ -e OSO_HOST_TYPE={{ hostvars[inventory_hostname]['ec2_tag_host-type'] }} \ -e OSO_SUB_HOST_TYPE={{ hostvars[inventory_hostname]['ec2_tag_sub-host-type'] }} \ -v /etc/localtime:/etc/localtime \ - -v /run/pcp:/run/pcp \ + -v /sys:/sys:ro \ + -v /sys/fs/selinux \ + -v /var/lib/docker:/var/lib/docker:ro \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v /var/run/openvswitch:/var/run/openvswitch \ + -v /var/run/openvswitch:/var/run/openvswitch \ {% if hostvars[inventory_hostname]['ec2_tag_host-type'] == 'master' %} -v /etc/openshift/master/admin.kubeconfig:/etc/openshift/master/admin.kubeconfig \ -v /etc/openshift/master/master.etcd-client.crt:/etc/openshift/master/master.etcd-client.crt \ -v /etc/openshift/master/master.etcd-client.key:/etc/openshift/master/master.etcd-client.key \ -v /etc/openshift/master/master-config.yaml:/etc/openshift/master/master-config.yaml \ {% endif %} - {{ osohm_docker_registry_url }}{{ osohm_zagg_client }} + {{ osohm_docker_registry_url }}{{ osohm_host_monitoring }} -ExecReload=-/usr/bin/docker stop "{{ osohm_zagg_client }}" -ExecReload=-/usr/bin/docker rm "{{ osohm_zagg_client }}" -ExecStop=-/usr/bin/docker stop "{{ osohm_zagg_client }}" +ExecReload=-/usr/bin/docker stop "{{ osohm_host_monitoring }}" +ExecReload=-/usr/bin/docker rm "{{ osohm_host_monitoring }}" +ExecStop=-/usr/bin/docker stop "{{ osohm_host_monitoring }}" Restart=always RestartSec=30 diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml index e9e6e4bd4..08540f440 100644 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ b/roles/rhel_subscribe/tasks/enterprise.yml @@ -2,8 +2,24 @@ - name: Disable all repositories command: subscription-manager repos --disable="*" +- set_fact: + default_ose_version: '3.0' + when: deployment_type == 'enterprise' + +- set_fact: + default_ose_version: '3.1' + when: deployment_type in ['atomic-enterprise', 'openshift-enterprise'] + +- set_fact: + ose_version: "{{ lookup('oo_option', 'ose_version') | default(default_ose_version, True) }}" + +- fail: + msg: "{{ ose_version }} is not a valid version for {{ deployment_type }} deployment type" + when: ( deployment_type == 'enterprise' and ose_version not in ['3.0'] ) or + ( deployment_type in ['atomic-enterprise', 'openshift-enterprise'] and ose_version not in ['3.1'] ) + - name: Enable RHEL repositories command: subscription-manager repos \ --enable="rhel-7-server-rpms" \ --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-ose-3.0-rpms" + --enable="rhel-7-server-ose-{{ ose_version }}-rpms" diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index c160ea4e9..eecfd04a0 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -41,4 +41,4 @@ command: subscription-manager subscribe --pool {{ openshift_pool_id.stdout_lines[0] }} - include: enterprise.yml - when: deployment_type == 'enterprise' + when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] |