diff options
44 files changed, 573 insertions, 171 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 4b283f29f..4df929277 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.46-1 ./ +3.0.49-1 ./ diff --git a/.tito/releasers.conf b/.tito/releasers.conf index a9116291a..36c15b109 100644 --- a/.tito/releasers.conf +++ b/.tito/releasers.conf @@ -12,6 +12,11 @@ releaser = tito.release.DistGitReleaser branches = rhaos-3.1-rhel-7 srpm_disttag = .el7aos +[aos-3.2] +releaser = tito.release.DistGitReleaser +branches = rhaos-3.2-rhel-7 +srpm_disttag = .el7aos + [copr-openshift-ansible] releaser = tito.release.CoprReleaser project_name = openshift-ansible diff --git a/README_AWS.md b/README_AWS.md index 4a2399d42..978905f68 100644 --- a/README_AWS.md +++ b/README_AWS.md @@ -1,3 +1,4 @@ +:warning: **WARNING** :warning: This feature is community supported and has not been tested by Red Hat. Visit [docs.openshift.com](https://docs.openshift.com) for [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/index.html) or [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/index.html) supported installation docs. AWS Setup Instructions ====================== diff --git a/README_CONTAINERIZED_INSTALLATION.md b/README_CONTAINERIZED_INSTALLATION.md index 5f51b9507..56f25546c 100644 --- a/README_CONTAINERIZED_INSTALLATION.md +++ b/README_CONTAINERIZED_INSTALLATION.md @@ -84,9 +84,13 @@ _/usr/share/openshift/examples_ because that is read-only on Atomic Host. ### Storage Requirements -Atomic Host installs normally have a very small root filesystem. However the -etcd, master, and node containers will persist data in /var/lib. Please ensure -that you have enough space on the root filesystem. +Atomic Host installs by default have a small root filesystem. However +the etcd, master, and node containers will persist data in +`/var/lib`. Please ensure that you have enough space on the root +filesystem. This is usually handled by +[docker-storage-setup](https://github.com/projectatomic/docker-storage-setup/); +set e.g. `ROOT_SIZE=20G` in `/etc/sysconfig/docker-storage-setup` in +early host boot, such as inside a `cloud-init` boot hook. ### OpenvSwitch SDN Initialization diff --git a/README_GCE.md b/README_GCE.md index 9439b569e..df9942f24 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -1,3 +1,4 @@ +:warning: **WARNING** :warning: This feature is community supported and has not been tested by Red Hat. Visit [docs.openshift.com](https://docs.openshift.com) for [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/index.html) or [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/index.html) supported installation docs. GCE Setup Instructions ====================== diff --git a/README_libvirt.md b/README_libvirt.md index 3e5df2dca..8b46252b3 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -1,3 +1,5 @@ +:warning: **WARNING** :warning: This feature is community supported and has not been tested by Red Hat. Visit [docs.openshift.com](https://docs.openshift.com) for [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/index.html) or [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/index.html) supported installation docs. + LIBVIRT Setup instructions ========================== @@ -118,7 +120,7 @@ The following options can be passed via the `-o` flag of the `create` command or * `image_url` (default to `http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2.xz`): URL of the QCOW2 image to download * `image_name` (default to `CentOS-7-x86_64-GenericCloud.qcow2`): Name of the QCOW2 image to boot the VMs on * `image_compression` (default to `xz`): Source QCOW2 compression (only xz supported at this time) -* `image_sha256` (default to `9461006300d65172f5668d8875f2aad7b54f7ba4e9c5435d65a84a5a2d66e39b`): Expected SHA256 checksum of the downloaded image +* `image_sha256` (default to `dd0f5e610e7c5ffacaca35ed7a78a19142a588f4543da77b61c1fb0d74400471`): Expected SHA256 checksum of the downloaded image * `skip_image_download` (default to `no`): Skip QCOW2 image download. This requires the `image_name` QCOW2 image to be already present in `$HOME/libvirt-storage-pool-openshift-ansible` Creating a cluster diff --git a/README_openstack.md b/README_openstack.md index 9a2b627e2..e3cc7cc93 100644 --- a/README_openstack.md +++ b/README_openstack.md @@ -1,3 +1,5 @@ +:warning: **WARNING** :warning: This feature is community supported and has not been tested by Red Hat. Visit [docs.openshift.com](https://docs.openshift.com) for [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/index.html) or [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/index.html) supported installation docs. + OPENSTACK Setup instructions ============================ diff --git a/README_vagrant.md b/README_vagrant.md index 73fd31476..a0bb0afbb 100644 --- a/README_vagrant.md +++ b/README_vagrant.md @@ -1,3 +1,5 @@ +:warning: **WARNING** :warning: This feature is community supported and has not been tested by Red Hat. Visit [docs.openshift.com](https://docs.openshift.com) for [OpenShift Enterprise](https://docs.openshift.com/enterprise/latest/install_config/install/index.html) or [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/index.html) supported installation docs. + Requirements ------------ - ansible (the latest 1.9 release is preferred, but any version greater than 1.9.1 should be sufficient). diff --git a/bin/cluster b/bin/cluster index c3b101c98..ecb8bc58e 100755 --- a/bin/cluster +++ b/bin/cluster @@ -264,6 +264,13 @@ if __name__ == '__main__': providers = gce,aws,libvirt,openstack """ + warning = ("================================================================================\n" + "ATTENTION: You are running a community supported utility that has not been\n" + "tested by Red Hat. Visit https://docs.openshift.com for supported installation\n" + "instructions.\n" + "================================================================================\n\n") + sys.stderr.write(warning) + cluster_config = ConfigParser.SafeConfigParser({ 'cluster_ids': 'marketing,sales', 'validate_cluster_ids': 'False', @@ -34,6 +34,7 @@ class Ohi(object): 'openshift_ansible', \ 'openshift_ansible.conf') + self.args = None self.parse_cli_args() self.parse_config_file() @@ -57,6 +58,7 @@ class Ohi(object): hosts = self.aws.get_host_list(clusters=self.args.cluster, host_type=self.args.host_type, + sub_host_type=self.args.sub_host_type, envs=self.args.env, version=version, cached=self.args.cache_only) @@ -104,6 +106,8 @@ class Ohi(object): parser.add_argument('-t', '--host-type', action="store", help="Which host type to use") + parser.add_argument('-s', '--sub-host-type', action="store", help="Which sub host type to use") + parser.add_argument('-l', '--user', action='store', default=None, help='username') parser.add_argument('--cache-only', action='store_true', default=False, diff --git a/bin/openshift_ansible/awsutil.py b/bin/openshift_ansible/awsutil.py index 945e6a20c..eba11e851 100644 --- a/bin/openshift_ansible/awsutil.py +++ b/bin/openshift_ansible/awsutil.py @@ -31,6 +31,7 @@ class AwsUtil(object): host_type_aliases -- a list of aliases to common host-types (e.g. ex-node) """ + self.alias_lookup = {} host_type_aliases = host_type_aliases or {} self.host_type_aliases = host_type_aliases @@ -40,7 +41,6 @@ class AwsUtil(object): def setup_host_type_alias_lookup(self): """Sets up the alias to host-type lookup table.""" - self.alias_lookup = {} for key, values in self.host_type_aliases.iteritems(): for value in values: self.alias_lookup[value] = key @@ -101,6 +101,20 @@ class AwsUtil(object): host_types.sort() return host_types + def get_sub_host_types(self): + """Searches for sub-host-type tags in the inventory and returns all sub-host-types found.""" + pattern = re.compile(r'^oo_subhosttype_(.*)') + + sub_host_types = [] + inv = self.get_inventory() + for key in inv.keys(): + matched = pattern.match(key) + if matched: + sub_host_types.append(matched.group(1)) + + sub_host_types.sort() + return sub_host_types + def get_security_groups(self): """Searches for security_groups in the inventory and returns all SGs found.""" pattern = re.compile(r'^security_group_(.*)') @@ -192,9 +206,15 @@ class AwsUtil(object): host_type = self.resolve_host_type(host_type) return "oo_hosttype_%s" % host_type + @staticmethod + def gen_sub_host_type_tag(sub_host_type): + """Generate the host type tag + """ + return "oo_subhosttype_%s" % sub_host_type + # This function uses all of these params to perform a filters on our host inventory. # pylint: disable=too-many-arguments - def get_host_list(self, clusters=None, host_type=None, envs=None, version=None, cached=False): + def get_host_list(self, clusters=None, host_type=None, sub_host_type=None, envs=None, version=None, cached=False): """Get the list of hosts from the inventory using host-type and environment """ retval = set([]) @@ -229,6 +249,9 @@ class AwsUtil(object): if host_type: retval.intersection_update(inv.get(self.gen_host_type_tag(host_type, version), [])) + if sub_host_type: + retval.intersection_update(inv.get(self.gen_sub_host_type_tag(sub_host_type), [])) + if version != 'all': retval.intersection_update(inv.get(AwsUtil.gen_version_tag(version), [])) diff --git a/filter_plugins/openshift_master.py b/filter_plugins/openshift_master.py index c41367f05..3a1d77f53 100644 --- a/filter_plugins/openshift_master.py +++ b/filter_plugins/openshift_master.py @@ -501,7 +501,36 @@ class FilterModule(object): valid = False return valid + @staticmethod + def certificates_to_synchronize(hostvars): + ''' Return certificates to synchronize based on facts. ''' + if not issubclass(type(hostvars), dict): + raise errors.AnsibleFilterError("|failed expects hostvars is a dict") + certs = ['admin.crt', + 'admin.key', + 'admin.kubeconfig', + 'master.kubelet-client.crt', + 'master.kubelet-client.key', + 'openshift-registry.crt', + 'openshift-registry.key', + 'openshift-registry.kubeconfig', + 'openshift-router.crt', + 'openshift-router.key', + 'openshift-router.kubeconfig', + 'serviceaccounts.private.key', + 'serviceaccounts.public.key'] + if bool(hostvars['openshift']['common']['version_gte_3_1_or_1_1']): + certs += ['master.proxy-client.crt', + 'master.proxy-client.key'] + if not bool(hostvars['openshift']['common']['version_gte_3_2_or_1_2']): + certs += ['openshift-master.crt', + 'openshift-master.key', + 'openshift-master.kubeconfig'] + return certs + + def filters(self): ''' returns a mapping of filters to methods ''' return {"translate_idps": self.translate_idps, - "validate_pcs_cluster": self.validate_pcs_cluster} + "validate_pcs_cluster": self.validate_pcs_cluster, + "certificates_to_synchronize": self.certificates_to_synchronize} diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example index 8cd4caac4..637f13be6 100644 --- a/inventory/byo/hosts.aep.example +++ b/inventory/byo/hosts.aep.example @@ -132,7 +132,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_api_server_args={'max-requests-inflight': ['400']} # default subdomain to use for exposed routes -#osm_default_subdomain=apps.test.example.com +#openshift_master_default_subdomain=apps.test.example.com # additional cors origins #osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] @@ -157,6 +157,20 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Disable the OpenShift SDN plugin # openshift_use_openshift_sdn=False +# Configure SDN cluster network CIDR block. This network block should +# be a private block and should not conflict with existing network +# blocks in your infrastructure that pods may require access to. +# Can not be changed after deployment. +#osm_cluster_network_cidr=10.1.0.0/16 + +# Configure number of bits to allocate to each host’s subnet e.g. 8 +# would mean a /24 network on the host. +#osm_host_subnet_length=8 + +# Configure master API and console ports. +#openshift_master_api_port=8443 +#openshift_master_console_port=8443 + # set RPM version for debugging purposes #openshift_pkg_version=-3.1.0.0 diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index fffdcaab4..c30f65f9f 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -137,7 +137,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_api_server_args={'max-requests-inflight': ['400']} # default subdomain to use for exposed routes -#osm_default_subdomain=apps.test.example.com +#openshift_master_default_subdomain=apps.test.example.com # additional cors origins #osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] @@ -162,6 +162,20 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Disable the OpenShift SDN plugin # openshift_use_openshift_sdn=False +# Configure SDN cluster network CIDR block. This network block should +# be a private block and should not conflict with existing network +# blocks in your infrastructure that pods may require access to. +# Can not be changed after deployment. +#osm_cluster_network_cidr=10.1.0.0/16 + +# Configure number of bits to allocate to each host’s subnet e.g. 8 +# would mean a /24 network on the host. +#osm_host_subnet_length=8 + +# Configure master API and console ports. +#openshift_master_api_port=8443 +#openshift_master_console_port=8443 + # set RPM version for debugging purposes #openshift_pkg_version=-1.1 diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 233c1c8e2..b51569e68 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -133,7 +133,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_api_server_args={'max-requests-inflight': ['400']} # default subdomain to use for exposed routes -#osm_default_subdomain=apps.test.example.com +#openshift_master_default_subdomain=apps.test.example.com # additional cors origins #osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] @@ -158,6 +158,20 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Disable the OpenShift SDN plugin # openshift_use_openshift_sdn=False +# Configure SDN cluster network CIDR block. This network block should +# be a private block and should not conflict with existing network +# blocks in your infrastructure that pods may require access to. +# Can not be changed after deployment. +#osm_cluster_network_cidr=10.1.0.0/16 + +# Configure number of bits to allocate to each host’s subnet e.g. 8 +# would mean a /24 network on the host. +#osm_host_subnet_length=8 + +# Configure master API and console ports. +#openshift_master_api_port=8443 +#openshift_master_console_port=8443 + # set RPM version for debugging purposes #openshift_pkg_version=-3.1.0.0 diff --git a/openshift-ansible.spec b/openshift-ansible.spec index a9ac557a5..c660e6674 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.46 +Version: 3.0.49 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -261,6 +261,77 @@ Atomic OpenShift Utilities includes %changelog +* Tue Mar 01 2016 Matt Woodson <mwoodson@redhat.com> 3.0.49-1 +- fixed error in awsutil.py (mwoodson@redhat.com) + +* Tue Mar 01 2016 Matt Woodson <mwoodson@redhat.com> 3.0.48-1 +- ohi: added subtype searching (mwoodson@redhat.com) +- make heal remote actions generic for all [HEAL] triggers (jdiaz@redhat.com) +- added extra steps to ensure docker starts up (mwoodson@redhat.com) +- role_removal: docker_storage; This is the old way, no longer used + (mwoodson@redhat.com) +- role: added docker_storage_setup (mwoodson@redhat.com) +- Use inventory_hostname for openshift master certs to sync. + (abutcher@redhat.com) +- Adding a symlink to making loading the examples more convenient + (bleanhar@redhat.com) +- docs: Explain a bit more how to expand Atomic Host rootfs + (walters@verbum.org) +- a-o-i: Rename osm_default_subdomain (smunilla@redhat.com) +- Updating tito config for OSE 3.2 (bleanhar@redhat.com) +- Synchronize master kube configs (abutcher@redhat.com) +- added os_utils, os_reboot_server role; removed containerization stuff from + the updated (mwoodson@redhat.com) +- Add warnings to bin/cluster and READMEs (abutcher@redhat.com) +- Add host subnet length example. (abutcher@redhat.com) +- Upgrade -1510 to CentOS-7-x86_64-GenericCloud-1602. (cben@redhat.com) +- Pin down CentOS-7-x86_64-GenericCloud-1510.qcow2.xz version, which the + checksum currently expects (#1384). (cben@redhat.com) +- Change is_atomic to is_containerized (florian.lambert@enovance.com) +- Rename variable to openshift_master_default_subdomain with backwards + compatibility. (jstuever@redhat.com) +- lib_dyn: more updates to the lib_dyn module. Made the TTL more flexible + (mwoodson@redhat.com) +- remote heal action for OVS down (jdiaz@redhat.com) +- Pass registry claim to openshift_registry. (abutcher@redhat.com) +- Refactor - increase retries instead of delay in "Wait for Node Registration" + (david.mat@archimiddle.com) +- Better diagnostic messages when an OpenStack heat stack creation fails + (lhuard@amadeus.com) +- made some changes to lib_dyn update (mwoodson@redhat.com) +- Increase timeout on Wait for Node Registration (david.mat@archimiddle.com) +- Fix typo in oscp (agrimm@redhat.com) +- Add correct parsing of ec2_security_groups env variable + (david.mat@archimiddle.com) +- changed oso_host_monitoring to use the oo_ vars (twiest@redhat.com) +- Add quotes around src argument to support paths with spaces + (david.mat@archimiddle.com) +- Add missing is_atomic condition on upgrade package + (florian.lambert@enovance.com) +- configure debug_level for master and node from cli (jawed.khelil@amadeus.com) +- remove version requirement from etcd, shouldn't be needed anymore + (maxamillion@fedoraproject.org) +- Add ansible.cfg to .gitignore (jdetiber@redhat.com) +- added node-secgroup to master_nodes (j.david.nieto@gmail.com) +- Document setting the VPC subnet (puiterwijk@redhat.com) +- Update the AMIs used in README_AWS (puiterwijk@redhat.com) +- Add byo examples for network cidr and api/console ports. + (abutcher@redhat.com) +- Add openshift_docker roles to master/node scaleup. (abutcher@redhat.com) +- Fail when master.master_count descreases or master.ha changes. + (abutcher@redhat.com) +- Protected facts. (abutcher@redhat.com) +- Add modify_yaml module. (abutcher@redhat.com) +- Re-arrange scaleup playbooks. (abutcher@redhat.com) +- Move additional master configuration into a separate master playbook. + (abutcher@redhat.com) +- Generate each master's certificates separately. (abutcher@redhat.com) +- Add new_masters to scaleup playbook. (abutcher@redhat.com) + +* Wed Feb 24 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.47-1 +- a-o-i: Double safety check on master_lb (smunilla@redhat.com) +- a-o-i: Better method for identifying master_lb (smunilla@redhat.com) + * Tue Feb 23 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.46-1 - a-o-i: Exception checking around master_lb (smunilla@redhat.com) diff --git a/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml b/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml index ec28564cf..2f1d003ff 100755 --- a/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml +++ b/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml @@ -8,8 +8,12 @@ g_server: http://localhost/zabbix/api_jsonrpc.php g_user: Admin g_password: zabbix + g_zbx_scriptrunner_user: scriptrunner + g_zbx_scriptrunner_bastion_host: specialhost.example.com roles: - role: os_zabbix ozb_server: "{{ g_server }}" ozb_user: "{{ g_user }}" ozb_password: "{{ g_password }}" + ozb_scriptrunner_user: "{{ g_zbx_scriptrunner_user }}" + ozb_scriptrunner_bastion_host: "{{ g_zbx_scriptrunner_bastion_host }}" diff --git a/playbooks/common/openshift-cluster/additional_config.yml b/playbooks/common/openshift-cluster/additional_config.yml index 0f4e6ab88..1ac78468a 100644 --- a/playbooks/common/openshift-cluster/additional_config.yml +++ b/playbooks/common/openshift-cluster/additional_config.yml @@ -52,4 +52,5 @@ - role: openshift_router when: deploy_infra | bool - role: openshift_registry + registry_volume_claim: "{{ openshift.hosted.registry.storage.volume.name }}-claim" when: deploy_infra | bool and attach_registry_volume | bool diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml index dbf746f12..54bb251f7 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml @@ -13,10 +13,11 @@ tasks: - name: Upgrade master packages command: "{{ ansible_pkg_mgr}} update -y {{ openshift.common.service_type }}-master{{ openshift_version }}" + when: not openshift.common.is_containerized | bool - name: Ensure python-yaml present for config upgrade action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" - when: not openshift.common.is_atomic | bool + when: not openshift.common.is_containerized | bool # Currently 3.1.1 does not have any new configuration settings # @@ -63,6 +64,7 @@ tasks: - name: Upgrade node packages command: "{{ ansible_pkg_mgr }} update -y {{ openshift.common.service_type }}-node{{ openshift_version }}" + when: not openshift.common.is_containerized | bool - name: Restart node service service: name="{{ openshift.common.service_type }}-node" state=restarted diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index b9d595576..acd2f5b11 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -28,6 +28,11 @@ | default([])) | oo_collect('openshift.common.hostname') | default(none, true) }}" + + - set_fact: + openshift_master_debug_level: "{{ lookup('oo_option', 'openshift_master_debug_level') | default(openshift.common.debug_level, true) }}" + when: openshift_master_debug_level is not defined + roles: - openshift_facts post_tasks: diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 56d30e9b9..7edea9160 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -1,6 +1,10 @@ --- - name: Gather and set facts for node hosts hosts: oo_nodes_to_config + pre_tasks: + - set_fact: + openshift_node_debug_level: "{{ lookup('oo_option', 'openshift_node_debug_level') | default(openshift.common.debug_level, true) }}" + when: openshift_node_debug_level is not defined roles: - openshift_facts tasks: diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index c78b52867..f28245f88 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -23,13 +23,13 @@ deployment_vars: origin: image: url: "{{ lookup('oo_option', 'image_url') | - default('http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2.xz', True) }}" + default('http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1602.qcow2.xz', True) }}" compression: "{{ lookup('oo_option', 'image_compression') | default('xz', True) }}" name: "{{ lookup('oo_option', 'image_name') | default('CentOS-7-x86_64-GenericCloud.qcow2', True) }}" sha256: "{{ lookup('oo_option', 'image_sha256') | - default('9461006300d65172f5668d8875f2aad7b54f7ba4e9c5435d65a84a5a2d66e39b', True) }}" + default('dd0f5e610e7c5ffacaca35ed7a78a19142a588f4543da77b61c1fb0d74400471', True) }}" ssh_user: openshift sudo: yes online: @@ -42,5 +42,3 @@ deployment_vars: enterprise: "{{ deployment_rhel7_ent_base }}" openshift-enterprise: "{{ deployment_rhel7_ent_base }}" atomic-enterprise: "{{ deployment_rhel7_ent_base }}" - - diff --git a/roles/docker_storage/README.md b/roles/docker_storage/README.md deleted file mode 100644 index bf0158623..000000000 --- a/roles/docker_storage/README.md +++ /dev/null @@ -1,39 +0,0 @@ -docker_storage -========= - -Configure docker_storage options ------------- - -None - -Role Variables --------------- - -None - -Dependencies ------------- - -None - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role/docker_storage: - - key: df.fs - value: xfs - } - -License -------- - -ASL 2.0 - -Author Information ------------------- - -OpenShift operations, Red Hat, Inc diff --git a/roles/docker_storage/defaults/main.yml b/roles/docker_storage/defaults/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/docker_storage/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/docker_storage/handlers/main.yml b/roles/docker_storage/handlers/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/docker_storage/handlers/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/docker_storage/meta/main.yml b/roles/docker_storage/meta/main.yml deleted file mode 100644 index f5b2d53cb..000000000 --- a/roles/docker_storage/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -galaxy_info: - author: OpenShift - description: Setup docker_storage options - company: Red Hat, Inc - license: ASL 2.0 - min_ansible_version: 1.2 -dependencies: -- docker diff --git a/roles/docker_storage/tasks/main.yml b/roles/docker_storage/tasks/main.yml deleted file mode 100644 index 48a3fc208..000000000 --- a/roles/docker_storage/tasks/main.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- lvg: - pvs: "{{ dst_device }}" - vg: "{{ dst_vg }}" - register: dst_lvg - -- lvol: - lv: data - vg: "{{ dst_vg }}" - size: 95%VG - register: dst_lvol_data - -- lvol: - lv: metadata - vg: "{{ dst_vg }}" - size: 5%VG - register: dst_lvol_metadata - - -- name: Update docker_storage options - lineinfile: - dest: /etc/sysconfig/docker-storage - backrefs: yes - regexp: "^(DOCKER_STORAGE_OPTIONS=)" - line: '\1 --storage-opt {{ dst_options | oo_combine_key_value("=") | join(" --storage-opt ") }}' - when: dst_options is defined and dst_options | length > 0 - register: dst_config - - -- name: Reload systemd units - command: systemctl daemon-reload - notify: - - restart docker - when: dst_config | changed or - dst_lvg | changed or - dst_lvol_data | changed or - dst_lvol_metadata | changed diff --git a/roles/docker_storage/vars/main.yml b/roles/docker_storage/vars/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/docker_storage/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/docker_storage_setup/README.md b/roles/docker_storage_setup/README.md new file mode 100644 index 000000000..6039b349a --- /dev/null +++ b/roles/docker_storage_setup/README.md @@ -0,0 +1,42 @@ +docker_storage_setup +========= +This role coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker). + +It requires the block device to be already provisioned and attached to the host. + + Notes: + * This is NOT idempotent. Conversion needs to be done for it to be idempotent + * This will remove /var/lib/docker! + * You will need to re-deploy docker images + +Configure docker_storage_setup +------------ + +None + +Role Variables +-------------- + +dss_docker_device: defaults to /dev/xvdb + +Dependencies +------------ + +None + +Example Playbook +---------------- + + - hosts: servers + roles: + - { role/docker_storage_setup, dss_docker_device: '/dev/xvdb' } + +License +------- + +ASL 2.0 + +Author Information +------------------ + +OpenShift operations, Red Hat, Inc diff --git a/roles/docker_storage_setup/defaults/main.yml b/roles/docker_storage_setup/defaults/main.yml new file mode 100644 index 000000000..5013aba97 --- /dev/null +++ b/roles/docker_storage_setup/defaults/main.yml @@ -0,0 +1,2 @@ +--- +dss_docker_device: /dev/xvdb diff --git a/roles/docker_storage_setup/tasks/main.yml b/roles/docker_storage_setup/tasks/main.yml new file mode 100755 index 000000000..8af9bbe1e --- /dev/null +++ b/roles/docker_storage_setup/tasks/main.yml @@ -0,0 +1,95 @@ +--- +- name: Ensure docker is installed + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - docker + +# Docker doesn't seem to start cleanly the first time run +# when loopback (not directlvm) is configured. Putting in an +# ignore errors, and then sleeping till it can come up cleanly +- name: Try to start docker. This might fail (loopback startup issue) + service: + name: docker + state: started + ignore_errors: yes + +- name: Pause for 1 minute + pause: + seconds: 30 + +- name: Ensure docker is started + service: + name: docker + state: started + +- name: Determine if loopback + shell: docker info | grep 'Data file:.*loop' + register: loop_device_check + ignore_errors: yes + +- debug: + var: loop_device_check + +- name: fail if we don't detect loopback + fail: + msg: loopback not detected! Please investigate manually. + when: loop_device_check.rc == 1 + +- name: "check to see if {{ dss_docker_device }} exists" + command: "test -e {{ dss_docker_device }}" + register: docker_dev_check + ignore_errors: yes + +- debug: var=docker_dev_check + +- name: "fail if {{ dss_docker_device }} doesn't exist" + fail: + msg: "{{ dss_docker_device }} doesn't exist. Please investigate" + when: docker_dev_check.rc != 0 + +- name: stop docker + service: + name: docker + state: stopped + +- name: delete /var/lib/docker + command: rm -rf /var/lib/docker + +- name: remove /var/lib/docker + command: rm -rf /var/lib/docker + +- name: copy the docker-storage-setup config file + copy: + content: > + DEVS={{ dss_docker_device }}\n + VG=docker_vg + dest: /etc/sysconfig/docker-storage-setup + owner: root + group: root + mode: 0664 + +- name: docker storage setup + command: docker-storage-setup + register: docker_storage_setup_output + +- debug: + msg: "{{ docker_storage_setup_output }}" + +- name: extend the vg + command: lvextend -l 90%VG /dev/docker_vg/docker-pool + register: lvextend_output + +- debug: + msg: "{{ lvextend_output }}" + +- name: start docker + service: + name: docker + state: restarted + +- name: docker info + command: docker info + register: dockerinfo + +- debug: + msg: "{{ dockerinfo }}" diff --git a/roles/lib_dyn/library/dyn_record.py b/roles/lib_dyn/library/dyn_record.py index 7b80064f4..42d970060 100644 --- a/roles/lib_dyn/library/dyn_record.py +++ b/roles/lib_dyn/library/dyn_record.py @@ -13,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# pylint: disable=too-many-branches '''Ansible module to manage records in the Dyn Managed DNS service''' DOCUMENTATION = ''' --- @@ -84,9 +85,18 @@ options: description: - 'Record's "Time to live". Number of seconds the record remains cached' - 'in DNS servers or c(0) to use the default TTL for the zone.' + - 'This option is mutually exclusive with use_zone_ttl' required: false default: 0 + use_zone_ttl: + description: + - 'Use the DYN Zone's Default TTL' + - 'This option is mutually exclusive with record_ttl' + required: false + default: false + mutually exclusive with: record_ttl + notes: - The module makes a broad assumption that there will be only one record per "node" (FQDN). - This module returns record(s) in the "result" element when 'state' is set to 'present'. This value can be be registered and used in your playbooks. @@ -96,18 +106,28 @@ author: "Russell Harrison" ''' EXAMPLES = ''' +# Attempting to cname www.example.com to web1.example.com +- name: Update CNAME record + dyn_record: + state: present + record_fqdn: www.example.com + zone: example.com + record_type: CNAME + record_value: web1.example.com + record_ttl: 7200 + +# Use the zones default TTL - name: Update CNAME record - local_action: - module: dyn_record + dyn_record: state: present record_fqdn: www.example.com zone: example.com record_type: CNAME record_value: web1.example.com + use_zone_ttl: true - name: Update A record - local_action: - module: dyn_record + dyn_record: state: present record_fqdn: web1.example.com zone: example.com @@ -144,7 +164,10 @@ def get_record_type(record_key): return record_key.replace('_records', '').upper() def get_record_key(record_type): - '''Get the key to look up records in the dictionary returned from get_any_records.''' + '''Get the key to look up records in the dictionary returned from get_any_records. + example: + 'cname_records' + ''' return record_type.lower() + '_records' def get_any_records(module, node): @@ -166,14 +189,41 @@ def get_any_records(module, node): def get_record_values(records): '''Get the record values for each record returned by get_any_records.''' - # This simply returns the values from a dictionary of record objects + # This simply returns the values from a record ret_dict = {} for key in records.keys(): record_type = get_record_type(key) - record_value_param = RECORD_PARAMS[record_type]['value_param'] - ret_dict[key] = [getattr(elem, record_value_param) for elem in records[key]] + params = [RECORD_PARAMS[record_type]['value_param'], 'ttl', 'zone', 'fqdn'] + ret_dict[key] = [] + properties = {} + for elem in records[key]: + for param in params: + properties[param] = getattr(elem, param) + ret_dict[key].append(properties) + return ret_dict +def compare_record_values(record_type_key, user_record_value, dyn_values): + ''' Verify the user record_value exists in dyn''' + rtype = get_record_type(record_type_key) + for record in dyn_values[record_type_key]: + if user_record_value in record[RECORD_PARAMS[rtype]['value_param']]: + return True + + return False + +def compare_record_ttl(record_type_key, user_record_value, dyn_values, user_param_ttl): + ''' Verify the ttls match for the record''' + rtype = get_record_type(record_type_key) + for record in dyn_values[record_type_key]: + # find the right record + if user_record_value in record[RECORD_PARAMS[rtype]['value_param']]: + # Compare ttls from the records + if int(record['ttl']) == user_param_ttl: + return True + + return False + def main(): '''Ansible module for managing Dyn DNS records.''' module = AnsibleModule( @@ -187,16 +237,20 @@ def main(): record_type=dict(required=False, type='str', choices=[ 'A', 'AAAA', 'CNAME', 'PTR', 'TXT']), record_value=dict(required=False, type='str'), - record_ttl=dict(required=False, default=0, type='int'), + record_ttl=dict(required=False, default=None, type='int'), + use_zone_ttl=dict(required=False, default=False), ), required_together=( ['record_fqdn', 'record_value', 'record_ttl', 'record_type'] - ) + ), + mutually_exclusive=[('record_ttl', 'use_zone_ttl')] ) if IMPORT_ERROR: - module.fail_json(msg="Unable to import dyn module: https://pypi.python.org/pypi/dyn", - error=IMPORT_ERROR) + module.fail_json(msg="Unable to import dyn module: https://pypi.python.org/pypi/dyn", error=IMPORT_ERROR) + + if module.params['record_ttl'] != None and int(module.params['record_ttl']) <= 0: + module.fail_json(msg="Invalid Value for record TTL") # Start the Dyn session try: @@ -204,22 +258,16 @@ def main(): module.params['user_name'], module.params['user_password']) except dyn.tm.errors.DynectAuthError as error: - module.fail_json(msg='Unable to authenticate with Dyn', - error=str(error)) + module.fail_json(msg='Unable to authenticate with Dyn', error=str(error)) # Retrieve zone object try: dyn_zone = Zone(module.params['zone']) except dyn.tm.errors.DynectGetError as error: if 'No such zone' in str(error): - module.fail_json( - msg="Not a valid zone for this account", - zone=module.params['zone'] - ) + module.fail_json(msg="Not a valid zone for this account", zone=module.params['zone']) else: - module.fail_json(msg="Unable to retrieve zone", - error=str(error)) - + module.fail_json(msg="Unable to retrieve zone", error=str(error)) # To retrieve the node object we need to remove the zone name from the FQDN dyn_node_name = module.params['record_fqdn'].replace('.' + module.params['zone'], '') @@ -233,27 +281,46 @@ def main(): # All states will need a list of the exiting records for the zone. dyn_node_records = get_any_records(module, dyn_node) + dyn_values = get_record_values(dyn_node_records) + if module.params['state'] == 'list': - module.exit_json(changed=False, - records=get_record_values( - dyn_node_records, - )) + module.exit_json(changed=False, dyn_records=dyn_values) - if module.params['state'] == 'present': + elif module.params['state'] == 'absent': + # If there are any records present we'll want to delete the node. + if dyn_node_records: + dyn_node.delete() + + # Publish the zone since we've modified it. + dyn_zone.publish() + + module.exit_json(changed=True, msg="Removed node %s from zone %s" % (dyn_node_name, module.params['zone'])) + + module.exit_json(changed=False) + + elif module.params['state'] == 'present': + + # configure the TTL variable: + # if use_zone_ttl, use the default TTL of the account. + # if TTL == None, don't check it, set it as 0 (api default) + # if TTL > 0, ensure this TTL is set + if module.params['use_zone_ttl']: + user_param_ttl = dyn_zone.ttl + elif not module.params['record_ttl']: + user_param_ttl = 0 + else: + user_param_ttl = module.params['record_ttl'] # First get a list of existing records for the node - values = get_record_values(dyn_node_records) - value_key = get_record_key(module.params['record_type']) - param_value = module.params['record_value'] + record_type_key = get_record_key(module.params['record_type']) + user_record_value = module.params['record_value'] # Check to see if the record is already in place before doing anything. - if (dyn_node_records and - dyn_node_records[value_key][0].ttl == module.params['record_ttl'] and - (param_value in values[value_key] or - param_value + '.' in values[value_key])): - - module.exit_json(changed=False) + if dyn_node_records and compare_record_values(record_type_key, user_record_value, dyn_values): + if user_param_ttl == 0 or \ + compare_record_ttl(record_type_key, user_record_value, dyn_values, user_param_ttl): + module.exit_json(changed=False, dyn_record=dyn_values) # Working on the assumption that there is only one record per # node we will first delete the node if there are any records before @@ -262,27 +329,20 @@ def main(): dyn_node.delete() # Now lets create the correct node entry. - dyn_zone.add_record(dyn_node_name, - module.params['record_type'], - module.params['record_value'], - module.params['record_ttl'] - ) + record = dyn_zone.add_record(dyn_node_name, + module.params['record_type'], + module.params['record_value'], + user_param_ttl + ) # Now publish the zone since we've updated it. dyn_zone.publish() - module.exit_json(changed=True, - msg="Created node %s in zone %s" % (dyn_node_name, module.params['zone'])) - if module.params['state'] == 'absent': - # If there are any records present we'll want to delete the node. - if dyn_node_records: - dyn_node.delete() - # Publish the zone since we've modified it. - dyn_zone.publish() - module.exit_json(changed=True, - msg="Removed node %s from zone %s" % (dyn_node_name, module.params['zone'])) - else: - module.exit_json(changed=False) + rmsg = "Created node [%s] " % dyn_node_name + rmsg += "in zone: [%s]" % module.params['zone'] + module.exit_json(changed=True, msg=rmsg, dyn_record=get_record_values({record_type_key: [record]})) + + module.fail_json(msg="Unknown state: [%s]" % module.params['state']) # Ansible tends to need a wild card import so we'll use it here # pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 61344357a..783249c3a 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -61,6 +61,20 @@ with_items: template.ztriggers when: template.ztriggers is defined +- name: Create Actions + zbx_action: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + state: "{{ item.state | default('present', True) }}" + name: "{{ item.name }}" + status: "{{ item.status | default('enabled', True) }}" + escalation_time: "{{ item.escalation_time }}" + conditions_filter: "{{ item.conditions_filter }}" + operations: "{{ item.operations }}" + with_items: template.zactions + when: template.zactions is defined + - name: Create Discoveryrules zbx_discoveryrule: zbx_server: "{{ server }}" diff --git a/roles/openshift_examples/files/examples/latest b/roles/openshift_examples/files/examples/latest new file mode 120000 index 000000000..634650e09 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest @@ -0,0 +1 @@ +v1.1
\ No newline at end of file diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 06f12053a..cee1f1738 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,7 +3,7 @@ {{ openshift.common.client_binary }} get node {{ item | lower }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 20 + retries: 50 delay: 5 changed_when: false with_items: openshift_nodes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index dd66eeebb..a37f5b4bb 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -70,7 +70,7 @@ oauth_grant_method: "{{ openshift_master_oauth_grant_method | default(None) }}" sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}" sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}" - default_subdomain: "{{ osm_default_subdomain | default(None) }}" + default_subdomain: "{{ openshift_master_default_subdomain | default(osm_default_subdomain) | default(None) }}" custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" default_node_selector: "{{ osm_default_node_selector | default(None) }}" project_request_message: "{{ osm_project_request_message | default(None) }}" diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 72869a592..9017b7d2b 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -27,3 +27,12 @@ --overwrite=false when: item.master_certs_missing | bool with_items: masters_needing_certs + +- file: + src: "{{ openshift_master_config_dir }}/{{ item.1 }}" + dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: hard + force: true + with_nested: + - masters_needing_certs + - "{{ hostvars[inventory_hostname] | certificates_to_synchronize }}" diff --git a/roles/os_reboot_server/tasks/main.yaml b/roles/os_reboot_server/tasks/main.yaml new file mode 100644 index 000000000..581ed3e0a --- /dev/null +++ b/roles/os_reboot_server/tasks/main.yaml @@ -0,0 +1,16 @@ +--- +# Role to reboot a server +- name: Restart server + shell: sleep 2 && shutdown -r now "Ansible updates triggered" + async: 1 + poll: 0 + ignore_errors: true + +- name: Wait for server to restart + local_action: + module: wait_for + host={{ ansible_ssh_host }} + port=22 + delay=3 + timeout=300 + sudo: false diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml index 2400164fa..ff2b52275 100644 --- a/roles/os_update_latest/tasks/main.yml +++ b/roles/os_update_latest/tasks/main.yml @@ -1,8 +1,3 @@ --- -- fail: - msg: "Update is not yet supported by this playbook on atomic hosts" - when: openshift.common.is_containerized | bool - - name: Update all packages action: "{{ ansible_pkg_mgr }} name=* state=latest" - when: not openshift.common.is_containerized | bool
\ No newline at end of file diff --git a/roles/os_utils/tasks/main.yaml b/roles/os_utils/tasks/main.yaml new file mode 100644 index 000000000..346f6566f --- /dev/null +++ b/roles/os_utils/tasks/main.yaml @@ -0,0 +1,17 @@ +--- +# Utility packages that make things helpful + +- name: Install useful rpm packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - wget + - git + - net-tools + - bind-utils + - iptables-services + - bridge-utils + - bash-completion + - atop + - htop + - ack + - telnet diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml index c36c593df..66bd3a147 100644 --- a/roles/os_zabbix/vars/template_openshift_node.yml +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -59,7 +59,7 @@ g_template_openshift_node: url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high - - name: '[HEAL] OVS may not be running on {HOST.NAME}' + - name: '[Heal] OVS may not be running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.ovs.pids.count.last(#1)}<>4 and {Template Openshift Node:openshift.node.ovs.pids.count.last(#2)}<>4' url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high @@ -68,5 +68,3 @@ g_template_openshift_node: expression: '{Template Openshift Node:openshift.node.ovs.ports.count.last()}=0' url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high - - diff --git a/roles/os_zabbix/vars/template_ops_tools.yml b/roles/os_zabbix/vars/template_ops_tools.yml index d1b8a2514..a0a5a4d03 100644 --- a/roles/os_zabbix/vars/template_ops_tools.yml +++ b/roles/os_zabbix/vars/template_ops_tools.yml @@ -21,3 +21,34 @@ g_template_ops_tools: expression: '{Template Operations Tools:disc.ops.runner.command.exitcode[{#OSO_COMMAND}].last()}<>0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_ops_runner_command.asciidoc' priority: average + + zactions: + - name: 'Remote command for [Heal] triggers' + status: enabled + escalation_time: 60 + conditions_filter: + calculation_type: "and/or" + conditions: + - conditiontype: maintenance status + operator: not in + - conditiontype: trigger name + operator: like + value: "[Heal]" + - conditiontype: trigger value + operator: "=" + value: PROBLEM + operations: + - esc_step_from: 1 + esc_step_to: 1 + esc_period: 0 + operationtype: remote command + opcommand: + command: 'ssh -i /etc/openshift_tools/scriptrunner_id_rsa {{ ozb_scriptrunner_user }}@{{ ozb_scriptrunner_bastion_host }} remote-healer --host \"{HOST.NAME}\" --trigger \"{TRIGGER.NAME}\" --trigger-val \"{TRIGGER.VALUE}\"' + execute_on: "zabbix server" + type: 'custom script' + target_hosts: + - target_type: 'zabbix server' + opconditions: + - conditiontype: 'event acknowledged' + operator: '=' + value: 'not acknowledged' diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 7a97de4e6..ace834323 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -533,22 +533,25 @@ def get_installed_hosts(hosts, callback_facts): try: first_master = next(host for host in hosts if host.master) lb_hostname = callback_facts[first_master.connect_to]['master'].get('cluster_hostname', '') - lb_host = next(host for host in hosts if host.connect_to == lb_hostname) + lb_host = \ + next(host for host in hosts if host.ip == callback_facts[lb_hostname]['common']['ip']) + installed_hosts.append(lb_host) except (KeyError, StopIteration): pass - for host in hosts: if host.connect_to in callback_facts.keys() and is_installed_host(host, callback_facts): installed_hosts.append(host) return installed_hosts def is_installed_host(host, callback_facts): - return 'common' in callback_facts[host.connect_to].keys() and \ + version_found = 'common' in callback_facts[host.connect_to].keys() and \ callback_facts[host.connect_to]['common'].get('version', '') and \ callback_facts[host.connect_to]['common'].get('version', '') != 'None' + return version_found or host.master_lb or host.preconfigured + # pylint: disable=too-many-branches # This pylint error will be corrected shortly in separate PR. def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force, verbose): diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index f2c7289fa..3a135139b 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -117,7 +117,7 @@ def write_inventory_vars(base_inventory, multiple_masters, proxy): "openshift_master_cluster_public_hostname={}\n".format(proxy.public_hostname)) if CFG.settings.get('master_routingconfig_subdomain', False): base_inventory.write( - "osm_default_subdomain={}\n".format(CFG.settings['master_routingconfig_subdomain'])) + "openshift_master_default_subdomain={}\n".format(CFG.settings['master_routingconfig_subdomain'])) |