summaryrefslogtreecommitdiffstats
path: root/playbooks/adhoc
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/adhoc')
-rw-r--r--playbooks/adhoc/atomic_openshift_tutorial_reset.yml77
-rwxr-xr-xplaybooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml115
-rw-r--r--playbooks/adhoc/s3_registry/s3_registry.yml16
-rw-r--r--playbooks/adhoc/uninstall.yml170
-rw-r--r--playbooks/adhoc/upgrades/README.md21
l---------playbooks/adhoc/upgrades/filter_plugins1
l---------playbooks/adhoc/upgrades/lookup_plugins1
l---------playbooks/adhoc/upgrades/roles1
-rw-r--r--playbooks/adhoc/upgrades/upgrade.yml115
9 files changed, 301 insertions, 216 deletions
diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
index 54d3ea278..c14d08e87 100644
--- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
+++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml
@@ -1,6 +1,9 @@
# This deletes *ALL* Docker images, and uninstalls OpenShift and
# Atomic Enterprise RPMs. It is primarily intended for use
# with the tutorial as well as for developers to reset state.
+#
+---
+- include: uninstall.yml
- hosts:
- OSEv3:children
@@ -8,59 +11,6 @@
sudo: yes
tasks:
- - service: name={{ item }} state=stopped
- with_items:
- - openvswitch
- - origin-master
- - origin-node
- - atomic-openshift-master
- - atomic-openshift-node
- - openshift-master
- - openshift-node
- - atomic-enterprise-master
- - atomic-enterprise-node
- - etcd
-
- - yum: name={{ item }} state=absent
- with_items:
- - openvswitch
- - etcd
- - origin
- - origin-master
- - origin-node
- - origin-sdn-ovs
- - tuned-profiles-origin-node
- - atomic-openshift
- - atomic-openshift-master
- - atomic-openshift-node
- - atomic-openshift-sdn-ovs
- - tuned-profiles-atomic-openshift-node
- - atomic-enterprise
- - atomic-enterprise-master
- - atomic-enterprise-node
- - atomic-enterprise-sdn-ovs
- - tuned-profiles-atomic-enterprise-node
- - openshift
- - openshift-master
- - openshift-node
- - openshift-sdn-ovs
- - tuned-profiles-openshift-node
-
- - shell: systemctl reset-failed
- changed_when: False
-
- - shell: systemctl daemon-reload
- changed_when: False
-
- - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
- changed_when: False
-
- - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
- changed_when: False
-
- - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
- changed_when: False
-
- shell: docker ps -a -q | xargs docker stop
changed_when: False
failed_when: False
@@ -73,27 +23,6 @@
changed_when: False
failed_when: False
- - file: path={{ item }} state=absent
- with_items:
- - /etc/openshift-sdn
- - /root/.kube
- - /etc/origin
- - /etc/atomic-enterprise
- - /etc/openshift
- - /var/lib/origin
- - /var/lib/openshift
- - /var/lib/atomic-enterprise
- - /etc/sysconfig/origin-master
- - /etc/sysconfig/origin-node
- - /etc/sysconfig/atomic-openshift-master
- - /etc/sysconfig/atomic-openshift-node
- - /etc/sysconfig/openshift-master
- - /etc/sysconfig/openshift-node
- - /etc/sysconfig/atomic-enterprise-master
- - /etc/sysconfig/atomic-enterprise-node
- - /etc/etcd
- - /var/lib/etcd
-
- user: name={{ item }} state=absent remove=yes
with_items:
- alice
diff --git a/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml
new file mode 100755
index 000000000..72fcd77b3
--- /dev/null
+++ b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml
@@ -0,0 +1,115 @@
+#!/usr/bin/ansible-playbook
+---
+# This playbook coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker).
+#
+# It requires the block device to be already provisioned and attached to the host. This is a generic playbook,
+# meant to be used for manual conversion. For AWS specific conversions, use the other playbook in this directory.
+#
+# To run:
+# ./ops-docker-loopback-to-direct-lvm.yml -e cli_host=<host to run on> -e cli_docker_device=<path to device>
+#
+# Example:
+# ./ops-docker-loopback-to-direct-lvm.yml -e cli_host=twiesttest-master-fd32 -e cli_docker_device=/dev/sdb
+#
+# Notes:
+# * This will remove /var/lib/docker!
+# * You may need to re-deploy docker images after this is run (like monitoring)
+
+- name: Fix docker to have a provisioned iops drive
+ hosts: "{{ cli_name }}"
+ user: root
+ connection: ssh
+ gather_facts: no
+
+ pre_tasks:
+ - fail:
+ msg: "This playbook requires {{item}} to be set."
+ when: "{{ item }} is not defined or {{ item }} == ''"
+ with_items:
+ - cli_docker_device
+
+ - name: start docker
+ service:
+ name: docker
+ state: started
+
+ - name: Determine if loopback
+ shell: docker info | grep 'Data file:.*loop'
+ register: loop_device_check
+ ignore_errors: yes
+
+ - debug:
+ var: loop_device_check
+
+ - name: fail if we don't detect loopback
+ fail:
+ msg: loopback not detected! Please investigate manually.
+ when: loop_device_check.rc == 1
+
+ - name: stop zagg client monitoring container
+ service:
+ name: oso-rhel7-zagg-client
+ state: stopped
+ ignore_errors: yes
+
+ - name: stop pcp client monitoring container
+ service:
+ name: oso-f22-host-monitoring
+ state: stopped
+ ignore_errors: yes
+
+ - name: "check to see if {{ cli_docker_device }} exists"
+ command: "test -e {{ cli_docker_device }}"
+ register: docker_dev_check
+ ignore_errors: yes
+
+ - debug: var=docker_dev_check
+
+ - name: "fail if {{ cli_docker_device }} doesn't exist"
+ fail:
+ msg: "{{ cli_docker_device }} doesn't exist. Please investigate"
+ when: docker_dev_check.rc != 0
+
+ - name: stop docker
+ service:
+ name: docker
+ state: stopped
+
+ - name: delete /var/lib/docker
+ command: rm -rf /var/lib/docker
+
+ - name: remove /var/lib/docker
+ command: rm -rf /var/lib/docker
+
+ - name: copy the docker-storage-setup config file
+ copy:
+ content: >
+ DEVS={{ cli_docker_device }}
+ VG=docker_vg
+ dest: /etc/sysconfig/docker-storage-setup
+ owner: root
+ group: root
+ mode: 0664
+
+ - name: docker storage setup
+ command: docker-storage-setup
+ register: setup_output
+
+ - debug: var=setup_output
+
+ - name: extend the vg
+ command: lvextend -l 90%VG /dev/docker_vg/docker-pool
+ register: extend_output
+
+ - debug: var=extend_output
+
+ - name: start docker
+ service:
+ name: docker
+ state: restarted
+
+ - name: docker info
+ command: docker info
+ register: dockerinfo
+
+ - debug: var=dockerinfo
diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml
index d1546b6fa..4dcef1a42 100644
--- a/playbooks/adhoc/s3_registry/s3_registry.yml
+++ b/playbooks/adhoc/s3_registry/s3_registry.yml
@@ -6,13 +6,14 @@
# The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role.
# The 'clusterid' is the short name of your cluster.
-- hosts: security_group_{{ clusterid }}_master
+- hosts: tag_env-host-type_{{ clusterid }}-openshift-master
remote_user: root
gather_facts: False
vars:
- aws_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
- aws_secret_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
+ aws_access_key: "{{ lookup('env', 'S3_ACCESS_KEY_ID') }}"
+ aws_secret_key: "{{ lookup('env', 'S3_SECRET_ACCESS_KEY') }}"
+
tasks:
- name: Check for AWS creds
@@ -23,10 +24,16 @@
- aws_access_key
- aws_secret_key
+ - name: Scale down registry
+ command: oc scale --replicas=0 dc/docker-registry
+
- name: Create S3 bucket
local_action:
module: s3 bucket="{{ clusterid }}-docker" mode=create
+ - name: Set up registry environment variable
+ command: oc env dc/docker-registry REGISTRY_CONFIGURATION_PATH=/etc/registryconfig/config.yml
+
- name: Generate docker registry config
template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600
@@ -54,6 +61,9 @@
command: oc volume dc/docker-registry --add --name=dockersecrets -m /etc/registryconfig --type=secret --secret-name=dockerregistry
when: "'dockersecrets' not in dc.stdout"
+ - name: Wait for deployment config to take effect before scaling up
+ pause: seconds=30
+
- name: Scale up registry
command: oc scale --replicas=1 dc/docker-registry
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
new file mode 100644
index 000000000..e0dbad900
--- /dev/null
+++ b/playbooks/adhoc/uninstall.yml
@@ -0,0 +1,170 @@
+# This deletes *ALL* Origin, Atomic Enterprise Platform and OpenShift
+# Enterprise content installed by ansible. This includes:
+#
+# configuration
+# containers
+# example templates and imagestreams
+# images
+# RPMs
+---
+- hosts:
+ - OSEv3:children
+
+ sudo: yes
+
+ tasks:
+ - name: Detecting Operating System
+ shell: ls /run/ostree-booted
+ ignore_errors: yes
+ failed_when: false
+ register: ostree_output
+
+ - set_fact:
+ is_atomic: "{{ ostree_output.rc == 0 }}"
+
+ - name: Remove br0 interface
+ shell: ovs-vsctl del-br br0
+ changed_when: False
+ failed_when: False
+
+ - service: name={{ item }} state=stopped
+ with_items:
+ - atomic-enterprise-master
+ - atomic-enterprise-node
+ - atomic-openshift-master
+ - atomic-openshift-master-api
+ - atomic-openshift-master-controllers
+ - atomic-openshift-node
+ - etcd
+ - openshift-master
+ - openshift-master-api
+ - openshift-master-controllers
+ - openshift-node
+ - openvswitch
+ - origin-master
+ - origin-master-api
+ - origin-master-controllers
+ - origin-node
+ - pcsd
+
+ - yum: name={{ item }} state=absent
+ when: not is_atomic | bool
+ with_items:
+ - atomic-enterprise
+ - atomic-enterprise-master
+ - atomic-enterprise-node
+ - atomic-enterprise-sdn-ovs
+ - atomic-openshift
+ - atomic-openshift-clients
+ - atomic-openshift-master
+ - atomic-openshift-node
+ - atomic-openshift-sdn-ovs
+ - corosync
+ - etcd
+ - openshift
+ - openshift-master
+ - openshift-node
+ - openshift-sdn
+ - openshift-sdn-ovs
+ - openvswitch
+ - origin
+ - origin-clients
+ - origin-master
+ - origin-node
+ - origin-sdn-ovs
+ - pacemaker
+ - pcs
+ - tuned-profiles-atomic-enterprise-node
+ - tuned-profiles-atomic-openshift-node
+ - tuned-profiles-openshift-node
+ - tuned-profiles-origin-node
+
+ - name: Remove linux interfaces
+ shell: ip link del "{{ item }}"
+ changed_when: False
+ failed_when: False
+ with_items:
+ - lbr0
+ - vlinuxbr
+ - vovsbr
+
+ - shell: systemctl reset-failed
+ changed_when: False
+
+ - shell: systemctl daemon-reload
+ changed_when: False
+
+ - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+ changed_when: False
+
+ - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+ changed_when: False
+
+ - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+ changed_when: False
+
+ - shell: docker rm -f "{{ item }}"-master "{{ item }}"-node
+ changed_when: False
+ failed_when: False
+ with_items:
+ - openshift-enterprise
+ - atomic-enterprise
+ - origin
+
+ - shell: docker ps -a | grep Exited | grep "{{ item }}" | awk '{print $1}'
+ changed_when: False
+ failed_when: False
+ register: exited_containers_to_delete
+ with_items:
+ - aep3/aep
+ - openshift3/ose
+ - openshift/origin
+
+ - shell: "docker rm {{ item.stdout_lines | join(' ') }}"
+ changed_when: False
+ failed_when: False
+ with_items: "{{ exited_containers_to_delete.results }}"
+
+ - shell: docker images | grep {{ item }} | awk '{ print $3 }'
+ changed_when: False
+ failed_when: False
+ register: images_to_delete
+ with_items:
+ - registry.access.redhat.com/openshift3
+ - registry.access.redhat.com/aep3
+ - docker.io/openshift
+
+ - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}"
+ changed_when: False
+ failed_when: False
+ with_items: "{{ images_to_delete.results }}"
+
+ - file: path={{ item }} state=absent
+ with_items:
+ - "~{{ ansible_ssh_user }}/.kube"
+ - /etc/ansible/facts.d/openshift.fact
+ - /etc/atomic-enterprise
+ - /etc/corosync
+ - /etc/etcd
+ - /etc/openshift
+ - /etc/openshift-sdn
+ - /etc/origin
+ - /etc/sysconfig/atomic-enterprise-master
+ - /etc/sysconfig/atomic-enterprise-node
+ - /etc/sysconfig/atomic-openshift-master
+ - /etc/sysconfig/atomic-openshift-node
+ - /etc/sysconfig/openshift-master
+ - /etc/sysconfig/openshift-node
+ - /etc/sysconfig/origin-master
+ - /etc/sysconfig/origin-node
+ - /root/.kube
+ - /run/openshift-sdn
+ - /usr/share/openshift/examples
+ - /var/lib/atomic-enterprise
+ - /var/lib/etcd
+ - /var/lib/openshift
+ - /var/lib/origin
+ - /var/lib/pacemaker
+
+ - name: restart docker
+ service: name=docker state=restarted
diff --git a/playbooks/adhoc/upgrades/README.md b/playbooks/adhoc/upgrades/README.md
deleted file mode 100644
index 6de8a970f..000000000
--- a/playbooks/adhoc/upgrades/README.md
+++ /dev/null
@@ -1,21 +0,0 @@
-# [NOTE]
-This playbook will re-run installation steps overwriting any local
-modifications. You should ensure that your inventory has been updated with any
-modifications you've made after your initial installation. If you find any items
-that cannot be configured via ansible please open an issue at
-https://github.com/openshift/openshift-ansible
-
-# Overview
-This playbook is available as a technical preview. It currently performs the
-following steps.
-
- * Upgrade and restart master services
- * Upgrade and restart node services
- * Applies latest configuration by re-running the installation playbook
- * Applies the latest cluster policies
- * Updates the default router if one exists
- * Updates the default registry if one exists
- * Updates image streams and quickstarts
-
-# Usage
-ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/adhoc/upgrades/upgrade.yml
diff --git a/playbooks/adhoc/upgrades/filter_plugins b/playbooks/adhoc/upgrades/filter_plugins
deleted file mode 120000
index b0b7a3414..000000000
--- a/playbooks/adhoc/upgrades/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins/ \ No newline at end of file
diff --git a/playbooks/adhoc/upgrades/lookup_plugins b/playbooks/adhoc/upgrades/lookup_plugins
deleted file mode 120000
index 73cafffe5..000000000
--- a/playbooks/adhoc/upgrades/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins/ \ No newline at end of file
diff --git a/playbooks/adhoc/upgrades/roles b/playbooks/adhoc/upgrades/roles
deleted file mode 120000
index e2b799b9d..000000000
--- a/playbooks/adhoc/upgrades/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles/ \ No newline at end of file
diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml
deleted file mode 100644
index e666f0472..000000000
--- a/playbooks/adhoc/upgrades/upgrade.yml
+++ /dev/null
@@ -1,115 +0,0 @@
----
-- name: Re-Run cluster configuration to apply latest configuration changes
- include: ../../common/openshift-cluster/config.yml
- vars:
- g_etcd_group: "{{ 'etcd' }}"
- g_masters_group: "{{ 'masters' }}"
- g_nodes_group: "{{ 'nodes' }}"
- openshift_cluster_id: "{{ cluster_id | default('default') }}"
- openshift_deployment_type: "{{ deployment_type }}"
-
-- name: Upgrade masters
- hosts: masters
- vars:
- openshift_version: "{{ openshift_pkg_version | default('') }}"
- tasks:
- - name: Upgrade master packages
- yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest
- - name: Restart master services
- service: name="{{ openshift.common.service_type}}-master" state=restarted
-
-- name: Upgrade nodes
- hosts: nodes
- vars:
- openshift_version: "{{ openshift_pkg_version | default('') }}"
- tasks:
- - name: Upgrade node packages
- yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }} state=latest
- - name: Restart node services
- service: name="{{ openshift.common.service_type }}-node" state=restarted
-
-- name: Determine new master version
- hosts: oo_first_master
- tasks:
- - name: Determine new version
- command: >
- rpm -q --queryformat '%{version}' {{ openshift.common.service_type }}-master
- register: _new_version
-
-- name: Ensure AOS 3.0.2 or Origin 1.0.6
- hosts: oo_first_master
- tasks:
- fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later
- when: _new_version.stdout < 1.0.6 or (_new_version.stdout >= 3.0 and _new_version.stdout < 3.0.2)
-
-- name: Update cluster policy
- hosts: oo_first_master
- tasks:
- - name: oadm policy reconcile-cluster-roles --confirm
- command: >
- {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- policy reconcile-cluster-roles --confirm
-
-- name: Upgrade default router
- hosts: oo_first_master
- vars:
- - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}"
- - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig"
- tasks:
- - name: Check for default router
- command: >
- {{ oc_cmd }} get -n default dc/router
- register: _default_router
- failed_when: false
- changed_when: false
- - name: Check for allowHostNetwork and allowHostPorts
- when: _default_router.rc == 0
- shell: >
- {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork
- register: _scc
- - name: Grant allowHostNetwork and allowHostPorts
- when:
- - _default_router.rc == 0
- - "'false' in _scc.stdout"
- command: >
- {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9
- - name: Update deployment config to 1.0.4/3.0.1 spec
- when: _default_router.rc == 0
- command: >
- {{ oc_cmd }} patch dc/router -p
- '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}'
- - name: Switch to hostNetwork=true
- when: _default_router.rc == 0
- command: >
- {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}'
- - name: Update router image to current version
- when: _default_router.rc == 0
- command: >
- {{ oc_cmd }} patch dc/router -p
- '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}'
-
-- name: Upgrade default
- hosts: oo_first_master
- vars:
- - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}"
- - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig"
- tasks:
- - name: Check for default registry
- command: >
- {{ oc_cmd }} get -n default dc/docker-registry
- register: _default_registry
- failed_when: false
- changed_when: false
- - name: Update registry image to current version
- when: _default_registry.rc == 0
- command: >
- {{ oc_cmd }} patch dc/docker-registry -p
- '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}'
-
-- name: Update image streams and templates
- hosts: oo_first_master
- vars:
- openshift_examples_import_command: "update"
- openshift_deployment_type: "{{ deployment_type }}"
- roles:
- - openshift_examples
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-14 03:39:14 +0000