diff options
Diffstat (limited to 'playbooks/common')
8 files changed, 61 insertions, 6 deletions
diff --git a/playbooks/common/openshift-cluster/initialize_openshift_version.yml b/playbooks/common/openshift-cluster/initialize_openshift_version.yml index a1bd1bd92..07b38920f 100644 --- a/playbooks/common/openshift-cluster/initialize_openshift_version.yml +++ b/playbooks/common/openshift-cluster/initialize_openshift_version.yml @@ -1,6 +1,7 @@ --- # NOTE: requires openshift_facts be run -- hosts: l_oo_all_hosts +- name: Verify compatible yum/subscription-manager combination + hosts: l_oo_all_hosts gather_facts: no tasks: # See: diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml index ec5b18389..021d19dad 100644 --- a/playbooks/common/openshift-cluster/openshift_hosted.yml +++ b/playbooks/common/openshift-cluster/openshift_hosted.yml @@ -45,3 +45,14 @@ - role: cockpit-ui when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool ) and not (openshift.docker.hosted_registry_insecure | default(false) | bool) + +- name: Update master-config for publicLoggingURL + hosts: masters:!oo_first_master + pre_tasks: + - set_fact: + logging_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}" + tasks: + - include_role: + name: openshift_hosted_logging + tasks_from: update_master_config + when: openshift_hosted_logging_deploy | default(false) | boola diff --git a/playbooks/common/openshift-cluster/openshift_logging.yml b/playbooks/common/openshift-cluster/openshift_logging.yml index 6347cbc26..82f18f5e1 100644 --- a/playbooks/common/openshift-cluster/openshift_logging.yml +++ b/playbooks/common/openshift-cluster/openshift_logging.yml @@ -3,3 +3,11 @@ hosts: oo_first_master roles: - openshift_logging + +- name: Update Master configs + hosts: masters:!oo_first_master + tasks: + - include_role: + name: openshift_logging + tasks_from: update_master_config + when: openshift_logging_install_logging | default(false) | bool diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index e3d16d359..b83e4d821 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -1,7 +1,8 @@ --- - include: evaluate_groups.yml -- hosts: oo_hosts_to_update +- name: Subscribe hosts, update repos and update OS packages + hosts: oo_hosts_to_update vars: openshift_deployment_type: "{{ deployment_type }}" roles: diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml index 235853b0f..a3b8c489e 100644 --- a/playbooks/common/openshift-cluster/upgrades/init.yml +++ b/playbooks/common/openshift-cluster/upgrades/init.yml @@ -1,9 +1,11 @@ --- -- name: Create l_oo_all_hosts group +- name: Create initial host groups for localhost hosts: localhost connection: local become: no gather_facts: no + tags: + - always tasks: - include_vars: ../../../byo/openshift-cluster/cluster_hosts.yml - name: Evaluate group l_oo_all_hosts @@ -13,9 +15,11 @@ with_items: "{{ g_all_hosts | default([]) }}" changed_when: False -- name: Include g_*_hosts vars for hosts in group l_oo_all_hosts +- name: Create initial host groups for all hosts hosts: l_oo_all_hosts gather_facts: no + tags: + - always tasks: - include_vars: ../../../byo/openshift-cluster/cluster_hosts.yml @@ -61,3 +65,17 @@ when: not openshift.common.is_atomic | bool args: warn: no + +- name: Ensure firewall is not switched during upgrade + hosts: oo_all_hosts + tasks: + - name: Check if iptables is running + command: systemctl status iptables + ignore_errors: true + changed_when: false + register: service_iptables_status + + - name: Set fact os_firewall_use_firewalld FALSE for iptables + set_fact: + os_firewall_use_firewalld: false + when: "'Active: active' in service_iptables_status.stdout" diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index 23b976192..9cad931af 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -32,7 +32,7 @@ include: ./etcd/main.yml # Create service signer cert when missing. Service signer certificate -# is added to master config in the master config hook for v3_3. +# is added to master config in the master_config_upgrade hook. - name: Determine if service signer cert must be created hosts: oo_first_master tasks: diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml index 5fa74898f..a6a49e5ff 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml @@ -81,6 +81,21 @@ failed_when: false when: openshift.common.is_containerized | bool + - name: Upgrade openvswitch + package: + name: openvswitch + state: latest + register: ovs_pkg + when: inventory_hostname in groups.oo_nodes_to_upgrade and not openshift.common.is_containerized | bool + + - name: Restart openvswitch + systemd: + name: openvswitch + state: restarted + when: + - inventory_hostname in groups.oo_nodes_to_upgrade and not openshift.common.is_containerized | bool + - ovs_pkg | changed + # Mandatory Docker restart, ensure all containerized services are running: - include: docker/restart.yml diff --git a/playbooks/common/openshift-master/restart_hosts.yml b/playbooks/common/openshift-master/restart_hosts.yml index 832301e3d..475144dbf 100644 --- a/playbooks/common/openshift-master/restart_hosts.yml +++ b/playbooks/common/openshift-master/restart_hosts.yml @@ -10,9 +10,10 @@ - name: Wait for master to restart local_action: module: wait_for - host="{{ inventory_hostname }}" + host="{{ ansible_host }}" state=started delay=10 + timeout=600 become: no # Now that ssh is back up we can wait for API on the remote system, |