summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml6
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates.yml8
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade.yml8
-rw-r--r--playbooks/common/openshift-master/scaleup.yml4
-rw-r--r--playbooks/common/openshift-node/config.yml4
-rw-r--r--playbooks/gce/openshift-cluster/tasks/launch_instances.yml2
-rw-r--r--playbooks/openstack/openshift-cluster/dns.yml52
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack.yaml161
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml24
-rw-r--r--playbooks/openstack/openshift-cluster/files/user-data13
-rw-r--r--playbooks/openstack/openshift-cluster/launch.yml12
-rw-r--r--playbooks/openstack/openshift-cluster/update.yml2
-rw-r--r--playbooks/openstack/openshift-cluster/vars.yml1
13 files changed, 44 insertions, 253 deletions
diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml
index 3a285ab9f..1fa32570c 100644
--- a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml
@@ -25,13 +25,13 @@
tasks:
- name: Prepare for Node evacuation
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=false
delegate_to: "{{ groups.oo_first_master.0 }}"
when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config
- name: Evacuate Node for Kubelet upgrade
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --evacuate --force
delegate_to: "{{ groups.oo_first_master.0 }}"
when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config
@@ -40,7 +40,7 @@
- name: Set node schedulability
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=true
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=true
delegate_to: "{{ groups.oo_first_master.0 }}"
when: openshift.node.schedulable | bool
when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config and openshift.node.schedulable | bool
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates.yml b/playbooks/common/openshift-cluster/redeploy-certificates.yml
index 5b72c3450..4996c56a7 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates.yml
@@ -212,7 +212,7 @@
- name: Determine if node is currently scheduleable
command: >
{{ openshift.common.client_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig
- get node {{ openshift.common.hostname | lower }} -o json
+ get node {{ openshift.node.nodename }} -o json
register: node_output
when: openshift_certificates_redeploy_ca | default(false) | bool
delegate_to: "{{ groups.oo_first_master.0 }}"
@@ -225,7 +225,7 @@
- name: Prepare for node evacuation
command: >
{{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig
- manage-node {{ openshift.common.hostname | lower }}
+ manage-node {{ openshift.node.nodename }}
--schedulable=false
delegate_to: "{{ groups.oo_first_master.0 }}"
when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool
@@ -233,7 +233,7 @@
- name: Evacuate node
command: >
{{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig
- manage-node {{ openshift.common.hostname | lower }}
+ manage-node {{ openshift.node.nodename }}
--evacuate --force
delegate_to: "{{ groups.oo_first_master.0 }}"
when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool
@@ -241,7 +241,7 @@
- name: Set node schedulability
command: >
{{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig
- manage-node {{ openshift.common.hostname | lower }} --schedulable=true
+ manage-node {{ openshift.node.nodename }} --schedulable=true
delegate_to: "{{ groups.oo_first_master.0 }}"
when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/upgrade.yml
index ba4fc63be..8a2784fb4 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade.yml
@@ -197,7 +197,7 @@
# we merge upgrade functionality into the base roles and a normal config.yml playbook run.
- name: Determine if node is currently scheduleable
command: >
- {{ openshift.common.client_binary }} get node {{ openshift.common.hostname | lower }} -o json
+ {{ openshift.common.client_binary }} get node {{ openshift.node.nodename }} -o json
register: node_output
delegate_to: "{{ groups.oo_first_master.0 }}"
changed_when: false
@@ -209,13 +209,13 @@
- name: Mark unschedulable if host is a node
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=false
delegate_to: "{{ groups.oo_first_master.0 }}"
when: inventory_hostname in groups.oo_nodes_to_config
- name: Evacuate Node for Kubelet upgrade
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --evacuate --force
delegate_to: "{{ groups.oo_first_master.0 }}"
when: inventory_hostname in groups.oo_nodes_to_config
@@ -237,7 +237,7 @@
- name: Set node schedulability
command: >
- {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=true
+ {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=true
delegate_to: "{{ groups.oo_first_master.0 }}"
when: inventory_hostname in groups.oo_nodes_to_config and was_schedulable | bool
diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml
index 7304fca56..56ed09e1b 100644
--- a/playbooks/common/openshift-master/scaleup.yml
+++ b/playbooks/common/openshift-master/scaleup.yml
@@ -40,6 +40,10 @@
--cacert {{ openshift.common.config_base }}/master/ca.crt
{% endif %}
{{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
register: api_available_output
until: api_available_output.stdout == 'ok'
retries: 120
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index 66eb293e5..07a89b7fb 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -172,6 +172,10 @@
--cacert {{ openshift.common.config_base }}/master/ca.crt
{% endif %}
{{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
register: api_available_output
until: api_available_output.stdout == 'ok'
retries: 120
diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
index c5c479052..60cf21a5b 100644
--- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml
@@ -1,7 +1,7 @@
---
- name: Launch instance(s)
gce:
- instance_names: "{{ instances }}"
+ instance_names: "{{ instances|join(',') }}"
machine_type: "{{ gce_machine_type | default(deployment_vars[deployment_type].machine_type, true) }}"
image: "{{ gce_machine_image | default(deployment_vars[deployment_type].image, true) }}"
service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}"
diff --git a/playbooks/openstack/openshift-cluster/dns.yml b/playbooks/openstack/openshift-cluster/dns.yml
deleted file mode 100644
index 285f8fa78..000000000
--- a/playbooks/openstack/openshift-cluster/dns.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-- name: Populate oo_dns_hosts_to_update group
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- vars_files:
- - vars.yml
- - cluster_hosts.yml
- tasks:
- - name: Evaluate oo_dns_hosts_to_update
- add_host:
- name: "{{ item }}"
- groups: oo_dns_hosts_to_update
- ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_become: "{{ deployment_vars[deployment_type].become }}"
- with_items: "{{ groups[cluster_id ~ '-dns'] }}"
-
- - name: Evaluate oo_hosts_to_add_in_dns
- add_host:
- name: "{{ item }}"
- groups: oo_hosts_to_add_in_dns
- ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_become: "{{ deployment_vars[deployment_type].become }}"
- with_items: "{{ groups['meta-clusterid_' ~ cluster_id] }}"
-
-- name: Gather facts
- hosts: oo_hosts_to_add_in_dns
- vars_files:
- - vars.yml
- - cluster_hosts.yml
-
-- name: Configure the DNS
- hosts: oo_dns_hosts_to_update
- vars_files:
- - vars.yml
- - cluster_hosts.yml
- roles:
- # Explicitly calling openshift_facts because it appears that when
- # rhel_subscribe is skipped that the openshift_facts dependency for
- # openshift_repos is also skipped (this is the case at least for Ansible
- # 2.0.2)
- - openshift_facts
- - role: rhel_subscribe
- when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and
- ansible_distribution == "RedHat" and
- lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) |
- default('no', True) | lower in ['no', 'false']
-
- - { role: dns,
- dns_forwarders: "{{ openstack_network_dns }}",
- dns_zones: [ novalocal, openstacklocal ],
- dns_all_hosts: "{{ g_all_hosts }}" }
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
index 458cf5ac7..755090f94 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
@@ -88,11 +88,6 @@ parameters:
label: Infra image
description: Name of the image for the infra node servers
- dns_image:
- type: string
- label: DNS image
- description: Name of the image for the DNS server
-
etcd_flavor:
type: string
label: Etcd flavor
@@ -113,11 +108,6 @@ parameters:
label: Infra flavor
description: Flavor of the infra node servers
- dns_flavor:
- type: string
- label: DNS flavor
- description: Flavor of the DNS server
-
outputs:
etcd_names:
@@ -168,26 +158,6 @@ outputs:
description: Floating IPs of the nodes
value: { get_attr: [ infra_nodes, floating_ip ] }
- dns_name:
- description: Name of the DNS
- value:
- get_attr:
- - dns
- - name
-
- dns_floating_ip:
- description: Floating IP of the DNS
- value:
- get_attr:
- - dns
- - addresses
- - str_replace:
- template: openshift-ansible-cluster_id-net
- params:
- cluster_id: { get_param: cluster_id }
- - 1
- - addr
-
resources:
net:
@@ -213,22 +183,7 @@ resources:
template: subnet_24_prefix.0/24
params:
subnet_24_prefix: { get_param: subnet_24_prefix }
- allocation_pools:
- - start:
- str_replace:
- template: subnet_24_prefix.3
- params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
- end:
- str_replace:
- template: subnet_24_prefix.254
- params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
- dns_nameservers:
- - str_replace:
- template: subnet_24_prefix.2
- params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
+ dns_nameservers: { get_param: dns_nameservers }
router:
type: OS::Neutron::Router
@@ -428,44 +383,6 @@ resources:
port_range_min: 443
port_range_max: 443
- dns-secgrp:
- type: OS::Neutron::SecurityGroup
- properties:
- name:
- str_replace:
- template: openshift-ansible-cluster_id-dns-secgrp
- params:
- cluster_id: { get_param: cluster_id }
- description:
- str_replace:
- template: Security group for cluster_id cluster DNS
- params:
- cluster_id: { get_param: cluster_id }
- rules:
- - direction: ingress
- protocol: tcp
- port_range_min: 22
- port_range_max: 22
- remote_ip_prefix: { get_param: ssh_incoming }
- - direction: ingress
- protocol: udp
- port_range_min: 53
- port_range_max: 53
- remote_mode: remote_group_id
- remote_group_id: { get_resource: etcd-secgrp }
- - direction: ingress
- protocol: udp
- port_range_min: 53
- port_range_max: 53
- remote_mode: remote_group_id
- remote_group_id: { get_resource: master-secgrp }
- - direction: ingress
- protocol: udp
- port_range_min: 53
- port_range_max: 53
- remote_mode: remote_group_id
- remote_group_id: { get_resource: node-secgrp }
-
etcd:
type: OS::Heat::ResourceGroup
properties:
@@ -599,79 +516,3 @@ resources:
cluster_id: { get_param: cluster_id }
depends_on:
- interface
-
- dns:
- type: OS::Nova::Server
- properties:
- name:
- str_replace:
- template: cluster_id-dns
- params:
- cluster_id: { get_param: cluster_id }
- key_name: { get_resource: keypair }
- image: { get_param: dns_image }
- flavor: { get_param: dns_flavor }
- networks:
- - port: { get_resource: dns-port }
- user_data: { get_resource: dns-config }
- user_data_format: RAW
-
- dns-port:
- type: OS::Neutron::Port
- properties:
- network: { get_resource: net }
- fixed_ips:
- - subnet: { get_resource: subnet }
- ip_address:
- str_replace:
- template: subnet_24_prefix.2
- params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
- security_groups:
- - { get_resource: dns-secgrp }
-
- dns-floating-ip:
- type: OS::Neutron::FloatingIP
- properties:
- floating_network: { get_param: external_net }
- port_id: { get_resource: dns-port }
-
- dns-config:
- type: OS::Heat::MultipartMime
- properties:
- parts:
- - config:
- str_replace:
- template: |
- #cloud-config
- disable_root: true
-
- system_info:
- default_user:
- name: openshift
- sudo: ["ALL=(ALL) NOPASSWD: ALL"]
-
- write_files:
- - path: /etc/sudoers.d/00-openshift-no-requiretty
- permissions: 440
- content: |
- Defaults:openshift !requiretty
- - path: /etc/sysconfig/network-scripts/ifcfg-eth0
- content: |
- DEVICE="eth0"
- BOOTPROTO="dhcp"
- DNS1="$dns1"
- DNS2="$dns2"
- PEERDNS="no"
- ONBOOT="yes"
- runcmd:
- - [ "/usr/bin/systemctl", "restart", "network" ]
- params:
- $dns1:
- get_param:
- - dns_nameservers
- - 0
- $dns2:
- get_param:
- - dns_nameservers
- - 1
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml
index f83f2c984..435139849 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml
@@ -107,7 +107,7 @@ resources:
flavor: { get_param: flavor }
networks:
- port: { get_resource: port }
- user_data: { get_file: user-data }
+ user_data: { get_resource: config }
user_data_format: RAW
metadata:
environment: { get_param: cluster_env }
@@ -128,3 +128,25 @@ resources:
properties:
floating_network: { get_param: floating_network }
port_id: { get_resource: port }
+
+ config:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ disable_root: true
+
+ hostname: { get_param: name }
+
+ system_info:
+ default_user:
+ name: openshift
+ sudo: ["ALL=(ALL) NOPASSWD: ALL"]
+
+ write_files:
+ - path: /etc/sudoers.d/00-openshift-no-requiretty
+ permissions: 440
+ # content: Defaults:openshift !requiretty
+ # Encoded in base64 to be sure that we do not forget the trailing newline or
+ # sudo will not be able to parse that file
+ encoding: b64
+ content: RGVmYXVsdHM6b3BlbnNoaWZ0ICFyZXF1aXJldHR5Cg==
diff --git a/playbooks/openstack/openshift-cluster/files/user-data b/playbooks/openstack/openshift-cluster/files/user-data
deleted file mode 100644
index eb65f7cec..000000000
--- a/playbooks/openstack/openshift-cluster/files/user-data
+++ /dev/null
@@ -1,13 +0,0 @@
-#cloud-config
-disable_root: true
-
-system_info:
- default_user:
- name: openshift
- sudo: ["ALL=(ALL) NOPASSWD: ALL"]
-
-write_files:
- - path: /etc/sudoers.d/00-openshift-no-requiretty
- permissions: 440
- content: |
- Defaults:openshift !requiretty
diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml
index 127e3e2e6..eb2c4269a 100644
--- a/playbooks/openstack/openshift-cluster/launch.yml
+++ b/playbooks/openstack/openshift-cluster/launch.yml
@@ -42,12 +42,10 @@
-P master_image={{ deployment_vars[deployment_type].image }}
-P node_image={{ deployment_vars[deployment_type].image }}
-P infra_image={{ deployment_vars[deployment_type].image }}
- -P dns_image={{ deployment_vars[deployment_type].image }}
-P etcd_flavor={{ openstack_flavor["etcd"] }}
-P master_flavor={{ openstack_flavor["master"] }}
-P node_flavor={{ openstack_flavor["node"] }}
-P infra_flavor={{ openstack_flavor["infra"] }}
- -P dns_flavor={{ openstack_flavor["dns"] }}
openshift-ansible-{{ cluster_id }}-stack'
args:
chdir: '{{ playbook_dir }}'
@@ -156,14 +154,6 @@
- '{{ parsed_outputs.infra_ips }}'
- '{{ parsed_outputs.infra_floating_ips }}'
- - name: Add DNS groups and variables
- add_host:
- hostname: '{{ parsed_outputs.dns_name }}'
- ansible_ssh_host: '{{ parsed_outputs.dns_floating_ip }}'
- ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
- ansible_become: "{{ deployment_vars[deployment_type].become }}"
- groups: '{{ cluster_id }}-dns'
-
- name: Wait for ssh
wait_for:
host: '{{ item }}'
@@ -172,7 +162,6 @@
- '{{ parsed_outputs.master_floating_ips }}'
- '{{ parsed_outputs.node_floating_ips }}'
- '{{ parsed_outputs.infra_floating_ips }}'
- - '{{ parsed_outputs.dns_floating_ip }}'
- name: Wait for user setup
command: 'ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ deployment_vars[deployment_type].ssh_user }}@{{ item }} echo {{ deployment_vars[deployment_type].ssh_user }} user is setup'
@@ -184,7 +173,6 @@
- '{{ parsed_outputs.master_floating_ips }}'
- '{{ parsed_outputs.node_floating_ips }}'
- '{{ parsed_outputs.infra_floating_ips }}'
- - '{{ parsed_outputs.dns_floating_ip }}'
- include: update.yml
diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml
index 6d4d23963..332f27da7 100644
--- a/playbooks/openstack/openshift-cluster/update.yml
+++ b/playbooks/openstack/openshift-cluster/update.yml
@@ -15,8 +15,6 @@
- include_vars: vars.yml
- include_vars: cluster_hosts.yml
-- include: dns.yml
-
- name: Populate oo_hosts_to_update group
hosts: localhost
connection: local
diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml
index 17063ef34..62111dacf 100644
--- a/playbooks/openstack/openshift-cluster/vars.yml
+++ b/playbooks/openstack/openshift-cluster/vars.yml
@@ -15,7 +15,6 @@ openstack_ssh_access_from: "{{ lookup('oo_option', 'ssh_from') |
openstack_node_port_access_from: "{{ lookup('oo_option', 'node_port_from') |
default('0.0.0.0/0', True) }}"
openstack_flavor:
- dns: "{{ lookup('oo_option', 'dns_flavor' ) | default('m1.small', True) }}"
etcd: "{{ lookup('oo_option', 'etcd_flavor' ) | default('m1.small', True) }}"
master: "{{ lookup('oo_option', 'master_flavor' ) | default('m1.small', True) }}"
infra: "{{ lookup('oo_option', 'infra_flavor' ) | default('m1.small', True) }}"
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-09 06:52:22 +0000