diff options
Diffstat (limited to 'roles/etcd')
-rw-r--r-- | roles/etcd/defaults/main.yaml | 1 | ||||
-rw-r--r-- | roles/etcd/tasks/main.yml | 46 | ||||
-rw-r--r-- | roles/etcd/tasks/system_container.yml | 72 | ||||
-rw-r--r-- | roles/etcd/templates/custom.conf.j2 | 3 | ||||
-rw-r--r-- | roles/etcd/templates/etcd.conf.j2 | 12 |
5 files changed, 83 insertions, 51 deletions
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index e0746d70d..29153f4df 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -14,3 +14,4 @@ etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_clien etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}" etcd_data_dir: /var/lib/etcd/ +etcd_systemd_dir: "/etc/systemd/system/{{ etcd_service }}.service.d" diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 5f3ca461e..17bec5352 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -26,12 +26,52 @@ - etcd_is_containerized | bool - not openshift.common.is_etcd_system_container | bool -- name: Ensure etcd datadir exists when containerized + +# Start secondary etcd instance for third party integrations +# TODO: Determine an alternative to using thirdparty variable + +- name: Create configuration directory + file: + path: "{{ etcd_conf_dir }}" + state: directory + mode: 0700 + when: etcd_is_thirdparty | bool + + # TODO: retest with symlink to confirm it does or does not function +- name: Copy service file for etcd instance + copy: + src: /usr/lib/systemd/system/etcd.service + dest: "/etc/systemd/system/{{ etcd_service }}.service" + remote_src: True + when: etcd_is_thirdparty | bool + +- name: Create third party etcd service.d directory exists + file: + path: "{{ etcd_systemd_dir }}" + state: directory + when: etcd_is_thirdparty | bool + +- name: Configure third part etcd service unit file + template: + dest: "{{ etcd_systemd_dir }}/custom.conf" + src: custom.conf.j2 + when: etcd_is_thirdparty + + # TODO: this task may not be needed with Validate permissions +- name: Ensure etcd datadir exists file: path: "{{ etcd_data_dir }}" state: directory mode: 0700 - when: etcd_is_containerized | bool + owner: etcd + group: etcd + recurse: True + when: etcd_is_containerized | bool or etcd_is_thirdparty | bool + + # TODO: Determine if the below reload would work here, for now just reload +- name: + command: systemctl daemon-reload + when: etcd_is_thirdparty | bool - name: Disable system etcd when containerized systemd: @@ -67,7 +107,7 @@ - name: Write etcd global config file template: src: etcd.conf.j2 - dest: /etc/etcd/etcd.conf + dest: "{{ etcd_conf_file }}" backup: true notify: - restart etcd diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml index 241180e2c..3b80164cc 100644 --- a/roles/etcd/tasks/system_container.yml +++ b/roles/etcd/tasks/system_container.yml @@ -1,17 +1,16 @@ --- +- name: Load lib_openshift modules + include_role: + name: lib_openshift + - name: Pull etcd system container command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }} register: pull_result changed_when: "'Pulling layer' in pull_result.stdout" -- name: Check etcd system container package - command: > - atomic containers list --no-trunc -a -f container=etcd - register: result - - name: Set initial Etcd cluster set_fact: - etcd_initial_cluster: > + etcd_initial_cluster: >- {% for host in etcd_peers | default([]) -%} {% if loop.last -%} {{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }} @@ -20,44 +19,23 @@ {%- endif -%} {% endfor -%} -- name: Update Etcd system container package - command: > - atomic containers update - --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} - --set ETCD_NAME={{ etcd_hostname }} - --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }} - --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} - --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} - --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} - --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} - --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} - --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt - --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key - --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt - --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key - etcd - when: - - ("etcd" in result.stdout) - -- name: Install Etcd system container package - command: > - atomic install --system --name=etcd - --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} - --set ETCD_NAME={{ etcd_hostname }} - --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }} - --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} - --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} - --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} - --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} - --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} - --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt - --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key - --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt - --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key - {{ openshift.etcd.etcd_image }} - when: - - ("etcd" not in result.stdout) +- name: Install or Update Etcd system container package + oc_atomic_container: + name: etcd + image: "{{ openshift.etcd.etcd_image }}" + state: latest + values: + - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} + - ETCD_NAME={{ etcd_hostname }} + - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }} + - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} + - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} + - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} + - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} + - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} + - ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt + - ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt + - ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key + - ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt + - ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt + - ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key diff --git a/roles/etcd/templates/custom.conf.j2 b/roles/etcd/templates/custom.conf.j2 new file mode 100644 index 000000000..d3433c658 --- /dev/null +++ b/roles/etcd/templates/custom.conf.j2 @@ -0,0 +1,3 @@ +[Service] +WorkingDirectory={{ etcd_data_dir }} +EnvironmentFile=-{{ etcd_conf_file }} diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2 index 7ccf78212..990a86c21 100644 --- a/roles/etcd/templates/etcd.conf.j2 +++ b/roles/etcd/templates/etcd.conf.j2 @@ -8,7 +8,7 @@ {% endfor -%} {% endmacro -%} -{% if etcd_peers | default([]) | length > 1 %} +{% if (etcd_peers | default([]) | length > 1) or (etcd_is_thirdparty) %} ETCD_NAME={{ etcd_hostname }} ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} {% else %} @@ -23,6 +23,16 @@ ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} #ETCD_MAX_WALS=5 #ETCD_CORS= +{% if etcd_is_thirdparty %} +#[cluster] +ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} + +# TODO: This needs to be altered to support the correct etcd instances +ETCD_INITIAL_CLUSTER={{ etcd_hostname}}={{ etcd_initial_advertise_peer_urls }} +ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} +ETCD_INITIAL_CLUSTER_TOKEN=thirdparty-etcd-cluster-1 +{% endif %} + {% if etcd_peers | default([]) | length > 1 %} #[cluster] ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} |