summaryrefslogtreecommitdiff
path: root/roles/etcd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/etcd')
-rw-r--r--roles/etcd/README.md3
-rw-r--r--roles/etcd/etcdctl.sh11
-rw-r--r--roles/etcd/files/etcdctl.sh11
-rw-r--r--roles/etcd/handlers/main.yml2
-rw-r--r--roles/etcd/meta/main.yml2
-rw-r--r--roles/etcd/tasks/etcdctl.yml12
-rw-r--r--roles/etcd/tasks/main.yml37
-rw-r--r--roles/etcd/templates/etcd.docker.service2
8 files changed, 54 insertions, 26 deletions
diff --git a/roles/etcd/README.md b/roles/etcd/README.md
index 329a926c0..c936dbabc 100644
--- a/roles/etcd/README.md
+++ b/roles/etcd/README.md
@@ -6,7 +6,8 @@ Configures an etcd cluster for an arbitrary number of hosts
Requirements
------------
-This role assumes it's being deployed on a RHEL/Fedora based host with package
+* Ansible 2.2
+* This role assumes it's being deployed on a RHEL/Fedora based host with package
named 'etcd' available via yum or dnf (conditionally).
Role Variables
diff --git a/roles/etcd/etcdctl.sh b/roles/etcd/etcdctl.sh
new file mode 100644
index 000000000..0e324a8a9
--- /dev/null
+++ b/roles/etcd/etcdctl.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because
+# command flags are different between the two. Should work on stand
+# alone etcd hosts and master + etcd hosts too because we use the peer keys.
+etcdctl2() {
+ /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@}
+}
+
+etcdctl3() {
+ ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@}
+}
diff --git a/roles/etcd/files/etcdctl.sh b/roles/etcd/files/etcdctl.sh
new file mode 100644
index 000000000..0e324a8a9
--- /dev/null
+++ b/roles/etcd/files/etcdctl.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because
+# command flags are different between the two. Should work on stand
+# alone etcd hosts and master + etcd hosts too because we use the peer keys.
+etcdctl2() {
+ /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@}
+}
+
+etcdctl3() {
+ ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@}
+}
diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml
index e00e1cac4..95076b19e 100644
--- a/roles/etcd/handlers/main.yml
+++ b/roles/etcd/handlers/main.yml
@@ -1,5 +1,5 @@
---
- name: restart etcd
- service: name={{ etcd_service }} state=restarted
+ systemd: name={{ etcd_service }} state=restarted
when: not (etcd_service_status_changed | default(false) | bool)
diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml
index cfd72dfbc..532f9e313 100644
--- a/roles/etcd/meta/main.yml
+++ b/roles/etcd/meta/main.yml
@@ -7,7 +7,7 @@ galaxy_info:
description: etcd management
company: Red Hat, Inc.
license: Apache License, Version 2.0
- min_ansible_version: 2.1
+ min_ansible_version: 2.2
platforms:
- name: EL
versions:
diff --git a/roles/etcd/tasks/etcdctl.yml b/roles/etcd/tasks/etcdctl.yml
new file mode 100644
index 000000000..bb6fabf64
--- /dev/null
+++ b/roles/etcd/tasks/etcdctl.yml
@@ -0,0 +1,12 @@
+---
+- name: Install etcd for etcdctl
+ package: name=etcd state=present
+ when: not openshift.common.is_atomic | bool
+
+- name: Configure etcd profile.d alises
+ copy:
+ src: etcdctl.sh
+ dest: /etc/profile.d/etcdctl.sh
+ mode: 0755
+ owner: root
+ group: root
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 2bc6a8678..41f25be70 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -7,7 +7,7 @@
etcd_ip: "{{ etcd_ip }}"
- name: Install etcd
- action: "{{ ansible_pkg_mgr }} name=etcd state=present"
+ package: name=etcd state=present
when: not etcd_is_containerized | bool
- name: Pull etcd container
@@ -20,36 +20,25 @@
template:
dest: "/etc/systemd/system/etcd_container.service"
src: etcd.docker.service
- register: install_etcd_result
when: etcd_is_containerized | bool
-- name: Ensure etcd datadir exists
- when: etcd_is_containerized | bool
+- name: Ensure etcd datadir exists when containerized
file:
path: "{{ etcd_data_dir }}"
state: directory
mode: 0700
-
-- name: Check for etcd service presence
- command: systemctl show etcd.service
- register: etcd_show
- changed_when: false
- failed_when: false
+ when: etcd_is_containerized | bool
- name: Disable system etcd when containerized
- when: etcd_is_containerized | bool and etcd_show.rc == 0 and 'LoadState=not-found' not in etcd_show.stdout
- service:
+ systemd:
name: etcd
state: stopped
enabled: no
-
-- name: Mask system etcd when containerized
- when: etcd_is_containerized | bool and etcd_show.rc == 0 and 'LoadState=not-found' not in etcd_show.stdout
- command: systemctl mask etcd
-
-- name: Reload systemd units
- command: systemctl daemon-reload
- when: etcd_is_containerized | bool and ( install_etcd_result | changed )
+ masked: yes
+ daemon_reload: yes
+ when: etcd_is_containerized | bool
+ register: task_result
+ failed_when: "task_result|failed and 'could not' not in task_result.msg|lower"
- name: Validate permissions on the config dir
file:
@@ -68,11 +57,15 @@
- restart etcd
- name: Enable etcd
- service:
+ systemd:
name: "{{ etcd_service }}"
state: started
enabled: yes
register: start_result
-- set_fact:
+- include: etcdctl.yml
+ when: openshift_etcd_etcdctl_profile | default(true) | bool
+
+- name: Set fact etcd_service_status_changed
+ set_fact:
etcd_service_status_changed: "{{ start_result | changed }}"
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
index cf957ede8..ae059b549 100644
--- a/roles/etcd/templates/etcd.docker.service
+++ b/roles/etcd/templates/etcd.docker.service
@@ -7,7 +7,7 @@ PartOf=docker.service
[Service]
EnvironmentFile=/etc/etcd/etcd.conf
ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
-ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
+ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:ro --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
ExecStop=/usr/bin/docker stop {{ etcd_service }}
SyslogIdentifier=etcd_container
Restart=always
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-04 00:50:24 +0000