summaryrefslogtreecommitdiffstats
path: root/roles/etcd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/etcd')
-rw-r--r--roles/etcd/defaults/main.yaml1
-rw-r--r--roles/etcd/tasks/main.yml51
-rw-r--r--roles/etcd/tasks/system_container.yml72
-rw-r--r--roles/etcd/templates/custom.conf.j23
-rw-r--r--roles/etcd/templates/etcd.conf.j212
5 files changed, 89 insertions, 50 deletions
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml
index e0746d70d..29153f4df 100644
--- a/roles/etcd/defaults/main.yaml
+++ b/roles/etcd/defaults/main.yaml
@@ -14,3 +14,4 @@ etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_clien
etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
etcd_data_dir: /var/lib/etcd/
+etcd_systemd_dir: "/etc/systemd/system/{{ etcd_service }}.service.d"
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 5f3ca461e..b4ffc99e3 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -26,13 +26,60 @@
- etcd_is_containerized | bool
- not openshift.common.is_etcd_system_container | bool
-- name: Ensure etcd datadir exists when containerized
+
+# Start secondary etcd instance for third party integrations
+# TODO: Determine an alternative to using thirdparty variable
+
+- name: Create configuration directory
+ file:
+ path: "{{ etcd_conf_dir }}"
+ state: directory
+ mode: 0700
+ when: etcd_is_thirdparty | bool
+
+ # TODO: retest with symlink to confirm it does or does not function
+- name: Copy service file for etcd instance
+ copy:
+ src: /usr/lib/systemd/system/etcd.service
+ dest: "/etc/systemd/system/{{ etcd_service }}.service"
+ remote_src: True
+ when: etcd_is_thirdparty | bool
+
+- name: Create third party etcd service.d directory exists
+ file:
+ path: "{{ etcd_systemd_dir }}"
+ state: directory
+ when: etcd_is_thirdparty | bool
+
+- name: Configure third part etcd service unit file
+ template:
+ dest: "{{ etcd_systemd_dir }}/custom.conf"
+ src: custom.conf.j2
+ when: etcd_is_thirdparty
+
+ # TODO: this task may not be needed with Validate permissions
+- name: Ensure etcd datadir exists
file:
path: "{{ etcd_data_dir }}"
state: directory
mode: 0700
when: etcd_is_containerized | bool
+- name: Ensure etcd datadir ownership for thirdparty datadir
+ file:
+ path: "{{ etcd_data_dir }}"
+ state: directory
+ mode: 0700
+ owner: etcd
+ group: etcd
+ recurse: True
+ when: etcd_is_thirdparty | bool
+
+ # TODO: Determine if the below reload would work here, for now just reload
+- name:
+ command: systemctl daemon-reload
+ when: etcd_is_thirdparty | bool
+
- name: Disable system etcd when containerized
systemd:
name: etcd
@@ -67,7 +114,7 @@
- name: Write etcd global config file
template:
src: etcd.conf.j2
- dest: /etc/etcd/etcd.conf
+ dest: "{{ etcd_conf_file }}"
backup: true
notify:
- restart etcd
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml
index 241180e2c..3b80164cc 100644
--- a/roles/etcd/tasks/system_container.yml
+++ b/roles/etcd/tasks/system_container.yml
@@ -1,17 +1,16 @@
---
+- name: Load lib_openshift modules
+ include_role:
+ name: lib_openshift
+
- name: Pull etcd system container
command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
-- name: Check etcd system container package
- command: >
- atomic containers list --no-trunc -a -f container=etcd
- register: result
-
- name: Set initial Etcd cluster
set_fact:
- etcd_initial_cluster: >
+ etcd_initial_cluster: >-
{% for host in etcd_peers | default([]) -%}
{% if loop.last -%}
{{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }}
@@ -20,44 +19,23 @@
{%- endif -%}
{% endfor -%}
-- name: Update Etcd system container package
- command: >
- atomic containers update
- --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
- --set ETCD_NAME={{ etcd_hostname }}
- --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
- --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
- --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
- --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
- --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
- --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
- --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
- --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
- --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
- --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
- etcd
- when:
- - ("etcd" in result.stdout)
-
-- name: Install Etcd system container package
- command: >
- atomic install --system --name=etcd
- --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
- --set ETCD_NAME={{ etcd_hostname }}
- --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
- --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
- --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
- --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
- --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
- --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
- --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
- --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
- --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
- --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
- {{ openshift.etcd.etcd_image }}
- when:
- - ("etcd" not in result.stdout)
+- name: Install or Update Etcd system container package
+ oc_atomic_container:
+ name: etcd
+ image: "{{ openshift.etcd.etcd_image }}"
+ state: latest
+ values:
+ - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
+ - ETCD_NAME={{ etcd_hostname }}
+ - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }}
+ - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
+ - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
+ - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
+ - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
+ - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
+ - ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+ - ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
+ - ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
+ - ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+ - ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
+ - ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
diff --git a/roles/etcd/templates/custom.conf.j2 b/roles/etcd/templates/custom.conf.j2
new file mode 100644
index 000000000..d3433c658
--- /dev/null
+++ b/roles/etcd/templates/custom.conf.j2
@@ -0,0 +1,3 @@
+[Service]
+WorkingDirectory={{ etcd_data_dir }}
+EnvironmentFile=-{{ etcd_conf_file }}
diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2
index 7ccf78212..990a86c21 100644
--- a/roles/etcd/templates/etcd.conf.j2
+++ b/roles/etcd/templates/etcd.conf.j2
@@ -8,7 +8,7 @@
{% endfor -%}
{% endmacro -%}
-{% if etcd_peers | default([]) | length > 1 %}
+{% if (etcd_peers | default([]) | length > 1) or (etcd_is_thirdparty) %}
ETCD_NAME={{ etcd_hostname }}
ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
{% else %}
@@ -23,6 +23,16 @@ ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
#ETCD_MAX_WALS=5
#ETCD_CORS=
+{% if etcd_is_thirdparty %}
+#[cluster]
+ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
+
+# TODO: This needs to be altered to support the correct etcd instances
+ETCD_INITIAL_CLUSTER={{ etcd_hostname}}={{ etcd_initial_advertise_peer_urls }}
+ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
+ETCD_INITIAL_CLUSTER_TOKEN=thirdparty-etcd-cluster-1
+{% endif %}
+
{% if etcd_peers | default([]) | length > 1 %}
#[cluster]
ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}