summaryrefslogtreecommitdiffstats
path: root/roles/openshift_aws/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_aws/tasks')
-rw-r--r--roles/openshift_aws/tasks/elb.yml8
-rw-r--r--roles/openshift_aws/tasks/iam_cert.yml10
-rw-r--r--roles/openshift_aws/tasks/launch_config.yml15
-rw-r--r--roles/openshift_aws/tasks/master_facts.yml22
-rw-r--r--roles/openshift_aws/tasks/provision.yml12
-rw-r--r--roles/openshift_aws/tasks/provision_instance.yml (renamed from roles/openshift_aws/tasks/build_ami.yml)43
-rw-r--r--roles/openshift_aws/tasks/setup_master_group.yml35
7 files changed, 110 insertions, 35 deletions
diff --git a/roles/openshift_aws/tasks/elb.yml b/roles/openshift_aws/tasks/elb.yml
index a1fdd66fc..7bc3184df 100644
--- a/roles/openshift_aws/tasks/elb.yml
+++ b/roles/openshift_aws/tasks/elb.yml
@@ -29,9 +29,9 @@
if 'master' in openshift_aws_node_group_type or 'infra' in openshift_aws_node_group_type
else openshift_aws_elb_listeners }}"
-- name: "Create ELB {{ openshift_aws_elb_name }}"
+- name: "Create ELB {{ l_openshift_aws_elb_name }}"
ec2_elb_lb:
- name: "{{ openshift_aws_elb_name }}"
+ name: "{{ l_openshift_aws_elb_name }}"
state: present
security_group_names: "{{ openshift_aws_elb_security_groups }}"
idle_timeout: "{{ openshift_aws_elb_idle_timout }}"
@@ -49,10 +49,10 @@
# It is necessary to ignore_errors here because the instances are not in 'ready'
# state when first added to ELB
-- name: "Add instances to ELB {{ openshift_aws_elb_name }}"
+- name: "Add instances to ELB {{ l_openshift_aws_elb_name }}"
ec2_elb:
instance_id: "{{ item.id }}"
- ec2_elbs: "{{ openshift_aws_elb_name }}"
+ ec2_elbs: "{{ l_openshift_aws_elb_name }}"
state: present
region: "{{ openshift_aws_region }}"
wait: False
diff --git a/roles/openshift_aws/tasks/iam_cert.yml b/roles/openshift_aws/tasks/iam_cert.yml
index cd9772a25..f74a62b8b 100644
--- a/roles/openshift_aws/tasks/iam_cert.yml
+++ b/roles/openshift_aws/tasks/iam_cert.yml
@@ -11,17 +11,23 @@
- "'failed' in elb_cert_chain"
- elb_cert_chain.failed
- "'msg' in elb_cert_chain"
- - "'already exists and has a different certificate body' in elb_cert_chain.msg"
- - "'BotoServerError' in elb_cert_chain.msg"
+ - "'already exists and has a different certificate body' in elb_cert_chain.msg or 'BotoServerError' in elb_cert_chain.msg or 'Traceback' in elb_cert_chain.msg.module_stderr"
when:
- openshift_aws_create_iam_cert | bool
- openshift_aws_iam_cert_path != ''
- openshift_aws_iam_cert_key_path != ''
- openshift_aws_elb_cert_arn == ''
+- debug: msg="{{ elb_cert_chain }}"
+
- name: set_fact openshift_aws_elb_cert_arn
set_fact:
openshift_aws_elb_cert_arn: "{{ elb_cert_chain.arn }}"
+ when:
+ - openshift_aws_create_iam_cert | bool
+ - openshift_aws_iam_cert_path != ''
+ - openshift_aws_iam_cert_key_path != ''
+ - openshift_aws_elb_cert_arn == ''
- name: wait for cert to propagate
pause:
diff --git a/roles/openshift_aws/tasks/launch_config.yml b/roles/openshift_aws/tasks/launch_config.yml
index 65c5a6cc0..e6be9969c 100644
--- a/roles/openshift_aws/tasks/launch_config.yml
+++ b/roles/openshift_aws/tasks/launch_config.yml
@@ -4,13 +4,18 @@
when:
- openshift_aws_ami is undefined
+- name: query vpc
+ ec2_vpc_net_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ 'tag:Name': "{{ openshift_aws_vpc_name }}"
+ register: vpcout
+
- name: fetch the security groups for launch config
ec2_group_facts:
filters:
- group-name:
- - "{{ openshift_aws_clusterid }}" # default sg
- - "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}" # node type sg
- - "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}_k8s" # node type sg k8s
+ group-name: "{{ openshift_aws_launch_config_security_groups }}"
+ vpc-id: "{{ vpcout.vpcs[0].id }}"
region: "{{ openshift_aws_region }}"
register: ec2sgs
@@ -21,7 +26,7 @@
region: "{{ openshift_aws_region }}"
image_id: "{{ openshift_aws_ami }}"
instance_type: "{{ openshift_aws_node_group_config[openshift_aws_node_group_type].instance_type }}"
- security_groups: "{{ ec2sgs.security_groups | map(attribute='group_id')| list }}"
+ security_groups: "{{ openshift_aws_launch_config_security_group_id | default(ec2sgs.security_groups | map(attribute='group_id')| list) }}"
user_data: |-
#cloud-config
{% if openshift_aws_node_group_type != 'master' %}
diff --git a/roles/openshift_aws/tasks/master_facts.yml b/roles/openshift_aws/tasks/master_facts.yml
new file mode 100644
index 000000000..737cfc7a6
--- /dev/null
+++ b/roles/openshift_aws/tasks/master_facts.yml
@@ -0,0 +1,22 @@
+---
+- name: fetch elbs
+ ec2_elb_facts:
+ region: "{{ openshift_aws_region }}"
+ names:
+ - "{{ item }}"
+ with_items:
+ - "{{ openshift_aws_elb_name }}-external"
+ - "{{ openshift_aws_elb_name }}-internal"
+ delegate_to: localhost
+ register: elbs
+
+- debug: var=elbs
+
+- name: set fact
+ set_fact:
+ openshift_master_cluster_hostname: "{{ elbs.results[1].elbs[0].dns_name }}"
+ osm_custom_cors_origins:
+ - "{{ elbs.results[1].elbs[0].dns_name }}"
+ - "console.{{ openshift_aws_clusterid | default('default') }}.openshift.com"
+ - "api.{{ openshift_aws_clusterid | default('default') }}.openshift.com"
+ with_items: "{{ groups['masters'] }}"
diff --git a/roles/openshift_aws/tasks/provision.yml b/roles/openshift_aws/tasks/provision.yml
index 189caeaee..a8518d43a 100644
--- a/roles/openshift_aws/tasks/provision.yml
+++ b/roles/openshift_aws/tasks/provision.yml
@@ -1,16 +1,8 @@
---
-- when: openshift_aws_create_vpc | bool
- name: create default vpc
- include: vpc.yml
-
- when: openshift_aws_create_iam_cert | bool
name: create the iam_cert for elb certificate
include: iam_cert.yml
-- when: openshift_aws_users | length > 0
- name: create aws ssh keypair
- include: ssh_keys.yml
-
- when: openshift_aws_create_s3 | bool
name: create s3 bucket for registry
include: s3.yml
@@ -34,14 +26,14 @@
include: elb.yml
vars:
openshift_aws_elb_direction: internal
- openshift_aws_elb_name: "{{ openshift_aws_clusterid }}-{{openshift_aws_node_group_type }}-internal"
+ l_openshift_aws_elb_name: "{{ openshift_aws_elb_name }}-internal"
openshift_aws_elb_scheme: internal
- name: create our master external load balancers
include: elb.yml
vars:
openshift_aws_elb_direction: external
- openshift_aws_elb_name: "{{ openshift_aws_clusterid }}-{{openshift_aws_node_group_type }}-external"
+ l_openshift_aws_elb_name: "{{ openshift_aws_elb_name }}-external"
openshift_aws_elb_scheme: internet-facing
- name: wait for ssh to become available
diff --git a/roles/openshift_aws/tasks/build_ami.yml b/roles/openshift_aws/tasks/provision_instance.yml
index 8d4e5ac43..1384bae59 100644
--- a/roles/openshift_aws/tasks/build_ami.yml
+++ b/roles/openshift_aws/tasks/provision_instance.yml
@@ -1,16 +1,4 @@
---
-- when: openshift_aws_create_vpc | bool
- name: create a vpc
- include: vpc.yml
-
-- when: openshift_aws_users | length > 0
- name: create aws ssh keypair
- include: ssh_keys.yml
-
-- when: openshift_aws_create_security_groups | bool
- name: Create compute security_groups
- include: security_group.yml
-
- name: query vpc
ec2_vpc_net_facts:
region: "{{ openshift_aws_region }}"
@@ -31,9 +19,9 @@
assign_public_ip: yes
region: "{{ openshift_aws_region }}"
key_name: "{{ openshift_aws_ssh_key_name }}"
- group: "{{ openshift_aws_clusterid }}"
+ group: "{{ openshift_aws_build_ami_group }}"
instance_type: m4.xlarge
- vpc_subnet_id: "{{ subnetout.subnets[0].id }}"
+ vpc_subnet_id: "{{ openshift_aws_subnet_id | default(subnetout.subnets[0].id) }}"
image: "{{ openshift_aws_base_ami }}"
volumes:
- device_name: /dev/sdb
@@ -46,3 +34,30 @@
Name: "{{ openshift_aws_base_ami_name }}"
instance_tags:
Name: "{{ openshift_aws_base_ami_name }}"
+
+- name: fetch newly created instances
+ ec2_remote_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "tag:Name": "{{ openshift_aws_base_ami_name }}"
+ instance-state-name: running
+ register: instancesout
+ retries: 20
+ delay: 3
+ until: instancesout.instances|length > 0
+
+- name: wait for ssh to become available
+ wait_for:
+ port: 22
+ host: "{{ instancesout.instances[0].public_ip_address }}"
+ timeout: 300
+ search_regex: OpenSSH
+
+- name: Pause 10 seconds to ensure ssh actually accepts logins
+ pause:
+ seconds: 20
+
+- name: add host to nodes
+ add_host:
+ groups: nodes
+ name: "{{ instancesout.instances[0].public_dns_name }}"
diff --git a/roles/openshift_aws/tasks/setup_master_group.yml b/roles/openshift_aws/tasks/setup_master_group.yml
new file mode 100644
index 000000000..166f3b938
--- /dev/null
+++ b/roles/openshift_aws/tasks/setup_master_group.yml
@@ -0,0 +1,35 @@
+---
+- name: Alert user to variables needed - clusterid
+ debug:
+ msg: "openshift_aws_clusterid={{ openshift_aws_clusterid }}"
+
+- name: Alert user to variables needed - region
+ debug:
+ msg: "openshift_aws_region={{ openshift_aws_region }}"
+
+- name: fetch newly created instances
+ ec2_remote_facts:
+ region: "{{ openshift_aws_region }}"
+ filters:
+ "tag:clusterid": "{{ openshift_aws_clusterid }}"
+ "tag:host-type": master
+ instance-state-name: running
+ register: instancesout
+ retries: 20
+ delay: 3
+ until: instancesout.instances|length > 0
+
+- name: add new master to masters group
+ add_host:
+ groups: "masters,etcd,nodes"
+ name: "{{ item.public_dns_name }}"
+ hostname: "{{ openshift_aws_clusterid }}-master-{{ item.id[:-5] }}"
+ with_items: "{{ instancesout.instances }}"
+
+- name: wait for ssh to become available
+ wait_for:
+ port: 22
+ host: "{{ item.public_dns_name }}"
+ timeout: 300
+ search_regex: OpenSSH
+ with_items: "{{ instancesout.instances }}"
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 21:12:50 +0000