summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_master')
-rw-r--r--roles/openshift_master/defaults/main.yml7
-rw-r--r--roles/openshift_master/tasks/bootstrap.yml67
-rw-r--r--roles/openshift_master/tasks/bootstrap_settings.yml14
-rw-r--r--roles/openshift_master/tasks/main.yml13
4 files changed, 81 insertions, 20 deletions
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 4acac7923..fe78dea66 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -26,6 +26,7 @@ default_r_openshift_master_os_firewall_allow:
cond: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
r_openshift_master_os_firewall_allow: "{{ default_r_openshift_master_os_firewall_allow | union(openshift_master_open_ports | default([])) }}"
+
# oreg_url is defined by user input
oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
oreg_auth_credentials_path: "{{ r_openshift_master_data_dir }}/.docker"
@@ -59,7 +60,7 @@ r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_p
openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
-openshift_master_config_dir_default: "{{ openshift.common.config_base ~ '/master' if openshift is defined and 'common' in openshift else '/etc/origin/master' }}"
+openshift_master_config_dir_default: "{{ (openshift.common.config_base | default('/etc/origin/master')) ~ '/master' }}"
openshift_master_config_dir: "{{ openshift_master_config_dir_default }}"
openshift_master_cloud_provider: "{{ openshift_cloudprovider_kind | default('aws') }}"
@@ -70,6 +71,8 @@ openshift_master_node_config_kubeletargs_mem: 512M
openshift_master_bootstrap_enabled: False
+openshift_master_client_binary: "{{ openshift.common.client_binary if openshift is defined else 'oc' }}"
+
openshift_master_config_imageconfig_format: "{{ openshift.node.registry_url }}"
# these are for the default settings in a generated node-config.yaml
@@ -141,5 +144,3 @@ openshift_master_node_configs:
- "{{ openshift_master_node_config_compute }}"
openshift_master_bootstrap_namespace: openshift-node
-openshift_master_csr_sa: node-bootstrapper
-openshift_master_csr_namespace: openshift-infra
diff --git a/roles/openshift_master/tasks/bootstrap.yml b/roles/openshift_master/tasks/bootstrap.yml
index ce55e7d0c..f837a8bae 100644
--- a/roles/openshift_master/tasks/bootstrap.yml
+++ b/roles/openshift_master/tasks/bootstrap.yml
@@ -2,8 +2,7 @@
# TODO: create a module for this command.
# oc_serviceaccounts_kubeconfig
- name: create service account kubeconfig with csr rights
- command: >
- oc serviceaccounts create-kubeconfig {{ openshift_master_csr_sa }} -n {{ openshift_master_csr_namespace }}
+ command: "oc serviceaccounts create-kubeconfig node-bootstrapper -n openshift-infra"
register: kubeconfig_out
until: kubeconfig_out.rc == 0
retries: 24
@@ -13,3 +12,67 @@
copy:
content: "{{ kubeconfig_out.stdout }}"
dest: "{{ openshift_master_config_dir }}/bootstrap.kubeconfig"
+
+- name: create a temp dir for this work
+ command: mktemp -d /tmp/openshift_node_config-XXXXXX
+ register: mktempout
+ run_once: true
+
+# This generate is so that we do not have to maintain
+# our own copy of the template. This is generated by
+# the product and the following settings will be
+# generated by the master
+- name: generate a node-config dynamically
+ command: >
+ {{ openshift_master_client_binary }} adm create-node-config
+ --node-dir={{ mktempout.stdout }}/
+ --node=CONFIGMAP
+ --hostnames=test
+ --dns-ip=0.0.0.0
+ --certificate-authority={{ openshift_master_config_dir }}/ca.crt
+ --signer-cert={{ openshift_master_config_dir }}/ca.crt
+ --signer-key={{ openshift_master_config_dir }}/ca.key
+ --signer-serial={{ openshift_master_config_dir }}/ca.serial.txt
+ --node-client-certificate-authority={{ openshift_master_config_dir }}/ca.crt
+ register: configgen
+ run_once: true
+
+- name: remove the default settings
+ yedit:
+ state: "{{ item.state | default('present') }}"
+ src: "{{ mktempout.stdout }}/node-config.yaml"
+ key: "{{ item.key }}"
+ value: "{{ item.value | default(omit) }}"
+ with_items: "{{ openshift_master_node_config_default_edits }}"
+ run_once: true
+
+- name: copy the generated config into each group
+ copy:
+ src: "{{ mktempout.stdout }}/node-config.yaml"
+ remote_src: true
+ dest: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+ with_items: "{{ openshift_master_node_configs }}"
+ run_once: true
+
+- name: "specialize the generated configs for node-config-{{ item.type }}"
+ yedit:
+ src: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+ edits: "{{ item.edits }}"
+ with_items: "{{ openshift_master_node_configs }}"
+ run_once: true
+
+- name: create node-config.yaml configmap
+ oc_configmap:
+ name: "node-config-{{ item.type }}"
+ namespace: "{{ openshift_master_bootstrap_namespace }}"
+ from_file:
+ node-config.yaml: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+ with_items: "{{ openshift_master_node_configs }}"
+ run_once: true
+
+- name: remove templated files
+ file:
+ dest: "{{ mktempout.stdout }}/"
+ state: absent
+ with_items: "{{ openshift_master_node_configs }}"
+ run_once: true
diff --git a/roles/openshift_master/tasks/bootstrap_settings.yml b/roles/openshift_master/tasks/bootstrap_settings.yml
deleted file mode 100644
index cbd7f587b..000000000
--- a/roles/openshift_master/tasks/bootstrap_settings.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: modify controller args
- yedit:
- src: /etc/origin/master/master-config.yaml
- edits:
- - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
- value:
- - /etc/origin/master/ca.crt
- - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
- value:
- - /etc/origin/master/ca.key
- notify:
- - restart master controllers
- when: openshift_master_bootstrap_enabled | default(False)
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index c7c02d49b..48b34c578 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -218,7 +218,18 @@
- restart master api
- restart master controllers
-- include: bootstrap_settings.yml
+- name: modify controller args
+ yedit:
+ src: /etc/origin/master/master-config.yaml
+ edits:
+ - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
+ value:
+ - /etc/origin/master/ca.crt
+ - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
+ value:
+ - /etc/origin/master/ca.key
+ notify:
+ - restart master controllers
when: openshift_master_bootstrap_enabled | default(False)
- include: set_loopback_context.yml