diff options
Diffstat (limited to 'roles/openshift_master')
-rw-r--r-- | roles/openshift_master/defaults/main.yml | 14 | ||||
-rw-r--r-- | roles/openshift_master/tasks/main.yml | 19 | ||||
-rw-r--r-- | roles/openshift_master/tasks/system_container.yml | 6 | ||||
-rw-r--r-- | roles/openshift_master/tasks/systemd_units.yml | 10 | ||||
-rw-r--r-- | roles/openshift_master/tasks/upgrade.yml | 10 | ||||
-rw-r--r-- | roles/openshift_master/templates/htpasswd.j2 | 2 | ||||
-rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 2 |
7 files changed, 36 insertions, 27 deletions
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml index 3fb94fff8..1fe7086bc 100644 --- a/roles/openshift_master/defaults/main.yml +++ b/roles/openshift_master/defaults/main.yml @@ -7,6 +7,16 @@ openshift_master_debug_level: "{{ debug_level | default(2) }}" r_openshift_master_firewall_enabled: "{{ os_firewall_enabled | default(True) }}" r_openshift_master_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}" +system_images_registry_dict: + openshift-enterprise: "registry.access.redhat.com" + origin: "docker.io" + +system_images_registry: "{{ system_images_registry_dict[openshift_deployment_type | default('origin')] }}" + +l_is_master_system_container: "{{ (openshift_use_master_system_container | default(openshift_use_system_containers | default(false)) | bool) }}" + +openshift_master_dns_port: 8053 + openshift_node_ips: [] r_openshift_master_clean_install: false r_openshift_master_etcd3_storage: false @@ -18,9 +28,9 @@ default_r_openshift_master_os_firewall_allow: - service: api controllers https port: "{{ openshift.master.controllers_port }}/tcp" - service: skydns tcp - port: "{{ openshift.master.dns_port }}/tcp" + port: "{{ openshift_master_dns_port }}/tcp" - service: skydns udp - port: "{{ openshift.master.dns_port }}/udp" + port: "{{ openshift_master_dns_port }}/udp" - service: etcd embedded port: 4001/tcp cond: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b6d3539b1..d570a1c7f 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -31,8 +31,7 @@ - openshift.common.is_containerized | bool - name: Open up firewall ports - include: firewall.yml - static: yes + import_tasks: firewall.yml - name: Install Master package package: @@ -172,16 +171,16 @@ no_proxy_etcd_host_ips: "{{ openshift_no_proxy_etcd_host_ips }}" - name: Update journald config - include: journald.yml + include_tasks: journald.yml - name: Install the systemd units - include: systemd_units.yml + include_tasks: systemd_units.yml - name: Install Master system container - include: system_container.yml + include_tasks: system_container.yml when: - openshift.common.is_containerized | bool - - openshift.common.is_master_system_container | bool + - l_is_master_system_container | bool - name: Create session secrets file template: @@ -212,10 +211,10 @@ - restart master api - restart master controllers -- include: bootstrap_settings.yml +- include_tasks: bootstrap_settings.yml when: openshift_master_bootstrap_enabled | default(False) -- include: set_loopback_context.yml +- include_tasks: set_loopback_context.yml - name: Start and enable master api on first master systemd: @@ -273,7 +272,7 @@ # A separate wait is required here for native HA since notifies will # be resolved after all tasks in the role. -- include: check_master_api_is_ready.yml +- include_tasks: check_master_api_is_ready.yml when: - openshift.master.cluster_method == 'native' - master_api_service_status_changed | bool @@ -323,5 +322,5 @@ - l_install_result | changed - name: node bootstrap settings - include: bootstrap.yml + include_tasks: bootstrap.yml when: openshift_master_bootstrap_enabled | default(False) diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml index 843352532..23386f11b 100644 --- a/roles/openshift_master/tasks/system_container.yml +++ b/roles/openshift_master/tasks/system_container.yml @@ -6,7 +6,7 @@ - name: Pre-pull master system container image command: > - atomic pull --storage=ostree {{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }} + atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }} register: l_pull_result changed_when: "'Pulling layer' in l_pull_result.stdout" @@ -18,7 +18,7 @@ - name: Install or Update HA api master system container oc_atomic_container: name: "{{ openshift.common.service_type }}-master-api" - image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" + image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" state: latest values: - COMMAND=api @@ -26,7 +26,7 @@ - name: Install or Update HA controller master system container oc_atomic_container: name: "{{ openshift.common.service_type }}-master-controllers" - image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" + image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" state: latest values: - COMMAND=controllers diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index b0fa72f19..9d11ed574 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -9,7 +9,7 @@ when: - openshift.common.is_containerized | bool -- include: registry_auth.yml +- include_tasks: registry_auth.yml - name: Disable the legacy master service if it exists systemd: @@ -26,7 +26,7 @@ ignore_errors: true when: - openshift.master.cluster_method == "native" - - not openshift.common.is_master_system_container | bool + - not l_is_master_system_container | bool # This is the image used for both HA and non-HA clusters: - name: Pre-pull master image @@ -36,7 +36,7 @@ changed_when: "'Downloaded newer image' in l_pull_result.stdout" when: - openshift.common.is_containerized | bool - - not openshift.common.is_master_system_container | bool + - not l_is_master_system_container | bool - name: Create the ha systemd unit files template: @@ -44,7 +44,7 @@ dest: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master-{{ item }}.service" when: - openshift.master.cluster_method == "native" - - not openshift.common.is_master_system_container | bool + - not l_is_master_system_container | bool with_items: - api - controllers @@ -64,7 +64,7 @@ - controllers when: - openshift.master.cluster_method == "native" - - not openshift.common.is_master_system_container | bool + - not l_is_master_system_container | bool - name: Preserve Master API Proxy Config options command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api diff --git a/roles/openshift_master/tasks/upgrade.yml b/roles/openshift_master/tasks/upgrade.yml index 92371921d..f84cf2f6e 100644 --- a/roles/openshift_master/tasks/upgrade.yml +++ b/roles/openshift_master/tasks/upgrade.yml @@ -1,16 +1,16 @@ --- -- include: upgrade/rpm_upgrade.yml +- include_tasks: upgrade/rpm_upgrade.yml when: not openshift.common.is_containerized | bool -- include: upgrade/upgrade_scheduler.yml +- include_tasks: upgrade/upgrade_scheduler.yml # master_config_hook is passed in from upgrade play. -- include: "upgrade/{{ master_config_hook }}" +- include_tasks: "upgrade/{{ master_config_hook }}" when: master_config_hook is defined -- include: journald.yml +- include_tasks: journald.yml -- include: systemd_units.yml +- include_tasks: systemd_units.yml - name: Check for ca-bundle.crt stat: diff --git a/roles/openshift_master/templates/htpasswd.j2 b/roles/openshift_master/templates/htpasswd.j2 index ba2c02e20..7e2e05076 100644 --- a/roles/openshift_master/templates/htpasswd.j2 +++ b/roles/openshift_master/templates/htpasswd.j2 @@ -1,5 +1,5 @@ {% if 'htpasswd_users' in openshift.master %} -{% for user,pass in openshift.master.htpasswd_users.iteritems() %} +{% for user,pass in openshift.master.htpasswd_users.items() %} {{ user ~ ':' ~ pass }} {% endfor %} {% endif %} diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 629fe3286..d5dd9e9c0 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -65,7 +65,7 @@ disabledFeatures: {{ openshift.master.disabled_features | to_json }} {% endif %} {% if openshift.master.embedded_dns | bool %} dnsConfig: - bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }} + bindAddress: {{ openshift.master.bind_addr }}:{{ openshift_master_dns_port }} bindNetwork: tcp4 {% endif %} etcdClientInfo: |