diff options
Diffstat (limited to 'roles/openshift_node/tasks')
-rw-r--r-- | roles/openshift_node/tasks/main.yml | 138 | ||||
-rw-r--r-- | roles/openshift_node/tasks/storage_plugins/ceph.yml | 12 | ||||
-rw-r--r-- | roles/openshift_node/tasks/storage_plugins/glusterfs.yml | 12 | ||||
-rw-r--r-- | roles/openshift_node/tasks/storage_plugins/nfs.yml | 4 |
4 files changed, 68 insertions, 98 deletions
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 29e7eb532..9035248f9 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -14,13 +14,14 @@ hostname: "{{ openshift_hostname | default(none) }}" public_hostname: "{{ openshift_public_hostname | default(none) }}" deployment_type: "{{ openshift_deployment_type }}" - dns_ip: "{{ openshift_dns_ip | default(openshift_master_cluster_vip | default(None, true), true) }}" + # TODO: Replace this with a lookup or filter plugin. + dns_ip: "{{ openshift_dns_ip + | default(openshift_master_cluster_vip + | default(None if openshift.common.version_greater_than_3_1_or_1_1 | bool else openshift_node_first_master_ip | default(None, true), true), true) }}" - role: node local_facts: annotations: "{{ openshift_node_annotations | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" - docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" - docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" @@ -30,28 +31,51 @@ sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}" set_node_ip: "{{ openshift_set_node_ip | default(None) }}" + node_image: "{{ osn_image | default(None) }}" + ovs_image: "{{ osn_ovs_image | default(None) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving -# problems because the rpms don't pin the version properly. +# problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package - yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present - when: ansible_pkg_mgr == "yum" - register: node_install_result - -- name: Install Node package - dnf: pkg={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present - when: ansible_pkg_mgr == "dnf" - register: node_install_result + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present" + when: not openshift.common.is_containerized | bool - name: Install sdn-ovs package - yum: pkg={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present - register: sdn_install_result - when: ansible_pkg_mgr == "yum" and openshift.common.use_openshift_sdn + action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present" + when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool -- name: Install sdn-ovs package - dnf: pkg={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present - register: sdn_install_result - when: ansible_pkg_mgr == "dnf" and openshift.common.use_openshift_sdn +- name: Pull node image + command: > + docker pull {{ openshift.node.node_image }} + when: openshift.common.is_containerized | bool + +- name: Pull OpenVSwitch image + command: > + docker pull {{ openshift.node.ovs_image }} + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + +- name: Install Node docker service file + template: + dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service" + src: openshift.docker.node.service + register: install_node_result + when: openshift.common.is_containerized | bool + +- name: Install OpenvSwitch docker service file + template: + dest: "/etc/systemd/system/openvswitch.service" + src: openvswitch.docker.service + register: install_ovs_result + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( ( install_node_result | changed ) + or ( install_ovs_result | changed ) ) + +- name: Start and enable openvswitch docker service + service: name=openvswitch.service enabled=yes state=started + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config @@ -67,6 +91,7 @@ dest: /etc/sysconfig/{{ openshift.common.service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" + create: true with_items: - regex: '^OPTIONS=' line: "OPTIONS=--loglevel={{ openshift.node.debug_level }}" @@ -75,70 +100,27 @@ notify: - restart node -- stat: path=/etc/sysconfig/docker - register: docker_check - - # TODO: Enable secure registry when code available in origin -- name: Secure Registry and Logs Options - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^OPTIONS=.*$' - line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ -{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \ -{% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \ -{% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '" - when: docker_check.stat.isreg - notify: - - restart docker - -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | union(['registry.access.redhat.com']) - | difference(['']) }}" - when: openshift.common.deployment_type == 'enterprise' -- set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') - | oo_split() | difference(['']) }}" - when: openshift.common.deployment_type != 'enterprise' - -- name: Add personal registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^ADD_REGISTRY=.*$' - line: "ADD_REGISTRY='{{ docker_additional_registries - | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and docker_additional_registries - notify: - - restart docker - -- name: Block registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^BLOCK_REGISTRY=.*$' - line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split() - | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_blocked_registries') != '' - notify: - - restart docker - -- name: Grant access to additional insecure registries - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^INSECURE_REGISTRY=.*' - line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split() - | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - lookup('oo_option', 'docker_insecure_registries') != '' - notify: - - restart docker - - name: Additional storage plugin configuration include: storage_plugins/main.yml +# Necessary because when you're on a node that's also a master the master will be +# restarted after the node restarts docker and it will take up to 60 seconds for +# systemd to start the master again +- name: Wait for master API to become available before proceeding + # Using curl here since the uri module requires python-httplib2 and + # wait_for port doesn't provide health information. + command: > + curl -k --head --silent {{ openshift_node_master_api_url }} + register: api_available_output + until: api_available_output.stdout.find("200 OK") != -1 + retries: 120 + delay: 1 + changed_when: false + when: openshift.common.is_containerized | bool + - name: Start and enable node service: name={{ openshift.common.service_type }}-node enabled=yes state=started register: start_result - set_fact: - node_service_status_changed = start_result | changed + node_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index b5146dcac..eed3c99a3 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -1,12 +1,4 @@ --- - name: Install Ceph storage plugin dependencies - yum: - pkg: ceph-common - state: installed - when: ansible_pkg_mgr == "yum" - -- name: Install Ceph storage plugin dependencies - dnf: - pkg: ceph-common - state: installed - when: ansible_pkg_mgr == "dnf" + action: "{{ ansible_pkg_mgr }} name=ceph-common state=present" + when: not openshift.common.is_atomic | bool
\ No newline at end of file diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index a357023e1..8fc8497fa 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -1,15 +1,7 @@ --- - name: Install GlusterFS storage plugin dependencies - yum: - pkg: glusterfs-fuse - state: installed - when: ansible_pkg_mgr == "yum" - -- name: Install GlusterFS storage plugin dependencies - dnf: - pkg: glusterfs-fuse - state: installed - when: ansible_pkg_mgr == "dnf" + action: "{{ ansible_pkg_mgr }} name=glusterfs-fuse state=present" + when: not openshift.common.is_atomic | bool - name: Set sebooleans to allow gluster storage plugin access from containers seboolean: diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 1edf21d9b..14a613786 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -1,4 +1,8 @@ --- +- name: Install NFS storage plugin dependencies + action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + when: not openshift.common.is_atomic | bool + - name: Set seboolean to allow nfs storage plugin access from containers seboolean: name: virt_use_nfs |