1 files changed, 41 insertions, 3 deletions

diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 4406ef28b..600d8f676 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -1,4 +1,16 @@
 ---
+- name: Make sure heketi-client is installed
+  package: name=heketi-client state=present
+  when:
+  - not openshift.common.is_atomic | bool
+  - not glusterfs_heketi_is_native | bool
+
+- name: Verify heketi-cli is installed
+  shell: "command -v {{ glusterfs_heketi_cli }} >/dev/null 2>&1 || { echo >&2 'ERROR: Make sure heketi-cli is available, then re-run the installer'; exit 1; }"
+  changed_when: False
+  when:
+  - not glusterfs_heketi_is_native | bool
+
 - name: Verify target namespace exists
   oc_project:
     state: present
@@ -19,6 +31,8 @@
     name: "heketi-storage-endpoints"
   - kind: "secret"
     name: "heketi-{{ glusterfs_name }}-topology-secret"
+  - kind: "secret"
+    name: "heketi-{{ glusterfs_name }}-config-secret"
   - kind: "template,route,service,dc"
     name: "heketi-{{ glusterfs_name }}"
   - kind: "svc"
@@ -26,7 +40,7 @@
   - kind: "sa"
     name: "heketi-{{ glusterfs_name }}-service-account"
   - kind: "secret"
-    name: "heketi-{{ glusterfs_name }}-user-secret"
+    name: "heketi-{{ glusterfs_name }}-admin-secret"
   failed_when: False
   when: glusterfs_heketi_wipe
 
@@ -66,6 +80,7 @@
 
 - name: Add heketi service account to privileged SCC
   oc_adm_policy_user:
+    namespace: "{{ glusterfs_namespace }}"
     user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
     resource_kind: scc
     resource_name: privileged
@@ -74,6 +89,7 @@
 
 - name: Allow heketi service account to view/edit pods
   oc_adm_policy_user:
+    namespace: "{{ glusterfs_namespace }}"
     user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
     resource_kind: role
     resource_name: edit
@@ -123,6 +139,13 @@
   when:
   - glusterfs_heketi_topology_load
 
+- name: Generate heketi config file
+  template:
+    src: "{{ openshift.common.examples_content_version }}/heketi.json.j2"
+    dest: "{{ mktemp.stdout }}/heketi.json"
+  when:
+  - glusterfs_heketi_is_native
+
 - name: Generate heketi admin key
   set_fact:
     glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
@@ -140,6 +163,20 @@
   - glusterfs_heketi_is_native
   - glusterfs_heketi_user_key is undefined
 
+- name: Create heketi config secret
+  oc_secret:
+    namespace: "{{ glusterfs_namespace }}"
+    state: present
+    name: "heketi-{{ glusterfs_name }}-config-secret"
+    force: True
+    files:
+    - name: heketi.json
+      path: "{{ mktemp.stdout }}/heketi.json"
+    - name: private_key
+      path: "{{ glusterfs_heketi_ssh_keyfile }}"
+  when:
+  - glusterfs_heketi_is_native
+
 - include: heketi_deploy_part1.yml
   when:
   - glusterfs_heketi_is_native
@@ -148,7 +185,7 @@
 
 - name: Set heketi-cli command
   set_fact:
-    glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}oc rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}heketi-cli -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
+    glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}{{ glusterfs_heketi_cli }} -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}"
 
 - name: Verify heketi service
   command: "{{ glusterfs_heketi_client }} cluster list"
@@ -170,7 +207,7 @@
   oc_secret:
     namespace: "{{ glusterfs_namespace }}"
     state: present
-    name: "heketi-{{ glusterfs_name }}-secret"
+    name: "heketi-{{ glusterfs_name }}-admin-secret"
     type: "kubernetes.io/glusterfs"
     force: True
     contents:
@@ -178,6 +215,7 @@
       data: "{{ glusterfs_heketi_admin_key }}"
   when:
   - glusterfs_storageclass
+  - glusterfs_heketi_admin_key is defined
 
 - name: Get heketi route
   oc_obj: