diff options
Diffstat (limited to 'roles')
23 files changed, 0 insertions, 1668 deletions
diff --git a/roles/openstack-create-cinder-registry/tasks/main.yaml b/roles/openstack-create-cinder-registry/tasks/main.yaml deleted file mode 100644 index 6e9d1c2e7..000000000 --- a/roles/openstack-create-cinder-registry/tasks/main.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- os_volume: - display_name: "{{ cinder_hosted_registry_name }}" - size: "{{ cinder_hosted_registry_size_gb }}" - register: cinder_registry_volume diff --git a/roles/openstack-stack/README.md b/roles/openstack-stack/README.md deleted file mode 100644 index 32a2b49f1..000000000 --- a/roles/openstack-stack/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Role openstack-stack - -Role for spinning up instances using OpenStack Heat. - -## To Test - -``` -ansible-playbook openshift-ansible-contrib/roles/openstack-stack/test/stack-create-test.yml -``` diff --git a/roles/openstack-stack/defaults/main.yml b/roles/openstack-stack/defaults/main.yml deleted file mode 100644 index a24e684cc..000000000 --- a/roles/openstack-stack/defaults/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- - -stack_state: 'present' - -ssh_ingress_cidr: 0.0.0.0/0 -node_ingress_cidr: 0.0.0.0/0 -master_ingress_cidr: 0.0.0.0/0 -lb_ingress_cidr: 0.0.0.0/0 -bastion_ingress_cidr: 0.0.0.0/0 -num_etcd: 0 -num_masters: 1 -num_nodes: 1 -num_dns: 1 -num_infra: 1 -nodes_to_remove: [] -etcd_volume_size: 2 -dns_volume_size: 1 -lb_volume_size: 5 -use_bastion: False -ui_ssh_tunnel: False -provider_network: False diff --git a/roles/openstack-stack/meta/main.yml b/roles/openstack-stack/meta/main.yml deleted file mode 100644 index fdda41bb3..000000000 --- a/roles/openstack-stack/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - role: common diff --git a/roles/openstack-stack/tasks/cleanup.yml b/roles/openstack-stack/tasks/cleanup.yml deleted file mode 100644 index 258334a6b..000000000 --- a/roles/openstack-stack/tasks/cleanup.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: cleanup temp files - file: - path: "{{ stack_template_pre.path }}" - state: absent diff --git a/roles/openstack-stack/tasks/generate-templates.yml b/roles/openstack-stack/tasks/generate-templates.yml deleted file mode 100644 index 0ff50a095..000000000 --- a/roles/openstack-stack/tasks/generate-templates.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- name: create HOT stack template prefix - register: stack_template_pre - tempfile: - state: directory - prefix: openshift-ansible - -- name: set template paths - set_fact: - stack_template_path: "{{ stack_template_pre.path }}/stack.yaml" - user_data_template_path: "{{ stack_template_pre.path }}/user-data" - -- name: generate HOT stack template from jinja2 template - template: - src: heat_stack.yaml.j2 - dest: "{{ stack_template_path }}" - -- name: generate HOT server template from jinja2 template - template: - src: heat_stack_server.yaml.j2 - dest: "{{ stack_template_pre.path }}/server.yaml" - -- name: generate user_data from jinja2 template - template: - src: user_data.j2 - dest: "{{ user_data_template_path }}" diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml deleted file mode 100644 index 0348f53ce..000000000 --- a/roles/openstack-stack/tasks/main.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- name: Generate the templates - include: generate-templates.yml - when: - - stack_state == 'present' - -- name: Handle the Stack (create/delete) - ignore_errors: False - register: stack_create - os_stack: - name: "{{ stack_name }}" - state: "{{ stack_state }}" - template: "{{ stack_template_path | default(omit) }}" - wait: yes - -# NOTE(bogdando) OS::Neutron::Subnet doesn't support live updates for -# dns_nameservers, so we can't do that for the "create stack" task. -- include: subnet_update_dns_servers.yaml - when: - - private_dns_server is defined - - stack_state == 'present' - -- name: CleanUp - include: cleanup.yml - when: - - stack_state == 'present' diff --git a/roles/openstack-stack/templates/heat_stack.yaml.j2 b/roles/openstack-stack/templates/heat_stack.yaml.j2 deleted file mode 100644 index 2359842a5..000000000 --- a/roles/openstack-stack/templates/heat_stack.yaml.j2 +++ /dev/null @@ -1,888 +0,0 @@ -heat_template_version: 2016-10-14 - -description: OpenShift cluster - -parameters: - -outputs: - - etcd_names: - description: Name of the etcds - value: { get_attr: [ etcd, name ] } - - etcd_ips: - description: IPs of the etcds - value: { get_attr: [ etcd, private_ip ] } - - etcd_floating_ips: - description: Floating IPs of the etcds - value: { get_attr: [ etcd, floating_ip ] } - - master_names: - description: Name of the masters - value: { get_attr: [ masters, name ] } - - master_ips: - description: IPs of the masters - value: { get_attr: [ masters, private_ip ] } - - master_floating_ips: - description: Floating IPs of the masters - value: { get_attr: [ masters, floating_ip ] } - - node_names: - description: Name of the nodes - value: { get_attr: [ compute_nodes, name ] } - - node_ips: - description: IPs of the nodes - value: { get_attr: [ compute_nodes, private_ip ] } - - node_floating_ips: - description: Floating IPs of the nodes - value: { get_attr: [ compute_nodes, floating_ip ] } - - infra_names: - description: Name of the nodes - value: { get_attr: [ infra_nodes, name ] } - - infra_ips: - description: IPs of the nodes - value: { get_attr: [ infra_nodes, private_ip ] } - - infra_floating_ips: - description: Floating IPs of the nodes - value: { get_attr: [ infra_nodes, floating_ip ] } - -{% if num_dns|int > 0 %} - dns_name: - description: Name of the DNS - value: - get_attr: - - dns - - name - - dns_floating_ips: - description: Floating IPs of the DNS - value: { get_attr: [ dns, floating_ip ] } - - dns_private_ips: - description: Private IPs of the DNS - value: { get_attr: [ dns, private_ip ] } -{% endif %} - -conditions: - no_floating: {% if provider_network or use_bastion|bool %}true{% else %}false{% endif %} - -resources: - -{% if not provider_network %} - net: - type: OS::Neutron::Net - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} - - subnet: - type: OS::Neutron::Subnet - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-subnet - params: - cluster_id: {{ stack_name }} - network: { get_resource: net } - cidr: - str_replace: - template: subnet_24_prefix.0/24 - params: - subnet_24_prefix: {{ subnet_prefix }} - allocation_pools: - - start: - str_replace: - template: subnet_24_prefix.3 - params: - subnet_24_prefix: {{ subnet_prefix }} - end: - str_replace: - template: subnet_24_prefix.254 - params: - subnet_24_prefix: {{ subnet_prefix }} - dns_nameservers: -{% for nameserver in dns_nameservers %} - - {{ nameserver }} -{% endfor %} - -{% if openshift_use_flannel|default(False)|bool %} - data_net: - type: OS::Neutron::Net - properties: - name: openshift-ansible-{{ stack_name }}-data-net - port_security_enabled: false - - data_subnet: - type: OS::Neutron::Subnet - properties: - name: openshift-ansible-{{ stack_name }}-data-subnet - network: { get_resource: data_net } - cidr: {{ osm_cluster_network_cidr|default('10.128.0.0/14') }} - gateway_ip: null -{% endif %} - - router: - type: OS::Neutron::Router - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-router - params: - cluster_id: {{ stack_name }} - external_gateway_info: - network: {{ external_network }} - - interface: - type: OS::Neutron::RouterInterface - properties: - router_id: { get_resource: router } - subnet_id: { get_resource: subnet } - -{% endif %} - -# keypair: -# type: OS::Nova::KeyPair -# properties: -# name: -# str_replace: -# template: openshift-ansible-cluster_id-keypair -# params: -# cluster_id: {{ stack_name }} -# public_key: {{ ssh_public_key }} - - common-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-common-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Basic ssh/icmp security group for cluster_id OpenShift cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 22 - port_range_max: 22 - remote_ip_prefix: {{ ssh_ingress_cidr }} -{% if use_bastion|bool %} - - direction: ingress - protocol: tcp - port_range_min: 22 - port_range_max: 22 - remote_ip_prefix: {{ bastion_ingress_cidr }} -{% endif %} - - direction: ingress - protocol: icmp - remote_ip_prefix: {{ ssh_ingress_cidr }} - -{% if openstack_flat_secgrp|default(False)|bool %} - flat-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-flat-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 4001 - port_range_max: 4001 - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port|default(8443) }} - port_range_max: {{ openshift_master_api_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port|default(8443) }} - port_range_max: {{ openshift_master_console_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: udp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: tcp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: udp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: tcp - port_range_min: 2224 - port_range_max: 2224 - - direction: ingress - protocol: udp - port_range_min: 5404 - port_range_max: 5405 - - direction: ingress - protocol: tcp - port_range_min: 9090 - port_range_max: 9090 - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2380 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 4789 - port_range_max: 4789 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% else %} - master-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-master-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster master - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 4001 - port_range_max: 4001 - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port|default(8443) }} - port_range_max: {{ openshift_master_api_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port|default(8443) }} - port_range_max: {{ openshift_master_console_port|default(8443) }} - - direction: ingress - protocol: tcp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: udp - port_range_min: 8053 - port_range_max: 8053 - - direction: ingress - protocol: tcp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: udp - port_range_min: 24224 - port_range_max: 24224 - - direction: ingress - protocol: tcp - port_range_min: 2224 - port_range_max: 2224 - - direction: ingress - protocol: udp - port_range_min: 5404 - port_range_max: 5405 - - direction: ingress - protocol: tcp - port_range_min: 9090 - port_range_max: 9090 -{% if openshift_use_flannel|default(False)|bool %} - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2379 -{% endif %} - - etcd-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-etcd-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id etcd cluster - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 2379 - port_range_max: 2379 - remote_mode: remote_group_id - remote_group_id: { get_resource: master-secgrp } - - direction: ingress - protocol: tcp - port_range_min: 2380 - port_range_max: 2380 - remote_mode: remote_group_id - - node-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-node-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift cluster nodes - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 4789 - port_range_max: 4789 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% endif %} - - infra-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-infra-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id OpenShift infrastructure cluster nodes - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: tcp - port_range_min: 80 - port_range_max: 80 - - direction: ingress - protocol: tcp - port_range_min: 443 - port_range_max: 443 - -{% if num_dns|int > 0 %} - dns-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: - str_replace: - template: openshift-ansible-cluster_id-dns-secgrp - params: - cluster_id: {{ stack_name }} - description: - str_replace: - template: Security group for cluster_id cluster DNS - params: - cluster_id: {{ stack_name }} - rules: - - direction: ingress - protocol: udp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: udp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" - - direction: ingress - protocol: tcp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: {{ node_ingress_cidr }} - - direction: ingress - protocol: tcp - port_range_min: 53 - port_range_max: 53 - remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" -{% endif %} - -{% if num_masters|int > 1 or ui_ssh_tunnel|bool %} - lb-secgrp: - type: OS::Neutron::SecurityGroup - properties: - name: openshift-ansible-{{ stack_name }}-lb-secgrp - description: Security group for {{ stack_name }} cluster Load Balancer - rules: - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port | default(8443) }} - port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% if ui_ssh_tunnel|bool %} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_api_port | default(8443) }} - port_range_max: {{ openshift_master_api_port | default(8443) }} - remote_ip_prefix: {{ ssh_ingress_cidr }} -{% endif %} -{% if openshift_master_console_port is defined and openshift_master_console_port != openshift_master_api_port %} - - direction: ingress - protocol: tcp - port_range_min: {{ openshift_master_console_port | default(8443) }} - port_range_max: {{ openshift_master_console_port | default(8443) }} - remote_ip_prefix: {{ lb_ingress_cidr | default(bastion_ingress_cidr) }} -{% endif %} -{% endif %} - - etcd: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_etcd }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ etcd_hostname | default('etcd') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: etcds - cluster_id: {{ stack_name }} - type: etcd - image: {{ openstack_etcd_image | default(openstack_image) }} - flavor: {{ etcd_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}etcd-secgrp{% endif %} } - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ etcd_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - -{% if master_server_group_policies|length > 0 %} - master_server_group: - type: OS::Nova::ServerGroup - properties: - name: master_server_group - policies: {{ master_server_group_policies }} -{% endif %} -{% if infra_server_group_policies|length > 0 %} - infra_server_group: - type: OS::Nova::ServerGroup - properties: - name: infra_server_group - policies: {{ infra_server_group_policies }} -{% endif %} -{% if num_masters|int > 1 %} - loadbalancer: - type: OS::Heat::ResourceGroup - properties: - count: 1 - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ lb_hostname | default('lb') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: lb - cluster_id: {{ stack_name }} - type: lb - image: {{ openstack_lb_image | default(openstack_image) }} - flavor: {{ lb_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: lb-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ lb_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} -{% endif %} - - masters: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_masters }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ master_hostname | default('master')}} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: masters - cluster_id: {{ stack_name }} - type: master - image: {{ openstack_master_image | default(openstack_image) }} - flavor: {{ master_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: -{% if openstack_flat_secgrp|default(False)|bool %} - - { get_resource: flat-secgrp } -{% else %} - - { get_resource: master-secgrp } - - { get_resource: node-secgrp } -{% if num_etcd|int == 0 %} - - { get_resource: etcd-secgrp } -{% endif %} -{% endif %} - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ master_volume_size }} -{% if master_server_group_policies|length > 0 %} - scheduler_hints: - group: { get_resource: master_server_group } -{% endif %} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - - compute_nodes: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_nodes }} - removal_policies: - - resource_list: {{ nodes_to_remove }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: sub_type_k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ node_hostname | default('app-node') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: nodes - cluster_id: {{ stack_name }} - type: node - subtype: app - node_labels: -{% for k, v in openshift_cluster_node_labels.app.iteritems() %} - {{ k|e }}: {{ v|e }} -{% endfor %} - image: {{ openstack_node_image | default(openstack_image) }} - flavor: {{ node_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: - - { get_resource: {% if openstack_flat_secgrp|default(False)|bool %}flat-secgrp{% else %}node-secgrp{% endif %} } - - { get_resource: common-secgrp } - floating_network: - if: - - no_floating - - null - - {{ external_network }} -{% if use_bastion|bool or provider_network %} - attach_float_net: false -{% endif %} - volume_size: {{ node_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - - infra_nodes: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_infra }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: sub_type_k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - sub_type_k8s_type: {{ infra_hostname | default('infranode') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: infra - cluster_id: {{ stack_name }} - type: node - subtype: infra - node_labels: -{% for k, v in openshift_cluster_node_labels.infra.iteritems() %} - {{ k|e }}: {{ v|e }} -{% endfor %} - image: {{ openstack_infra_image | default(openstack_image) }} - flavor: {{ infra_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: true - data_net: { get_resource: data_net } - data_subnet: { get_resource: data_subnet } -{% endif %} -{% endif %} - secgrp: -# TODO(bogdando) filter only required node rules into infra-secgrp -{% if openstack_flat_secgrp|default(False)|bool %} - - { get_resource: flat-secgrp } -{% else %} - - { get_resource: node-secgrp } -{% endif %} -{% if ui_ssh_tunnel|bool and num_masters|int < 2 %} - - { get_resource: lb-secgrp } -{% endif %} - - { get_resource: infra-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ infra_volume_size }} -{% if infra_server_group_policies|length > 0 %} - scheduler_hints: - group: { get_resource: infra_server_group } -{% endif %} -{% if not provider_network %} - depends_on: - - interface -{% endif %} - -{% if num_dns|int > 0 %} - dns: - type: OS::Heat::ResourceGroup - properties: - count: {{ num_dns }} - resource_def: - type: server.yaml - properties: - name: - str_replace: - template: k8s_type-%index%.cluster_id - params: - cluster_id: {{ stack_name }} - k8s_type: {{ dns_hostname | default('dns') }} - cluster_env: {{ public_dns_domain }} - cluster_id: {{ stack_name }} - group: - str_replace: - template: k8s_type.cluster_id - params: - k8s_type: dns - cluster_id: {{ stack_name }} - type: dns - image: {{ openstack_dns_image | default(openstack_image) }} - flavor: {{ dns_flavor }} - key_name: {{ ssh_public_key }} -{% if provider_network %} - net: {{ provider_network }} - net_name: {{ provider_network }} -{% else %} - net: { get_resource: net } - subnet: { get_resource: subnet } - net_name: - str_replace: - template: openshift-ansible-cluster_id-net - params: - cluster_id: {{ stack_name }} -{% endif %} - secgrp: - - { get_resource: dns-secgrp } - - { get_resource: common-secgrp } -{% if not provider_network %} - floating_network: {{ external_network }} -{% endif %} - volume_size: {{ dns_volume_size }} -{% if not provider_network %} - depends_on: - - interface -{% endif %} -{% endif %} diff --git a/roles/openstack-stack/templates/heat_stack_server.yaml.j2 b/roles/openstack-stack/templates/heat_stack_server.yaml.j2 deleted file mode 100644 index 9ffe721a5..000000000 --- a/roles/openstack-stack/templates/heat_stack_server.yaml.j2 +++ /dev/null @@ -1,270 +0,0 @@ -heat_template_version: 2016-10-14 - -description: OpenShift cluster server - -parameters: - - name: - type: string - label: Name - description: Name - - group: - type: string - label: Host Group - description: The Primary Ansible Host Group - default: host - - cluster_env: - type: string - label: Cluster environment - description: Environment of the cluster - - cluster_id: - type: string - label: Cluster ID - description: Identifier of the cluster - - type: - type: string - label: Type - description: Type master or node - - subtype: - type: string - label: Sub-type - description: Sub-type compute or infra for nodes, default otherwise - default: default - - key_name: - type: string - label: Key name - description: Key name of keypair - - image: - type: string - label: Image - description: Name of the image - - flavor: - type: string - label: Flavor - description: Name of the flavor - - net: - type: string - label: Net ID - description: Net resource - - net_name: - type: string - label: Net name - description: Net name - -{% if not provider_network %} - subnet: - type: string - label: Subnet ID - description: Subnet resource -{% endif %} - -{% if openshift_use_flannel|default(False)|bool %} - attach_data_net: - type: boolean - default: false - label: Attach-data-net - description: A switch for data port connection - - data_net: - type: string - default: '' - label: Net ID - description: Net resource - -{% if not provider_network %} - data_subnet: - type: string - default: '' - label: Subnet ID - description: Subnet resource -{% endif %} -{% endif %} - - secgrp: - type: comma_delimited_list - label: Security groups - description: Security group resources - - attach_float_net: - type: boolean - default: true - - label: Attach-float-net - description: A switch for floating network port connection - -{% if not provider_network %} - floating_network: - type: string - default: '' - label: Floating network - description: Network to allocate floating IP from -{% endif %} - - availability_zone: - type: string - description: The Availability Zone to launch the instance. - default: nova - - volume_size: - type: number - description: Size of the volume to be created. - default: 1 - constraints: - - range: { min: 1, max: 1024 } - description: must be between 1 and 1024 Gb. - - node_labels: - type: json - description: OpenShift Node Labels - default: {"region": "default" } - - scheduler_hints: - type: json - description: Server scheduler hints. - default: {} - -outputs: - - name: - description: Name of the server - value: { get_attr: [ server, name ] } - - private_ip: - description: Private IP of the server - value: - get_attr: - - server - - addresses - - { get_param: net_name } - - 0 - - addr - - floating_ip: - description: Floating IP of the server - value: - get_attr: - - server - - addresses - - { get_param: net_name } -{% if provider_network %} - - 0 -{% else %} - - 1 -{% endif %} - - addr - -conditions: - no_floating: {not: { get_param: attach_float_net} } -{% if openshift_use_flannel|default(False)|bool %} - no_data_subnet: {not: { get_param: attach_data_net} } -{% endif %} - -resources: - - server: - type: OS::Nova::Server - properties: - name: { get_param: name } - key_name: { get_param: key_name } - image: { get_param: image } - flavor: { get_param: flavor } - networks: -{% if openshift_use_flannel|default(False)|bool %} - if: - - no_data_subnet -{% if use_trunk_ports|default(false)|bool %} - - - port: { get_attr: [trunk-port, port_id] } -{% else %} - - - port: { get_resource: port } -{% endif %} -{% if use_trunk_ports|default(false)|bool %} - - - port: { get_attr: [trunk-port, port_id] } -{% else %} - - - port: { get_resource: port } - - port: { get_resource: data_port } -{% endif %} - -{% else %} -{% if use_trunk_ports|default(false)|bool %} - - port: { get_attr: [trunk-port, port_id] } -{% else %} - - port: { get_resource: port } -{% endif %} -{% endif %} - user_data: - get_file: user-data - user_data_format: RAW - user_data_update_policy: IGNORE - metadata: - group: { get_param: group } - environment: { get_param: cluster_env } - clusterid: { get_param: cluster_id } - host-type: { get_param: type } - sub-host-type: { get_param: subtype } - node_labels: { get_param: node_labels } - scheduler_hints: { get_param: scheduler_hints } - -{% if use_trunk_ports|default(false)|bool %} - trunk-port: - type: OS::Neutron::Trunk - properties: - name: { get_param: name } - port: { get_resource: port } -{% endif %} - - port: - type: OS::Neutron::Port - properties: - network: { get_param: net } -{% if not provider_network %} - fixed_ips: - - subnet: { get_param: subnet } -{% endif %} - security_groups: { get_param: secgrp } - -{% if openshift_use_flannel|default(False)|bool %} - data_port: - type: OS::Neutron::Port - condition: { not: no_data_subnet } - properties: - network: { get_param: data_net } - port_security_enabled: false -{% if not provider_network %} - fixed_ips: - - subnet: { get_param: data_subnet } -{% endif %} -{% endif %} - -{% if not provider_network %} - floating-ip: - condition: { not: no_floating } - type: OS::Neutron::FloatingIP - properties: - floating_network: { get_param: floating_network } - port_id: { get_resource: port } -{% endif %} - -{% if not ephemeral_volumes|default(false)|bool %} - cinder_volume: - type: OS::Cinder::Volume - properties: - size: { get_param: volume_size } - availability_zone: { get_param: availability_zone } - - volume_attachment: - type: OS::Cinder::VolumeAttachment - properties: - volume_id: { get_resource: cinder_volume } - instance_uuid: { get_resource: server } - mountpoint: /dev/sdb -{% endif %} diff --git a/roles/openstack-stack/templates/user_data.j2 b/roles/openstack-stack/templates/user_data.j2 deleted file mode 100644 index eb65f7cec..000000000 --- a/roles/openstack-stack/templates/user_data.j2 +++ /dev/null @@ -1,13 +0,0 @@ -#cloud-config -disable_root: true - -system_info: - default_user: - name: openshift - sudo: ["ALL=(ALL) NOPASSWD: ALL"] - -write_files: - - path: /etc/sudoers.d/00-openshift-no-requiretty - permissions: 440 - content: | - Defaults:openshift !requiretty diff --git a/roles/openstack-stack/test/roles b/roles/openstack-stack/test/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/roles/openstack-stack/test/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/
\ No newline at end of file diff --git a/roles/openstack-stack/test/stack-create-test.yml b/roles/openstack-stack/test/stack-create-test.yml deleted file mode 100644 index d80472193..000000000 --- a/roles/openstack-stack/test/stack-create-test.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- hosts: localhost - gather_facts: True - become: False - roles: - - role: openstack-stack - stack_name: test-stack - dns_domain: "{{ public_dns_domain }}" - dns_nameservers: "{{ public_dns_nameservers }}" - subnet_prefix: "{{ openstack_subnet_prefix }}" - ssh_public_key: "{{ openstack_ssh_public_key }}" - openstack_image: "{{ openstack_default_image_name }}" - etcd_flavor: "{{ openstack_default_flavor }}" - master_flavor: "{{ openstack_default_flavor }}" - node_flavor: "{{ openstack_default_flavor }}" - infra_flavor: "{{ openstack_default_flavor }}" - dns_flavor: "{{ openstack_default_flavor }}" - external_network: "{{ openstack_external_network_name }}" diff --git a/roles/static_inventory/defaults/main.yml b/roles/static_inventory/defaults/main.yml deleted file mode 100644 index 871700f8c..000000000 --- a/roles/static_inventory/defaults/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# Either to checkpoint the dynamic inventory into a static one -refresh_inventory: True -inventory: static -inventory_path: ~/openstack-inventory - -# Either to configure bastion -use_bastion: true - -# SSH user/key/options to access hosts via bastion -ssh_user: openshift -ssh_options: >- - -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no - -o ConnectTimeout=90 -o ControlMaster=auto -o ControlPersist=270s - -o ServerAliveInterval=30 -o GSSAPIAuthentication=no - -# SSH key to access nodes -private_ssh_key: ~/.ssh/openshift - -# The patch to store the generated config to access bastion/hosts -ssh_config_path: /tmp/ssh.config.ansible - -# The IP:port to make an SSH tunnel to access UI on the 1st master -# via bastion node (requires sudo on the ansible control node) -ui_ssh_tunnel: False -ui_port: "{{ openshift_master_api_port | default(8443) }}" -target_ip: "{{ hostvars[groups['masters.' + stack_name|quote][0]].private_v4 }}" - -openstack_private_network: private diff --git a/roles/static_inventory/meta/main.yml b/roles/static_inventory/meta/main.yml deleted file mode 100644 index fdda41bb3..000000000 --- a/roles/static_inventory/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - role: common diff --git a/roles/static_inventory/tasks/checkpoint.yml b/roles/static_inventory/tasks/checkpoint.yml deleted file mode 100644 index c0365bd3d..000000000 --- a/roles/static_inventory/tasks/checkpoint.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: check for static inventory dir - stat: - path: "{{ inventory_path }}" - register: stat_inventory_path - -- name: create static inventory dir - file: - path: "{{ inventory_path }}" - state: directory - mode: 0750 - when: not stat_inventory_path.stat.exists - -- name: create inventory from template - template: - src: inventory.j2 - dest: "{{ inventory_path }}/hosts" diff --git a/roles/static_inventory/tasks/filter_out_new_app_nodes.yaml b/roles/static_inventory/tasks/filter_out_new_app_nodes.yaml deleted file mode 100644 index 826efe78d..000000000 --- a/roles/static_inventory/tasks/filter_out_new_app_nodes.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Add all new app nodes to new_app_nodes - when: - - 'oc_old_app_nodes is defined' - - 'oc_old_app_nodes | list' - - 'node.name not in oc_old_app_nodes' - - 'node["metadata"]["sub-host-type"] == "app"' - register: result - set_fact: - new_app_nodes: '{{ new_app_nodes }} + [ {{ node }} ]' - -- name: If the node was added to new_nodes, remove it from registered nodes - set_fact: - registered_nodes: '{{ registered_nodes | difference([ node ]) }}' - when: 'not result | skipped' diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml deleted file mode 100644 index 3dab62df2..000000000 --- a/roles/static_inventory/tasks/main.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Remove any existing inventory - file: - path: "{{ inventory_path }}/hosts" - state: absent - -- name: Refresh the inventory - meta: refresh_inventory - -- name: Generate in-memory inventory - include: openstack.yml - -- name: Checkpoint in-memory data into a static inventory - include: checkpoint.yml - -- name: Generate SSH config for accessing hosts via bastion - include: sshconfig.yml - when: use_bastion|bool - -- name: Configure SSH tunneling to access UI - include: sshtun.yml - become: true - when: - - use_bastion|bool - - ui_ssh_tunnel|bool diff --git a/roles/static_inventory/tasks/openstack.yml b/roles/static_inventory/tasks/openstack.yml deleted file mode 100644 index adf78c966..000000000 --- a/roles/static_inventory/tasks/openstack.yml +++ /dev/null @@ -1,120 +0,0 @@ ---- -- no_log: true - block: - - name: fetch all nodes from openstack shade dynamic inventory - command: shade-inventory --list - register: registered_nodes_output - when: refresh_inventory|bool - - - name: set fact for openstack inventory cluster nodes - set_fact: - registered_nodes: "{{ (registered_nodes_output.stdout | from_json) | json_query(q) }}" - vars: - q: "[] | [?metadata.clusterid=='{{stack_name}}']" - when: - - refresh_inventory|bool - - - name: set_fact for openstack inventory nodes - set_fact: - registered_bastion_nodes: "{{ (registered_nodes_output.stdout | from_json) | json_query(q) }}" - registered_nodes_floating: "{{ (registered_nodes_output.stdout | from_json) | json_query(q2) }}" - vars: - q: "[] | [?metadata.group=='infra.{{stack_name}}']" - q2: "[] | [?metadata.clusterid=='{{stack_name}}'] | [?public_v4!='']" - when: - - refresh_inventory|bool - - - name: set_fact for openstack inventory nodes with provider network - set_fact: - registered_nodes_floating: "{{ (registered_nodes_output.stdout | from_json) | json_query(q) }}" - vars: - q: "[] | [?metadata.clusterid=='{{stack_name}}'] | [?public_v4=='']" - when: - - refresh_inventory|bool - - openstack_provider_network_name|default(None) - - - name: Add cluster nodes w/o floating IPs to inventory - with_items: "{{ registered_nodes|difference(registered_nodes_floating) }}" - add_host: - name: '{{ item.name }}' - ansible_host: >- - {% if use_bastion|bool -%} - {{ item.name }} - {%- else -%} - {%- set node = registered_nodes | json_query("[?name=='" + item.name + "']") -%} - {{ node[0].addresses[openstack_private_network|quote][0].addr }} - {%- endif %} - ansible_fqdn: '{{ item.name }}' - ansible_user: '{{ ssh_user }}' - ansible_private_key_file: '{{ private_ssh_key }}' - ansible_ssh_extra_args: '-F {{ ssh_config_path }}' - private_v4: >- - {% set node = registered_nodes | json_query("[?name=='" + item.name + "']") -%} - {{ node[0].addresses[openstack_private_network|quote][0].addr }} - - - name: Add cluster nodes with floating IPs to inventory - with_items: "{{ registered_nodes_floating }}" - add_host: - name: '{{ item.name }}' - ansible_host: >- - {% if use_bastion|bool -%} - {{ item.name }} - {%- elif openstack_provider_network_name|default(None) -%} - {{ item.private_v4 }} - {%- else -%} - {{ item.public_v4 }} - {%- endif %} - ansible_fqdn: '{{ item.name }}' - ansible_user: '{{ ssh_user }}' - ansible_private_key_file: '{{ private_ssh_key }}' - ansible_ssh_extra_args: '-F {{ ssh_config_path }}' - private_v4: >- - {% set node = registered_nodes | json_query("[?name=='" + item.name + "']") -%} - {{ node[0].addresses[openstack_private_network|quote][0].addr }} - public_v4: >- - {% if openstack_provider_network_name|default(None) -%} - {{ item.private_v4 }} - {%- else -%} - {{ item.public_v4 }} - {%- endif %} - - # Split registered_nodes into old nodes and new app nodes - # Add new app nodes to new_nodes host group for upscaling - - name: Create new_app_nodes variable - set_fact: - new_app_nodes: [] - - - name: Filter new app nodes out of registered_nodes - include: filter_out_new_app_nodes.yaml - with_items: "{{ registered_nodes }}" - loop_control: - loop_var: node - - - name: Add new app nodes to the new_nodes section (if a deployment already exists) - with_items: "{{ new_app_nodes }}" - add_host: - name: "{{ item.name }}" - groups: new_nodes, app - - - name: Add the rest of cluster nodes to their corresponding groups - with_items: "{{ registered_nodes }}" - add_host: - name: '{{ item.name }}' - groups: '{{ item.metadata.group }}' - - - name: Add bastion node to inventory - add_host: - name: bastion - groups: bastions - ansible_host: '{{ registered_bastion_nodes[0].public_v4 }}' - ansible_fqdn: '{{ registered_bastion_nodes[0].name }}' - ansible_user: '{{ ssh_user }}' - ansible_private_key_file: '{{ private_ssh_key }}' - ansible_ssh_extra_args: '-F {{ ssh_config_path }}' - private_v4: >- - {% set node = registered_nodes | json_query("[?name=='" + registered_bastion_nodes[0].name + "']") -%} - {{ node[0].addresses[openstack_private_network|quote][0].addr }} - public_v4: '{{ registered_bastion_nodes[0].public_v4 }}' - when: - - registered_bastion_nodes is defined - - use_bastion|bool diff --git a/roles/static_inventory/tasks/sshconfig.yml b/roles/static_inventory/tasks/sshconfig.yml deleted file mode 100644 index 7119fe6ff..000000000 --- a/roles/static_inventory/tasks/sshconfig.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: set ssh proxy command prefix for accessing nodes via bastion - set_fact: - ssh_proxy_command: >- - ssh {{ ssh_options }} - -i {{ private_ssh_key }} - {{ ssh_user }}@{{ hostvars['bastion'].ansible_host }} - -- name: regenerate ssh config - template: - src: openstack_ssh_config.j2 - dest: "{{ ssh_config_path }}" - mode: 0644 diff --git a/roles/static_inventory/tasks/sshtun.yml b/roles/static_inventory/tasks/sshtun.yml deleted file mode 100644 index b0e4c832c..000000000 --- a/roles/static_inventory/tasks/sshtun.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Create ssh tunnel systemd service - template: - src: ssh-tunnel.service.j2 - dest: /etc/systemd/system/ssh-tunnel.service - mode: 0644 - -- name: reload the systemctl daemon after file update - command: systemctl daemon-reload - -- name: Enable ssh tunnel service - service: - name: ssh-tunnel - enabled: true - state: restarted diff --git a/roles/static_inventory/templates/inventory.j2 b/roles/static_inventory/templates/inventory.j2 deleted file mode 100644 index 9dfbe3a5b..000000000 --- a/roles/static_inventory/templates/inventory.j2 +++ /dev/null @@ -1,104 +0,0 @@ -# BEGIN Autogenerated hosts -{% for host in groups['all'] %} -{% if hostvars[host].get('ansible_connection', '') == 'local' %} -{{ host }} ansible_connection=local -{% else %} - -{{ host }}{% if 'ansible_host' in hostvars[host] -%} ansible_host={{ hostvars[host]['ansible_host'] }}{% endif %} -{% if 'private_v4' in hostvars[host] -%} private_v4={{ hostvars[host]['private_v4'] }}{% endif %} -{% if 'public_v4' in hostvars[host] -%} public_v4={{ hostvars[host]['public_v4'] }}{% endif %} -{% if 'ansible_user' in hostvars[host] -%} ansible_user={{ hostvars[host]['ansible_user'] }}{% endif %} -{% if 'ansible_private_key_file' in hostvars[host] and hostvars[host]['ansible_private_key_file'] -%} ansible_private_key_file={{ hostvars[host]['ansible_private_key_file'] }}{% endif %} -{% if use_bastion|bool and 'ansible_ssh_extra_args' in hostvars[host] -%} ansible_ssh_extra_args={{ hostvars[host]['ansible_ssh_extra_args']|quote }}{% endif %} openshift_hostname={{ host }} - -{% endif %} -{% endfor %} -# END autogenerated hosts - -#[all:vars] -# For all group_vars, see ./group_vars/all.yml -[infra_hosts:vars] -openshift_node_labels={{ openshift_cluster_node_labels.infra | to_json | quote }} - -[app:vars] -openshift_node_labels={{ openshift_cluster_node_labels.app | to_json | quote }} - -# Create an OSEv3 group that contains the master, nodes, etcd, and lb groups. -# The lb group lets Ansible configure HAProxy as the load balancing solution. -# Comment lb out if your load balancer is pre-configured. -[cluster_hosts:children] -OSEv3 -dns - -[OSEv3:children] -nodes -etcd -lb -new_nodes - -# Set variables common for all OSEv3 hosts -[OSEv3:vars] - -# For OSEv3 normal group vars, see ./group_vars/OSEv3.yml - -{% if cinder_registry_volume is defined and 'volume' in cinder_registry_volume %} -openshift_hosted_registry_storage_openstack_volumeID="{{ cinder_registry_volume.id }}" -openshift_hosted_registry_storage_volume_size="{{ cinder_registry_volume.volume.size }}Gi" -{% endif %} - - -# Host Groups - -[masters:children] -masters.{{ stack_name }} - -[etcd:children] -etcd.{{ stack_name }} -{% if 'etcd' not in groups or groups['etcd']|length == 0 %}masters.{{ stack_name }}{% endif %} - -[nodes:children] -masters -infra.{{ stack_name }} -nodes.{{ stack_name }} - -[infra_hosts:children] -infra.{{ stack_name }} - -[app:children] -nodes.{{ stack_name }} - -[dns:children] -dns.{{ stack_name }} - -[lb:children] -lb.{{ stack_name }} - -[new_nodes:children] - -# Empty placeholders for all groups of the cluster nodes -[masters.{{ stack_name }}] -[etcd.{{ stack_name }}] -[infra.{{ stack_name }}] -[nodes.{{ stack_name }}] -[app.{{ stack_name }}] -[dns.{{ stack_name }}] -[lb.{{ stack_name }}] -[new_nodes.{{ stack_name }}] - -# BEGIN Autogenerated groups -{% for group in groups %} -{% if group not in ['ungrouped', 'all'] %} -[{{ group }}] -{% for host in groups[group] %} -{{ host }} -{% endfor %} - -{% endif %} -{% endfor %} -# END Autogenerated groups diff --git a/roles/static_inventory/templates/openstack_ssh_config.j2 b/roles/static_inventory/templates/openstack_ssh_config.j2 deleted file mode 100644 index ad5d1253a..000000000 --- a/roles/static_inventory/templates/openstack_ssh_config.j2 +++ /dev/null @@ -1,21 +0,0 @@ -Host * - IdentitiesOnly yes - -Host bastion - Hostname {{ hostvars['bastion'].ansible_host }} - IdentityFile {{ hostvars['bastion'].ansible_private_key_file }} - User {{ ssh_user }} - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null - -{% for host in groups['all'] | difference(groups['bastions'][0]) %} - -Host {{ host }} - Hostname {{ hostvars[host].ansible_host }} - ProxyCommand {{ ssh_proxy_command }} -W {{ hostvars[host].private_v4 }}:22 - IdentityFile {{ hostvars[host].ansible_private_key_file }} - User {{ ssh_user }} - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null - -{% endfor %} diff --git a/roles/static_inventory/templates/ssh-tunnel.service.j2 b/roles/static_inventory/templates/ssh-tunnel.service.j2 deleted file mode 100644 index 0d1cf8f79..000000000 --- a/roles/static_inventory/templates/ssh-tunnel.service.j2 +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Set up ssh tunneling for OpenShift cluster UI -After=network.target - -[Service] -ExecStart=/usr/bin/ssh -NT -o \ - ServerAliveInterval=60 -o \ - UserKnownHostsFile=/dev/null -o \ - StrictHostKeyChecking=no -o \ - ExitOnForwardFailure=no -i \ - {{ private_ssh_key }} {{ ssh_user }}@{{ hostvars['bastion'].ansible_host }} \ - -L 0.0.0.0:{{ ui_port }}:{{ target_ip }}:{{ ui_port }} - - -# Restart every >2 seconds to avoid StartLimitInterval failure -RestartSec=5 -Restart=always - -[Install] -WantedBy=multi-user.target |