summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/lib_openshift/library/oc_pvc.py74
-rw-r--r--roles/lib_openshift/src/ansible/oc_pvc.py6
-rw-r--r--roles/lib_openshift/src/class/oc_pvc.py2
-rw-r--r--roles/lib_openshift/src/doc/pvc12
-rw-r--r--roles/lib_openshift/src/lib/pvc.py54
-rwxr-xr-xroles/lib_openshift/src/test/integration/oc_pvc.yml28
-rwxr-xr-xroles/lib_openshift/src/test/unit/test_oc_pvc.py11
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py6
-rw-r--r--roles/openshift_health_checker/action_plugins/openshift_health_check.py20
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/logging.py5
-rw-r--r--roles/openshift_metrics/tasks/generate_rolebindings.yaml9
-rw-r--r--roles/openshift_metrics/tasks/generate_serviceaccounts.yaml12
-rw-r--r--roles/openshift_node_upgrade/handlers/main.yml5
-rw-r--r--roles/openshift_node_upgrade/tasks/systemd_units.yml19
-rw-r--r--roles/openshift_storage_glusterfs/defaults/main.yml2
15 files changed, 233 insertions, 32 deletions
diff --git a/roles/lib_openshift/library/oc_pvc.py b/roles/lib_openshift/library/oc_pvc.py
index a88639bfc..a21540962 100644
--- a/roles/lib_openshift/library/oc_pvc.py
+++ b/roles/lib_openshift/library/oc_pvc.py
@@ -110,6 +110,18 @@ options:
- ReadOnlyMany
- ReadWriteMany
aliases: []
+ storage_class_name:
+ description:
+ - The storage class name for the PVC
+ required: false
+ default: None
+ aliases: []
+ selector:
+ description:
+ - A hash of key/values for the matchLabels
+ required: false
+ default: None
+ aliases: []
author:
- "Kenny Woodson <kwoodson@redhat.com>"
extends_documentation_fragment: []
@@ -1420,7 +1432,9 @@ class PersistentVolumeClaimConfig(object):
namespace,
kubeconfig,
access_modes=None,
- vol_capacity='1G'):
+ vol_capacity='1G',
+ selector=None,
+ storage_class_name=None):
''' constructor for handling pvc options '''
self.kubeconfig = kubeconfig
self.name = sname
@@ -1428,6 +1442,8 @@ class PersistentVolumeClaimConfig(object):
self.access_modes = access_modes
self.vol_capacity = vol_capacity
self.data = {}
+ self.selector = selector
+ self.storage_class_name = storage_class_name
self.create_dict()
@@ -1445,12 +1461,16 @@ class PersistentVolumeClaimConfig(object):
self.data['spec']['accessModes'] = ['ReadWriteOnce']
if self.access_modes:
self.data['spec']['accessModes'] = self.access_modes
+ if self.selector:
+ self.data['spec']['selector'] = {'matchLabels': self.selector}
# storage capacity
self.data['spec']['resources'] = {}
self.data['spec']['resources']['requests'] = {}
self.data['spec']['resources']['requests']['storage'] = self.vol_capacity
+ if self.storage_class_name:
+ self.data['spec']['storageClassName'] = self.storage_class_name
# pylint: disable=too-many-instance-attributes,too-many-public-methods
class PersistentVolumeClaim(Yedit):
@@ -1460,13 +1480,29 @@ class PersistentVolumeClaim(Yedit):
volume_name_path = "spec.volumeName"
bound_path = "status.phase"
kind = 'PersistentVolumeClaim'
+ selector_path = "spec.selector.matchLabels"
+ storage_class_name_path = "spec.storageClassName"
def __init__(self, content):
- '''RoleBinding constructor'''
+ '''PersistentVolumeClaim constructor'''
super(PersistentVolumeClaim, self).__init__(content=content)
self._access_modes = None
self._volume_capacity = None
self._volume_name = None
+ self._selector = None
+ self._storage_class_name = None
+
+ @property
+ def storage_class_name(self):
+ ''' storage_class_name property '''
+ if self._storage_class_name is None:
+ self._storage_class_name = self.get_storage_class_name()
+ return self._storage_class_name
+
+ @storage_class_name.setter
+ def storage_class_name(self, data):
+ ''' storage_class_name property setter'''
+ self._storage_class_name = data
@property
def volume_name(self):
@@ -1481,6 +1517,24 @@ class PersistentVolumeClaim(Yedit):
self._volume_name = data
@property
+ def selector(self):
+ ''' selector property '''
+ if self._selector is None:
+ self._selector = self.get_selector()
+ if not isinstance(self._selector, dict):
+ self._selector = dict(self._selector)
+
+ return self._selector
+
+ @selector.setter
+ def selector(self, data):
+ ''' selector property setter'''
+ if not isinstance(data, dict):
+ data = dict(data)
+
+ self._selector = data
+
+ @property
def access_modes(self):
''' access_modes property '''
if self._access_modes is None:
@@ -1510,6 +1564,14 @@ class PersistentVolumeClaim(Yedit):
''' volume_capacity property setter'''
self._volume_capacity = data
+ def get_storage_class_name(self):
+ '''get storage_class_name'''
+ return self.get(PersistentVolumeClaim.storage_class_name_path) or []
+
+ def get_selector(self):
+ '''get selector'''
+ return self.get(PersistentVolumeClaim.selector_path) or []
+
def get_access_modes(self):
'''get access_modes'''
return self.get(PersistentVolumeClaim.access_modes_path) or []
@@ -1663,6 +1725,8 @@ class OCPVC(OpenShiftCLI):
params['kubeconfig'],
params['access_modes'],
params['volume_capacity'],
+ params['selector'],
+ params['storage_class_name'],
)
oc_pvc = OCPVC(pconfig, verbose=params['debug'])
@@ -1763,9 +1827,9 @@ def main():
name=dict(default=None, required=True, type='str'),
namespace=dict(default=None, required=True, type='str'),
volume_capacity=dict(default='1G', type='str'),
- access_modes=dict(default='ReadWriteOnce',
- choices=['ReadWriteOnce', 'ReadOnlyMany', 'ReadWriteMany'],
- type='str'),
+ storage_class_name=dict(default=None, required=False, type='str'),
+ selector=dict(default=None, required=False, type='dict'),
+ access_modes=dict(default=['ReadWriteOnce'], type='list'),
),
supports_check_mode=True,
)
diff --git a/roles/lib_openshift/src/ansible/oc_pvc.py b/roles/lib_openshift/src/ansible/oc_pvc.py
index a5181e281..c98d811d6 100644
--- a/roles/lib_openshift/src/ansible/oc_pvc.py
+++ b/roles/lib_openshift/src/ansible/oc_pvc.py
@@ -16,9 +16,9 @@ def main():
name=dict(default=None, required=True, type='str'),
namespace=dict(default=None, required=True, type='str'),
volume_capacity=dict(default='1G', type='str'),
- access_modes=dict(default='ReadWriteOnce',
- choices=['ReadWriteOnce', 'ReadOnlyMany', 'ReadWriteMany'],
- type='str'),
+ storage_class_name=dict(default=None, required=False, type='str'),
+ selector=dict(default=None, required=False, type='dict'),
+ access_modes=dict(default=['ReadWriteOnce'], type='list'),
),
supports_check_mode=True,
)
diff --git a/roles/lib_openshift/src/class/oc_pvc.py b/roles/lib_openshift/src/class/oc_pvc.py
index c73abc47c..6b566c301 100644
--- a/roles/lib_openshift/src/class/oc_pvc.py
+++ b/roles/lib_openshift/src/class/oc_pvc.py
@@ -85,6 +85,8 @@ class OCPVC(OpenShiftCLI):
params['kubeconfig'],
params['access_modes'],
params['volume_capacity'],
+ params['selector'],
+ params['storage_class_name'],
)
oc_pvc = OCPVC(pconfig, verbose=params['debug'])
diff --git a/roles/lib_openshift/src/doc/pvc b/roles/lib_openshift/src/doc/pvc
index 9240f2a0f..268ad0b94 100644
--- a/roles/lib_openshift/src/doc/pvc
+++ b/roles/lib_openshift/src/doc/pvc
@@ -59,6 +59,18 @@ options:
- ReadOnlyMany
- ReadWriteMany
aliases: []
+ storage_class_name:
+ description:
+ - The storage class name for the PVC
+ required: false
+ default: None
+ aliases: []
+ selector:
+ description:
+ - A hash of key/values for the matchLabels
+ required: false
+ default: None
+ aliases: []
author:
- "Kenny Woodson <kwoodson@redhat.com>"
extends_documentation_fragment: []
diff --git a/roles/lib_openshift/src/lib/pvc.py b/roles/lib_openshift/src/lib/pvc.py
index 929b50990..d1e935c32 100644
--- a/roles/lib_openshift/src/lib/pvc.py
+++ b/roles/lib_openshift/src/lib/pvc.py
@@ -11,7 +11,9 @@ class PersistentVolumeClaimConfig(object):
namespace,
kubeconfig,
access_modes=None,
- vol_capacity='1G'):
+ vol_capacity='1G',
+ selector=None,
+ storage_class_name=None):
''' constructor for handling pvc options '''
self.kubeconfig = kubeconfig
self.name = sname
@@ -19,6 +21,8 @@ class PersistentVolumeClaimConfig(object):
self.access_modes = access_modes
self.vol_capacity = vol_capacity
self.data = {}
+ self.selector = selector
+ self.storage_class_name = storage_class_name
self.create_dict()
@@ -36,12 +40,16 @@ class PersistentVolumeClaimConfig(object):
self.data['spec']['accessModes'] = ['ReadWriteOnce']
if self.access_modes:
self.data['spec']['accessModes'] = self.access_modes
+ if self.selector:
+ self.data['spec']['selector'] = {'matchLabels': self.selector}
# storage capacity
self.data['spec']['resources'] = {}
self.data['spec']['resources']['requests'] = {}
self.data['spec']['resources']['requests']['storage'] = self.vol_capacity
+ if self.storage_class_name:
+ self.data['spec']['storageClassName'] = self.storage_class_name
# pylint: disable=too-many-instance-attributes,too-many-public-methods
class PersistentVolumeClaim(Yedit):
@@ -51,13 +59,29 @@ class PersistentVolumeClaim(Yedit):
volume_name_path = "spec.volumeName"
bound_path = "status.phase"
kind = 'PersistentVolumeClaim'
+ selector_path = "spec.selector.matchLabels"
+ storage_class_name_path = "spec.storageClassName"
def __init__(self, content):
- '''RoleBinding constructor'''
+ '''PersistentVolumeClaim constructor'''
super(PersistentVolumeClaim, self).__init__(content=content)
self._access_modes = None
self._volume_capacity = None
self._volume_name = None
+ self._selector = None
+ self._storage_class_name = None
+
+ @property
+ def storage_class_name(self):
+ ''' storage_class_name property '''
+ if self._storage_class_name is None:
+ self._storage_class_name = self.get_storage_class_name()
+ return self._storage_class_name
+
+ @storage_class_name.setter
+ def storage_class_name(self, data):
+ ''' storage_class_name property setter'''
+ self._storage_class_name = data
@property
def volume_name(self):
@@ -72,6 +96,24 @@ class PersistentVolumeClaim(Yedit):
self._volume_name = data
@property
+ def selector(self):
+ ''' selector property '''
+ if self._selector is None:
+ self._selector = self.get_selector()
+ if not isinstance(self._selector, dict):
+ self._selector = dict(self._selector)
+
+ return self._selector
+
+ @selector.setter
+ def selector(self, data):
+ ''' selector property setter'''
+ if not isinstance(data, dict):
+ data = dict(data)
+
+ self._selector = data
+
+ @property
def access_modes(self):
''' access_modes property '''
if self._access_modes is None:
@@ -101,6 +143,14 @@ class PersistentVolumeClaim(Yedit):
''' volume_capacity property setter'''
self._volume_capacity = data
+ def get_storage_class_name(self):
+ '''get storage_class_name'''
+ return self.get(PersistentVolumeClaim.storage_class_name_path) or []
+
+ def get_selector(self):
+ '''get selector'''
+ return self.get(PersistentVolumeClaim.selector_path) or []
+
def get_access_modes(self):
'''get access_modes'''
return self.get(PersistentVolumeClaim.access_modes_path) or []
diff --git a/roles/lib_openshift/src/test/integration/oc_pvc.yml b/roles/lib_openshift/src/test/integration/oc_pvc.yml
new file mode 100755
index 000000000..fb3a4781f
--- /dev/null
+++ b/roles/lib_openshift/src/test/integration/oc_pvc.yml
@@ -0,0 +1,28 @@
+#!/usr/bin/ansible-playbook --module-path=../../../library/
+# ./oc_pvc.yml -e "cli_master_test=$OPENSHIFT_MASTER
+---
+- hosts: "{{ cli_master_test }}"
+ gather_facts: no
+ user: root
+ tasks:
+ - name: create pvc
+ oc_pvc:
+ state: present
+ name: oc-pvc-create-test
+ namespace: default
+ volume_capacity: 3G
+ access_modes:
+ - ReadWriteOnce
+ selector:
+ foo: bar
+ storage_class_name: my-storage-class-name
+ register: pvcout
+ - debug: var=pvcout
+
+ - assert:
+ that:
+ - pvcout.results.results[0]['metadata']['name'] == 'oc-pvc-create-test'
+ - pvcout.results.results[0]['spec']['storageClassName'] == 'my-storage-class-name'
+ - pvcout.results.results[0]['spec']['selector']['matchLabels']['foo'] == 'bar'
+ - pvcout.changed
+ msg: pvc create failed.
diff --git a/roles/lib_openshift/src/test/unit/test_oc_pvc.py b/roles/lib_openshift/src/test/unit/test_oc_pvc.py
index 82187917d..a96f2e4a7 100755
--- a/roles/lib_openshift/src/test/unit/test_oc_pvc.py
+++ b/roles/lib_openshift/src/test/unit/test_oc_pvc.py
@@ -30,6 +30,8 @@ class OCPVCTest(unittest.TestCase):
'name': 'mypvc',
'namespace': 'test',
'volume_capacity': '1G',
+ 'selector': {'foo': 'bar', 'abc': 'a123'},
+ 'storage_class_name': 'mystorage',
'access_modes': 'ReadWriteMany'}
@mock.patch('oc_pvc.Utils.create_tmpfile_copy')
@@ -65,6 +67,13 @@ class OCPVCTest(unittest.TestCase):
"storage": "1Gi"
}
},
+ "selector": {
+ "matchLabels": {
+ "foo": "bar",
+ "abc": "a123"
+ }
+ },
+ "storageClassName": "myStorage",
"volumeName": "pv-aws-ow5vl"
},
"status": {
@@ -93,6 +102,8 @@ class OCPVCTest(unittest.TestCase):
self.assertTrue(results['changed'])
self.assertEqual(results['results']['results'][0]['metadata']['name'], 'mypvc')
+ self.assertEqual(results['results']['results'][0]['spec']['storageClassName'], 'myStorage')
+ self.assertEqual(results['results']['results'][0]['spec']['selector']['matchLabels']['foo'], 'bar')
@mock.patch('oc_pvc.Utils.create_tmpfile_copy')
@mock.patch('oc_pvc.OCPVC._run')
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 49cc51b48..42c4945b4 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -2222,14 +2222,10 @@ class OpenShiftFacts(object):
product_version = self.system_facts['ansible_product_version']
virt_type = self.system_facts['ansible_virtualization_type']
virt_role = self.system_facts['ansible_virtualization_role']
+ bios_vendor = self.system_facts['ansible_system_vendor']
provider = None
metadata = None
- # TODO: this is not exposed through module_utils/facts.py in ansible,
- # need to create PR for ansible to expose it
- bios_vendor = get_file_content( # noqa: F405
- '/sys/devices/virtual/dmi/id/bios_vendor'
- )
if bios_vendor == 'Google':
provider = 'gce'
metadata_url = ('http://metadata.google.internal/'
diff --git a/roles/openshift_health_checker/action_plugins/openshift_health_check.py b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
index 581dd7d15..23da53940 100644
--- a/roles/openshift_health_checker/action_plugins/openshift_health_check.py
+++ b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
@@ -13,6 +13,7 @@ except ImportError:
display = Display()
from ansible.plugins.action import ActionBase
+from ansible.module_utils.six import string_types
# Augment sys.path so that we can import checks from a directory relative to
# this callback plugin.
@@ -39,7 +40,8 @@ class ActionModule(ActionBase):
try:
known_checks = self.load_known_checks(tmp, task_vars)
args = self._task.args
- resolved_checks = resolve_checks(args.get("checks", []), known_checks.values())
+ requested_checks = normalize(args.get('checks', []))
+ resolved_checks = resolve_checks(requested_checks, known_checks.values())
except OpenShiftCheckException as e:
result["failed"] = True
result["msg"] = str(e)
@@ -47,10 +49,7 @@ class ActionModule(ActionBase):
result["checks"] = check_results = {}
- user_disabled_checks = [
- check.strip()
- for check in task_vars.get("openshift_disable_check", "").split(",")
- ]
+ user_disabled_checks = normalize(task_vars.get('openshift_disable_check', []))
for check_name in resolved_checks:
display.banner("CHECK [{} : {}]".format(check_name, task_vars["ansible_host"]))
@@ -134,3 +133,14 @@ def resolve_checks(names, all_checks):
resolved.update(tag_to_checks[tag])
return resolved
+
+
+def normalize(checks):
+ """Return a clean list of check names.
+
+ The input may be a comma-separated string or a sequence. Leading and
+ trailing whitespace characters are removed. Empty items are discarded.
+ """
+ if isinstance(checks, string_types):
+ checks = checks.split(',')
+ return [name.strip() for name in checks if name.strip()]
diff --git a/roles/openshift_health_checker/openshift_checks/logging/logging.py b/roles/openshift_health_checker/openshift_checks/logging/logging.py
index a48e1c728..43ba6c406 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/logging.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/logging.py
@@ -11,6 +11,9 @@ from openshift_checks import OpenShiftCheck, OpenShiftCheckException
class LoggingCheck(OpenShiftCheck):
"""Base class for OpenShift aggregated logging component checks"""
+ # FIXME: this should not be listed as a check, since it is not meant to be
+ # run by itself.
+
name = "logging"
logging_namespace = "logging"
@@ -27,7 +30,7 @@ class LoggingCheck(OpenShiftCheck):
return masters[0] == hostname
def run(self):
- pass
+ return {}
def get_pods_for_component(self, namespace, logging_component):
"""Get all pods for a given component. Returns: list of pods for component, error string"""
diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
index 1304ab8b5..9882b1eb5 100644
--- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml
+++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
@@ -37,3 +37,12 @@
src: hawkular_metrics_role.j2
dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml"
changed_when: no
+
+- name: Set hawkular cluster roles
+ oc_obj:
+ name: hawkular-metrics
+ namespace: "{{ openshift_metrics_hawkular_agent_namespace }}"
+ kind: clusterrole
+ files:
+ - "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml"
+ delete_after: true
diff --git a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
index e9d70f74f..db27680fe 100644
--- a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
+++ b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
@@ -13,3 +13,15 @@
- name: cassandra
secret: hawkular-cassandra-secrets
changed_when: no
+
+- name: Set serviceaccounts for hawkular metrics/cassandra
+ oc_obj:
+ name: "{{ item }}"
+ kind: serviceaccount
+ namespace: "{{ openshift_metrics_hawkular_agent_namespace }}"
+ files:
+ - "{{ mktemp.stdout }}/templates/metrics-{{ item }}-sa.yaml"
+ delete_after: true
+ with_items:
+ - hawkular
+ - cassandra
diff --git a/roles/openshift_node_upgrade/handlers/main.yml b/roles/openshift_node_upgrade/handlers/main.yml
index f26f5d573..d31b899cf 100644
--- a/roles/openshift_node_upgrade/handlers/main.yml
+++ b/roles/openshift_node_upgrade/handlers/main.yml
@@ -29,3 +29,8 @@
when:
- (not skip_node_svc_handlers | default(False) | bool)
- not (node_service_status_changed | default(false) | bool)
+
+# TODO(jchaloup): once it is verified the systemd module works as expected
+# switch to it: http://docs.ansible.com/ansible/latest/systemd_module.html
+- name: reload systemd units
+ command: systemctl daemon-reload
diff --git a/roles/openshift_node_upgrade/tasks/systemd_units.yml b/roles/openshift_node_upgrade/tasks/systemd_units.yml
index e8f017445..9b3805eea 100644
--- a/roles/openshift_node_upgrade/tasks/systemd_units.yml
+++ b/roles/openshift_node_upgrade/tasks/systemd_units.yml
@@ -22,23 +22,27 @@
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service"
src: openshift.docker.node.dep.service
- register: install_node_dep_result
when: openshift.common.is_containerized | bool
+ notify:
+ - reload systemd units
+ - restart node
- name: Install Node docker service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
src: openshift.docker.node.service
- register: install_node_result
when: openshift.common.is_containerized | bool
+ notify:
+ - reload systemd units
+ - restart node
- name: Create the openvswitch service env file
template:
src: openvswitch.sysconfig.j2
dest: /etc/sysconfig/openvswitch
when: openshift.common.is_containerized | bool
- register: install_ovs_sysconfig
notify:
+ - reload systemd units
- restart openvswitch
# May be a temporary workaround.
@@ -52,8 +56,8 @@
dest: "/etc/systemd/system/openvswitch.service.d/01-avoid-oom.conf"
src: openvswitch-avoid-oom.conf
when: openshift.common.use_openshift_sdn | default(true) | bool
- register: install_oom_fix_result
notify:
+ - reload systemd units
- restart openvswitch
- name: Install OpenvSwitch docker service file
@@ -62,6 +66,7 @@
src: openvswitch.docker.service
when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | default(true) | bool
notify:
+ - reload systemd units
- restart openvswitch
- name: Configure Node settings
@@ -96,9 +101,3 @@
when: ('http_proxy' in openshift.common and openshift.common.http_proxy != '')
notify:
- restart node
-
-- name: Reload systemd units
- command: systemctl daemon-reload
- when: (openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed)) or install_oom_fix_result | changed
- notify:
- - restart node
diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml
index a846889ca..8661f33a1 100644
--- a/roles/openshift_storage_glusterfs/defaults/main.yml
+++ b/roles/openshift_storage_glusterfs/defaults/main.yml
@@ -1,6 +1,6 @@
---
openshift_storage_glusterfs_timeout: 300
-openshift_storage_glusterfs_namespace: 'glusterfs'
+openshift_storage_glusterfs_namespace: "{{ 'glusterfs' | quote if glusterfs_is_native or glusterfs_heketi_is_native else 'default' | quote }}"
openshift_storage_glusterfs_is_native: True
openshift_storage_glusterfs_name: 'storage'
openshift_storage_glusterfs_nodeselector: "glusterfs={{ openshift_storage_glusterfs_name }}-host"