diff options
Diffstat (limited to 'roles')
20 files changed, 49 insertions, 135 deletions
diff --git a/roles/lib_openshift/library/oadm_manage_node.py b/roles/lib_openshift/library/oc_adm_manage_node.py index 8bb0538c0..4763331f8 100644 --- a/roles/lib_openshift/library/oadm_manage_node.py +++ b/roles/lib_openshift/library/oc_adm_manage_node.py @@ -54,7 +54,7 @@ from ansible.module_utils.basic import AnsibleModule DOCUMENTATION = ''' --- -module: oadm_manage_node +module: oc_adm_manage_node short_description: Module to manage openshift nodes description: - Manage openshift nodes programmatically. @@ -126,13 +126,13 @@ extends_documentation_fragment: [] EXAMPLES = ''' - name: oadm manage-node --schedulable=true --selector=ops_node=new - oadm_manage_node: + oc_adm_manage_node: selector: ops_node=new schedulable: True register: schedout - name: oadm manage-node my-k8s-node-5 --evacuate - oadm_manage_node: + oc_adm_manage_node: node: my-k8s-node-5 evacuate: True force: True @@ -1369,7 +1369,7 @@ class OpenShiftCLIConfig(object): # -*- -*- -*- End included fragment: lib/base.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: class/oadm_manage_node.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: class/oc_adm_manage_node.py -*- -*- -*- class ManageNodeException(Exception): @@ -1578,9 +1578,9 @@ class ManageNode(OpenShiftCLI): return {'changed': changed, 'results': results, 'state': "present"} -# -*- -*- -*- End included fragment: class/oadm_manage_node.py -*- -*- -*- +# -*- -*- -*- End included fragment: class/oc_adm_manage_node.py -*- -*- -*- -# -*- -*- -*- Begin included fragment: ansible/oadm_manage_node.py -*- -*- -*- +# -*- -*- -*- Begin included fragment: ansible/oc_adm_manage_node.py -*- -*- -*- def main(): @@ -1618,4 +1618,4 @@ def main(): if __name__ == "__main__": main() -# -*- -*- -*- End included fragment: ansible/oadm_manage_node.py -*- -*- -*- +# -*- -*- -*- End included fragment: ansible/oc_adm_manage_node.py -*- -*- -*- diff --git a/roles/lib_openshift/src/ansible/oadm_manage_node.py b/roles/lib_openshift/src/ansible/oc_adm_manage_node.py index b870c1211..b870c1211 100644 --- a/roles/lib_openshift/src/ansible/oadm_manage_node.py +++ b/roles/lib_openshift/src/ansible/oc_adm_manage_node.py diff --git a/roles/lib_openshift/src/class/oadm_manage_node.py b/roles/lib_openshift/src/class/oc_adm_manage_node.py index c07320477..c07320477 100644 --- a/roles/lib_openshift/src/class/oadm_manage_node.py +++ b/roles/lib_openshift/src/class/oc_adm_manage_node.py diff --git a/roles/lib_openshift/src/doc/manage_node b/roles/lib_openshift/src/doc/manage_node index 382377f3e..b651ea4e7 100644 --- a/roles/lib_openshift/src/doc/manage_node +++ b/roles/lib_openshift/src/doc/manage_node @@ -3,7 +3,7 @@ DOCUMENTATION = ''' --- -module: oadm_manage_node +module: oc_adm_manage_node short_description: Module to manage openshift nodes description: - Manage openshift nodes programmatically. @@ -75,13 +75,13 @@ extends_documentation_fragment: [] EXAMPLES = ''' - name: oadm manage-node --schedulable=true --selector=ops_node=new - oadm_manage_node: + oc_adm_manage_node: selector: ops_node=new schedulable: True register: schedout - name: oadm manage-node my-k8s-node-5 --evacuate - oadm_manage_node: + oc_adm_manage_node: node: my-k8s-node-5 evacuate: True force: True diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index f16b3c8de..44a1524b0 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -9,15 +9,15 @@ oc_adm_ca_server_cert.py: - class/oc_adm_ca_server_cert.py - ansible/oc_adm_ca_server_cert.py -oadm_manage_node.py: +oc_adm_manage_node.py: - doc/generated - doc/license - lib/import.py - doc/manage_node - ../../lib_utils/src/class/yedit.py - lib/base.py -- class/oadm_manage_node.py -- ansible/oadm_manage_node.py +- class/oc_adm_manage_node.py +- ansible/oc_adm_manage_node.py oc_adm_policy_user.py: - doc/generated diff --git a/roles/lib_openshift/src/test/integration/oadm_manage_node.yml b/roles/lib_openshift/src/test/integration/oc_adm_manage_node.yml index 3ee13a409..1ed2ef11b 100755 --- a/roles/lib_openshift/src/test/integration/oadm_manage_node.yml +++ b/roles/lib_openshift/src/test/integration/oc_adm_manage_node.yml @@ -1,6 +1,6 @@ #!/usr/bin/ansible-playbook --module-path=../../../library/ # -# ./oadm_manage_node.yml -e "cli_master_test=$OPENSHIFT_MASTER +# ./oc_adm_manage_node.yml -e "cli_master_test=$OPENSHIFT_MASTER --- - hosts: "{{ cli_master_test }}" gather_facts: no @@ -17,7 +17,7 @@ node_to_test: "{{ obj_out['results']['results'][0]['items'][0]['metadata']['name'] }}" - name: list pods from a node - oadm_manage_node: + oc_adm_manage_node: list_pods: True node: - "{{ node_to_test }}" @@ -29,7 +29,7 @@ msg: Pod data was not returned - name: set node to unschedulable - oadm_manage_node: + oc_adm_manage_node: schedulable: False node: - "{{ node_to_test }}" @@ -56,7 +56,7 @@ that: nodeout.results.results[0]['spec']['unschedulable'] - name: set node to schedulable - oadm_manage_node: + oc_adm_manage_node: schedulable: True node: - "{{ node_to_test }}" diff --git a/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py b/roles/lib_openshift/src/test/unit/test_oc_adm_manage_node.py index 27d98b869..312b1ecbb 100755 --- a/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py +++ b/roles/lib_openshift/src/test/unit/test_oc_adm_manage_node.py @@ -1,5 +1,5 @@ ''' - Unit tests for oadm_manage_node + Unit tests for oc_adm_manage_node ''' import os @@ -16,16 +16,16 @@ import mock # place class in our python path module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library') # noqa: E501 sys.path.insert(0, module_path) -from oadm_manage_node import ManageNode, locate_oc_binary # noqa: E402 +from oc_adm_manage_node import ManageNode, locate_oc_binary # noqa: E402 class ManageNodeTest(unittest.TestCase): ''' - Test class for oadm_manage_node + Test class for oc_adm_manage_node ''' - @mock.patch('oadm_manage_node.Utils.create_tmpfile_copy') - @mock.patch('oadm_manage_node.ManageNode.openshift_cmd') + @mock.patch('oc_adm_manage_node.Utils.create_tmpfile_copy') + @mock.patch('oc_adm_manage_node.ManageNode.openshift_cmd') def test_list_pods(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'node': ['ip-172-31-49-140.ec2.internal'], @@ -107,8 +107,8 @@ class ManageNodeTest(unittest.TestCase): # returned 2 pods self.assertTrue(len(results['results']['nodes']['ip-172-31-49-140.ec2.internal']) == 2) - @mock.patch('oadm_manage_node.Utils.create_tmpfile_copy') - @mock.patch('oadm_manage_node.ManageNode.openshift_cmd') + @mock.patch('oc_adm_manage_node.Utils.create_tmpfile_copy') + @mock.patch('oc_adm_manage_node.ManageNode.openshift_cmd') def test_schedulable_false(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'node': ['ip-172-31-49-140.ec2.internal'], diff --git a/roles/openshift_excluder/tasks/disable.yml b/roles/openshift_excluder/tasks/disable.yml index a8deb3eb1..2245c7b21 100644 --- a/roles/openshift_excluder/tasks/disable.yml +++ b/roles/openshift_excluder/tasks/disable.yml @@ -18,9 +18,5 @@ # it the docker excluder is enabled, we install it and in case its status is non-zero # it is enabled no matter what -# Check the current state of all excluders -- include: status.yml - when: with_status_check | default(docker_excluder_on or openshift_excluder_on) | bool - # And finally adjust an excluder in order to update host components correctly - include: adjust.yml diff --git a/roles/openshift_excluder/tasks/main.yml b/roles/openshift_excluder/tasks/main.yml deleted file mode 100644 index 78a3d37cb..000000000 --- a/roles/openshift_excluder/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -include: status.yml diff --git a/roles/openshift_excluder/tasks/status.yml b/roles/openshift_excluder/tasks/status.yml deleted file mode 100644 index 363ccdbea..000000000 --- a/roles/openshift_excluder/tasks/status.yml +++ /dev/null @@ -1,84 +0,0 @@ ---- -- name: Determine if excluder packages are installed - rpm_q: - name: "{{ openshift.common.service_type }}-excluder" - state: present - register: openshift_excluder_installed - failed_when: false - -# docker excluder needs to be enable by default -- name: Determine if docker packages are installed - rpm_q: - name: "{{ openshift.common.service_type }}-docker-excluder" - state: present - register: docker_excluder_installed - failed_when: false - -# The excluder status function returns 0 when everything is excluded -# and 1 if any packages are missing from the exclusions list and outputs a warning to stderr -# # atomic-openshift-excluder status ; echo $? -# exclude -- All packages excluded -# 0 -# # atomic-openshift-excluder unexclude -# # atomic-openshift-excluder status ; echo $? -# unexclude -- At least one package not excluded -# 1 - -- block: - - include: init.yml - - block: - - name: Record openshift excluder status - command: "{{ openshift.common.service_type }}-excluder status" - register: excluder_status - failed_when: false - - # Even though the openshift excluder is enabled - # if the status is non-zero, disabled the excluder - - name: Override openshift excluder enablement if the status is non-zero - set_fact: - disable_openshift_excluder_override: true - when: - - "{{ excluder_status.rc | default(0) != 0 }}" - - - debug: - msg: "Disabling openshift excluder" - when: - - "{{ excluder_status.rc | default(0) != 0 }}" - - when: - - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}" - - "{{ openshift_excluder_on }}" - - - block: - - name: Record docker excluder status - command: "{{ openshift.common.service_type }}-docker-excluder status" - register: docker_excluder_status - failed_when: false - - # If the docker excluder is installed and the status is non-zero - # always enable the docker excluder - - name: Override docker excluder enablement if the status is non-zero - set_fact: - enable_docker_excluder_override: true - when: - - "{{ docker_excluder_status.rc | default(0) != 0 }}" - - - debug: - msg: "Enabling docker excluder" - when: - - "{{ docker_excluder_status.rc | default(0) != 0 }}" - - # As the docker excluder status is not satisfied, - # re-enable entire docker excluder again - # At the same time keep the override set in a case other task would - - name: Enable docker excluder - command: "{{ openshift.common.service_type }}-docker-excluder exclude" - - # Run the docker excluder status even if the excluder is disabled. - # In order to determine of the excluder needs to be enabled. - when: - - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}" - - "{{ docker_excluder_on }}" - - when: - - not openshift.common.is_atomic | bool diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml index 34d980ba9..04fd42cbf 100644 --- a/roles/openshift_logging/defaults/main.yml +++ b/roles/openshift_logging/defaults/main.yml @@ -22,7 +22,7 @@ openshift_logging_curator_ops_cpu_limit: 100m openshift_logging_curator_ops_memory_limit: null openshift_logging_curator_ops_nodeselector: "{{ openshift_hosted_logging_curator_ops_nodeselector | default('') | map_from_pairs }}" -openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' + openshift.common.dns_domain) }}" +openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}" openshift_logging_kibana_cpu_limit: null openshift_logging_kibana_memory_limit: null openshift_logging_kibana_proxy_debug: false @@ -46,7 +46,7 @@ openshift_logging_kibana_key: "" #for the public facing kibana certs openshift_logging_kibana_ca: "" -openshift_logging_kibana_ops_hostname: "{{ openshift_hosted_logging_ops_hostname | default('kibana-ops.' + openshift.common.dns_domain) }}" +openshift_logging_kibana_ops_hostname: "{{ openshift_hosted_logging_ops_hostname | default('kibana-ops.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}" openshift_logging_kibana_ops_cpu_limit: null openshift_logging_kibana_ops_memory_limit: null openshift_logging_kibana_ops_proxy_debug: false @@ -99,7 +99,7 @@ openshift_logging_es_ops_storage_group: "{{ openshift_hosted_logging_elasticsear openshift_logging_es_ops_nodeselector: "{{ openshift_hosted_logging_elasticsearch_ops_nodeselector | default('') | map_from_pairs }}" # storage related defaults -openshift_logging_storage_access_modes: "{{ openshift_hosted_logging_storage_access_modes | default('ReadWriteOnce') }}" +openshift_logging_storage_access_modes: "{{ openshift_hosted_logging_storage_access_modes | default(['ReadWriteOnce']) }}" # following can be uncommented to provide values for configmaps -- take care when providing file contents as it may cause your cluster to not operate correctly diff --git a/roles/openshift_logging/tasks/generate_pvcs.yaml b/roles/openshift_logging/tasks/generate_pvcs.yaml index e1629908f..fa7a86c27 100644 --- a/roles/openshift_logging/tasks/generate_pvcs.yaml +++ b/roles/openshift_logging/tasks/generate_pvcs.yaml @@ -15,8 +15,7 @@ vars: obj_name: "{{claim_name}}" size: "{{es_pvc_size}}" - access_modes: - - "{{ es_access_modes }}" + access_modes: "{{ es_access_modes | list }}" pv_selector: "{{es_pv_selector}}" with_items: - "{{es_pvc_pool | default([])}}" @@ -35,8 +34,7 @@ annotations: volume.alpha.kubernetes.io/storage-class: "dynamic" size: "{{es_pvc_size}}" - access_modes: - - "{{ es_access_modes }}" + access_modes: "{{ es_access_modes | list }}" pv_selector: "{{es_pv_selector}}" with_items: - "{{es_pvc_pool|default([])}}" diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml index 0f8e7ae58..f396bcc6d 100644 --- a/roles/openshift_logging/tasks/generate_secrets.yaml +++ b/roles/openshift_logging/tasks/generate_secrets.yaml @@ -31,8 +31,6 @@ - fluentd loop_control: loop_var: component - when: secret_name not in openshift_logging_facts.{{component}}.secrets or - secret_keys | difference(openshift_logging_facts.{{component}}.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no @@ -50,8 +48,6 @@ kibana_key_file: "{{key_pairs | entry_from_named_pair('kibana_internal_key')| b64decode }}" kibana_cert_file: "{{key_pairs | entry_from_named_pair('kibana_internal_cert')| b64decode }}" server_tls_file: "{{key_pairs | entry_from_named_pair('server_tls')| b64decode }}" - when: secret_name not in openshift_logging_facts.kibana.secrets or - secret_keys | difference(openshift_logging_facts.kibana.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no @@ -66,8 +62,6 @@ secret_name: logging-elasticsearch secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key", "searchguard.truststore"] register: logging_es_secret - when: secret_name not in openshift_logging_facts.elasticsearch.secrets or - secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_elasticsearch.yaml b/roles/openshift_logging/tasks/install_elasticsearch.yaml index 086f9e33f..1b750bcbe 100644 --- a/roles/openshift_logging/tasks/install_elasticsearch.yaml +++ b/roles/openshift_logging/tasks/install_elasticsearch.yaml @@ -2,8 +2,13 @@ - name: Getting current ES deployment size set_fact: openshift_logging_current_es_size={{ openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | length }} +- set_fact: openshift_logging_es_pvc_prefix="logging-es" + when: "not openshift_logging_es_pvc_prefix or openshift_logging_es_pvc_prefix == ''" + - set_fact: es_pvc_pool={{[]}} +- set_fact: openshift_logging_es_pvc_prefix="{{ openshift_logging_es_pvc_prefix | default('logging-es') }}" + - name: Generate PersistentVolumeClaims include: "{{ role_path}}/tasks/generate_pvcs.yaml" vars: @@ -58,6 +63,8 @@ - name: Getting current ES deployment size set_fact: openshift_logging_current_es_ops_size={{ openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | length }} +- set_fact: openshift_logging_es_ops_pvc_prefix="{{ openshift_logging_es_ops_pvc_prefix | default('logging-es-ops') }}" + - name: Validate Elasticsearch cluster size for Ops fail: msg="The openshift_logging_es_ops_cluster_size may not be scaled down more than 1 less (or 0) the number of Elasticsearch nodes already deployed" vars: @@ -68,6 +75,9 @@ - "{{es_dcs | length - openshift_logging_es_ops_cluster_size|int | abs > 1}}" check_mode: no +- set_fact: openshift_logging_es_ops_pvc_prefix="logging-es-ops" + when: "not openshift_logging_es_ops_pvc_prefix or openshift_logging_es_ops_pvc_prefix == ''" + - set_fact: es_pvc_pool={{[]}} - name: Generate PersistentVolumeClaims for Ops diff --git a/roles/openshift_logging/templates/pvc.j2 b/roles/openshift_logging/templates/pvc.j2 index f19a3a750..07d81afff 100644 --- a/roles/openshift_logging/templates/pvc.j2 +++ b/roles/openshift_logging/templates/pvc.j2 @@ -1,7 +1,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{obj_name}} + name: "{{obj_name}}" labels: logging-infra: support {% if annotations is defined %} diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 9a883feed..f67aee88b 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -39,7 +39,7 @@ delegate_to: "{{ openshift_master_host }}" - name: Set node schedulability - oadm_manage_node: + oc_adm_manage_node: node: "{{ openshift.node.nodename | lower }}" schedulable: "{{ 'true' if openshift.node.schedulable | bool else 'false' }}" retries: 10 diff --git a/roles/openshift_metrics/defaults/main.yaml b/roles/openshift_metrics/defaults/main.yaml index db4a0e1fc..5921b7bb7 100644 --- a/roles/openshift_metrics/defaults/main.yaml +++ b/roles/openshift_metrics/defaults/main.yaml @@ -47,7 +47,7 @@ openshift_metrics_node_id: nodename openshift_metrics_project: openshift-infra openshift_metrics_cassandra_pvc_prefix: "{{ openshift_hosted_metrics_storage_volume_name | default('metrics-cassandra') }}" -openshift_metrics_cassandra_pvc_access: "{{ openshift_hosted_metrics_storage_access_modes | default('ReadWriteOnce') }}" +openshift_metrics_cassandra_pvc_access: "{{ openshift_hosted_metrics_storage_access_modes | default(['ReadWriteOnce']) }}" openshift_metrics_hawkular_user_write_access: False diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml index 66c81562b..a467c1a51 100644 --- a/roles/openshift_metrics/tasks/install_cassandra.yaml +++ b/roles/openshift_metrics/tasks/install_cassandra.yaml @@ -22,6 +22,9 @@ with_sequence: count={{ openshift_metrics_cassandra_replicas }} changed_when: false +- set_fact: openshift_metrics_cassandra_pvc_prefix="hawkular-metrics" + when: "not openshift_metrics_cassandra_pvc_prefix or openshift_metrics_cassandra_pvc_prefix == ''" + - name: generate hawkular-cassandra persistent volume claims template: src: pvc.j2 @@ -30,8 +33,7 @@ obj_name: "{{ openshift_metrics_cassandra_pvc_prefix }}-{{ item }}" labels: metrics-infra: hawkular-cassandra - access_modes: - - "{{ openshift_metrics_cassandra_pvc_access }}" + access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}" size: "{{ openshift_metrics_cassandra_pvc_size }}" with_sequence: count={{ openshift_metrics_cassandra_replicas }} when: @@ -49,8 +51,7 @@ metrics-infra: hawkular-cassandra annotations: volume.alpha.kubernetes.io/storage-class: dynamic - access_modes: - - "{{ openshift_metrics_cassandra_pvc_access }}" + access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}" size: "{{ openshift_metrics_cassandra_pvc_size }}" with_sequence: count={{ openshift_metrics_cassandra_replicas }} when: openshift_metrics_cassandra_storage_type == 'dynamic' diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2 index 8fbfa8b5d..885dd368d 100644 --- a/roles/openshift_metrics/templates/pvc.j2 +++ b/roles/openshift_metrics/templates/pvc.j2 @@ -1,7 +1,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{obj_name}} + name: "{{obj_name}}" {% if labels is not defined %} labels: logging-infra: support diff --git a/roles/openshift_metrics/vars/main.yaml b/roles/openshift_metrics/vars/main.yaml index 4a3724e3f..47aa76dd2 100644 --- a/roles/openshift_metrics/vars/main.yaml +++ b/roles/openshift_metrics/vars/main.yaml @@ -8,3 +8,4 @@ openshift_metrics_cassandra_storage_types: - emptydir - pv - dynamic +- nfs |