From 8b413a823fefe8110f20a05d01d0f131f9fb684c Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 17 Jun 2015 10:58:42 -0400 Subject: Add links to style guide, best practices in README.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 2bdaefd4c..8de0e75a6 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,9 @@ This repo contains OpenShift Ansible code. - [roles/](roles) - shareable Ansible tasks ##Contributing +- [Best Practices Guide](docs/best_practices_guide.adoc) +- [Core Concepts](docs/core_concepts_guide.adoc) +- [Style Guide](docs/style_guide.adoc) ###Feature Roadmap Our Feature Roadmap is available on the OpenShift Origin Infrastructure [Trello board](https://trello.com/b/nbkIrqKa/openshift-origin-infrastructure). All ansible items will be tagged with [installv3]. -- cgit v1.2.3 From 3795fd4e38297ca00c7d67b8649ddbeec819d87d Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Mon, 27 Jul 2015 12:24:06 -0400 Subject: Bug 1246458 - dnsIP does not point to cluster IP https://bugzilla.redhat.com/show_bug.cgi?id=1246458 - Previously when configuring an HA cluster for multi-master the dns ip in the node config was pointing only to the first master instead of the cluster ip. --- roles/openshift_master/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 057daabf9..ec7cee33b 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -59,7 +59,7 @@ openshift_facts: role: dns local_facts: - ip: "{{ openshift.common.ip }}" + ip: "{{ openshift_master_cluster_vip | default(openshift.common.ip, true) | default(None) }}" domain: cluster.local when: openshift.master.embedded_dns -- cgit v1.2.3 From 7aeadcf61aef6256962a4859f4753b69c8fccc0f Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 29 Jul 2015 16:46:00 -0400 Subject: Set loglevel=2 as our default across the board --- playbooks/aws/openshift-cluster/config.yml | 2 +- playbooks/byo/openshift-cluster/config.yml | 2 +- playbooks/gce/openshift-cluster/config.yml | 2 +- playbooks/libvirt/openshift-cluster/config.yml | 2 +- playbooks/openstack/openshift-cluster/config.yml | 2 +- roles/openshift_common/README.md | 2 +- roles/openshift_common/defaults/main.yml | 2 +- roles/openshift_common/tasks/main.yml | 2 +- roles/openshift_master/README.md | 2 +- roles/openshift_node/README.md | 4 ++-- roles/openshift_registry/README.md | 3 +-- roles/openshift_router/README.md | 3 +-- 12 files changed, 13 insertions(+), 15 deletions(-) diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 8106d5da9..a8e3e27bb 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -17,7 +17,7 @@ g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 + openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index 2ee1d50a7..9e50a4a18 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -5,5 +5,5 @@ g_masters_group: "{{ 'masters' }}" g_nodes_group: "{{ 'nodes' }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 4 + openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 219ebe6a0..fd5dfcc72 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -19,6 +19,6 @@ g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 + openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index 98fe11251..c208eee81 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -20,5 +20,5 @@ g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 + openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index 3c9a231e3..a5ee2d6a5 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -15,6 +15,6 @@ g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 + openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" diff --git a/roles/openshift_common/README.md b/roles/openshift_common/README.md index eb4ef26e8..4d64b7e63 100644 --- a/roles/openshift_common/README.md +++ b/roles/openshift_common/README.md @@ -15,7 +15,7 @@ Role Variables | Name | Default value | | |---------------------------|-------------------|---------------------------------------------| | openshift_cluster_id | default | Cluster name if multiple OpenShift clusters | -| openshift_debug_level | 0 | Global openshift debug log verbosity | +| openshift_debug_level | 2 | Global openshift debug log verbosity | | openshift_hostname | UNDEF | Internal hostname to use for this host (this value will set the hostname on the system) | | openshift_ip | UNDEF | Internal IP address to use for this host | | openshift_public_hostname | UNDEF | Public hostname to use for this host | diff --git a/roles/openshift_common/defaults/main.yml b/roles/openshift_common/defaults/main.yml index 4d3e0fe9e..267c03605 100644 --- a/roles/openshift_common/defaults/main.yml +++ b/roles/openshift_common/defaults/main.yml @@ -1,3 +1,3 @@ --- openshift_cluster_id: 'default' -openshift_debug_level: 0 +openshift_debug_level: 2 diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index a7c565067..09cc4aaf7 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -4,7 +4,7 @@ role: common local_facts: cluster_id: "{{ openshift_cluster_id | default('default') }}" - debug_level: "{{ openshift_debug_level | default(0) }}" + debug_level: "{{ openshift_debug_level | default(2) }}" hostname: "{{ openshift_hostname | default(None) }}" ip: "{{ openshift_ip | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" diff --git a/roles/openshift_master/README.md b/roles/openshift_master/README.md index 19f77d145..0e7ef3aab 100644 --- a/roles/openshift_master/README.md +++ b/roles/openshift_master/README.md @@ -28,7 +28,7 @@ From this role: From openshift_common: | Name | Default Value | | |-------------------------------|----------------|----------------------------------------| -| openshift_debug_level | 0 | Global openshift debug log verbosity | +| openshift_debug_level | 2 | Global openshift debug log verbosity | | openshift_public_ip | UNDEF | Public IP address to use for this host | | openshift_hostname | UNDEF | hostname to use for this instance | diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md index 5edb3b8dd..0ba1eca93 100644 --- a/roles/openshift_node/README.md +++ b/roles/openshift_node/README.md @@ -20,9 +20,9 @@ From this role: | oreg_url | UNDEF (Optional) | Default docker registry to use | From openshift_common: -| Name | Default Value | | +| Name | Default Value | | |-------------------------------|---------------------|---------------------| -| openshift_debug_level | 0 | Global openshift debug log verbosity | +| openshift_debug_level | 2 | Global openshift debug log verbosity | | openshift_public_ip | UNDEF (Required) | Public IP address to use for this host | | openshift_hostname | UNDEF (Required) | hostname to use for this instance | diff --git a/roles/openshift_registry/README.md b/roles/openshift_registry/README.md index ec3b4a10b..8e66c483b 100644 --- a/roles/openshift_registry/README.md +++ b/roles/openshift_registry/README.md @@ -21,7 +21,7 @@ From openshift_common: | Name | Default value | | |-----------------------|---------------|--------------------------------------| -| openshift_debug_level | 0 | Global openshift debug log verbosity | +| openshift_debug_level | 2 | Global openshift debug log verbosity | Dependencies @@ -41,4 +41,3 @@ Author Information ------------------ Red Hat openshift@redhat.com - diff --git a/roles/openshift_router/README.md b/roles/openshift_router/README.md index 6d8ee25c6..836efc443 100644 --- a/roles/openshift_router/README.md +++ b/roles/openshift_router/README.md @@ -19,7 +19,7 @@ From this role: From openshift_common: | Name | Default value | | |-----------------------|---------------|--------------------------------------| -| openshift_debug_level | 0 | Global openshift debug log verbosity | +| openshift_debug_level | 2 | Global openshift debug log verbosity | Dependencies ------------ @@ -38,4 +38,3 @@ Author Information ------------------ Red Hat openshift@redhat.com - -- cgit v1.2.3 From efa4f524208978cf1eb16d4da5ec1f6b79fe2501 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Fri, 31 Jul 2015 13:42:39 -0400 Subject: docker-buildvm-rhose is dead Both the original and the new hosts are both internal hosts used only for testing of un-released content. One should not expect to use these outside of Red Hat. --- README_OSE.md | 6 +++--- inventory/byo/hosts.example | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README_OSE.md b/README_OSE.md index 31173e5d6..cce1ec030 100644 --- a/README_OSE.md +++ b/README_OSE.md @@ -80,7 +80,7 @@ ansible_ssh_user=root deployment_type=enterprise # Pre-release registry URL -oreg_url=docker-buildvm-rhose.usersys.redhat.com:5000/openshift3/ose-${component}:${version} +oreg_url=rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version} # Pre-release additional repo openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', @@ -121,7 +121,7 @@ On the master host: ```sh oadm router --create=true \ --credentials=/etc/openshift/master/openshift-router.kubeconfig \ - --images='docker-buildvm-rhose.usersys.redhat.com:5000/openshift3/ose-${component}:${version}' + --images='rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version}' ``` #### Create the default docker-registry @@ -129,7 +129,7 @@ On the master host: ```sh oadm registry --create=true \ --credentials=/etc/openshift/master/openshift-registry.kubeconfig \ - --images='docker-buildvm-rhose.usersys.redhat.com:5000/openshift3/ose-${component}:${version}' \ + --images='rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version}' \ --mount-host=/var/lib/openshift/docker-registry ``` diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 56f4da5a2..513a843ef 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -21,7 +21,7 @@ ansible_ssh_user=root deployment_type=enterprise # Pre-release registry URL -#oreg_url=docker-buildvm-rhose.usersys.redhat.com:5000/openshift3/ose-${component}:${version} +#oreg_url=rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version} # Pre-release Dev puddle repo #openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] -- cgit v1.2.3 From 8e04a1650d54afb813f9b48b9deaa76b1aab3903 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pep=20Turr=C3=B3=20Mauri?= Date: Sun, 2 Aug 2015 14:06:02 +0200 Subject: Fine tune RHEL repos Disable all repos before explicitly enabling the expected ones: sometimes active repos might be polluted (e.g. depending on the result of rhsm auto-attach). Enable Extras and Optional repos. --- roles/rhel_subscribe/tasks/enterprise.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml index fc4d44745..26ca5d807 100644 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ b/roles/rhel_subscribe/tasks/enterprise.yml @@ -1,5 +1,10 @@ --- +- name: Disable all repositories + command: subscription-manager repos --disable="*" + - name: Enable RHEL repositories command: subscription-manager repos \ --enable="rhel-7-server-rpms" \ + --enable="rhel-7-server-extras-rpms" \ + --enable="rhel-7-server-optional-rpms" \ --enable="rhel-7-server-ose-3.0-rpms" -- cgit v1.2.3 From b85398688f1f34721826da61e56d84a05269cfb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pep=20Turr=C3=B3=20Mauri?= Date: Wed, 12 Aug 2015 15:15:47 +0100 Subject: Remove the 'optional' repository --- roles/rhel_subscribe/tasks/enterprise.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml index 26ca5d807..e9e6e4bd4 100644 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ b/roles/rhel_subscribe/tasks/enterprise.yml @@ -6,5 +6,4 @@ command: subscription-manager repos \ --enable="rhel-7-server-rpms" \ --enable="rhel-7-server-extras-rpms" \ - --enable="rhel-7-server-optional-rpms" \ --enable="rhel-7-server-ose-3.0-rpms" -- cgit v1.2.3 From e1382004e4c6e255878c0ca2b4621c901fba9225 Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Wed, 12 Aug 2015 20:05:11 -0300 Subject: Configure Fluentd --- inventory/byo/hosts.example | 3 +++ roles/openshift_common/tasks/main.yml | 1 + roles/openshift_facts/library/openshift_facts.py | 3 +-- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 629956d0e..f391475ca 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -38,6 +38,9 @@ deployment_type=enterprise # Allow all auth #openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] +# Configure Fluentd +#use_fluentd=true + # master cluster ha variables using pacemaker or RHEL HA #openshift_master_cluster_password=openshift_cluster #openshift_master_cluster_vip=192.168.133.25 diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index a7c565067..e4d616067 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -12,6 +12,7 @@ use_openshift_sdn: "{{ openshift_use_openshift_sdn | default(None) }}" sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" + use_fluentd: "{{ openshift_use_fluentd | default(None) }}" - name: Set hostname hostname: name={{ openshift.common.hostname }} diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 4e0989c5f..7e74f9617 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -317,9 +317,8 @@ def set_fluentd_facts_if_unset(facts): """ if 'common' in facts: - deployment_type = facts['common']['deployment_type'] if 'use_fluentd' not in facts['common']: - use_fluentd = True if deployment_type == 'online' else False + use_fluentd = False facts['common']['use_fluentd'] = use_fluentd return facts -- cgit v1.2.3 From a2e27c5925954ce04fca9c891099a6146a418222 Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Thu, 13 Aug 2015 12:19:20 -0300 Subject: Configure cluster metrics Playbook based on https://docs.openshift.org/latest/admin_guide/cluster_metrics.html. --- playbooks/common/openshift-master/config.yml | 2 + .../files/cluster-metrics/grafana.yaml | 53 +++++++++++++++++ .../cluster-metrics/heapster-serviceaccount.yaml | 4 ++ .../files/cluster-metrics/heapster.yaml | 30 ++++++++++ .../files/cluster-metrics/influxdb.yaml | 67 ++++++++++++++++++++++ roles/openshift_cluster_metrics/tasks/main.yml | 50 ++++++++++++++++ roles/openshift_facts/library/openshift_facts.py | 19 ++++++ roles/openshift_node/defaults/main.yml | 4 ++ roles/openshift_node/templates/node.yaml.v1.j2 | 1 + .../templates/partials/kubeletArguments.j2 | 5 ++ 10 files changed, 235 insertions(+) create mode 100644 roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml create mode 100644 roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml create mode 100644 roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml create mode 100644 roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml create mode 100644 roles/openshift_cluster_metrics/tasks/main.yml create mode 100644 roles/openshift_node/templates/partials/kubeletArguments.j2 diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 904ad2dab..acf85fc04 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -215,6 +215,8 @@ - role: openshift_master_cluster when: openshift_master_ha | bool - openshift_examples + - role: openshift_cluster_metrics + when: openshift.common.use_cluster_metrics | bool # Additional instance config for online deployments - name: Additional instance config diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml new file mode 100644 index 000000000..bff422efc --- /dev/null +++ b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml @@ -0,0 +1,53 @@ +apiVersion: "v1" +kind: "List" +items: + - + apiVersion: "v1" + kind: "Service" + metadata: + labels: + provider: "fabric8" + component: "grafana" + name: "grafana" + spec: + ports: + - + port: 80 + targetPort: "http" + selector: + provider: "fabric8" + component: "grafana" + - + apiVersion: "v1" + kind: "ReplicationController" + metadata: + labels: + provider: "fabric8" + component: "grafana" + name: "grafana" + spec: + replicas: 1 + selector: + provider: "fabric8" + component: "grafana" + template: + metadata: + labels: + provider: "fabric8" + component: "grafana" + spec: + containers: + - + env: + - + name: "INFLUXDB_SERVICE_NAME" + value: "INFLUXDB_MONITORING" + - + name: "GRAFANA_DEFAULT_DASHBOARD" + value: "/dashboard/file/kubernetes.json" + image: "fabric8/grafana:1.9.1_2" + name: "grafana" + ports: + - + containerPort: 3000 + name: "http" \ No newline at end of file diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml new file mode 100644 index 000000000..1de2ad699 --- /dev/null +++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: heapster \ No newline at end of file diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml new file mode 100644 index 000000000..83e314074 --- /dev/null +++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml @@ -0,0 +1,30 @@ +apiVersion: "v1" +kind: "List" +items: + - + apiVersion: "v1" + kind: "ReplicationController" + metadata: + labels: + provider: "fabric8" + component: "heapster" + name: "heapster" + spec: + replicas: 1 + selector: + provider: "fabric8" + component: "heapster" + template: + metadata: + labels: + provider: "fabric8" + component: "heapster" + spec: + containers: + - + args: + - "-source=kubernetes:https://kubernetes.default.svc.cluster.local?auth=&insecure=true&useServiceAccount=true" + - "-sink=influxdb:http://influxdb-monitoring.default.svc.cluster.local:8086" + image: "kubernetes/heapster:V0.14.2" + name: "heapster" + serviceAccount: "heapster" \ No newline at end of file diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml new file mode 100644 index 000000000..6f67c3d7c --- /dev/null +++ b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml @@ -0,0 +1,67 @@ +apiVersion: "v1" +kind: "List" +items: + - + apiVersion: "v1" + kind: "Service" + metadata: + labels: + provider: "fabric8" + component: "influxdb-monitoring" + name: "influxdb-monitoring" + spec: + ports: + - + port: 8086 + targetPort: "http" + selector: + provider: "fabric8" + component: "influxdb-monitoring" + - + apiVersion: "v1" + kind: "ReplicationController" + metadata: + labels: + provider: "fabric8" + component: "influxdb-monitoring" + name: "influxdb-monitoring" + spec: + replicas: 1 + selector: + provider: "fabric8" + component: "influxdb-monitoring" + template: + metadata: + labels: + provider: "fabric8" + component: "influxdb-monitoring" + spec: + containers: + - + env: + - + name: "PRE_CREATE_DB" + value: "k8s;grafana" + image: "fabric8/influxdb:0.8.8" + name: "influxdb" + ports: + - + containerPort: 8090 + name: "raft" + - + containerPort: 8099 + name: "protobuf" + - + containerPort: 8083 + name: "admin" + - + containerPort: 8086 + name: "http" + volumeMounts: + - + mountPath: "/data" + name: "influxdb-data" + volumes: + - + emptyDir: + name: "influxdb-data" \ No newline at end of file diff --git a/roles/openshift_cluster_metrics/tasks/main.yml b/roles/openshift_cluster_metrics/tasks/main.yml new file mode 100644 index 000000000..3938aba4c --- /dev/null +++ b/roles/openshift_cluster_metrics/tasks/main.yml @@ -0,0 +1,50 @@ +--- + +- name: Install cluster metrics templates + copy: + src: cluster-metrics + dest: /etc/openshift/ + +- name: Create InfluxDB Services + command: > + {{ openshift.common.client_binary }} create -f + /etc/openshift/cluster-metrics/influxdb.yaml + register: oex_influxdb_services + failed_when: "'already exists' not in oex_influxdb_services.stderr and oex_influxdb_services.rc != 0" + changed_when: false + +- name: Create Heapster Service Account + command: > + {{ openshift.common.client_binary }} create -f + /etc/openshift/cluster-metrics/heapster-serviceaccount.yaml + register: oex_heapster_serviceaccount + failed_when: "'already exists' not in oex_heapster_serviceaccount.stderr and oex_heapster_serviceaccount.rc != 0" + changed_when: false + +- name: Add cluster-reader role to Heapster + command: > + {{ openshift.common.admin_binary }} policy + add-cluster-role-to-user + cluster-reader + system:serviceaccount:default:heapster + register: oex_cluster_header_role + register: oex_cluster_header_role + failed_when: "'already exists' not in oex_cluster_header_role.stderr and oex_cluster_header_role.rc != 0" + changed_when: false + +- name: Create Heapster Services + command: > + {{ openshift.common.client_binary }} create -f + /etc/openshift/cluster-metrics/heapster.yaml + register: oex_heapster_services + failed_when: "'already exists' not in oex_heapster_services.stderr and oex_heapster_services.rc != 0" + changed_when: false + +- name: Create Grafana Services + command: > + {{ openshift.common.client_binary }} create -f + /etc/openshift/cluster-metrics/grafana.yaml + register: oex_grafana_services + failed_when: "'already exists' not in oex_grafana_services.stderr and oex_grafana_services.rc != 0" + changed_when: false + diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 4e0989c5f..c1c4e1b5c 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -323,6 +323,24 @@ def set_fluentd_facts_if_unset(facts): facts['common']['use_fluentd'] = use_fluentd return facts +def set_cluster_metrics_facts_if_unset(facts): + """ Set cluster metrics facts if not already present in facts dict + dict: the facts dict updated with the generated cluster metrics facts if + missing + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated cluster metrics + facts if they were not already present + + """ + if 'common' in facts: + deployment_type = facts['common']['deployment_type'] + if 'use_cluster_metrics' not in facts['common']: + use_cluster_metrics = True if deployment_type == 'origin' else False + facts['common']['use_cluster_metrics'] = use_cluster_metrics + return facts + def set_identity_providers_if_unset(facts): """ Set identity_providers fact if not already present in facts dict @@ -700,6 +718,7 @@ class OpenShiftFacts(object): facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) + facts = set_cluster_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_registry_url_if_unset(facts) facts = set_sdn_facts_if_unset(facts) diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index be51195f2..1dbcc4301 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -6,3 +6,7 @@ os_firewall_allow: port: 80/tcp - service: https port: 443/tcp +- service: Openshift kubelet ReadOnlyPort + port: 10255/tcp +- service: Openshift kubelet ReadOnlyPort udp + port: 10255/udp diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 7778a2a61..a0a7e5098 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -18,3 +18,4 @@ servingInfo: clientCA: ca.crt keyFile: server.key volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes +{% include 'partials/kubeletArguments.j2' %} \ No newline at end of file diff --git a/roles/openshift_node/templates/partials/kubeletArguments.j2 b/roles/openshift_node/templates/partials/kubeletArguments.j2 new file mode 100644 index 000000000..6c3bd04c5 --- /dev/null +++ b/roles/openshift_node/templates/partials/kubeletArguments.j2 @@ -0,0 +1,5 @@ +{% if openshift.common.use_cluster_metrics | bool %} +kubeletArguments: + "read-only-port": + - "10255" +{% endif %} \ No newline at end of file -- cgit v1.2.3 From de1b53a67d22e2e2e5fa833992d1337d49792507 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 13 Aug 2015 16:45:25 -0400 Subject: Updated to show private ips when doing a list --- bin/oscp | 4 ++-- bin/ossh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/bin/oscp b/bin/oscp index 91fc45cd3..89e90a36a 100755 --- a/bin/oscp +++ b/bin/oscp @@ -167,7 +167,7 @@ class Oscp(object): name = server_info['ec2_tag_Name'] ec2_id = server_info['ec2_id'] ip = server_info['ec2_ip_address'] - print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address}'.format(**server_info) + print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address:<18} {ec2_private_ip_address}'.format(**server_info) if limit: print @@ -180,7 +180,7 @@ class Oscp(object): name = server_info['ec2_tag_Name'] ec2_id = server_info['ec2_id'] ip = server_info['ec2_ip_address'] - print '{ec2_tag_Name:<35} {ec2_tag_environment:<5} {ec2_id:<15} {ec2_ip_address}'.format(**server_info) + print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address:<18} {ec2_private_ip_address}'.format(**server_info) def scp(self): '''scp files to or from a specified host diff --git a/bin/ossh b/bin/ossh index 2ed033305..b6738ee76 100755 --- a/bin/ossh +++ b/bin/ossh @@ -156,7 +156,7 @@ class Ossh(object): name = server_info['ec2_tag_Name'] ec2_id = server_info['ec2_id'] ip = server_info['ec2_ip_address'] - print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address}'.format(**server_info) + print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address:<18} {ec2_private_ip_address}'.format(**server_info) if limit: print @@ -169,7 +169,7 @@ class Ossh(object): name = server_info['ec2_tag_Name'] ec2_id = server_info['ec2_id'] ip = server_info['ec2_ip_address'] - print '{ec2_tag_Name:<35} {ec2_tag_environment:<5} {ec2_id:<15} {ec2_ip_address}'.format(**server_info) + print '{ec2_tag_Name:<35} {ec2_tag_environment:<8} {ec2_id:<15} {ec2_ip_address:<18} {ec2_private_ip_address}'.format(**server_info) def ssh(self): '''SSH to a specified host -- cgit v1.2.3 From 4fbdbe08f2560073a8b30801325d63f8de3cb9d6 Mon Sep 17 00:00:00 2001 From: Aaron Weitekamp Date: Wed, 8 Jul 2015 17:35:21 -0400 Subject: add RHEL7 Dockerfile This Dockerfile packages ansible and the playbook as a container image. It's a proof of concept as it makes some assumptions: - bindmounts private key ~/.ssh/id_rsa - default cmd executes the byo playbook --- Dockerfile | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..7fac1f0c2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM rhel7 + +MAINTAINER Aaron Weitekamp + +RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm + +# Not sure if all of these packages are necessary +# only git and ansible are known requirements +RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils tmux git ansible + +# Not sure if this repo is required +RUN curl -o /etc/yum.repos.d/atomic-enterprise.repo http://mirror.ops.rhcloud.com/atomic/mirror/.atomic-enterprise-early-1/atomic-enterprise.repo + +RUN git clone https://github.com/projectatomic/atomic-enterprise-training.git \ + /opt/training && \ + git clone https://github.com/projectatomic/atomic-enterprise-ansible.git \ + /opt/atomic-enterprise-ansible + +CMD ansible-playbook /opt/atomic-enterprise-ansible/playbooks/byo/config.yml + +LABEL RUN docker run -it --rm --net=host -v ~/.ssh/id_rsa:/root/.ssh/id_rsa -v /etc/ansible/hosts:/etc/ansible/hosts --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE + -- cgit v1.2.3 From 4fc01f5d73547da931f8ab822a3709e94280d7b1 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Wed, 12 Aug 2015 17:30:52 -0400 Subject: Changes to Dockerfile to make it work with openshift-ansible and also added privileged flag to allow sharing host network and host dirs. --- Dockerfile | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7fac1f0c2..7fca42b9b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,15 +8,8 @@ RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.no # only git and ansible are known requirements RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils tmux git ansible -# Not sure if this repo is required -RUN curl -o /etc/yum.repos.d/atomic-enterprise.repo http://mirror.ops.rhcloud.com/atomic/mirror/.atomic-enterprise-early-1/atomic-enterprise.repo +RUN git clone https://github.com/openshift/openshift-ansible.git /opt/openshift-ansible -RUN git clone https://github.com/projectatomic/atomic-enterprise-training.git \ - /opt/training && \ - git clone https://github.com/projectatomic/atomic-enterprise-ansible.git \ - /opt/atomic-enterprise-ansible - -CMD ansible-playbook /opt/atomic-enterprise-ansible/playbooks/byo/config.yml - -LABEL RUN docker run -it --rm --net=host -v ~/.ssh/id_rsa:/root/.ssh/id_rsa -v /etc/ansible/hosts:/etc/ansible/hosts --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE +CMD ansible-playbook /opt/openshift-ansible/playbooks/byo/config.yml +LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible/hosts:/etc/ansible/hosts --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE -- cgit v1.2.3 From 20814f5f16800dbf7956ccf8aa16eb972aeade1c Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Thu, 13 Aug 2015 18:17:11 -0400 Subject: Added README_ANSIBLE.md file that contains instructions to build and run ansible in a docker container, and also modified Dockerfile to replace CMD with ENTRYPOINT to run the container as executable. --- Dockerfile | 15 --------------- README_ANSIBLE.md | 18 ++++++++++++++++++ ansible-container/Dockerfile | 15 +++++++++++++++ 3 files changed, 33 insertions(+), 15 deletions(-) delete mode 100644 Dockerfile create mode 100644 README_ANSIBLE.md create mode 100644 ansible-container/Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 7fca42b9b..000000000 --- a/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM rhel7 - -MAINTAINER Aaron Weitekamp - -RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm - -# Not sure if all of these packages are necessary -# only git and ansible are known requirements -RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils tmux git ansible - -RUN git clone https://github.com/openshift/openshift-ansible.git /opt/openshift-ansible - -CMD ansible-playbook /opt/openshift-ansible/playbooks/byo/config.yml - -LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible/hosts:/etc/ansible/hosts --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE diff --git a/README_ANSIBLE.md b/README_ANSIBLE.md new file mode 100644 index 000000000..19e32d342 --- /dev/null +++ b/README_ANSIBLE.md @@ -0,0 +1,18 @@ +# Running ansible in a docker container +* Building ansible container: + + ```sh + git clone https://github.com/openshift/openshift-ansible.git + cd openshift-ansible/ansible-container + docker build --rm -t ansible . + ``` +* Create /etc/ansible directory on the host machine and copy inventory file (hosts) into it. +* Copy ssh public key of the host machine to master and nodes machines in the cluster. +* Running the ansible container: + + ```sh + docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible ansible + ``` + + + diff --git a/ansible-container/Dockerfile b/ansible-container/Dockerfile new file mode 100644 index 000000000..477ea6712 --- /dev/null +++ b/ansible-container/Dockerfile @@ -0,0 +1,15 @@ +FROM rhel7 + +MAINTAINER Aaron Weitekamp + +RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm + +# Not sure if all of these packages are necessary +# only git and ansible are known requirements +RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils tmux git ansible + +RUN git clone https://github.com/openshift/openshift-ansible.git /opt/openshift-ansible + +ENTRYPOINT ["/usr/bin/ansible-playbook", "/opt/openshift-ansible/playbooks/byo/config.yml"] + +LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE -- cgit v1.2.3 From 12db07f5e2238c728c21de3977e829ca5427b64e Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 14 Aug 2015 09:21:19 -0400 Subject: Renamed README_ANSIBLE to README_ANSIBLE_CONTAINER as per feedback. --- README_ANSIBLE.md | 18 ------------------ README_ANSIBLE_CONTAINER.md | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 18 deletions(-) delete mode 100644 README_ANSIBLE.md create mode 100644 README_ANSIBLE_CONTAINER.md diff --git a/README_ANSIBLE.md b/README_ANSIBLE.md deleted file mode 100644 index 19e32d342..000000000 --- a/README_ANSIBLE.md +++ /dev/null @@ -1,18 +0,0 @@ -# Running ansible in a docker container -* Building ansible container: - - ```sh - git clone https://github.com/openshift/openshift-ansible.git - cd openshift-ansible/ansible-container - docker build --rm -t ansible . - ``` -* Create /etc/ansible directory on the host machine and copy inventory file (hosts) into it. -* Copy ssh public key of the host machine to master and nodes machines in the cluster. -* Running the ansible container: - - ```sh - docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible ansible - ``` - - - diff --git a/README_ANSIBLE_CONTAINER.md b/README_ANSIBLE_CONTAINER.md new file mode 100644 index 000000000..19e32d342 --- /dev/null +++ b/README_ANSIBLE_CONTAINER.md @@ -0,0 +1,18 @@ +# Running ansible in a docker container +* Building ansible container: + + ```sh + git clone https://github.com/openshift/openshift-ansible.git + cd openshift-ansible/ansible-container + docker build --rm -t ansible . + ``` +* Create /etc/ansible directory on the host machine and copy inventory file (hosts) into it. +* Copy ssh public key of the host machine to master and nodes machines in the cluster. +* Running the ansible container: + + ```sh + docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible ansible + ``` + + + -- cgit v1.2.3 From 8d60535de208a961958dc17f65adbbd03a166200 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 14 Aug 2015 09:22:31 -0400 Subject: Removed white spaces. --- README_ANSIBLE_CONTAINER.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/README_ANSIBLE_CONTAINER.md b/README_ANSIBLE_CONTAINER.md index 19e32d342..0541aef26 100644 --- a/README_ANSIBLE_CONTAINER.md +++ b/README_ANSIBLE_CONTAINER.md @@ -1,4 +1,4 @@ -# Running ansible in a docker container +# Running ansible in a docker container * Building ansible container: ```sh @@ -13,6 +13,3 @@ ```sh docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible ansible ``` - - - -- cgit v1.2.3 From 85c12d98930ae17c782e4d30bae5b1c0dfaadd4f Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 14 Aug 2015 15:28:42 -0400 Subject: Updated Dockerfile not to clone openshift-ansible repo. Movied Dockerfile to openshift-ansible repo root and updated README_ANSIBLE_CONTAINER.md file. --- Dockerfile | 17 +++++++++++++++++ README_ANSIBLE_CONTAINER.md | 2 +- ansible-container/Dockerfile | 15 --------------- 3 files changed, 18 insertions(+), 16 deletions(-) create mode 100644 Dockerfile delete mode 100644 ansible-container/Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..ab16ca609 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,17 @@ +FROM rhel7 + +MAINTAINER Aaron Weitekamp + +RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm + +# Not sure if all of these packages are necessary +# only git and ansible are known requirements +RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils git ansible + +ADD ./ /opt/openshift-ansible/ + +ENTRYPOINT ["/usr/bin/ansible-playbook"] + +CMD ["/opt/openshift-ansible/playbooks/byo/config.yml"] + +LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE diff --git a/README_ANSIBLE_CONTAINER.md b/README_ANSIBLE_CONTAINER.md index 0541aef26..30c5f8503 100644 --- a/README_ANSIBLE_CONTAINER.md +++ b/README_ANSIBLE_CONTAINER.md @@ -3,7 +3,7 @@ ```sh git clone https://github.com/openshift/openshift-ansible.git - cd openshift-ansible/ansible-container + cd openshift-ansible docker build --rm -t ansible . ``` * Create /etc/ansible directory on the host machine and copy inventory file (hosts) into it. diff --git a/ansible-container/Dockerfile b/ansible-container/Dockerfile deleted file mode 100644 index 477ea6712..000000000 --- a/ansible-container/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM rhel7 - -MAINTAINER Aaron Weitekamp - -RUN yum -y install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm - -# Not sure if all of these packages are necessary -# only git and ansible are known requirements -RUN yum install -y --enablerepo rhel-7-server-extras-rpms net-tools bind-utils tmux git ansible - -RUN git clone https://github.com/openshift/openshift-ansible.git /opt/openshift-ansible - -ENTRYPOINT ["/usr/bin/ansible-playbook", "/opt/openshift-ansible/playbooks/byo/config.yml"] - -LABEL RUN docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible --name NAME -e NAME=NAME -e IMAGE=IMAGE IMAGE -- cgit v1.2.3 From 669a91dc9deaa62ddab5fa927504ce775b61744c Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Fri, 14 Aug 2015 19:13:58 -0300 Subject: Revert Fluentd Facts --- roles/openshift_facts/library/openshift_facts.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 7e74f9617..e46cee145 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -317,8 +317,9 @@ def set_fluentd_facts_if_unset(facts): """ if 'common' in facts: + deployment_type = facts['common']['deployment_type'] if 'use_fluentd' not in facts['common']: - use_fluentd = False + use_fluentd = True if deployment_type == 'online' else False facts['common']['use_fluentd'] = use_fluentd return facts -- cgit v1.2.3 From 8d323222e3334bb70a2c3ed6db74d0c47e13ee8f Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Sat, 15 Aug 2015 16:31:58 -0300 Subject: Add README and inventory example. --- inventory/byo/hosts.example | 3 +++ roles/openshift_cluster_metrics/README.md | 36 +++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 roles/openshift_cluster_metrics/README.md diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 629956d0e..864cd9dc6 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -20,6 +20,9 @@ ansible_ssh_user=root # deployment type valid values are origin, online and enterprise deployment_type=enterprise +# Enable cluster metrics +#use_cluster_metrics=true + # Pre-release registry URL #oreg_url=docker-buildvm-rhose.usersys.redhat.com:5000/openshift3/ose-${component}:${version} diff --git a/roles/openshift_cluster_metrics/README.md b/roles/openshift_cluster_metrics/README.md new file mode 100644 index 000000000..9fdfab8e3 --- /dev/null +++ b/roles/openshift_cluster_metrics/README.md @@ -0,0 +1,36 @@ +#openshift_cluster_metrics + +This role configures Cluster wide metrics. It does setting up three services: +* Metrics are stored in InfluxDB for querying. +* Heapster reads all nodes and pods from the master, then connects to eachs node's kubelet to retrieve pod metrics. +* Grafan allows users to create dashboards of metrics from InfluxDB + +## Requirements + +Running OpenShift cluster + +## Role Variables + +``` +# Enable cluster metrics +use_cluster_metrics=true +``` + +## Dependencies + +None + +## Example Playbook + +TODO + +## Security Note +Opening up the read-only port exposes information about the running pods (such as namespace, pod name, labels, etc.) to unauthenticated clients. The requirement to open up this read-only port will be fixed in future versions. + +##License + +Apache License, Version 2.0 + +## Author Information + +Diego Castro (diego.castro@getupcloud.com) -- cgit v1.2.3 From b9606a11fe875d9151a0238bc45f149e1cbe819c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Mon, 17 Aug 2015 10:43:49 +0200 Subject: Properly pass the "external network" option to the HEAT template Fixes #471 --- README_openstack.md | 12 +++---- .../openshift-cluster/files/heat_stack.yaml | 42 ++++++++++++---------- playbooks/openstack/openshift-cluster/launch.yml | 33 ++++++----------- .../tasks/configure_openstack.yml | 27 -------------- playbooks/openstack/openshift-cluster/vars.yml | 8 ++--- 5 files changed, 43 insertions(+), 79 deletions(-) delete mode 100644 playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml diff --git a/README_openstack.md b/README_openstack.md index 3076e7b08..8d8f6ef3f 100644 --- a/README_openstack.md +++ b/README_openstack.md @@ -25,20 +25,20 @@ Configuration The following options can be passed via the `-o` flag of the `create` command: -* `image_name`: Name of the image to use to spawn VMs -* `keypair` (default to `${LOGNAME}_key`): Name of the ssh key -* `public_key` (default to `~/.ssh/id_rsa.pub`): filename of the ssh public key -* `master_flavor` (default to `m1.small`): The ID or name of the flavor for the master -* `node_flavor` (default to `m1.medium`): The ID or name of the flavor for the nodes * `infra_heat_stack` (default to `playbooks/openstack/openshift-cluster/files/heat_stack.yaml`): filename of the HEAT template to use to create the cluster infrastructure The following options are used only by `heat_stack.yaml`. They are so used only if the `infra_heat_stack` option is left with its default value. +* `image_name`: Name of the image to use to spawn VMs +* `public_key` (default to `~/.ssh/id_rsa.pub`): filename of the ssh public key +* `master_flavor` (default to `m1.small`): The ID or name of the flavor for the master +* `node_flavor` (default to `m1.medium`): The ID or name of the flavor for the compute nodes +* `infra_flavor` (default to `m1.small`): The ID or name of the flavor for the infrastructure nodes * `network_prefix` (default to `openshift-ansible-`): prefix prepended to all network objects (net, subnet, router, security groups) * `dns` (default to `8.8.8.8,8.8.4.4`): comma separated list of DNS to use * `net_cidr` (default to `192.168..0/24`): CIDR of the network created by `heat_stack.yaml` * `external_net` (default to `external`): Name of the external network to connect to -* `floating_ip_pools` (default to `external`): comma separated list of floating IP pools +* `floating_ip_pool` (default to `external`): comma separated list of floating IP pools * `ssh_from` (default to `0.0.0.0/0`): IPs authorized to connect to the VMs via ssh diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index d53884e0d..40e4ab22c 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -9,21 +9,6 @@ parameters: label: Cluster ID description: Identifier of the cluster - num_masters: - type: number - label: Number of masters - description: Number of masters - - num_nodes: - type: number - label: Number of compute nodes - description: Number of compute nodes - - num_infra: - type: number - label: Number of infrastructure nodes - description: Number of infrastructure nodes - cidr: type: string label: CIDR @@ -40,6 +25,12 @@ parameters: description: Name of the external network default: external + floating_ip_pool: + type: string + label: Floating IP pool + description: Floating IP pools + default: external + ssh_public_key: type: string label: SSH public key @@ -52,6 +43,21 @@ parameters: description: Source of legitimate ssh connections default: 0.0.0.0/0 + num_masters: + type: number + label: Number of masters + description: Number of masters + + num_nodes: + type: number + label: Number of compute nodes + description: Number of compute nodes + + num_infra: + type: number + label: Number of infrastructure nodes + description: Number of infrastructure nodes + master_image: type: string label: Master image @@ -290,7 +296,7 @@ resources: subnet: { get_resource: subnet } secgrp: - { get_resource: master-secgrp } - floating_network: { get_param: external_net } + floating_network: { get_param: floating_ip_pool } net_name: str_replace: template: openshift-ansible-cluster_id-net @@ -322,7 +328,7 @@ resources: subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } - floating_network: { get_param: external_net } + floating_network: { get_param: floating_ip_pool } net_name: str_replace: template: openshift-ansible-cluster_id-net @@ -355,7 +361,7 @@ resources: secgrp: - { get_resource: node-secgrp } - { get_resource: infra-secgrp } - floating_network: { get_param: external_net } + floating_network: { get_param: floating_ip_pool } net_name: str_replace: template: openshift-ansible-cluster_id-net diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index d36bdbf26..651aef40b 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,30 +19,21 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - name: Create OpenStack Stack - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} - -P cluster_id={{ cluster_id }} - -P dns_nameservers={{ openstack_network_dns | join(",") }} - -P cidr={{ openstack_network_cidr }} - -P ssh_incoming={{ openstack_ssh_access_from }} - -P num_masters={{ num_masters }} - -P num_nodes={{ num_nodes }} - -P num_infra={{ num_infra }} - -P master_image={{ deployment_vars[deployment_type].image }} - -P node_image={{ deployment_vars[deployment_type].image }} - -P infra_image={{ deployment_vars[deployment_type].image }} - -P master_flavor={{ openstack_flavor["master"] }} - -P node_flavor={{ openstack_flavor["node"] }} - -P infra_flavor={{ openstack_flavor["infra"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" - openshift-ansible-{{ cluster_id }}-stack' + - set_fact: + heat_stack_action: 'stack-create' when: stack_show_result.rc == 1 + - set_fact: + heat_stack_action: 'stack-update' + when: stack_show_result.rc == 0 - - name: Update OpenStack Stack - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + - name: Create or Update OpenStack Stack + command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} -P cluster_id={{ cluster_id }} - -P dns_nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} + -P dns_nameservers={{ openstack_network_dns | join(",") }} + -P external_net={{ openstack_network_external_net }} + -P floating_ip_pool={{ openstack_floating_ip_pool }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" -P ssh_incoming={{ openstack_ssh_access_from }} -P num_masters={{ num_masters }} -P num_nodes={{ num_nodes }} @@ -53,9 +44,7 @@ -P master_flavor={{ openstack_flavor["master"] }} -P node_flavor={{ openstack_flavor["node"] }} -P infra_flavor={{ openstack_flavor["infra"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" openshift-ansible-{{ cluster_id }}-stack' - when: stack_show_result.rc == 0 - name: Wait for OpenStack Stack readiness shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' diff --git a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml b/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml deleted file mode 100644 index 2cbdb4805..000000000 --- a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Check infra - command: 'heat stack-show {{ openstack_network_prefix }}-stack' - register: stack_show_result - changed_when: false - failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - -- name: Create infra - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack' - when: stack_show_result.rc == 1 - -- name: Update infra - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack' - when: stack_show_result.rc == 0 - -- name: Wait for infra readiness - shell: 'heat stack-show {{ openstack_network_prefix }}-stack | awk ''$2 == "stack_status" {print $4}''' - register: stack_show_status_result - until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 - delay: 1 - failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] - -- name: Create ssh keypair - nova_keypair: - name: "{{ openstack_ssh_keypair }}" - public_key: "{{ openstack_ssh_public_key }}" diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index 43e25f2e6..262d3f4ed 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -1,18 +1,14 @@ --- openstack_infra_heat_stack: "{{ lookup('oo_option', 'infra_heat_stack' ) | default('files/heat_stack.yaml', True) }}" -openstack_network_prefix: "{{ lookup('oo_option', 'network_prefix' ) | - default('openshift-ansible-'+cluster_id, True) }}" openstack_network_cidr: "{{ lookup('oo_option', 'net_cidr' ) | default('192.168.' + ( ( 1048576 | random % 256 ) | string() ) + '.0/24', True) }}" openstack_network_external_net: "{{ lookup('oo_option', 'external_net' ) | default('external', True) }}" -openstack_floating_ip_pools: "{{ lookup('oo_option', 'floating_ip_pools') | - default('external', True) | oo_split() }}" +openstack_floating_ip_pool: "{{ lookup('oo_option', 'floating_ip_pool' ) | + default('external', True) }}" openstack_network_dns: "{{ lookup('oo_option', 'dns' ) | default('8.8.8.8,8.8.4.4', True) | oo_split() }}" -openstack_ssh_keypair: "{{ lookup('oo_option', 'keypair' ) | - default(lookup('env', 'LOGNAME')+'_key', True) }}" openstack_ssh_public_key: "{{ lookup('file', lookup('oo_option', 'public_key') | default('~/.ssh/id_rsa.pub', True)) }}" openstack_ssh_access_from: "{{ lookup('oo_option', 'ssh_from') | -- cgit v1.2.3 From 69f6fd410500a3dd20a97a9e3dad860761b09ac8 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 2 Jul 2015 11:59:22 -0400 Subject: playbooks/adhoc: Add a tutorial-reset playbook to undo everything This makes it easier to run through the tutorial, as well as reset a VM or baremetal node to a clean slate for developer testing. --- playbooks/adhoc/tutorial-reset.yml | 46 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 playbooks/adhoc/tutorial-reset.yml diff --git a/playbooks/adhoc/tutorial-reset.yml b/playbooks/adhoc/tutorial-reset.yml new file mode 100644 index 000000000..1ceb72d19 --- /dev/null +++ b/playbooks/adhoc/tutorial-reset.yml @@ -0,0 +1,46 @@ +# This deletes *ALL* Docker images, and uninstalls OpenShift and +# Atomic Enterprise RPMs. It is primarily intended for use +# with the tutorial as well as for developers to reset state. + +- hosts: + - OSEv3:children + + sudo: yes + + tasks: + - service: name={{ item }} state=stopped + with_items: + - docker + - atomic-enterprise-master + - atomic-enterprise-node + + - yum: name={{ item }} state=absent + with_items: + - openvswitch + - atomic-enterprise + - atomic-enterprise-master + - atomic-enterprise-node + - atomic-enterprise-sdn-ovs + - tuned-profiles-atomic-enterprise-node + + - shell: systemctl reset-failed + changed_when: False + + - shell: systemctl daemon-reload + changed_when: False + + - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - file: path={{ item }} state=absent + with_items: + - /var/lib/atomic-enterprise + - /etc/sysconfig/atomic-enterprise + - /etc/atomic-enterprise + - /etc/openshift + - /var/lib/docker + + - user: name={{ item }} state=absent remove=yes + with_items: + - alice + - joe -- cgit v1.2.3 From c85b503d6f02514beb9ea73c6a12fe2ef1bfb25a Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Wed, 12 Aug 2015 09:48:44 -0400 Subject: Added /root/.kube to be deleted so that the stuff there does not prevent a new install. --- playbooks/adhoc/tutorial-reset.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/playbooks/adhoc/tutorial-reset.yml b/playbooks/adhoc/tutorial-reset.yml index 1ceb72d19..77bc13b17 100644 --- a/playbooks/adhoc/tutorial-reset.yml +++ b/playbooks/adhoc/tutorial-reset.yml @@ -39,6 +39,7 @@ - /etc/atomic-enterprise - /etc/openshift - /var/lib/docker + - /root/.kube - user: name={{ item }} state=absent remove=yes with_items: -- cgit v1.2.3 From 472ecf8ac4bd63556b91b70a779e2e738546f77c Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Thu, 13 Aug 2015 18:28:14 -0400 Subject: Renamed the file as it mainly applies to atomic enterprise. --- .../adhoc/atomic_enterprise_tutorial_reset.yml | 47 ++++++++++++++++++++++ playbooks/adhoc/tutorial-reset.yml | 47 ---------------------- 2 files changed, 47 insertions(+), 47 deletions(-) create mode 100644 playbooks/adhoc/atomic_enterprise_tutorial_reset.yml delete mode 100644 playbooks/adhoc/tutorial-reset.yml diff --git a/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml b/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml new file mode 100644 index 000000000..77bc13b17 --- /dev/null +++ b/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml @@ -0,0 +1,47 @@ +# This deletes *ALL* Docker images, and uninstalls OpenShift and +# Atomic Enterprise RPMs. It is primarily intended for use +# with the tutorial as well as for developers to reset state. + +- hosts: + - OSEv3:children + + sudo: yes + + tasks: + - service: name={{ item }} state=stopped + with_items: + - docker + - atomic-enterprise-master + - atomic-enterprise-node + + - yum: name={{ item }} state=absent + with_items: + - openvswitch + - atomic-enterprise + - atomic-enterprise-master + - atomic-enterprise-node + - atomic-enterprise-sdn-ovs + - tuned-profiles-atomic-enterprise-node + + - shell: systemctl reset-failed + changed_when: False + + - shell: systemctl daemon-reload + changed_when: False + + - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - file: path={{ item }} state=absent + with_items: + - /var/lib/atomic-enterprise + - /etc/sysconfig/atomic-enterprise + - /etc/atomic-enterprise + - /etc/openshift + - /var/lib/docker + - /root/.kube + + - user: name={{ item }} state=absent remove=yes + with_items: + - alice + - joe diff --git a/playbooks/adhoc/tutorial-reset.yml b/playbooks/adhoc/tutorial-reset.yml deleted file mode 100644 index 77bc13b17..000000000 --- a/playbooks/adhoc/tutorial-reset.yml +++ /dev/null @@ -1,47 +0,0 @@ -# This deletes *ALL* Docker images, and uninstalls OpenShift and -# Atomic Enterprise RPMs. It is primarily intended for use -# with the tutorial as well as for developers to reset state. - -- hosts: - - OSEv3:children - - sudo: yes - - tasks: - - service: name={{ item }} state=stopped - with_items: - - docker - - atomic-enterprise-master - - atomic-enterprise-node - - - yum: name={{ item }} state=absent - with_items: - - openvswitch - - atomic-enterprise - - atomic-enterprise-master - - atomic-enterprise-node - - atomic-enterprise-sdn-ovs - - tuned-profiles-atomic-enterprise-node - - - shell: systemctl reset-failed - changed_when: False - - - shell: systemctl daemon-reload - changed_when: False - - - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true - changed_when: False - - - file: path={{ item }} state=absent - with_items: - - /var/lib/atomic-enterprise - - /etc/sysconfig/atomic-enterprise - - /etc/atomic-enterprise - - /etc/openshift - - /var/lib/docker - - /root/.kube - - - user: name={{ item }} state=absent remove=yes - with_items: - - alice - - joe -- cgit v1.2.3 From 008aa1b39a8c27cf227c87cdf225182a18a992e6 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 14 Aug 2015 17:26:45 -0400 Subject: Updated tutorial reset file and made following chages: 1. Included openshift clean up 2. Renamed file to atomic_openshift_tutorial_reset.yml 3. docker service is not not stopped 4. docker containers and images are removed 5. /etc/openshift-sdn are removed too now --- .../adhoc/atomic_enterprise_tutorial_reset.yml | 47 --------------- .../adhoc/atomic_openshift_tutorial_reset.yml | 68 ++++++++++++++++++++++ 2 files changed, 68 insertions(+), 47 deletions(-) delete mode 100644 playbooks/adhoc/atomic_enterprise_tutorial_reset.yml create mode 100644 playbooks/adhoc/atomic_openshift_tutorial_reset.yml diff --git a/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml b/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml deleted file mode 100644 index 77bc13b17..000000000 --- a/playbooks/adhoc/atomic_enterprise_tutorial_reset.yml +++ /dev/null @@ -1,47 +0,0 @@ -# This deletes *ALL* Docker images, and uninstalls OpenShift and -# Atomic Enterprise RPMs. It is primarily intended for use -# with the tutorial as well as for developers to reset state. - -- hosts: - - OSEv3:children - - sudo: yes - - tasks: - - service: name={{ item }} state=stopped - with_items: - - docker - - atomic-enterprise-master - - atomic-enterprise-node - - - yum: name={{ item }} state=absent - with_items: - - openvswitch - - atomic-enterprise - - atomic-enterprise-master - - atomic-enterprise-node - - atomic-enterprise-sdn-ovs - - tuned-profiles-atomic-enterprise-node - - - shell: systemctl reset-failed - changed_when: False - - - shell: systemctl daemon-reload - changed_when: False - - - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true - changed_when: False - - - file: path={{ item }} state=absent - with_items: - - /var/lib/atomic-enterprise - - /etc/sysconfig/atomic-enterprise - - /etc/atomic-enterprise - - /etc/openshift - - /var/lib/docker - - /root/.kube - - - user: name={{ item }} state=absent remove=yes - with_items: - - alice - - joe diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml new file mode 100644 index 000000000..91159ad8e --- /dev/null +++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml @@ -0,0 +1,68 @@ +# This deletes *ALL* Docker images, and uninstalls OpenShift and +# Atomic Enterprise RPMs. It is primarily intended for use +# with the tutorial as well as for developers to reset state. + +- hosts: + - OSEv3:children + + sudo: yes + + tasks: + - service: name={{ item }} state=stopped + with_items: + - openshift-master + - openshift-node + - openvswitch + - atomic-enterprise-master + - atomic-enterprise-node + + - yum: name={{ item }} state=absent + with_items: + - openvswitch + - atomic-enterprise + - atomic-enterprise-master + - atomic-enterprise-node + - atomic-enterprise-sdn-ovs + - tuned-profiles-atomic-enterprise-node + - openshift + - openshift-master + - openshift-node + - openshift-sdn-ovs + - tuned-profiles-openshift-node + + - shell: systemctl reset-failed + changed_when: False + + - shell: systemctl daemon-reload + changed_when: False + + - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - shell: docker ps -a -q | xargs docker stop + changed_when: False + + - shell: docker ps -a -q| xargs docker rm + changed_when: False + + - shell: docker images -q |xargs docker rmi + changed_when: False + + - file: path={{ item }} state=absent + with_items: + - /var/lib/atomic-enterprise + - /etc/sysconfig/atomic-enterprise + - /etc/atomic-enterprise + - /etc/openshift + - /etc/openshift-sdn + - /root/.kube + - /etc/sysconfig/openshift + - /var/lib/openshift + + - user: name={{ item }} state=absent remove=yes + with_items: + - alice + - joe -- cgit v1.2.3 From 0e94fa986dd928888c36d2fbef71359c0b9b05d2 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Mon, 17 Aug 2015 11:01:41 -0400 Subject: Updated to include origin and atomic-openshift RPMs re-factoring to include all origin, AE and openshift products. For back-word compatibility, older openshift and AE naming is retained too. --- .../adhoc/atomic_openshift_tutorial_reset.yml | 37 ++++++++++++++++++---- 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml index 91159ad8e..1200caa2a 100644 --- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml +++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml @@ -10,15 +10,29 @@ tasks: - service: name={{ item }} state=stopped with_items: + - openvswitch + - origin-master + - origin-node + - atomic-openshift-master + - atomic-openshift-node - openshift-master - openshift-node - - openvswitch - atomic-enterprise-master - atomic-enterprise-node - yum: name={{ item }} state=absent with_items: - openvswitch + - origin + - origin-master + - origin-node + - origin-sdn-ovs + - tuned-profiles-origin-node + - atomic-openshift + - atomic-openshift-master + - atomic-openshift-node + - atomic-openshift-sdn-ovs + - tuned-profiles-atomic-openshift-node - atomic-enterprise - atomic-enterprise-master - atomic-enterprise-node @@ -36,6 +50,9 @@ - shell: systemctl daemon-reload changed_when: False + - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true changed_when: False @@ -53,14 +70,22 @@ - file: path={{ item }} state=absent with_items: - - /var/lib/atomic-enterprise - - /etc/sysconfig/atomic-enterprise - - /etc/atomic-enterprise - - /etc/openshift - /etc/openshift-sdn - /root/.kube - - /etc/sysconfig/openshift + - /etc/origin + - /etc/atomic-enterprise + - /etc/openshift + - /var/lib/origin - /var/lib/openshift + - /var/lib/atomic-enterprise + - /etc/sysconfig/origin-master + - /etc/sysconfig/origin-node + - /etc/sysconfig/atomic-openshift-master + - /etc/sysconfig/atomic-openshift-node + - /etc/sysconfig/openshift-master + - /etc/sysconfig/openshift-node + - /etc/sysconfig/atomic-enterprise-master + - /etc/sysconfig/atomic-enterprise-node - user: name={{ item }} state=absent remove=yes with_items: -- cgit v1.2.3 From ad1e4f8ef38681ff64769fe5c9442496a44386e6 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Mon, 17 Aug 2015 12:15:33 -0400 Subject: Bug 1252337 - Fix for quote error in oauthConfig template https://bugzilla.redhat.com/show_bug.cgi?id=1252337 --- roles/openshift_master/templates/v1_partials/oauthConfig.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 index 4ca644876..72889bc29 100644 --- a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 +++ b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 @@ -7,7 +7,7 @@ url: {{ identity_provider.url }} {% for key in ('ca', 'certFile', 'keyFile') %} {% if key in identity_provider %} - {{ key }}: {{ identity_provider[key] }}" + {{ key }}: "{{ identity_provider[key] }}" {% endif %} {% endfor %} {% elif identity_provider.kind == 'LDAPPasswordIdentityProvider' %} -- cgit v1.2.3 From 135398d40500972fea12ad14f4d5fcd921c9ee9b Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 14 Aug 2015 12:58:28 -0400 Subject: Updates --- roles/os_zabbix/library/get_drule.yml | 115 +++++++++++++ roles/os_zabbix/library/test.yml | 49 +++++- roles/os_zabbix/library/zbx_application.py | 135 +++++++++++++++ roles/os_zabbix/library/zbx_discoveryrule.py | 177 ++++++++++++++++++++ roles/os_zabbix/library/zbx_host.py | 31 ++-- roles/os_zabbix/library/zbx_item.py | 12 +- roles/os_zabbix/library/zbx_itemprototype.py | 241 +++++++++++++++++++++++++++ roles/os_zabbix/library/zbx_template.py | 3 +- roles/os_zabbix/library/zbx_user.py | 22 ++- 9 files changed, 761 insertions(+), 24 deletions(-) create mode 100644 roles/os_zabbix/library/get_drule.yml create mode 100644 roles/os_zabbix/library/zbx_application.py create mode 100644 roles/os_zabbix/library/zbx_discoveryrule.py create mode 100644 roles/os_zabbix/library/zbx_itemprototype.py diff --git a/roles/os_zabbix/library/get_drule.yml b/roles/os_zabbix/library/get_drule.yml new file mode 100644 index 000000000..a3e39f535 --- /dev/null +++ b/roles/os_zabbix/library/get_drule.yml @@ -0,0 +1,115 @@ +--- +# This is a test playbook to create one of each of the zabbix ansible modules. +# ensure that the zbxapi module is installed +# ansible-playbook test.yml +- name: Test zabbix ansible module + hosts: localhost + gather_facts: no + vars: +#zbx_server: https://localhost/zabbix/api_jsonrpc.php +#zbx_user: Admin +#zbx_password: zabbix + + pre_tasks: + - name: Template Discovery rules + zbx_template: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Template App HaProxy' + state: list + register: template_output + + - debug: var=template_output + + - name: Discovery rules + zbx_discovery_rule: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'haproxy.discovery sender' + state: list + register: drule + + - debug: var=drule + +# - name: Create an application +# zbx_application: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'Test App' +# template_name: "test template" +# register: item_output +# +# - name: Create an item +# zbx_item: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'test item' +# key: 'kenny.item.1' +# applications: +# - 'Test App' +# template_name: "test template" +# register: item_output +# +# - debug: var=item_output +# +# - name: Create an trigger +# zbx_trigger: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# expression: '{test template:kenny.item.1.last()}>2' +# description: 'Kenny desc' +# register: trigger_output +# +# - debug: var=trigger_output +# +# - name: Create a hostgroup +# zbx_hostgroup: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'kenny hostgroup' +# register: hostgroup_output +# +# - debug: var=hostgroup_output +# +# - name: Create a host +# zbx_host: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'kenny host' +# template_names: +# - test template +# hostgroup_names: +# - kenny hostgroup +# register: host_output +# +# - debug: var=host_output +# +# - name: Create a usergroup +# zbx_usergroup: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: kenny usergroup +# rights: +# - 'kenny hostgroup': rw +# register: usergroup_output +# +# - debug: var=usergroup_output +# +# - name: Create a user +# zbx_user: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# alias: kwoodson +# state: list +# register: user_output +# +# - debug: var=user_output diff --git a/roles/os_zabbix/library/test.yml b/roles/os_zabbix/library/test.yml index f585bcbb2..cedace1a0 100644 --- a/roles/os_zabbix/library/test.yml +++ b/roles/os_zabbix/library/test.yml @@ -6,7 +6,7 @@ hosts: localhost gather_facts: no vars: - zbx_server: http://localhost/zabbix/api_jsonrpc.php + zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php zbx_user: Admin zbx_password: zabbix @@ -21,6 +21,41 @@ - debug: var=template_output + - name: Create a discoveryrule + zbx_discoveryrule: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: test discoverule + key: test_listener + template_name: test template + lifetime: 14 + register: discoveryrule + + - debug: var=discoveryrule + + - name: Create an itemprototype + zbx_itemprototype: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test itemprototype on {#TEST_LISTENER}' + key: 'test[{#TEST_LISTENER}]' + template_name: test template + discoveryrule_name: test discoverule + register: itemproto + + - debug: var=itemproto + + - name: Create an application + zbx_application: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test App' + template_name: "test template" + register: item_output + - name: Create an item zbx_item: server: "{{ zbx_server }}" @@ -28,7 +63,9 @@ password: "{{ zbx_password }}" name: 'test item' key: 'kenny.item.1' - template_name: "{{ template_output.results[0].host }}" + applications: + - 'Test App' + template_name: "test template" register: item_output - debug: var=item_output @@ -39,7 +76,7 @@ user: "{{ zbx_user }}" password: "{{ zbx_password }}" expression: '{test template:kenny.item.1.last()}>2' - desc: 'Kenny desc' + description: 'Kenny desc' register: trigger_output - debug: var=trigger_output @@ -60,8 +97,10 @@ user: "{{ zbx_user }}" password: "{{ zbx_password }}" name: 'kenny host' - hostgroups: - - 'kenny hostgroup' + template_names: + - test template + hostgroup_names: + - kenny hostgroup register: host_output - debug: var=host_output diff --git a/roles/os_zabbix/library/zbx_application.py b/roles/os_zabbix/library/zbx_application.py new file mode 100644 index 000000000..5d4acf72d --- /dev/null +++ b/roles/os_zabbix/library/zbx_application.py @@ -0,0 +1,135 @@ +#!/usr/bin/env python +''' +Ansible module for application +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix application ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + return template_ids + +def main(): + ''' Ansible module for application + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + template_name=dict(default=None, type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the application for the rest of the calls + zbx_class_name = 'application' + idname = 'applicationid' + aname = module.params['name'] + state = module.params['state'] + # get a applicationid, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': aname}, + 'selectHost': 'hostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], + 'name': aname, + } + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_discoveryrule.py b/roles/os_zabbix/library/zbx_discoveryrule.py new file mode 100644 index 000000000..56b87fecc --- /dev/null +++ b/roles/os_zabbix/library/zbx_discoveryrule.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(vtype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'JMX': 16, + } + + for typ in _types.keys(): + if vtype in typ or vtype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'discoveryrule' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + #'selectDServices': 'extend', + #'selectDChecks': 'extend', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'lifetime': module.params['lifetime'], + 'type': get_type(module.params['ztype']), + } + if params['type'] in [2, 5, 7, 11]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_host.py b/roles/os_zabbix/library/zbx_host.py index d75dfdea1..12c5f3456 100644 --- a/roles/os_zabbix/library/zbx_host.py +++ b/roles/os_zabbix/library/zbx_host.py @@ -60,7 +60,7 @@ def get_template_ids(zapi, template_names): for template_name in template_names: content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) if content.has_key('result'): - template_ids.append({'templateid': content['results'][0]['templateid']}) + template_ids.append({'templateid': content['result'][0]['templateid']}) return template_ids def main(): @@ -71,20 +71,20 @@ def main(): module = AnsibleModule( argument_spec=dict( server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), name=dict(default=None, type='str'), hostgroup_names=dict(default=[], type='list'), template_names=dict(default=[], type='list'), debug=dict(default=False, type='bool'), state=dict(default='present', type='str'), - interfaces=dict(default=[], type='list'), + interfaces=dict(default=None, type='list'), ), #supports_check_mode=True ) - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + user = module.params['user'] + passwd = module.params['password'] zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) @@ -113,16 +113,17 @@ def main(): module.exit_json(changed=True, results=content['result'], state="absent") if state == 'present': + ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent + 'main': 1, # default interface? 1 = true + 'useip': 1, # default interface? 1 = true + 'ip': '127.0.0.1', # default interface? 1 = true + 'dns': '', # dns for host + 'port': '10050', # port for interface? 10050 + }] params = {'host': hname, - 'groups': get_group_ids(zapi, module.params('hostgroup_names')), - 'templates': get_template_ids(zapi, module.params('template_names')), - 'interfaces': module.params.get('interfaces', [{'type': 1, # interface type, 1 = agent - 'main': 1, # default interface? 1 = true - 'useip': 1, # default interface? 1 = true - 'ip': '127.0.0.1', # default interface? 1 = true - 'dns': '', # dns for host - 'port': '10050', # port for interface? 10050 - }]) + 'groups': get_group_ids(zapi, module.params['hostgroup_names']), + 'templates': get_template_ids(zapi, module.params['template_names']), + 'interfaces': ifs, } if not exists(content): diff --git a/roles/os_zabbix/library/zbx_item.py b/roles/os_zabbix/library/zbx_item.py index 57ec06463..45ba6c2b0 100644 --- a/roles/os_zabbix/library/zbx_item.py +++ b/roles/os_zabbix/library/zbx_item.py @@ -60,6 +60,16 @@ def get_value_type(value_type): return vtype +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + def main(): ''' ansible zabbix module for zbx_item @@ -124,7 +134,7 @@ def main(): 'hostid': templateid, 'type': module.params['zabbix_type'], 'value_type': get_value_type(module.params['value_type']), - 'applications': module.params['applications'], + 'applications': get_app_ids(zapi, module.params['applications']), } if not exists(content): diff --git a/roles/os_zabbix/library/zbx_itemprototype.py b/roles/os_zabbix/library/zbx_itemprototype.py new file mode 100644 index 000000000..f0eb6bbbd --- /dev/null +++ b/roles/os_zabbix/library/zbx_itemprototype.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rule_id(zapi, discoveryrule_name): + '''get a discoveryrule by name + ''' + content = zapi.get_content('discoveryrule', + 'get', + {'search': {'name': discoveryrule_name}, + 'output': 'extend', + }) + if not content['result']: + return None + return content['result'][0]['itemid'] + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(ztype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'aggregate': 8, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'calculated': 15, + 'JMX': 16, + } + + for typ in _types.keys(): + if ztype in typ or ztype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_status(status): + ''' Determine status + ''' + _status = 0 + if status == 'disabled': + _status = 1 + elif status == 'unsupported': + _status = 3 + + return _status + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + value_type=dict(default='float', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + status=dict(default='enabled', type='str'), + discoveryrule_name=dict(default=None, type='str'), + applications=dict(default=[], type='list'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'itemprototype' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + 'selectApplications': 'applicationid', + 'selectDiscoveryRule': 'itemid', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), + 'type': get_type(module.params['ztype']), + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + if params['type'] in [2, 5, 7, 8, 11, 15]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'ruleid': + if value != zab_results['discoveryRule']['itemid']: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_template.py b/roles/os_zabbix/library/zbx_template.py index 676fa7e49..20ea48a85 100644 --- a/roles/os_zabbix/library/zbx_template.py +++ b/roles/os_zabbix/library/zbx_template.py @@ -74,7 +74,8 @@ def main(): {'search': {'host': tname}, 'selectParentTemplates': 'templateid', 'selectGroups': 'groupid', - #'selectApplications': extend, + 'selectApplications': 'applicationid', + 'selectDiscoveries': 'extend', }) if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/os_zabbix/library/zbx_user.py index 489023407..50f6fc075 100644 --- a/roles/os_zabbix/library/zbx_user.py +++ b/roles/os_zabbix/library/zbx_user.py @@ -56,6 +56,19 @@ def get_usergroups(zapi, usergroups): return ugroups + +def get_usertype(user_type): + ''' + Determine zabbix user account type + ''' + utype = 1 + if 'super' in user_type: + utype = 3 + elif 'admin' in user_type or user_type == 'admin': + utype = 2 + + return utype + def main(): ''' ansible zabbix module for users @@ -69,6 +82,9 @@ def main(): user=dict(default=None, type='str'), password=dict(default=None, type='str'), alias=dict(default=None, type='str'), + name=dict(default=None, type='str'), + surname=dict(default=None, type='str'), + user_type=dict(default='user', type='str'), passwd=dict(default=None, type='str'), usergroups=dict(default=None, type='list'), debug=dict(default=False, type='bool'), @@ -80,8 +96,7 @@ def main(): user = module.params.get('user', os.environ['ZABBIX_USER']) password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - zbc = ZabbixConnection(module.params['server'], user, password, module.params['debug']) - zapi = ZabbixAPI(zbc) + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) ## before we can create a user media and users with media types we need media zbx_class_name = 'user' @@ -109,6 +124,9 @@ def main(): params = {'alias': alias, 'passwd': module.params['passwd'], 'usrgrps': get_usergroups(zapi, module.params['usergroups']), + 'name': module.params['name'], + 'surname': module.params['surname'], + 'type': get_usertype(module.params['user_type']), } if not exists(content): -- cgit v1.2.3 From 9c50ddfffc518185acfe01c3bcdd90d4bc4e4004 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 18 Aug 2015 10:09:32 -0400 Subject: Fix kubelet_args --- roles/openshift_node/templates/node.yaml.v1.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index e6f75a4c0..ff0a2fa7e 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -8,8 +8,8 @@ imageConfig: format: {{ openshift.node.registry_url }} latest: false kind: NodeConfig -{% if openshift.common.kubelet_args is defined and openshift.common.kubelet_args %} -kubeletArguments: {{ kubelet_args }} +{% if openshift.node.kubelet_args is defined and openshift.node.kubelet_args %} +kubeletArguments: {{ openshift.node.kubelet_args }} {% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig networkPluginName: {{ openshift.common.sdn_network_plugin_name }} -- cgit v1.2.3 From 4c2293c61088bdcf5f52bc598a443dad753b49f0 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 18 Aug 2015 14:33:38 -0400 Subject: another kubelet_args fix --- roles/openshift_node/templates/node.yaml.v1.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index ff0a2fa7e..7b1c0f808 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -9,7 +9,7 @@ imageConfig: latest: false kind: NodeConfig {% if openshift.node.kubelet_args is defined and openshift.node.kubelet_args %} -kubeletArguments: {{ openshift.node.kubelet_args }} +kubeletArguments: {{ openshift.node.kubelet_args | to_json }} {% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig networkPluginName: {{ openshift.common.sdn_network_plugin_name }} -- cgit v1.2.3 From 3c3669ccf9bacd69a222cdb45a0c377da0ce090a Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 19 Aug 2015 13:21:20 -0400 Subject: remove fstab entry after pv creation --- playbooks/adhoc/create_pv/create_pv.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/playbooks/adhoc/create_pv/create_pv.yaml b/playbooks/adhoc/create_pv/create_pv.yaml index 684a0ca72..591b1d902 100644 --- a/playbooks/adhoc/create_pv/create_pv.yaml +++ b/playbooks/adhoc/create_pv/create_pv.yaml @@ -118,6 +118,13 @@ state: unmounted fstype: ext4 + - name: remove from fstab + mount: + name: "{{ pv_mntdir }}" + src: "{{ cli_device_name }}" + state: absent + fstype: ext4 + - name: detach drive delegate_to: localhost ec2_vol: -- cgit v1.2.3 From 0dc89f3583a5e88e1ca66780e974bc9520910410 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 19 Aug 2015 17:20:26 -0400 Subject: Added tagging to the pv volumes --- playbooks/adhoc/create_pv/create_pv.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/playbooks/adhoc/create_pv/create_pv.yaml b/playbooks/adhoc/create_pv/create_pv.yaml index 591b1d902..4f0ef7a75 100644 --- a/playbooks/adhoc/create_pv/create_pv.yaml +++ b/playbooks/adhoc/create_pv/create_pv.yaml @@ -50,6 +50,16 @@ - debug: var=vol + - name: tag the vol with a name + ec2_tag: region={{ hostvars[oo_name]['ec2_region'] }} resource={{vol.volume_id}} + args: + tags: + Name: "pv-{{ hostvars[oo_name]['ec2_tag_Name'] }}" + env: "{{cli_environment}}" + register: voltags + + - debug: var=voltags + - name: Configure the drive gather_facts: no hosts: oo_master -- cgit v1.2.3 From 57a0a36c424074ce8127562128950258ced1dea2 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 20 Aug 2015 10:22:35 -0400 Subject: Automatic commit of package [openshift-ansible-bin] release [0.0.19-1]. --- bin/openshift-ansible-bin.spec | 20 +++++++++++++++++++- rel-eng/packages/openshift-ansible-bin | 2 +- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/bin/openshift-ansible-bin.spec b/bin/openshift-ansible-bin.spec index fd2386c9a..d90810bc3 100644 --- a/bin/openshift-ansible-bin.spec +++ b/bin/openshift-ansible-bin.spec @@ -1,6 +1,6 @@ Summary: OpenShift Ansible Scripts for working with metadata hosts Name: openshift-ansible-bin -Version: 0.0.18 +Version: 0.0.19 Release: 1%{?dist} License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -42,6 +42,24 @@ cp -p openshift_ansible.conf.example %{buildroot}/etc/openshift_ansible/openshif %config(noreplace) /etc/openshift_ansible/ %changelog +* Thu Aug 20 2015 Kenny Woodson 0.0.19-1 +- Updated to show private ips when doing a list (kwoodson@redhat.com) +- Updated to read config first and default to users home dir + (kwoodson@redhat.com) +- Prevent Ansible from serializing tasks (lhuard@amadeus.com) +- Infra node support (whearn@redhat.com) +- Playbook updates for clustered etcd (jdetiber@redhat.com) +- bin/cluster supports boto credentials as well as env variables + (jdetiber@redhat.com) +- Merge pull request #291 from lhuard1A/profile + (twiest@users.noreply.github.com) +- Add a generic mechanism for passing options (lhuard@amadeus.com) +- Infrastructure - Validate AWS environment before calling playbooks + (jhonce@redhat.com) +- Add a --profile option to spot which task takes more time + (lhuard@amadeus.com) +- changed Openshift to OpenShift (twiest@redhat.com) + * Tue Jun 09 2015 Kenny Woodson 0.0.18-1 - Implement OpenStack provider (lhuard@amadeus.com) - * Update defaults and examples to track core concepts guide diff --git a/rel-eng/packages/openshift-ansible-bin b/rel-eng/packages/openshift-ansible-bin index 2a8225740..11c2906f0 100644 --- a/rel-eng/packages/openshift-ansible-bin +++ b/rel-eng/packages/openshift-ansible-bin @@ -1 +1 @@ -0.0.18-1 bin/ +0.0.19-1 bin/ -- cgit v1.2.3 From a473ade355c72b45bff57f01ecd8898725977405 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 20 Aug 2015 10:23:14 -0400 Subject: Automatic commit of package [openshift-ansible-inventory] release [0.0.9-1]. --- inventory/openshift-ansible-inventory.spec | 28 +++++++++++++++++++++++++++- rel-eng/packages/openshift-ansible-inventory | 2 +- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/inventory/openshift-ansible-inventory.spec b/inventory/openshift-ansible-inventory.spec index 900a27f3a..f163f865a 100644 --- a/inventory/openshift-ansible-inventory.spec +++ b/inventory/openshift-ansible-inventory.spec @@ -1,6 +1,6 @@ Summary: OpenShift Ansible Inventories Name: openshift-ansible-inventory -Version: 0.0.8 +Version: 0.0.9 Release: 1%{?dist} License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -36,6 +36,32 @@ cp -p gce/hosts/gce.py %{buildroot}/usr/share/ansible/inventory/gce /usr/share/ansible/inventory/gce/gce.py* %changelog +* Thu Aug 20 2015 Kenny Woodson 0.0.9-1 +- Merge pull request #408 from sdodson/docker-buildvm (bleanhar@redhat.com) +- Merge pull request #428 from jtslear/issue-383 + (twiest@users.noreply.github.com) +- Merge pull request #407 from aveshagarwal/ae-ansible-merge-auth + (bleanhar@redhat.com) +- Enable htpasswd by default in the example hosts file. (avagarwa@redhat.com) +- Add support for setting default node selector (jdetiber@redhat.com) +- Merge pull request #429 from spinolacastro/custom_cors (bleanhar@redhat.com) +- Updated to read config first and default to users home dir + (kwoodson@redhat.com) +- Fix Custom Cors (spinolacastro@gmail.com) +- Revert "namespace the byo inventory so the group names aren't so generic" + (sdodson@redhat.com) +- Removes hardcoded python2 (jtslear@gmail.com) +- namespace the byo inventory so the group names aren't so generic + (admiller@redhat.com) +- docker-buildvm-rhose is dead (sdodson@redhat.com) +- Add support for setting routingConfig:subdomain (jdetiber@redhat.com) +- Initial HA master (jdetiber@redhat.com) +- Make it clear that the byo inventory file is just an example + (jdetiber@redhat.com) +- Playbook updates for clustered etcd (jdetiber@redhat.com) +- Update for RC2 changes (sdodson@redhat.com) +- Templatize configs and 0.5.2 changes (jdetiber@redhat.com) + * Tue Jun 09 2015 Kenny Woodson 0.0.8-1 - Added more verbosity when error happens. Also fixed a bug. (kwoodson@redhat.com) diff --git a/rel-eng/packages/openshift-ansible-inventory b/rel-eng/packages/openshift-ansible-inventory index 4851be122..733c626cf 100644 --- a/rel-eng/packages/openshift-ansible-inventory +++ b/rel-eng/packages/openshift-ansible-inventory @@ -1 +1 @@ -0.0.8-1 inventory/ +0.0.9-1 inventory/ -- cgit v1.2.3 From 49923edfba6d396140881d6a920e83f9ecf79f77 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 20 Aug 2015 11:44:27 -0400 Subject: fixed zbx_user. Update password playbook added --- playbooks/adhoc/zabbix_setup/create_user.yml | 31 ++++++++++++++++++++++++++++ roles/os_zabbix/library/zbx_user.py | 13 ++++++++---- 2 files changed, 40 insertions(+), 4 deletions(-) create mode 100644 playbooks/adhoc/zabbix_setup/create_user.yml diff --git a/playbooks/adhoc/zabbix_setup/create_user.yml b/playbooks/adhoc/zabbix_setup/create_user.yml new file mode 100644 index 000000000..dd74798b7 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/create_user.yml @@ -0,0 +1,31 @@ +--- +# export PYTHONPATH='/usr/lib/python2.7/site-packages/:/home/kwoodson/git/openshift-tools' +# ansible-playbook -e 'cli_password=zabbix' -e 'cli_new_password=new-zabbix' create_user.yml +- hosts: localhost + gather_facts: no + vars_files: + - vars/template_heartbeat.yml + - vars/template_os_linux.yml + vars: + g_zserver: http://localhost/zabbix/api_jsonrpc.php + g_zuser: admin + g_zpassword: "{{ cli_password }}" + roles: + - ../../../roles/os_zabbix + post_tasks: + - zbx_user: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + register: users + + - debug: var=users + + - name: Update zabbix creds for admin + zbx_user: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + alias: Admin + passwd: "{{ cli_new_password | default(g_zpassword, true) }}" diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/os_zabbix/library/zbx_user.py index 50f6fc075..c45c9a75d 100644 --- a/roles/os_zabbix/library/zbx_user.py +++ b/roles/os_zabbix/library/zbx_user.py @@ -54,13 +54,15 @@ def get_usergroups(zapi, usergroups): if content['result']: ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) - return ugroups - + return ugroups or None def get_usertype(user_type): ''' Determine zabbix user account type ''' + if not user_type: + return None + utype = 1 if 'super' in user_type: utype = 3 @@ -84,9 +86,9 @@ def main(): alias=dict(default=None, type='str'), name=dict(default=None, type='str'), surname=dict(default=None, type='str'), - user_type=dict(default='user', type='str'), + user_type=dict(default=None, type='str'), passwd=dict(default=None, type='str'), - usergroups=dict(default=None, type='list'), + usergroups=dict(default=[], type='list'), debug=dict(default=False, type='bool'), state=dict(default='present', type='str'), ), @@ -129,6 +131,9 @@ def main(): 'type': get_usertype(module.params['user_type']), } + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + if not exists(content): # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) -- cgit v1.2.3 From ae5e023975d54218ec6175d1386ef2c0ad513b4b Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 20 Aug 2015 17:05:24 -0400 Subject: Update latest openshift examples --- .../db-templates/mongodb-ephemeral-template.json | 21 ++++++---- .../db-templates/mongodb-persistent-template.json | 26 ++++++++----- .../db-templates/mysql-ephemeral-template.json | 18 +++++---- .../db-templates/mysql-persistent-template.json | 23 ++++++----- .../postgresql-ephemeral-template.json | 18 +++++---- .../postgresql-persistent-template.json | 23 ++++++----- .../quickstart-templates/cakephp-mysql.json | 11 ++++-- .../examples/quickstart-templates/cakephp.json | 4 +- .../quickstart-templates/dancer-mysql.json | 29 ++++++++------ .../examples/quickstart-templates/dancer.json | 4 +- .../quickstart-templates/django-postgresql.json | 45 ++++++++++++---------- .../examples/quickstart-templates/django.json | 4 +- .../quickstart-templates/nodejs-mongodb.json | 35 +++++++++-------- .../examples/quickstart-templates/nodejs.json | 4 +- .../quickstart-templates/rails-postgresql.json | 38 ++++++++++++------ 15 files changed, 183 insertions(+), 120 deletions(-) diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json index 6252da2ec..6b90fa54e 100644 --- a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mongodb-ephemeral", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -147,30 +147,35 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "mongodb" + "value": "mongodb", + "required": true }, { "name": "MONGODB_USER", "description": "Username for MongoDB user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "MONGODB_PASSWORD", "description": "Password for the MongoDB user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "MONGODB_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true }, { "name": "MONGODB_ADMIN_PASSWORD", "description": "Password for the database admin user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json index c05e81e56..97b315600 100644 --- a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mongodb-persistent", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "PersistentVolumeClaim", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}" }, @@ -58,7 +58,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -164,35 +164,41 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "mongodb" + "value": "mongodb", + "required": true }, { "name": "MONGODB_USER", "description": "Username for MongoDB user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "MONGODB_PASSWORD", "description": "Password for the MongoDB user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "MONGODB_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true }, { "name": "MONGODB_ADMIN_PASSWORD", "description": "Password for the database admin user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", - "value": "512Mi" + "value": "512Mi", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json index 697a4ad68..b384a5992 100644 --- a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mysql-ephemeral", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -143,24 +143,28 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "mysql" + "value": "mysql", + "required": true }, { "name": "MYSQL_USER", "description": "Username for MySQL user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "MYSQL_PASSWORD", "description": "Password for the MySQL user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "MYSQL_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json index 33e1cebb1..6e19f48f5 100644 --- a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mysql-persistent", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "PersistentVolumeClaim", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}" }, @@ -58,7 +58,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -160,29 +160,34 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "mysql" + "value": "mysql", + "required": true }, { "name": "MYSQL_USER", "description": "Username for MySQL user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "MYSQL_PASSWORD", "description": "Password for the MySQL user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "MYSQL_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true }, { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", - "value": "512Mi" + "value": "512Mi", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json index faf626475..60d6b8519 100644 --- a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "postgresql-ephemeral", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -143,24 +143,28 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "postgresql" + "value": "postgresql", + "required": true }, { "name": "POSTGRESQL_USER", "description": "Username for PostgreSQL user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "POSTGRESQL_PASSWORD", "description": "Password for the PostgreSQL user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "POSTGRESQL_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json index 398e288bf..91cd7453e 100644 --- a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json @@ -1,6 +1,6 @@ { "kind": "Template", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "postgresql-persistent", "creationTimestamp": null, @@ -13,7 +13,7 @@ "objects": [ { "kind": "Service", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -41,7 +41,7 @@ }, { "kind": "PersistentVolumeClaim", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}" }, @@ -58,7 +58,7 @@ }, { "kind": "DeploymentConfig", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "${DATABASE_SERVICE_NAME}", "creationTimestamp": null @@ -160,29 +160,34 @@ { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", - "value": "postgresql" + "value": "postgresql", + "required": true }, { "name": "POSTGRESQL_USER", "description": "Username for PostgreSQL user that will be used for accessing the database", "generate": "expression", - "from": "user[A-Z0-9]{3}" + "from": "user[A-Z0-9]{3}", + "required": true }, { "name": "POSTGRESQL_PASSWORD", "description": "Password for the PostgreSQL user", "generate": "expression", - "from": "[a-zA-Z0-9]{16}" + "from": "[a-zA-Z0-9]{16}", + "required": true }, { "name": "POSTGRESQL_DATABASE", "description": "Database name", - "value": "sampledb" + "value": "sampledb", + "required": true }, { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", - "value": "512Mi" + "value": "512Mi", + "required": true } ], "labels": { diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json index b722a05ae..deac2010f 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json @@ -264,7 +264,7 @@ "containers": [ { "name": "mysql", - "image": "openshift/mysql-55-centos7", + "image": "${MYSQL_IMAGE}", "ports": [ { "containerPort": 3306 @@ -307,8 +307,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the CakePHP service", - "value": "cakephp-mysql-example.openshiftapps.com" + "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", @@ -342,6 +342,11 @@ "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, + { + "name": "MYSQL_IMAGE", + "description": "Image to use for mysql", + "value": "openshift/mysql-55-centos7" + }, { "name": "CAKEPHP_SECRET_TOKEN", "description": "Set this to a long random string", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json index 532b9bd2b..ec556ea13 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json @@ -215,8 +215,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the CakePHP service", - "value": "cakephp-example.openshiftapps.com" + "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json index b46abfbb5..2cbcc0889 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json @@ -162,15 +162,15 @@ }, { "name": "MYSQL_USER", - "value": "${MYSQL_USER}" + "value": "${DATABASE_USER}" }, { "name": "MYSQL_PASSWORD", - "value": "${MYSQL_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "MYSQL_DATABASE", - "value": "${MYSQL_DATABASE}" + "value": "${DATABASE_NAME}" }, { "name": "SECRET_KEY_BASE", @@ -238,7 +238,7 @@ "containers": [ { "name": "mysql", - "image": "openshift/mysql-55-centos7", + "image": "${MYSQL_IMAGE}", "ports": [ { "containerPort": 3306 @@ -247,15 +247,15 @@ "env": [ { "name": "MYSQL_USER", - "value": "${MYSQL_USER}" + "value": "${DATABASE_USER}" }, { "name": "MYSQL_PASSWORD", - "value": "${MYSQL_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "MYSQL_DATABASE", - "value": "${MYSQL_DATABASE}" + "value": "${DATABASE_NAME}" } ] } @@ -281,8 +281,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Dancer service", - "value": "dancer-mysql-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", @@ -308,22 +308,27 @@ "value": "database" }, { - "name": "MYSQL_USER", + "name": "DATABASE_USER", "description": "database username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { - "name": "MYSQL_PASSWORD", + "name": "DATABASE_PASSWORD", "description": "database password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { - "name": "MYSQL_DATABASE", + "name": "DATABASE_NAME", "description": "database name", "value": "sampledb" }, + { + "name": "MYSQL_IMAGE", + "description": "Image to use for mysql", + "value": "openshift/mysql-55-centos7" + }, { "name": "SECRET_KEY_BASE", "description": "Your secret key for verifying the integrity of signed cookies", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json index 6f49a7d64..43271dfc5 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json @@ -181,8 +181,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Dancer service", - "value": "dancer-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json index 64522ce76..749064e98 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json @@ -2,7 +2,7 @@ "kind": "Template", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "annotations": { "description": "An example Django application with a PostgreSQL database", "tags": "instant-app,python,django,postgresql", @@ -10,14 +10,14 @@ } }, "labels": { - "template": "django-postgresql-example" + "template": "django-psql-example" }, "objects": [ { "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "django-postgresql-example" + "name": "django-psql-example" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example" + "name": "django-psql-example" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "django-postgresql-example" + "name": "django-psql-example" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "django-postgresql-example:latest" + "name": "django-psql-example:latest" } }, "triggers": [ @@ -110,7 +110,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "annotations": { "description": "Defines how to deploy the application server" } @@ -125,11 +125,11 @@ "imageChangeParams": { "automatic": true, "containerNames": [ - "django-postgresql-example" + "django-psql-example" ], "from": { "kind": "ImageStreamTag", - "name": "django-postgresql-example:latest" + "name": "django-psql-example:latest" } } }, @@ -139,20 +139,20 @@ ], "replicas": 1, "selector": { - "name": "django-postgresql-example" + "name": "django-psql-example" }, "template": { "metadata": { - "name": "django-postgresql-example", + "name": "django-psql-example", "labels": { - "name": "django-postgresql-example" + "name": "django-psql-example" } }, "spec": { "containers": [ { - "name": "django-postgresql-example", - "image": "django-postgresql-example", + "name": "django-psql-example", + "image": "django-psql-example", "ports": [ { "containerPort": 8080 @@ -249,7 +249,7 @@ "containers": [ { "name": "postgresql", - "image": "openshift/postgresql-92-centos7", + "image": "${POSTGRESQL_IMAGE}", "ports": [ { "containerPort": 5432 @@ -292,8 +292,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Django service", - "value": "django-postgresql-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", @@ -327,6 +327,11 @@ "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, + { + "name": "POSTGRESQL_IMAGE", + "description": "Image to use for postgresql", + "value": "openshift/postgresql-92-centos7" + }, { "name": "APP_CONFIG", "description": "Relative path to Gunicorn configuration file (optional)" diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django.json b/roles/openshift_examples/files/examples/quickstart-templates/django.json index 1794d196c..143a942ab 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/django.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/django.json @@ -211,8 +211,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Django service", - "value": "django-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json index e281feecf..017b5be19 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json @@ -165,19 +165,19 @@ }, { "name": "MONGODB_USER", - "value": "${MONGODB_USER}" + "value": "${DATABASE_USER}" }, { "name": "MONGODB_PASSWORD", - "value": "${MONGODB_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "MONGODB_DATABASE", - "value": "${MONGODB_DATABASE}" + "value": "${DATABASE_NAME}" }, { "name": "MONGODB_ADMIN_PASSWORD", - "value": "${MONGODB_ADMIN_PASSWORD}" + "value": "${DATABASE_ADMIN_PASSWORD}" } ] } @@ -241,7 +241,7 @@ "containers": [ { "name": "mongodb", - "image": "openshift/mongodb-24-centos7", + "image": "${MONGODB_IMAGE}", "ports": [ { "containerPort": 27017 @@ -250,19 +250,19 @@ "env": [ { "name": "MONGODB_USER", - "value": "${MONGODB_USER}" + "value": "${DATABASE_USER}" }, { "name": "MONGODB_PASSWORD", - "value": "${MONGODB_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "MONGODB_DATABASE", - "value": "${MONGODB_DATABASE}" + "value": "${DATABASE_NAME}" }, { "name": "MONGODB_ADMIN_PASSWORD", - "value": "${MONGODB_ADMIN_PASSWORD}" + "value": "${DATABASE_ADMIN_PASSWORD}" } ] } @@ -288,8 +288,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Node.js service", - "value": "nodejs-mongodb-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", @@ -303,27 +303,32 @@ "value": "mongodb" }, { - "name": "MONGODB_USER", + "name": "DATABASE_USER", "description": "Username for MongoDB user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { - "name": "MONGODB_PASSWORD", + "name": "DATABASE_PASSWORD", "description": "Password for the MongoDB user", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { - "name": "MONGODB_DATABASE", + "name": "DATABASE_NAME", "description": "Database name", "value": "sampledb" }, { - "name": "MONGODB_ADMIN_PASSWORD", + "name": "DATABASE_ADMIN_PASSWORD", "description": "Password for the database admin user", "generate": "expression", "from": "[a-zA-Z0-9]{16}" + }, + { + "name": "MONGODB_IMAGE", + "description": "Image to use for mongodb", + "value": "openshift/mongodb-24-centos7" } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json index dd38571eb..55488ab41 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json @@ -203,8 +203,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Node.js service", - "value": "nodejs-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json index 3b83d3f5b..b98282528 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json @@ -176,15 +176,15 @@ }, { "name": "POSTGRESQL_USER", - "value": "${POSTGRESQL_USER}" + "value": "${DATABASE_USER}" }, { "name": "POSTGRESQL_PASSWORD", - "value": "${POSTGRESQL_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "POSTGRESQL_DATABASE", - "value": "${POSTGRESQL_DATABASE}" + "value": "${DATABASE_NAME}" }, { "name": "SECRET_KEY_BASE", @@ -213,6 +213,10 @@ { "name": "APPLICATION_PASSWORD", "value": "${APPLICATION_PASSWORD}" + }, + { + "name": "RAILS_ENV", + "value": "${RAILS_ENV}" } ] } @@ -276,7 +280,7 @@ "containers": [ { "name": "postgresql", - "image": "openshift/postgresql-92-centos7", + "image": "${POSTGRESQL_IMAGE}", "ports": [ { "containerPort": 5432 @@ -285,15 +289,15 @@ "env": [ { "name": "POSTGRESQL_USER", - "value": "${POSTGRESQL_USER}" + "value": "${DATABASE_USER}" }, { "name": "POSTGRESQL_PASSWORD", - "value": "${POSTGRESQL_PASSWORD}" + "value": "${DATABASE_PASSWORD}" }, { "name": "POSTGRESQL_DATABASE", - "value": "${POSTGRESQL_DATABASE}" + "value": "${DATABASE_NAME}" }, { "name": "POSTGRESQL_MAX_CONNECTIONS", @@ -327,8 +331,8 @@ }, { "name": "APPLICATION_DOMAIN", - "description": "The exposed hostname that will route to the Rails service", - "value": "rails-postgresql-example.openshiftapps.com" + "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.", + "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", @@ -352,28 +356,38 @@ "description": "The application password that is used within the sample application to authorize access on pages", "value": "secret" }, + { + "name": "RAILS_ENV", + "description": "Environment under which the sample application will run. Could be set to production, development or test", + "value": "production" + }, { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", "value": "postgresql" }, { - "name": "POSTGRESQL_USER", + "name": "DATABASE_USER", "description": "database username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { - "name": "POSTGRESQL_PASSWORD", + "name": "DATABASE_PASSWORD", "description": "database password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { - "name": "POSTGRESQL_DATABASE", + "name": "DATABASE_NAME", "description": "database name", "value": "root" }, + { + "name": "POSTGRESQL_IMAGE", + "description": "Image to use for postgresql", + "value": "openshift/postgresql-92-centos7" + }, { "name": "POSTGRESQL_MAX_CONNECTIONS", "description": "database max connections", -- cgit v1.2.3 From b07822c575cb876f9af5389e1353acce7e19ce00 Mon Sep 17 00:00:00 2001 From: Jim Minter Date: Fri, 21 Aug 2015 12:04:48 +0100 Subject: Make CA lifetime 365 days, not 30 --- roles/etcd_ca/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml index ab151fe5b..8a266f732 100644 --- a/roles/etcd_ca/tasks/main.yml +++ b/roles/etcd_ca/tasks/main.yml @@ -37,6 +37,7 @@ openssl req -config openssl.cnf -newkey rsa:4096 -keyout ca.key -new -out ca.crt -x509 -extensions etcd_v3_ca_self -batch -nodes -subj /CN=etcd-signer@{{ ansible_date_time.epoch }} + -days 365 args: chdir: "{{ etcd_ca_dir }}" creates: "{{ etcd_ca_dir }}/ca.crt" -- cgit v1.2.3 From 3ea281da43514e5909256310a504820ff82dd401 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Sat, 22 Aug 2015 23:37:44 -0400 Subject: fix apiServerArguments and controllerServerArguments --- roles/openshift_master/templates/master.yaml.v1.j2 | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 44567aa22..7a8194d13 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -2,9 +2,6 @@ apiLevels: - v1beta3 - v1 apiVersion: v1 -{% if api_server_args is defined and api_server_args %} -apiServerArguments: {{ api_server_args }} -{% endif %} assetConfig: logoutURL: "" masterPublicURL: {{ openshift.master.public_api_url }} @@ -16,9 +13,6 @@ assetConfig: keyFile: master.server.key maxRequestsInFlight: 0 requestTimeoutSeconds: 0 -{% if controller_args is defined and controller_args %} -controllerArguments: {{ controller_args }} -{% endif %} corsAllowedOrigins: {% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %} - {{ origin }} @@ -74,8 +68,8 @@ kubernetesMasterConfig: apiLevels: - v1beta3 - v1 - apiServerArguments: null - controllerArguments: null + apiServerArguments: {{ api_server_args if api_server_args is defined else null }} + controllerArguments: {{ controller_args if controller_args is defined else null }} {# TODO: support overriding masterCount #} masterCount: 1 masterIP: "" -- cgit v1.2.3 From 0077c327fd5214a9b43f8d2fde18a6325002922d Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Sat, 22 Aug 2015 23:49:40 -0400 Subject: Fix quoting around null --- roles/openshift_master/templates/master.yaml.v1.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 7a8194d13..fff123d0d 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -68,8 +68,8 @@ kubernetesMasterConfig: apiLevels: - v1beta3 - v1 - apiServerArguments: {{ api_server_args if api_server_args is defined else null }} - controllerArguments: {{ controller_args if controller_args is defined else null }} + apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }} + controllerArguments: {{ controller_args if controller_args is defined else 'null' }} {# TODO: support overriding masterCount #} masterCount: 1 masterIP: "" -- cgit v1.2.3 From ced2ad4551632d93d6a17391913effefe67607b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Tue, 25 Aug 2015 17:04:02 +0200 Subject: Add etcd nodes management in libvirt --- playbooks/libvirt/openshift-cluster/launch.yml | 8 ++++++++ playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml | 5 +++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/playbooks/libvirt/openshift-cluster/launch.yml b/playbooks/libvirt/openshift-cluster/launch.yml index 830f9d216..d3e768de5 100644 --- a/playbooks/libvirt/openshift-cluster/launch.yml +++ b/playbooks/libvirt/openshift-cluster/launch.yml @@ -17,6 +17,14 @@ - include: tasks/configure_libvirt.yml + - include: ../../common/openshift-cluster/set_etcd_launch_facts_tasks.yml + - include: tasks/launch_instances.yml + vars: + instances: "{{ etcd_names }}" + cluster: "{{ cluster_id }}" + type: "{{ k8s_type }}" + g_sub_host_type: "default" + - include: ../../common/openshift-cluster/set_master_launch_facts_tasks.yml - include: tasks/launch_instances.yml vars: diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index 4cb494056..2a0c90b46 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -63,8 +63,9 @@ shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases openshift-ansible | egrep -c ''{{ instances | join("|") }}''' register: nb_allocated_ips until: nb_allocated_ips.stdout == '{{ instances | length }}' - retries: 30 + retries: 60 delay: 1 + when: instances | length != 0 - name: Collect IP addresses of the VMs shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases openshift-ansible | awk ''$6 == "{{ item }}" {gsub(/\/.*/, "", $5); print $5}''' @@ -72,7 +73,7 @@ with_items: instances - set_fact: - ips: "{{ scratch_ip.results | oo_collect('stdout') }}" + ips: "{{ scratch_ip.results | default([]) | oo_collect('stdout') }}" - name: Add new instances add_host: -- cgit v1.2.3 From 245bf785df17941e851e2ac7d3916e1159ddff23 Mon Sep 17 00:00:00 2001 From: Wesley Hearn Date: Tue, 25 Aug 2015 17:22:39 -0400 Subject: Set node labels for AWS hosts --- playbooks/aws/openshift-cluster/tasks/launch_instances.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 236d84e74..e9ebc3e02 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -147,6 +147,18 @@ tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }}, tag_sub-host-type_{{ sub_host_type }}" +- set_fact: + node_label: + region: "{{ec2_region}}" + type: "{{sub_host_type}}" + when: host_type == "node" + +- set_fact: + node_label: + region: "{{ec2_region}}" + type: "{{host_type}}" + when: host_type != "node" + - name: Add new instances groups and variables add_host: hostname: "{{ item.0 }}" @@ -156,6 +168,7 @@ groups: "{{ instance_groups }}" ec2_private_ip_address: "{{ item.1.private_ip }}" ec2_ip_address: "{{ item.1.public_ip }}" + openshift_node_labels: "{{ node_label }}" with_together: - instances - ec2.instances -- cgit v1.2.3 From cedda16ad0619772ee48af367b999d207cf45b51 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 26 Aug 2015 09:28:36 -0400 Subject: Add jenkins image stream and quickstart https://github.com/openshift/origin/pull/4145 --- roles/openshift_examples/examples-sync.sh | 1 + .../image-streams/image-streams-centos7.json | 22 +-- .../image-streams/image-streams-rhel7.json | 41 +++-- .../jenkins-ephemeral-template.json | 145 ++++++++++++++++++ .../jenkins-persistent-template.json | 168 +++++++++++++++++++++ 5 files changed, 357 insertions(+), 20 deletions(-) create mode 100644 roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json create mode 100644 roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 12d3bc263..3047a3add 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -24,6 +24,7 @@ unzip dancer-ex-master.zip unzip cakephp-ex-master.zip unzip application-templates-master.zip cp origin-master/examples/db-templates/* ${EXAMPLES_BASE}/db-templates/ +cp origin-master/examples/jenkins/jenkins-*template.json ${EXAMPLES_BASE}/quickstart-templates/ cp origin-master/examples/image-streams/* ${EXAMPLES_BASE}/image-streams/ cp django-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp rails-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json index 459b841c1..03affbddf 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json @@ -1,11 +1,11 @@ { "kind": "ImageStreamList", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": {}, "items": [ { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "ruby", "creationTimestamp": null @@ -35,7 +35,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "nodejs", "creationTimestamp": null @@ -65,7 +65,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "perl", "creationTimestamp": null @@ -95,7 +95,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "php", "creationTimestamp": null @@ -125,7 +125,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "python", "creationTimestamp": null @@ -155,7 +155,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "wildfly", "creationTimestamp": null @@ -185,7 +185,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mysql", "creationTimestamp": null @@ -208,7 +208,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "postgresql", "creationTimestamp": null @@ -231,7 +231,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mongodb", "creationTimestamp": null @@ -254,7 +254,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "jenkins", "creationTimestamp": null diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json index a5d2e9d9f..0bd885af3 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json @@ -1,11 +1,11 @@ { "kind": "ImageStreamList", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": {}, "items": [ { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "ruby", "creationTimestamp": null @@ -35,7 +35,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "nodejs", "creationTimestamp": null @@ -65,7 +65,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "perl", "creationTimestamp": null @@ -95,7 +95,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "php", "creationTimestamp": null @@ -125,7 +125,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "python", "creationTimestamp": null @@ -155,7 +155,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mysql", "creationTimestamp": null @@ -178,7 +178,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "postgresql", "creationTimestamp": null @@ -201,7 +201,7 @@ }, { "kind": "ImageStream", - "apiVersion": "v1beta3", + "apiVersion": "v1", "metadata": { "name": "mongodb", "creationTimestamp": null @@ -221,6 +221,29 @@ } ] } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jenkins", + "creationTimestamp": null + }, + "spec": { + "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-16-rhel7", + "tags": [ + { + "name": "latest" + }, + { + "name": "1.6", + "from": { + "Kind": "ImageStreamTag", + "Name": "latest" + } + } + ] + } } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json new file mode 100644 index 000000000..da08ffbd5 --- /dev/null +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json @@ -0,0 +1,145 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "jenkins-ephemeral", + "creationTimestamp": null, + "annotations": { + "description": "Jenkins service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "iconClass": "icon-jenkins", + "tags": "database,jenkins" + } + }, + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "metadata": { + "name": "${JENKINS_SERVICE_NAME}", + "creationTimestamp": null + }, + "spec": { + "ports": [ + { + "name": "web", + "protocol": "TCP", + "port": 8080, + "targetPort": 8080, + "nodePort": 0 + } + ], + "selector": { + "name": "${JENKINS_SERVICE_NAME}" + }, + "portalIP": "", + "type": "ClusterIP", + "sessionAffinity": "None" + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "metadata": { + "name": "jenkins", + "creationTimestamp": null + }, + "spec": { + "to": { + "kind": "Service", + "name": "${JENKINS_SERVICE_NAME}" + }, + "tls": { + "termination": "edge", + "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----", + "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----", + "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${JENKINS_SERVICE_NAME}", + "creationTimestamp": null + }, + "spec": { + "strategy": { + "type": "Recreate", + "resources": {} + }, + "triggers": [ + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "name": "${JENKINS_SERVICE_NAME}" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "name": "${JENKINS_SERVICE_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "jenkins", + "image": "openshift/jenkins-16-centos7", + "env": [ + { + "name": "JENKINS_PASSWORD", + "value": "${JENKINS_PASSWORD}" + } + ], + "resources": {}, + "volumeMounts": [ + { + "name": "${JENKINS_SERVICE_NAME}-data", + "mountPath": "/var/lib/jenkins" + } + ], + "terminationMessagePath": "/dev/termination-log", + "imagePullPolicy": "IfNotPresent", + "capabilities": {}, + "securityContext": { + "capabilities": {}, + "privileged": false + } + } + ], + "volumes": [ + { + "name": "${JENKINS_SERVICE_NAME}-data", + "emptyDir": { + "medium": "" + } + } + ], + "restartPolicy": "Always", + "dnsPolicy": "ClusterFirst" + } + } + } + } + ], + "parameters": [ + { + "name": "JENKINS_SERVICE_NAME", + "description": "Jenkins service name", + "value": "jenkins" + }, + { + "name": "JENKINS_PASSWORD", + "description": "Password for the Jenkins user", + "generate": "expression", + "value": "password" + } + ], + "labels": { + "template": "jenkins-ephemeral-template" + } +} diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json new file mode 100644 index 000000000..33df68c74 --- /dev/null +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json @@ -0,0 +1,168 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "jenkins-persistent", + "creationTimestamp": null, + "annotations": { + "description": "Jenkins service, with persistent storage.", + "iconClass": "icon-jenkins", + "tags": "database,jenkins" + } + }, + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "metadata": { + "name": "${JENKINS_SERVICE_NAME}", + "creationTimestamp": null + }, + "spec": { + "ports": [ + { + "name": "web", + "protocol": "TCP", + "port": 8080, + "targetPort": 8080, + "nodePort": 0 + } + ], + "selector": { + "name": "${JENKINS_SERVICE_NAME}" + }, + "portalIP": "", + "type": "ClusterIP", + "sessionAffinity": "None" + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "metadata": { + "name": "jenkins", + "creationTimestamp": null + }, + "spec": { + "to": { + "kind": "Service", + "name": "${JENKINS_SERVICE_NAME}" + }, + "tls": { + "termination": "edge", + "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----", + "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----", + "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----" + } + } + }, + { + "kind": "PersistentVolumeClaim", + "apiVersion": "v1", + "metadata": { + "name": "${JENKINS_SERVICE_NAME}" + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${JENKINS_SERVICE_NAME}", + "creationTimestamp": null + }, + "spec": { + "strategy": { + "type": "Recreate", + "resources": {} + }, + "triggers": [ + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "name": "${JENKINS_SERVICE_NAME}" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "name": "${JENKINS_SERVICE_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "jenkins", + "image": "openshift/jenkins-16-centos7", + "env": [ + { + "name": "JENKINS_PASSWORD", + "value": "${JENKINS_PASSWORD}" + } + ], + "resources": {}, + "volumeMounts": [ + { + "name": "${JENKINS_SERVICE_NAME}-data", + "mountPath": "/var/lib/jenkins" + } + ], + "terminationMessagePath": "/dev/termination-log", + "imagePullPolicy": "IfNotPresent", + "capabilities": {}, + "securityContext": { + "capabilities": {}, + "privileged": false + } + } + ], + "volumes": [ + { + "name": "${JENKINS_SERVICE_NAME}-data", + "persistentVolumeClaim": { + "claimName": "${JENKINS_SERVICE_NAME}" + } + } + ], + "restartPolicy": "Always", + "dnsPolicy": "ClusterFirst" + } + } + } + } + ], + "parameters": [ + { + "name": "JENKINS_SERVICE_NAME", + "description": "Jenkins service name", + "value": "jenkins" + }, + { + "name": "JENKINS_PASSWORD", + "description": "Password for the Jenkins user", + "generate": "expression", + "value": "password" + }, + { + "name": "VOLUME_CAPACITY", + "description": "Volume space available for data, e.g. 512Mi, 2Gi", + "value": "512Mi", + "required": true + } + ], + "labels": { + "template": "jenkins-persistent-template" + } +} -- cgit v1.2.3 From d17a583db7d1caef4a60a19f0379da8bce25754a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Tue, 25 Aug 2015 16:56:51 +0200 Subject: Add options to configure docker registries --- roles/openshift_node/handlers/main.yml | 3 +++ roles/openshift_node/tasks/main.yml | 42 ++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 953a1421b..8b5acefbf 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,3 +1,6 @@ --- - name: restart openshift-node service: name=openshift-node state=restarted + +- name: restart docker + service: name=docker state=restarted diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index adffca252..18f0ce064 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -70,6 +70,48 @@ line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg + notify: + - restart docker + +- set_fact: + docker_additional_registries: "registry.access.redhat.com,{{ lookup('oo_option', 'docker_additional_registries') }}" + when: deployment_type == 'enterprise' +- set_fact: + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}" + when: deployment_type != 'enterprise' + +- name: Add personal registries + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^ADD_REGISTRY=.*' + line: "ADD_REGISTRY='{{ docker_additional_registries | oo_split() + | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" + when: docker_check.stat.isreg and + docker_additional_registries != '' + notify: + - restart docker + +- name: Block registries + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^BLOCK_REGISTRY=.*' + line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split() + | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'" + when: docker_check.stat.isreg and + lookup('oo_option', 'docker_blocked_registries') != '' + notify: + - restart docker + +- name: Grant access to additional insecure registries + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^INSECURE_REGISTRY=.*' + line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split() + | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'" + when: docker_check.stat.isreg and + lookup('oo_option', 'docker_insecure_registries') != '' + notify: + - restart docker - name: Allow NFS access for VMs seboolean: name=virt_use_nfs state=yes persistent=yes -- cgit v1.2.3 From 1b3fff6248fbd6788a26ee2b6c60f7731891c0f4 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 19 Jun 2015 14:41:10 -0400 Subject: Atomic Enterprise related changes. --- DEPLOYMENT_TYPES.md | 23 +++++++ bin/cluster | 4 ++ inventory/byo/hosts.example | 6 +- playbooks/byo/openshift_facts.yml | 2 +- playbooks/common/openshift-master/config.yml | 17 ++--- playbooks/common/openshift-master/service.yml | 4 +- playbooks/common/openshift-node/config.yml | 10 +-- playbooks/common/openshift-node/service.yml | 4 +- roles/openshift_common/tasks/main.yml | 2 +- roles/openshift_common/vars/main.yml | 2 +- roles/openshift_facts/library/openshift_facts.py | 80 ++++++++++++++-------- roles/openshift_facts/tasks/main.yml | 2 +- roles/openshift_master/README.md | 10 +-- roles/openshift_master/defaults/main.yml | 10 +-- roles/openshift_master/handlers/main.yml | 4 +- roles/openshift_master/meta/main.yml | 2 +- roles/openshift_master/tasks/main.yml | 55 ++++++++++----- roles/openshift_master/vars/main.yml | 2 +- roles/openshift_master_ca/tasks/main.yml | 4 +- roles/openshift_master_ca/vars/main.yml | 2 +- roles/openshift_master_certificates/vars/main.yml | 4 +- roles/openshift_master_cluster/tasks/configure.yml | 8 +-- .../tasks/configure_deferred.yml | 4 +- roles/openshift_node/README.md | 16 ++--- roles/openshift_node/defaults/main.yml | 2 +- roles/openshift_node/handlers/main.yml | 4 +- roles/openshift_node/tasks/main.yml | 34 ++++----- roles/openshift_node/vars/main.yml | 2 +- roles/openshift_node_certificates/README.md | 4 +- roles/openshift_node_certificates/vars/main.yml | 6 +- roles/openshift_registry/vars/main.yml | 3 +- roles/openshift_repos/vars/main.yml | 7 +- roles/openshift_router/vars/main.yml | 3 +- roles/openshift_storage_nfs_lvm/tasks/main.yml | 2 +- 34 files changed, 208 insertions(+), 136 deletions(-) create mode 100644 DEPLOYMENT_TYPES.md diff --git a/DEPLOYMENT_TYPES.md b/DEPLOYMENT_TYPES.md new file mode 100644 index 000000000..1f64e223a --- /dev/null +++ b/DEPLOYMENT_TYPES.md @@ -0,0 +1,23 @@ +#Deployment Types + +This module supports OpenShift Origin, OpenShift Enterprise, and Atomic +Enterprise Platform. Each deployment type sets various defaults used throughout +your environment. + +The table below outlines the defaults per `deployment_type`. + +| deployment_type | origin | enterprise (< 3.1) | atomic-enterprise | openshift-enterprise (>= 3.1) | +|-----------------------------------------------------------------|------------------------------------------|----------------------------------------|----------------------------------|----------------------------------| +| **openshift.common.service_type** (also used for package names) | origin | openshift | atomic-openshift | | +| **openshift.common.config_base** | /etc/origin | /etc/openshift | /etc/origin | /etc/origin | +| **openshift.common.data_dir** | /var/lib/origin | /var/lib/openshift | /var/lib/origin | /var/lib/origin | +| **openshift.master.registry_url openshift.node.registry_url** | openshift/origin-${component}:${version} | openshift3/ose-${component}:${version} | aos3/aos-${component}:${version} | aos3/aos-${component}:${version} | +| **Image Streams** | centos | rhel + xpaas | N/A | rhel | + + +**NOTE** `enterprise` deloyment type is used for OpenShift Enterprise version +3.0.x OpenShift Enterprise deployments utilizing version 3.1 and later will +make use of the new `openshift-enterprise` deployment type. Additional work to +migrate between the two will be forthcoming. + + diff --git a/bin/cluster b/bin/cluster index c80fe0cab..486bf2a48 100755 --- a/bin/cluster +++ b/bin/cluster @@ -48,6 +48,7 @@ class Cluster(object): deployment_type = os.environ['OS_DEPLOYMENT_TYPE'] return deployment_type + def create(self, args): """ Create an OpenShift cluster for given provider @@ -258,6 +259,9 @@ if __name__ == '__main__': meta_parser.add_argument('-t', '--deployment-type', choices=['origin', 'online', 'enterprise'], help='Deployment type. (default: origin)') + meta_parser.add_argument('-T', '--product-type', + choices=['openshift' 'atomic-enterprise'], + help='Product type. (default: openshift)') meta_parser.add_argument('-o', '--option', action='append', help='options') diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 16b89d458..c0469c3b3 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -18,7 +18,7 @@ ansible_ssh_user=root #ansible_sudo=true # deployment type valid values are origin, online and enterprise -deployment_type=enterprise +deployment_type=atomic-enterprise # Enable cluster metrics #use_cluster_metrics=true @@ -52,7 +52,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # For installation the value of openshift_master_cluster_hostname must resolve # to the first master defined in the inventory. # The HA solution must be manually configured after installation and must ensure -# that openshift-master is running on a single master host. +# that the master is running on a single master host. #openshift_master_cluster_hostname=openshift-ansible.test.example.com #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com #openshift_master_cluster_defer_ha=True @@ -61,7 +61,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_default_subdomain=apps.test.example.com # additional cors origins -#osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] +#osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] # default project node selector #osm_default_node_selector='region=primary' diff --git a/playbooks/byo/openshift_facts.yml b/playbooks/byo/openshift_facts.yml index cd282270f..6d7c12fd4 100644 --- a/playbooks/byo/openshift_facts.yml +++ b/playbooks/byo/openshift_facts.yml @@ -1,5 +1,5 @@ --- -- name: Gather OpenShift facts +- name: Gather Cluster facts hosts: all gather_facts: no roles: diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index acf85fc04..5a179f791 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -37,7 +37,7 @@ public_console_url: "{{ openshift_master_public_console_url | default(None) }}" - name: Check status of external etcd certificatees stat: - path: "/etc/openshift/master/{{ item }}" + path: "{{ openshift.common.config_base }}/master/{{ item }}" with_items: - master.etcd-client.crt - master.etcd-ca.crt @@ -47,7 +47,7 @@ | map(attribute='stat.exists') | list | intersect([false])}}" etcd_cert_subdir: openshift-master-{{ openshift.common.hostname }} - etcd_cert_config_dir: /etc/openshift/master + etcd_cert_config_dir: "{{ openshift.common.config_base }}/master" etcd_cert_prefix: master.etcd- when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config @@ -96,7 +96,7 @@ tasks: - name: Ensure certificate directory exists file: - path: /etc/openshift/master + path: "{{ openshift.common.config_base }}/master" state: directory when: etcd_client_certs_missing is defined and etcd_client_certs_missing - name: Unarchive the tarball on the master @@ -134,7 +134,7 @@ - name: Check status of master certificates stat: - path: "/etc/openshift/master/{{ item }}" + path: "{{ openshift.common.config_base }}/master/{{ item }}" with_items: openshift_master_certs register: g_master_cert_stat_result - set_fact: @@ -142,12 +142,12 @@ | map(attribute='stat.exists') | list | intersect([false])}}" master_cert_subdir: master-{{ openshift.common.hostname }} - master_cert_config_dir: /etc/openshift/master + master_cert_config_dir: "{{ openshift.common.config_base }}/master" - name: Configure master certificates hosts: oo_first_master vars: - master_generated_certs_dir: /etc/openshift/generated-configs + master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" masters_needing_certs: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config'] | difference(groups['oo_first_master'])) | oo_filter_list(filter_attr='master_certs_missing') }}" @@ -189,7 +189,7 @@ pre_tasks: - name: Ensure certificate directory exists file: - path: /etc/openshift/master + path: "{{ openshift.common.config_base }}/master" state: directory when: master_certs_missing and 'oo_first_master' not in group_names - name: Unarchive the tarball on the master @@ -214,7 +214,8 @@ roles: - role: openshift_master_cluster when: openshift_master_ha | bool - - openshift_examples + - role: openshift_examples + when: deployment_type in ['enterprise','openshift-enterprise','origin'] - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool diff --git a/playbooks/common/openshift-master/service.yml b/playbooks/common/openshift-master/service.yml index 5636ad156..27e1e66f9 100644 --- a/playbooks/common/openshift-master/service.yml +++ b/playbooks/common/openshift-master/service.yml @@ -10,9 +10,9 @@ add_host: name={{ item }} groups=g_service_masters with_items: oo_host_group_exp | default([]) -- name: Change openshift-master state on master instance(s) +- name: Change state on master instance(s) hosts: g_service_masters connection: ssh gather_facts: no tasks: - - service: name=openshift-master state="{{ new_cluster_state }}" + - service: name={{ openshift.common.service_type }}-master state="{{ new_cluster_state }}" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 705f7f223..c6d19d131 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -22,7 +22,7 @@ annotations: "{{ openshift_node_annotations | default(None) }}" - name: Check status of node certificates stat: - path: "/etc/openshift/node/{{ item }}" + path: "{{ openshift.common.config_base }}/node/{{ item }}" with_items: - "system:node:{{ openshift.common.hostname }}.crt" - "system:node:{{ openshift.common.hostname }}.key" @@ -35,8 +35,8 @@ certs_missing: "{{ stat_result.results | map(attribute='stat.exists') | list | intersect([false])}}" node_subdir: node-{{ openshift.common.hostname }} - config_dir: /etc/openshift/generated-configs/node-{{ openshift.common.hostname }} - node_cert_dir: /etc/openshift/node + config_dir: "{{ openshift.common.config_base }}/generated-configs/node-{{ openshift.common.hostname }}" + node_cert_dir: "{{ openshift.common.config_base }}/node" - name: Create temp directory for syncing certs hosts: localhost @@ -89,9 +89,9 @@ path: "{{ node_cert_dir }}" state: directory - # TODO: notify restart openshift-node + # TODO: notify restart node # possibly test service started time against certificate/config file - # timestamps in openshift-node to trigger notify + # timestamps in node to trigger notify - name: Unarchive the tarball on the node unarchive: src: "{{ sync_tmpdir }}/{{ node_subdir }}.tgz" diff --git a/playbooks/common/openshift-node/service.yml b/playbooks/common/openshift-node/service.yml index f76df089f..5cf83e186 100644 --- a/playbooks/common/openshift-node/service.yml +++ b/playbooks/common/openshift-node/service.yml @@ -10,9 +10,9 @@ add_host: name={{ item }} groups=g_service_nodes with_items: oo_host_group_exp | default([]) -- name: Change openshift-node state on node instance(s) +- name: Change state on node instance(s) hosts: g_service_nodes connection: ssh gather_facts: no tasks: - - service: name=openshift-node state="{{ new_cluster_state }}" + - service: name={{ service_type }}-node state="{{ new_cluster_state }}" diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index 09cc4aaf7..928209f0f 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Set common OpenShift facts +- name: Set common Cluster facts openshift_facts: role: common local_facts: diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml index 8e7d71154..817fe0a5f 100644 --- a/roles/openshift_common/vars/main.yml +++ b/roles/openshift_common/vars/main.yml @@ -6,4 +6,4 @@ # interfaces) os_firewall_use_firewalld: False -openshift_data_dir: /var/lib/openshift +openshift_data_dir: /var/lib/origin diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index c1c4e1b5c..2c007554e 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -6,7 +6,7 @@ DOCUMENTATION = ''' --- module: openshift_facts -short_description: OpenShift Facts +short_description: Cluster Facts author: Jason DeTiberus requirements: [ ] ''' @@ -283,28 +283,6 @@ def normalize_provider_facts(provider, metadata): facts = normalize_openstack_facts(metadata, facts) return facts -def set_registry_url_if_unset(facts): - """ Set registry_url fact if not already present in facts dict - - Args: - facts (dict): existing facts - Returns: - dict: the facts dict updated with the generated identity providers - facts if they were not already present - """ - for role in ('master', 'node'): - if role in facts: - deployment_type = facts['common']['deployment_type'] - if 'registry_url' not in facts[role]: - registry_url = "openshift/origin-${component}:${version}" - if deployment_type == 'enterprise': - registry_url = "openshift3/ose-${component}:${version}" - elif deployment_type == 'online': - registry_url = ("openshift3/ose-${component}:${version}") - facts[role]['registry_url'] = registry_url - - return facts - def set_fluentd_facts_if_unset(facts): """ Set fluentd facts if not already present in facts dict dict: the facts dict updated with the generated fluentd facts if @@ -448,6 +426,48 @@ def set_aggregate_facts(facts): return facts +def set_deployment_facts_if_unset(facts): + """ Set Facts that vary based on deployment_type. This currently + includes common.service_type, common.config_base, master.registry_url, + node.registry_url + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated deployment_type + facts + """ + if 'common' in facts: + deployment_type = facts['common']['deployment_type'] + if 'service_type' not in facts['common']: + service_type = 'atomic-openshift' + if deployment_type == 'origin': + service_type = 'openshift' + elif deployment_type in ['enterprise', 'online']: + service_type = 'openshift' + facts['common']['service_type'] = service_type + if 'config_base' not in facts['common']: + config_base = '/etc/origin' + if deployment_type in ['enterprise', 'online']: + config_base = '/etc/openshift' + elif deployment_type == 'origin': + config_base = '/etc/openshift' + facts['common']['config_base'] = config_base + + for role in ('master', 'node'): + if role in facts: + deployment_type = facts['common']['deployment_type'] + if 'registry_url' not in facts[role]: + registry_url = 'aos3/aos-${component}:${version}' + if deployment_type in ['enterprise', 'online']: + registry_url = 'openshift3/ose-${component}:${version}' + elif deployment_type == 'origin': + registry_url = 'openshift/origin-${component}:${version}' + facts[role]['registry_url'] = registry_url + + return facts + + def set_sdn_facts_if_unset(facts): """ Set sdn facts if not already present in facts dict @@ -510,7 +530,7 @@ def get_current_config(facts): # anything from working properly as far as I can tell, perhaps because # we override the kubeconfig path everywhere we use it? # Query kubeconfig settings - kubeconfig_dir = '/var/lib/openshift/openshift.local.certificates' + kubeconfig_dir = '/var/lib/origin/openshift.local.certificates' if role == 'node': kubeconfig_dir = os.path.join( kubeconfig_dir, "node-%s" % facts['common']['hostname'] @@ -657,25 +677,25 @@ def get_local_facts_from_file(filename): class OpenShiftFactsUnsupportedRoleError(Exception): - """OpenShift Facts Unsupported Role Error""" + """Origin Facts Unsupported Role Error""" pass class OpenShiftFactsFileWriteError(Exception): - """OpenShift Facts File Write Error""" + """Origin Facts File Write Error""" pass class OpenShiftFactsMetadataUnavailableError(Exception): - """OpenShift Facts Metadata Unavailable Error""" + """Origin Facts Metadata Unavailable Error""" pass class OpenShiftFacts(object): - """ OpenShift Facts + """ Origin Facts Attributes: - facts (dict): OpenShift facts for the host + facts (dict): facts for the host Args: role (str): role for setting local facts @@ -720,8 +740,8 @@ class OpenShiftFacts(object): facts = set_fluentd_facts_if_unset(facts) facts = set_cluster_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) - facts = set_registry_url_if_unset(facts) facts = set_sdn_facts_if_unset(facts) + facts = set_deployment_facts_if_unset(facts) facts = set_aggregate_facts(facts) return dict(openshift=facts) diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index b2cda3a85..fd3d20800 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -6,5 +6,5 @@ - ansible_version | version_compare('1.9.0', 'ne') - ansible_version | version_compare('1.9.0.1', 'ne') -- name: Gather OpenShift facts +- name: Gather Cluster facts openshift_facts: diff --git a/roles/openshift_master/README.md b/roles/openshift_master/README.md index 0e7ef3aab..155bdb58b 100644 --- a/roles/openshift_master/README.md +++ b/roles/openshift_master/README.md @@ -1,7 +1,7 @@ -OpenShift Master -================ +OpenShift/Atomic Enterprise Master +================================== -OpenShift Master service installation +Master service installation Requirements ------------ @@ -15,8 +15,8 @@ Role Variables From this role: | Name | Default value | | |-------------------------------------|-----------------------|--------------------------------------------------| -| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for openshift-master | -| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when openshift-master starts up | +| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for master | +| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when master starts up | | oreg_url | UNDEF | Default docker registry to use | | openshift_master_api_port | UNDEF | | | openshift_master_console_port | UNDEF | | diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml index ca8860099..9766d01ae 100644 --- a/roles/openshift_master/defaults/main.yml +++ b/roles/openshift_master/defaults/main.yml @@ -5,11 +5,11 @@ openshift_node_ips: [] os_firewall_allow: - service: etcd embedded port: 4001/tcp -- service: OpenShift api https +- service: api server https port: 8443/tcp -- service: OpenShift dns tcp +- service: dns tcp port: 53/tcp -- service: OpenShift dns udp +- service: dns udp port: 53/udp - service: Fluentd td-agent tcp port: 24224/tcp @@ -22,9 +22,9 @@ os_firewall_allow: - service: Corosync UDP port: 5405/udp os_firewall_deny: -- service: OpenShift api http +- service: api server http port: 8080/tcp -- service: former OpenShift web console port +- service: former web console port port: 8444/tcp - service: former etcd peer port port: 7001/tcp diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index f1e7e1ab3..2981979e0 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -1,4 +1,4 @@ --- -- name: restart openshift-master - service: name=openshift-master state=restarted +- name: restart master + service: name={{ openshift.common.service_type }}-master state=restarted when: not openshift_master_ha | bool diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index 41a183c3b..c125cb5d0 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Jhon Honce - description: OpenShift Master + description: Master company: Red Hat, Inc. license: Apache License, Version 2.0 min_ansible_version: 1.7 diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 9204d25ce..4dad9b62f 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -12,11 +12,7 @@ msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined -- name: Install OpenShift Master package - yum: pkg=openshift-master state=present - register: install_result - -- name: Set master OpenShift facts +- name: Set master facts openshift_facts: role: master local_facts: @@ -59,8 +55,26 @@ api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" +- name: Install Master package + yum: pkg={{ openshift.common.service_type }}-master state=present + register: install_result + +- name: Check for RPM generated config marker file /etc/origin/.config_managed + stat: path=/etc/origin/.rpmgenerated + register: rpmgenerated_config + +- name: Remove RPM generated config files + file: + path: "{{ item }}" + state: absent + when: openshift.common.service_type in ['atomic-enterprise','openshift-enterprise'] and rpmgenerated_config.stat.exists == true + with_items: + - "{{ openshift.common.config_base }}/master" + - "{{ openshift.common.config_base }}/node" + - "{{ openshift.common.config_base }}/.rpmgenerated" + # TODO: These values need to be configurable -- name: Set dns OpenShift facts +- name: Set dns facts openshift_facts: role: dns local_facts: @@ -80,20 +94,27 @@ args: creates: "{{ openshift_master_policy }}" notify: - - restart openshift-master + - restart master - name: Create the scheduler config template: dest: "{{ openshift_master_scheduler_conf }}" src: scheduler.json.j2 notify: - - restart openshift-master + - restart master - name: Install httpd-tools if needed yum: pkg=httpd-tools state=present when: item.kind == 'HTPasswdPasswordIdentityProvider' with_items: openshift.master.identity_providers +- name: Ensure htpasswd directory exists + file: + path: "{{ item.filename | dirname }}" + state: directory + when: item.kind == 'HTPasswdPasswordIdentityProvider' + with_items: openshift.master.identity_providers + - name: Create the htpasswd file if needed copy: dest: "{{ item.filename }}" @@ -109,11 +130,11 @@ dest: "{{ openshift_master_config_file }}" src: master.yaml.v1.j2 notify: - - restart openshift-master + - restart master -- name: Configure OpenShift settings +- name: Configure master settings lineinfile: - dest: /etc/sysconfig/openshift-master + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master regexp: "{{ item.regex }}" line: "{{ item.line }}" with_items: @@ -122,10 +143,10 @@ - regex: '^CONFIG_FILE=' line: "CONFIG_FILE={{ openshift_master_config_file }}" notify: - - restart openshift-master + - restart master -- name: Start and enable openshift-master - service: name=openshift-master enabled=yes state=started +- name: Start and enable master + service: name={{ openshift.common.service_type }}-master enabled=yes state=started when: not openshift_master_ha | bool register: start_result @@ -146,7 +167,7 @@ shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster when: install_result | changed -- name: Create the OpenShift client config dir(s) +- name: Create the client config dir(s) file: path: "~{{ item }}/.kube" state: directory @@ -159,7 +180,7 @@ # TODO: Update this file if the contents of the source file are not present in # the dest file, will need to make sure to ignore things that could be added -- name: Copy the OpenShift admin client config(s) +- name: Copy the admin client config(s) command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config args: creates: ~{{ item }}/.kube/config @@ -167,7 +188,7 @@ - root - "{{ ansible_ssh_user }}" -- name: Update the permissions on the OpenShift admin client config(s) +- name: Update the permissions on the admin client config(s) file: path: "~{{ item }}/.kube/config" state: file diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index f6f69966a..a61ba0397 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -1,5 +1,5 @@ --- -openshift_master_config_dir: /etc/openshift/master +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml" openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 03eb7e15f..303dc9c5d 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install the OpenShift package for admin tooling - yum: pkg=openshift state=present +- name: Install the base package for admin tooling + yum: pkg={{ openshift.common.service_type }} state=present register: install_result - name: Reload generated facts diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml index 2925680bb..1f6af808c 100644 --- a/roles/openshift_master_ca/vars/main.yml +++ b/roles/openshift_master_ca/vars/main.yml @@ -1,5 +1,5 @@ --- -openshift_master_config_dir: /etc/openshift/master +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" diff --git a/roles/openshift_master_certificates/vars/main.yml b/roles/openshift_master_certificates/vars/main.yml index 6214f7918..3f18ddc79 100644 --- a/roles/openshift_master_certificates/vars/main.yml +++ b/roles/openshift_master_certificates/vars/main.yml @@ -1,3 +1,3 @@ --- -openshift_generated_configs_dir: /etc/openshift/generated-configs -openshift_master_config_dir: /etc/openshift/master +openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs" +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" diff --git a/roles/openshift_master_cluster/tasks/configure.yml b/roles/openshift_master_cluster/tasks/configure.yml index 8ddc8bfda..7ab9afb51 100644 --- a/roles/openshift_master_cluster/tasks/configure.yml +++ b/roles/openshift_master_cluster/tasks/configure.yml @@ -22,14 +22,14 @@ command: pcs resource defaults resource-stickiness=100 - name: Add the cluster VIP resource - command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_vip }} --group openshift-master + command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_vip }} --group {{ openshift.common.service_type }}-master - name: Add the cluster public VIP resource - command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_public_vip }} --group openshift-master + command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_public_vip }} --group {{ openshift.common.service_type }}-master when: openshift_master_cluster_public_vip != openshift_master_cluster_vip -- name: Add the cluster openshift-master service resource - command: pcs resource create master systemd:openshift-master op start timeout=90s stop timeout=90s --group openshift-master +- name: Add the cluster master service resource + command: pcs resource create master systemd:{{ openshift.common.service_type }}-master op start timeout=90s stop timeout=90s --group {{ openshift.common.service_type }}-master - name: Disable stonith command: pcs property set stonith-enabled=false diff --git a/roles/openshift_master_cluster/tasks/configure_deferred.yml b/roles/openshift_master_cluster/tasks/configure_deferred.yml index a80b6c5b4..3b416005b 100644 --- a/roles/openshift_master_cluster/tasks/configure_deferred.yml +++ b/roles/openshift_master_cluster/tasks/configure_deferred.yml @@ -1,8 +1,8 @@ --- - debug: msg="Deferring config" -- name: Start and enable openshift-master +- name: Start and enable the master service: - name: openshift-master + name: "{{ openshift.common.service_type }}-master" state: started enabled: yes diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md index 427269931..3aff81274 100644 --- a/roles/openshift_node/README.md +++ b/roles/openshift_node/README.md @@ -1,12 +1,12 @@ -OpenShift Node -============== +OpenShift/Atomic Enterprise Node +================================ -OpenShift Node service installation +Node service installation Requirements ------------ -One or more OpenShift Master servers. +One or more Master servers. A RHEL 7.1 host pre-configured with access to the rhel-7-server-rpms, rhel-7-server-extras-rpms, and rhel-7-server-ose-3.0-rpms repos. @@ -14,10 +14,10 @@ rhel-7-server-extras-rpms, and rhel-7-server-ose-3.0-rpms repos. Role Variables -------------- From this role: -| Name | Default value | | -|------------------------------------------|-----------------------|----------------------------------------| -| openshift_node_debug_level | openshift_debug_level | Verbosity of the debug logs for openshift-node | -| oreg_url | UNDEF (Optional) | Default docker registry to use | +| Name | Default value | | +|------------------------------------------|-----------------------|--------------------------------------------------------| +| openshift_node_debug_level | openshift_debug_level | Verbosity of the debug logs for node | +| oreg_url | UNDEF (Optional) | Default docker registry to use | From openshift_common: | Name | Default Value | | diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index 1dbcc4301..c4abf9d7c 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -1,6 +1,6 @@ --- os_firewall_allow: -- service: OpenShift kubelet +- service: Kubernetes kubelet port: 10250/tcp - service: http port: 80/tcp diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 8b5acefbf..633f3ed13 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,6 +1,6 @@ --- -- name: restart openshift-node - service: name=openshift-node state=restarted +- name: restart node + service: name={{ openshift.common.service_type }}-node state=restarted - name: restart docker service: name=docker state=restarted diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 18f0ce064..5ccb810cf 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -10,16 +10,7 @@ msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online'] -- name: Install OpenShift Node package - yum: pkg=openshift-node state=present - register: node_install_result - -- name: Install openshift-sdn-ovs - yum: pkg=openshift-sdn-ovs state=present - register: sdn_install_result - when: openshift.common.use_openshift_sdn - -- name: Set node OpenShift facts +- name: Set node facts openshift_facts: role: "{{ item.role }}" local_facts: "{{ item.local_facts }}" @@ -38,17 +29,26 @@ portal_net: "{{ openshift_master_portal_net | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" +- name: Install Node package + yum: pkg={{ openshift.common.service_type }}-node state=present + register: node_install_result + +- name: Install sdn-ovs package + yum: pkg={{ openshift.common.service_type }}-sdn-ovs state=present + register: sdn_install_result + when: openshift.common.use_openshift_sdn + # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config template: dest: "{{ openshift_node_config_file }}" src: node.yaml.v1.j2 notify: - - restart openshift-node + - restart node -- name: Configure OpenShift Node settings +- name: Configure Node settings lineinfile: - dest: /etc/sysconfig/openshift-node + dest: /etc/sysconfig/{{ openshift.common.service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" with_items: @@ -57,13 +57,13 @@ - regex: '^CONFIG_FILE=' line: "CONFIG_FILE={{ openshift_node_config_file }}" notify: - - restart openshift-node + - restart node - stat: path=/etc/sysconfig/docker register: docker_check # TODO: Enable secure registry when code available in origin -- name: Secure OpenShift Registry +- name: Secure Registry lineinfile: dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*' @@ -117,8 +117,8 @@ seboolean: name=virt_use_nfs state=yes persistent=yes when: ansible_selinux and ansible_selinux.status == "enabled" -- name: Start and enable openshift-node - service: name=openshift-node enabled=yes state=started +- name: Start and enable node + service: name={{ openshift.common.service_type }}-node enabled=yes state=started register: start_result - name: pause to prevent service restart from interfering with bootstrapping diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index cf47f8354..77a9694de 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -1,3 +1,3 @@ --- -openshift_node_config_dir: /etc/openshift/node +openshift_node_config_dir: "{{ openshift.common.config_base }}/node" openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" diff --git a/roles/openshift_node_certificates/README.md b/roles/openshift_node_certificates/README.md index c6304e4b0..6264d253a 100644 --- a/roles/openshift_node_certificates/README.md +++ b/roles/openshift_node_certificates/README.md @@ -1,5 +1,5 @@ -OpenShift Node Certificates -======================== +OpenShift/Atomic Enterprise Node Certificates +============================================= TODO diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml index a018bb0f9..61fbb1e51 100644 --- a/roles/openshift_node_certificates/vars/main.yml +++ b/roles/openshift_node_certificates/vars/main.yml @@ -1,7 +1,7 @@ --- -openshift_node_config_dir: /etc/openshift/node -openshift_master_config_dir: /etc/openshift/master -openshift_generated_configs_dir: /etc/openshift/generated-configs +openshift_node_config_dir: "{{ openshift.common.config_base }}/node" +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" +openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs" openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" diff --git a/roles/openshift_registry/vars/main.yml b/roles/openshift_registry/vars/main.yml index 9fb501e85..9967e26f4 100644 --- a/roles/openshift_registry/vars/main.yml +++ b/roles/openshift_registry/vars/main.yml @@ -1,3 +1,2 @@ --- -openshift_master_config_dir: /etc/openshift/master - +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" diff --git a/roles/openshift_repos/vars/main.yml b/roles/openshift_repos/vars/main.yml index bbb4c77e7..319611a0b 100644 --- a/roles/openshift_repos/vars/main.yml +++ b/roles/openshift_repos/vars/main.yml @@ -1,2 +1,7 @@ --- -known_openshift_deployment_types: ['origin', 'online', 'enterprise'] +# origin uses community packages named 'origin' +# online currently uses 'openshift' packages +# enterprise is used for OSE 3.0 < 3.1 which uses packages named 'openshift' +# atomic-enterprise uses Red Hat packages named 'atomic-openshift' +# openshift-enterprise uses Red Hat packages named 'atomic-openshift' starting with OSE 3.1 +known_openshift_deployment_types: ['origin', 'online', 'enterprise','atomic-enterprise','openshift-enterprise'] diff --git a/roles/openshift_router/vars/main.yml b/roles/openshift_router/vars/main.yml index 9fb501e85..9967e26f4 100644 --- a/roles/openshift_router/vars/main.yml +++ b/roles/openshift_router/vars/main.yml @@ -1,3 +1,2 @@ --- -openshift_master_config_dir: /etc/openshift/master - +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml index e9f5814bb..ead81b876 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/main.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml @@ -21,4 +21,4 @@ template: src=../templates/nfs.json.j2 dest=/root/persistent-volume.{{ item }}.json with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d -# TODO - Get the json files to an openshift-master, and load them. \ No newline at end of file +# TODO - Get the json files to a master, and load them. -- cgit v1.2.3 From b08d42644b1d65b13c89a3f47b48f16eb15d2344 Mon Sep 17 00:00:00 2001 From: "Diego Castro (dscastro)" Date: Wed, 26 Aug 2015 18:55:53 -0300 Subject: Remove extra space. --- roles/openshift_facts/library/openshift_facts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index e46cee145..4e0989c5f 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -319,7 +319,7 @@ def set_fluentd_facts_if_unset(facts): if 'common' in facts: deployment_type = facts['common']['deployment_type'] if 'use_fluentd' not in facts['common']: - use_fluentd = True if deployment_type == 'online' else False + use_fluentd = True if deployment_type == 'online' else False facts['common']['use_fluentd'] = use_fluentd return facts -- cgit v1.2.3 From 886fab0967834d116bbba2e7d50feb2e13fff11f Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 26 Aug 2015 22:15:16 -0400 Subject: Bugfix for extra --add-registry in docker config --- roles/openshift_node/tasks/main.yml | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 18f0ce064..7679adbf3 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -66,7 +66,7 @@ - name: Secure OpenShift Registry lineinfile: dest: /etc/sysconfig/docker - regexp: '^OPTIONS=.*' + regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg @@ -74,27 +74,29 @@ - restart docker - set_fact: - docker_additional_registries: "registry.access.redhat.com,{{ lookup('oo_option', 'docker_additional_registries') }}" - when: deployment_type == 'enterprise' + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') + | oo_split() | union(['registry.access.redhat.com']) + | difference(['']) }}" + when: openshift.common.deployment_type == 'enterprise' - set_fact: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}" - when: deployment_type != 'enterprise' + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') + | oo_split() | difference(['']) }}" + when: openshift.common.deployment_type != 'enterprise' - name: Add personal registries lineinfile: dest: /etc/sysconfig/docker - regexp: '^ADD_REGISTRY=.*' - line: "ADD_REGISTRY='{{ docker_additional_registries | oo_split() - | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" - when: docker_check.stat.isreg and - docker_additional_registries != '' + regexp: '^ADD_REGISTRY=.*$' + line: "ADD_REGISTRY='{{ docker_additional_registries + | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'" + when: docker_check.stat.isreg and docker_additional_registries notify: - restart docker - name: Block registries lineinfile: dest: /etc/sysconfig/docker - regexp: '^BLOCK_REGISTRY=.*' + regexp: '^BLOCK_REGISTRY=.*$' line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split() | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'" when: docker_check.stat.isreg and -- cgit v1.2.3 From 3012985b20e44c0ca4f7cce5a70926f518ec19c5 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 21 Aug 2015 17:44:30 -0400 Subject: Updates for zbx ans module --- filter_plugins/oo_zabbix_filters.py | 29 +++ playbooks/adhoc/zabbix_setup/clean_zabbix.yml | 51 ----- playbooks/adhoc/zabbix_setup/create_template.yml | 57 ----- playbooks/adhoc/zabbix_setup/create_user.yml | 31 --- playbooks/adhoc/zabbix_setup/filter_plugins | 1 - playbooks/adhoc/zabbix_setup/roles | 1 - playbooks/adhoc/zabbix_setup/setup_zabbix.yml | 38 ---- .../adhoc/zabbix_setup/vars/template_heartbeat.yml | 11 - .../adhoc/zabbix_setup/vars/template_host.yml | 27 --- .../adhoc/zabbix_setup/vars/template_master.yml | 27 --- .../adhoc/zabbix_setup/vars/template_node.yml | 27 --- .../adhoc/zabbix_setup/vars/template_os_linux.yml | 90 -------- .../adhoc/zabbix_setup/vars/template_router.yml | 27 --- roles/lib_zabbix/README.md | 38 ++++ roles/lib_zabbix/library/__init__.py | 0 roles/lib_zabbix/library/test.yml | 131 +++++++++++ roles/lib_zabbix/library/zbx_application.py | 139 ++++++++++++ roles/lib_zabbix/library/zbx_discoveryrule.py | 177 +++++++++++++++ roles/lib_zabbix/library/zbx_host.py | 163 ++++++++++++++ roles/lib_zabbix/library/zbx_hostgroup.py | 116 ++++++++++ roles/lib_zabbix/library/zbx_item.py | 173 +++++++++++++++ roles/lib_zabbix/library/zbx_itemprototype.py | 241 +++++++++++++++++++++ roles/lib_zabbix/library/zbx_mediatype.py | 168 ++++++++++++++ roles/lib_zabbix/library/zbx_template.py | 133 ++++++++++++ roles/lib_zabbix/library/zbx_trigger.py | 174 +++++++++++++++ roles/lib_zabbix/library/zbx_user.py | 174 +++++++++++++++ roles/lib_zabbix/library/zbx_user_media.py | 240 ++++++++++++++++++++ roles/lib_zabbix/library/zbx_usergroup.py | 208 ++++++++++++++++++ roles/os_zabbix/README.md | 40 ++++ roles/os_zabbix/defaults/main.yml | 1 + roles/os_zabbix/handlers/main.yml | 1 + roles/os_zabbix/library/__init__.py | 0 roles/os_zabbix/library/get_drule.yml | 115 ---------- roles/os_zabbix/library/test.yml | 131 ----------- roles/os_zabbix/library/zbx_application.py | 135 ------------ roles/os_zabbix/library/zbx_discoveryrule.py | 177 --------------- roles/os_zabbix/library/zbx_host.py | 163 -------------- roles/os_zabbix/library/zbx_hostgroup.py | 116 ---------- roles/os_zabbix/library/zbx_item.py | 170 --------------- roles/os_zabbix/library/zbx_itemprototype.py | 241 --------------------- roles/os_zabbix/library/zbx_mediatype.py | 149 ------------- roles/os_zabbix/library/zbx_template.py | 127 ----------- roles/os_zabbix/library/zbx_trigger.py | 175 --------------- roles/os_zabbix/library/zbx_user.py | 169 --------------- roles/os_zabbix/library/zbx_usergroup.py | 160 -------------- roles/os_zabbix/meta/main.yml | 9 + roles/os_zabbix/tasks/clean_zabbix.yml | 47 ++++ roles/os_zabbix/tasks/create_template.yml | 56 +++++ roles/os_zabbix/tasks/create_user.yml | 11 + roles/os_zabbix/tasks/main.yml | 30 +++ roles/os_zabbix/vars/main.yml | 1 + roles/os_zabbix/vars/template_heartbeat.yml | 13 ++ roles/os_zabbix/vars/template_host.yml | 27 +++ roles/os_zabbix/vars/template_master.yml | 27 +++ roles/os_zabbix/vars/template_node.yml | 27 +++ roles/os_zabbix/vars/template_os_linux.yml | 143 ++++++++++++ roles/os_zabbix/vars/template_router.yml | 27 +++ 57 files changed, 2764 insertions(+), 2416 deletions(-) delete mode 100644 playbooks/adhoc/zabbix_setup/clean_zabbix.yml delete mode 100644 playbooks/adhoc/zabbix_setup/create_template.yml delete mode 100644 playbooks/adhoc/zabbix_setup/create_user.yml delete mode 120000 playbooks/adhoc/zabbix_setup/filter_plugins delete mode 120000 playbooks/adhoc/zabbix_setup/roles delete mode 100644 playbooks/adhoc/zabbix_setup/setup_zabbix.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_host.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_master.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_node.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_router.yml create mode 100644 roles/lib_zabbix/README.md create mode 100644 roles/lib_zabbix/library/__init__.py create mode 100644 roles/lib_zabbix/library/test.yml create mode 100644 roles/lib_zabbix/library/zbx_application.py create mode 100644 roles/lib_zabbix/library/zbx_discoveryrule.py create mode 100644 roles/lib_zabbix/library/zbx_host.py create mode 100644 roles/lib_zabbix/library/zbx_hostgroup.py create mode 100644 roles/lib_zabbix/library/zbx_item.py create mode 100644 roles/lib_zabbix/library/zbx_itemprototype.py create mode 100644 roles/lib_zabbix/library/zbx_mediatype.py create mode 100644 roles/lib_zabbix/library/zbx_template.py create mode 100644 roles/lib_zabbix/library/zbx_trigger.py create mode 100644 roles/lib_zabbix/library/zbx_user.py create mode 100644 roles/lib_zabbix/library/zbx_user_media.py create mode 100644 roles/lib_zabbix/library/zbx_usergroup.py create mode 100644 roles/os_zabbix/README.md create mode 100644 roles/os_zabbix/defaults/main.yml create mode 100644 roles/os_zabbix/handlers/main.yml delete mode 100644 roles/os_zabbix/library/__init__.py delete mode 100644 roles/os_zabbix/library/get_drule.yml delete mode 100644 roles/os_zabbix/library/test.yml delete mode 100644 roles/os_zabbix/library/zbx_application.py delete mode 100644 roles/os_zabbix/library/zbx_discoveryrule.py delete mode 100644 roles/os_zabbix/library/zbx_host.py delete mode 100644 roles/os_zabbix/library/zbx_hostgroup.py delete mode 100644 roles/os_zabbix/library/zbx_item.py delete mode 100644 roles/os_zabbix/library/zbx_itemprototype.py delete mode 100644 roles/os_zabbix/library/zbx_mediatype.py delete mode 100644 roles/os_zabbix/library/zbx_template.py delete mode 100644 roles/os_zabbix/library/zbx_trigger.py delete mode 100644 roles/os_zabbix/library/zbx_user.py delete mode 100644 roles/os_zabbix/library/zbx_usergroup.py create mode 100644 roles/os_zabbix/meta/main.yml create mode 100644 roles/os_zabbix/tasks/clean_zabbix.yml create mode 100644 roles/os_zabbix/tasks/create_template.yml create mode 100644 roles/os_zabbix/tasks/create_user.yml create mode 100644 roles/os_zabbix/tasks/main.yml create mode 100644 roles/os_zabbix/vars/main.yml create mode 100644 roles/os_zabbix/vars/template_heartbeat.yml create mode 100644 roles/os_zabbix/vars/template_host.yml create mode 100644 roles/os_zabbix/vars/template_master.yml create mode 100644 roles/os_zabbix/vars/template_node.yml create mode 100644 roles/os_zabbix/vars/template_os_linux.yml create mode 100644 roles/os_zabbix/vars/template_router.yml diff --git a/filter_plugins/oo_zabbix_filters.py b/filter_plugins/oo_zabbix_filters.py index a473993a2..c44b874e8 100644 --- a/filter_plugins/oo_zabbix_filters.py +++ b/filter_plugins/oo_zabbix_filters.py @@ -59,6 +59,17 @@ class FilterModule(object): return data[zabbix_item]['params'] return None + @staticmethod + def oo_build_zabbix_collect(data, string, value): + ''' Build a list of dicts from a list of data matched on string attribute + ''' + rval = [] + for item in data: + if item[string] == value: + rval.append(item) + + return rval + @staticmethod def oo_build_zabbix_list_dict(values, string): ''' Build a list of dicts with string as key for each value @@ -68,6 +79,22 @@ class FilterModule(object): rval.append({string: value}) return rval + @staticmethod + def oo_remove_attr_from_list_dict(data, attr): + ''' Remove a specific attribute from a dict + ''' + attrs = [] + if isinstance(attr, str): + attrs.append(attr) + else: + attrs = attr + + for attribute in attrs: + for _entry in data: + _entry.pop(attribute, None) + + return data + def filters(self): ''' returns a mapping of filters to methods ''' return { @@ -76,4 +103,6 @@ class FilterModule(object): "oo_set_zbx_trigger_triggerid": self.oo_set_zbx_trigger_triggerid, "oo_build_zabbix_list_dict": self.oo_build_zabbix_list_dict, "create_data": self.create_data, + "oo_build_zabbix_collect": self.oo_build_zabbix_collect, + "oo_remove_attr_from_list_dict": self.oo_remove_attr_from_list_dict, } diff --git a/playbooks/adhoc/zabbix_setup/clean_zabbix.yml b/playbooks/adhoc/zabbix_setup/clean_zabbix.yml deleted file mode 100644 index a31cbef65..000000000 --- a/playbooks/adhoc/zabbix_setup/clean_zabbix.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -- hosts: localhost - gather_facts: no - vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: Admin - g_zpassword: zabbix - roles: - - ../../../roles/os_zabbix - post_tasks: - - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - name: 'Template Heartbeat' - register: templ_heartbeat - - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - name: 'Template App Zabbix Server' - register: templ_zabbix_server - - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - name: 'Template App Zabbix Agent' - register: templ_zabbix_agent - - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - register: templates - - - debug: var=templ_heartbeat.results - - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: absent - with_items: "{{ templates.results | difference(templ_zabbix_agent.results) | difference(templ_zabbix_server.results) | oo_collect('host') }}" - when: templ_heartbeat.results | length == 0 diff --git a/playbooks/adhoc/zabbix_setup/create_template.yml b/playbooks/adhoc/zabbix_setup/create_template.yml deleted file mode 100644 index 50fff53b2..000000000 --- a/playbooks/adhoc/zabbix_setup/create_template.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- debug: var=ctp_template - -- name: Create Template - zbx_template: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - name: "{{ ctp_template.name }}" - register: ctp_created_template - -- debug: var=ctp_created_template - -#- name: Create Application -# zbxapi: -# server: "{{ ctp_zserver }}" -# user: "{{ ctp_zuser }}" -# password: "{{ ctp_zpassword }}" -# zbx_class: Application -# state: present -# params: -# name: "{{ ctp_template.application.name}}" -# hostid: "{{ ctp_created_template.results[0].templateid }}" -# search: -# name: "{{ ctp_template.application.name}}" -# register: ctp_created_application - -#- debug: var=ctp_created_application - -- name: Create Items - zbx_item: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - key: "{{ item.key }}" - name: "{{ item.name | default(item.key, true) }}" - value_type: "{{ item.value_type | default('int') }}" - template_name: "{{ ctp_template.name }}" - with_items: ctp_template.zitems - register: ctp_created_items - -#- debug: var=ctp_created_items - -- name: Create Triggers - zbx_trigger: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - description: "{{ item.description }}" - expression: "{{ item.expression }}" - priority: "{{ item.priority }}" - with_items: ctp_template.ztriggers - when: ctp_template.ztriggers is defined - -#- debug: var=ctp_created_triggers - - diff --git a/playbooks/adhoc/zabbix_setup/create_user.yml b/playbooks/adhoc/zabbix_setup/create_user.yml deleted file mode 100644 index dd74798b7..000000000 --- a/playbooks/adhoc/zabbix_setup/create_user.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# export PYTHONPATH='/usr/lib/python2.7/site-packages/:/home/kwoodson/git/openshift-tools' -# ansible-playbook -e 'cli_password=zabbix' -e 'cli_new_password=new-zabbix' create_user.yml -- hosts: localhost - gather_facts: no - vars_files: - - vars/template_heartbeat.yml - - vars/template_os_linux.yml - vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: admin - g_zpassword: "{{ cli_password }}" - roles: - - ../../../roles/os_zabbix - post_tasks: - - zbx_user: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - register: users - - - debug: var=users - - - name: Update zabbix creds for admin - zbx_user: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - alias: Admin - passwd: "{{ cli_new_password | default(g_zpassword, true) }}" diff --git a/playbooks/adhoc/zabbix_setup/filter_plugins b/playbooks/adhoc/zabbix_setup/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/adhoc/zabbix_setup/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/roles b/playbooks/adhoc/zabbix_setup/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/playbooks/adhoc/zabbix_setup/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/ \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/setup_zabbix.yml b/playbooks/adhoc/zabbix_setup/setup_zabbix.yml deleted file mode 100644 index 1729194b5..000000000 --- a/playbooks/adhoc/zabbix_setup/setup_zabbix.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- hosts: localhost - gather_facts: no - vars_files: - - vars/template_heartbeat.yml - - vars/template_os_linux.yml - vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: Admin - g_zpassword: zabbix - roles: - - ../../../roles/os_zabbix - post_tasks: - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - register: templates - - - debug: var=templates - - - name: Include Template - include: create_template.yml - vars: - ctp_template: "{{ g_template_heartbeat }}" - ctp_zserver: "{{ g_zserver }}" - ctp_zuser: "{{ g_zuser }}" - ctp_zpassword: "{{ g_zpassword }}" - - - name: Include Template - include: create_template.yml - vars: - ctp_template: "{{ g_template_os_linux }}" - ctp_zserver: "{{ g_zserver }}" - ctp_zuser: "{{ g_zuser }}" - ctp_zpassword: "{{ g_zpassword }}" - diff --git a/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml b/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml deleted file mode 100644 index 22cc75554..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -g_template_heartbeat: - name: Template Heartbeat - zitems: - - name: Heartbeat Ping - hostid: - key: heartbeat.ping - ztriggers: - - description: 'Heartbeat.ping has failed on {HOST.NAME}' - expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' - priority: avg diff --git a/playbooks/adhoc/zabbix_setup/vars/template_host.yml b/playbooks/adhoc/zabbix_setup/vars/template_host.yml deleted file mode 100644 index e7cc667cb..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_host.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_host: - params: - name: Template Host - host: Template Host - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Host - zitems: - - name: Host Ping - hostid: - key_: host.ping - type: 2 - value_type: 0 - output: extend - search: - key_: host.ping - ztriggers: - - description: 'Host ping has failed on {HOST.NAME}' - expression: '{Template Host:host.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Host ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_master.yml b/playbooks/adhoc/zabbix_setup/vars/template_master.yml deleted file mode 100644 index 5f9b41a4f..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_master.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_master: - params: - name: Template Master - host: Template Master - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Master - zitems: - - name: Master Etcd Ping - hostid: - key_: master.etcd.ping - type: 2 - value_type: 0 - output: extend - search: - key_: master.etcd.ping - ztriggers: - - description: 'Master Etcd ping has failed on {HOST.NAME}' - expression: '{Template Master:master.etcd.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Master Etcd ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_node.yml b/playbooks/adhoc/zabbix_setup/vars/template_node.yml deleted file mode 100644 index 98c343a24..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_node.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_node: - params: - name: Template Node - host: Template Node - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Node - zitems: - - name: Kubelet Ping - hostid: - key_: kubelet.ping - type: 2 - value_type: 0 - output: extend - search: - key_: kubelet.ping - ztriggers: - - description: 'Kubelet ping has failed on {HOST.NAME}' - expression: '{Template Node:kubelet.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Kubelet ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml b/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml deleted file mode 100644 index 9cc038ffa..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- -g_template_os_linux: - name: Template OS Linux - zitems: - - key: kernel.uname.sysname - value_type: string - - - key: kernel.all.cpu.wait.total - value_type: int - - - key: kernel.all.cpu.irq.hard - value_type: int - - - key: kernel.all.cpu.idle - value_type: int - - - key: kernel.uname.distro - value_type: string - - - key: kernel.uname.nodename - value_type: string - - - key: kernel.all.cpu.irq.soft - value_type: int - - - key: kernel.all.load.15_minute - value_type: float - - - key: kernel.all.cpu.sys - value_type: int - - - key: kernel.all.load.5_minute - value_type: float - - - key: mem.freemem - value_type: int - - - key: kernel.all.cpu.nice - value_type: int - - - key: mem.util.bufmem - value_type: int - - - key: swap.used - value_type: int - - - key: kernel.all.load.1_minute - value_type: float - - - key: kernel.uname.version - value_type: string - - - key: swap.length - value_type: int - - - key: mem.physmem - value_type: int - - - key: kernel.all.uptime - value_type: int - - - key: swap.free - value_type: int - - - key: mem.util.used - value_type: int - - - key: kernel.all.cpu.user - value_type: int - - - key: kernel.uname.machine - value_type: string - - - key: hinv.ncpu - value_type: int - - - key: mem.util.cached - value_type: int - - - key: kernel.all.cpu.steal - value_type: int - - - key: kernel.all.pswitch - value_type: int - - - key: kernel.uname.release - value_type: string - - - key: proc.nprocs - value_type: int diff --git a/playbooks/adhoc/zabbix_setup/vars/template_router.yml b/playbooks/adhoc/zabbix_setup/vars/template_router.yml deleted file mode 100644 index 4dae7da1e..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_router.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_router: - params: - name: Template Router - host: Template Router - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Router - zitems: - - name: Router Backends down - hostid: - key_: router.backends.down - type: 2 - value_type: 0 - output: extend - search: - key_: router.backends.down - ztriggers: - - description: 'Number of router backends down on {HOST.NAME}' - expression: '{Template Router:router.backends.down.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Number of router backends down on {HOST.NAME}' - expandExpression: True diff --git a/roles/lib_zabbix/README.md b/roles/lib_zabbix/README.md new file mode 100644 index 000000000..69debc698 --- /dev/null +++ b/roles/lib_zabbix/README.md @@ -0,0 +1,38 @@ +zabbix +========= + +Automate zabbix tasks. + +Requirements +------------ + +This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Role Variables +-------------- + +None + +Dependencies +------------ + +This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Example Playbook +---------------- + + - zbx_host: + server: zab_server + user: zab_user + password: zab_password + name: 'myhost' + +License +------- + +ASL 2.0 + +Author Information +------------------ + +OpenShift operations, Red Hat, Inc diff --git a/roles/lib_zabbix/library/__init__.py b/roles/lib_zabbix/library/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/roles/lib_zabbix/library/test.yml b/roles/lib_zabbix/library/test.yml new file mode 100644 index 000000000..cedace1a0 --- /dev/null +++ b/roles/lib_zabbix/library/test.yml @@ -0,0 +1,131 @@ +--- +# This is a test playbook to create one of each of the zabbix ansible modules. +# ensure that the zbxapi module is installed +# ansible-playbook test.yml +- name: Test zabbix ansible module + hosts: localhost + gather_facts: no + vars: + zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php + zbx_user: Admin + zbx_password: zabbix + + pre_tasks: + - name: Create a template + zbx_template: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'test template' + register: template_output + + - debug: var=template_output + + - name: Create a discoveryrule + zbx_discoveryrule: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: test discoverule + key: test_listener + template_name: test template + lifetime: 14 + register: discoveryrule + + - debug: var=discoveryrule + + - name: Create an itemprototype + zbx_itemprototype: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test itemprototype on {#TEST_LISTENER}' + key: 'test[{#TEST_LISTENER}]' + template_name: test template + discoveryrule_name: test discoverule + register: itemproto + + - debug: var=itemproto + + - name: Create an application + zbx_application: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test App' + template_name: "test template" + register: item_output + + - name: Create an item + zbx_item: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'test item' + key: 'kenny.item.1' + applications: + - 'Test App' + template_name: "test template" + register: item_output + + - debug: var=item_output + + - name: Create an trigger + zbx_trigger: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + expression: '{test template:kenny.item.1.last()}>2' + description: 'Kenny desc' + register: trigger_output + + - debug: var=trigger_output + + - name: Create a hostgroup + zbx_hostgroup: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'kenny hostgroup' + register: hostgroup_output + + - debug: var=hostgroup_output + + - name: Create a host + zbx_host: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'kenny host' + template_names: + - test template + hostgroup_names: + - kenny hostgroup + register: host_output + + - debug: var=host_output + + - name: Create a usergroup + zbx_usergroup: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: kenny usergroup + rights: + - 'kenny hostgroup': rw + register: usergroup_output + + - debug: var=usergroup_output + + - name: Create a user + zbx_user: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + alias: kenny user + passwd: zabbix + usergroups: + - kenny usergroup + register: user_output + + - debug: var=user_output diff --git a/roles/lib_zabbix/library/zbx_application.py b/roles/lib_zabbix/library/zbx_application.py new file mode 100644 index 000000000..01df1a98e --- /dev/null +++ b/roles/lib_zabbix/library/zbx_application.py @@ -0,0 +1,139 @@ +#!/usr/bin/env python +''' +Ansible module for application +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix application ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + return template_ids + +def main(): + ''' Ansible module for application + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + template_name=dict(default=None, type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], + module.params['user'], + module.params['password'], + module.params['debug'])) + + #Set the instance and the application for the rest of the calls + zbx_class_name = 'application' + idname = 'applicationid' + aname = module.params['name'] + state = module.params['state'] + # get a applicationid, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': aname}, + 'selectHost': 'hostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], + 'name': aname, + } + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py new file mode 100644 index 000000000..56b87fecc --- /dev/null +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(vtype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'JMX': 16, + } + + for typ in _types.keys(): + if vtype in typ or vtype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'discoveryrule' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + #'selectDServices': 'extend', + #'selectDChecks': 'extend', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'lifetime': module.params['lifetime'], + 'type': get_type(module.params['ztype']), + } + if params['type'] in [2, 5, 7, 11]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_host.py b/roles/lib_zabbix/library/zbx_host.py new file mode 100644 index 000000000..12c5f3456 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_host.py @@ -0,0 +1,163 @@ +#!/usr/bin/env python +''' +Zabbix host ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_group_ids(zapi, hostgroup_names): + ''' + get hostgroups + ''' + # Fetch groups by name + group_ids = [] + for hgr in hostgroup_names: + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) + if content.has_key('result'): + group_ids.append({'groupid': content['result'][0]['groupid']}) + + return group_ids + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append({'templateid': content['result'][0]['templateid']}) + return template_ids + +def main(): + ''' + Ansible module for zabbix host + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + hostgroup_names=dict(default=[], type='list'), + template_names=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + interfaces=dict(default=None, type='list'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'host' + idname = "hostid" + hname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': hname}, + 'selectGroups': 'groupid', + 'selectParentTemplates': 'templateid', + 'selectInterfaces': 'interfaceid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent + 'main': 1, # default interface? 1 = true + 'useip': 1, # default interface? 1 = true + 'ip': '127.0.0.1', # default interface? 1 = true + 'dns': '', # dns for host + 'port': '10050', # port for interface? 10050 + }] + params = {'host': hname, + 'groups': get_group_ids(zapi, module.params['hostgroup_names']), + 'templates': get_template_ids(zapi, module.params['template_names']), + 'interfaces': ifs, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_hostgroup.py b/roles/lib_zabbix/library/zbx_hostgroup.py new file mode 100644 index 000000000..a1eb875d4 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_hostgroup.py @@ -0,0 +1,116 @@ +#!/usr/bin/env python +''' Ansible module for hostgroup +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix hostgroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' ansible module for hostgroup + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'hostgroup' + idname = "groupid" + hname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': hname}, + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': hname} + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py new file mode 100644 index 000000000..64dbb976f --- /dev/null +++ b/roles/lib_zabbix/library/zbx_item.py @@ -0,0 +1,173 @@ +#!/usr/bin/env python +''' + Ansible module for zabbix items +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix item ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + if isinstance(application_names, str): + application_names = [application_names] + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + ansible zabbix module for zbx_item + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + template_name=dict(default=None, type='str'), + zabbix_type=dict(default=2, type='int'), + value_type=dict(default='int', type='str'), + applications=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'item' + idname = "itemid" + state = module.params['state'] + key = module.params['key'] + template_name = module.params['template_name'] + + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + templateid = None + if content['result']: + templateid = content['result'][0]['templateid'] + else: + module.exit_json(changed=False, + results='Error: Could find template with name %s for item.' % template_name, + state="Unkown") + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'key_': key}, + 'selectApplications': 'applicationid', + }) + + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': module.params.get('name', module.params['key']), + 'key_': key, + 'hostid': templateid, + 'type': module.params['zabbix_type'], + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py new file mode 100644 index 000000000..f0eb6bbbd --- /dev/null +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rule_id(zapi, discoveryrule_name): + '''get a discoveryrule by name + ''' + content = zapi.get_content('discoveryrule', + 'get', + {'search': {'name': discoveryrule_name}, + 'output': 'extend', + }) + if not content['result']: + return None + return content['result'][0]['itemid'] + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(ztype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'aggregate': 8, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'calculated': 15, + 'JMX': 16, + } + + for typ in _types.keys(): + if ztype in typ or ztype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_status(status): + ''' Determine status + ''' + _status = 0 + if status == 'disabled': + _status = 1 + elif status == 'unsupported': + _status = 3 + + return _status + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + value_type=dict(default='float', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + status=dict(default='enabled', type='str'), + discoveryrule_name=dict(default=None, type='str'), + applications=dict(default=[], type='list'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'itemprototype' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + 'selectApplications': 'applicationid', + 'selectDiscoveryRule': 'itemid', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), + 'type': get_type(module.params['ztype']), + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + if params['type'] in [2, 5, 7, 8, 11, 15]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'ruleid': + if value != zab_results['discoveryRule']['itemid']: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_mediatype.py b/roles/lib_zabbix/library/zbx_mediatype.py new file mode 100644 index 000000000..b8dcaf7aa --- /dev/null +++ b/roles/lib_zabbix/library/zbx_mediatype.py @@ -0,0 +1,168 @@ +#!/usr/bin/env python +''' + Ansible module for mediatype +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix mediatype ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_mtype(mtype): + ''' + Transport used by the media type. + Possible values: + 0 - email; + 1 - script; + 2 - SMS; + 3 - Jabber; + 100 - Ez Texting. + ''' + mtype = mtype.lower() + media_type = None + if mtype == 'script': + media_type = 1 + elif mtype == 'sms': + media_type = 2 + elif mtype == 'jabber': + media_type = 3 + elif mtype == 'script': + media_type = 100 + else: + media_type = 0 + + return media_type + +def main(): + ''' + Ansible zabbix module for mediatype + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + description=dict(default=None, type='str'), + mtype=dict(default=None, type='str'), + smtp_server=dict(default=None, type='str'), + smtp_helo=dict(default=None, type='str'), + smtp_email=dict(default=None, type='str'), + passwd=dict(default=None, type='str'), + path=dict(default=None, type='str'), + username=dict(default=None, type='str'), + status=dict(default='enabled', type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'mediatype' + idname = "mediatypeid" + description = module.params['description'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + status = 1 + if module.params['status']: + status = 0 + params = {'description': description, + 'type': get_mtype(module.params['mtype']), + 'smtp_server': module.params['smtp_server'], + 'smtp_helo': module.params['smtp_helo'], + 'smtp_email': module.params['smtp_email'], + 'passwd': module.params['passwd'], + 'exec_path': module.params['path'], + 'username': module.params['username'], + 'status': status, + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and \ + zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_template.py b/roles/lib_zabbix/library/zbx_template.py new file mode 100644 index 000000000..f86f22003 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_template.py @@ -0,0 +1,133 @@ +#!/usr/bin/env python +''' +Ansible module for template +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix template ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' Ansible module for template + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zbc = ZabbixConnection(module.params['server'], + module.params['user'], + module.params['password'], + module.params['debug']) + zapi = ZabbixAPI(zbc) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'template' + idname = 'templateid' + tname = module.params['name'] + state = module.params['state'] + # get a template, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': tname}, + 'selectParentTemplates': 'templateid', + 'selectGroups': 'groupid', + 'selectApplications': 'applicationid', + 'selectDiscoveries': 'extend', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + if not tname: + module.exit_json(failed=True, + changed=False, + results='Must specifiy a template name.', + state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'groups': module.params.get('groups', [{'groupid': '1'}]), + 'host': tname, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py new file mode 100644 index 000000000..6f5392437 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -0,0 +1,174 @@ +#!/usr/bin/env python +''' +ansible module for zabbix triggers +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix trigger ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_priority(priority): + ''' determine priority + ''' + prior = 0 + if 'info' in priority: + prior = 1 + elif 'warn' in priority: + prior = 2 + elif 'avg' == priority or 'ave' in priority: + prior = 3 + elif 'high' in priority: + prior = 4 + elif 'dis' in priority: + prior = 5 + + return prior + +def get_deps(zapi, deps): + ''' get trigger dependencies + ''' + results = [] + for desc in deps: + content = zapi.get_content('trigger', + 'get', + {'search': {'description': desc}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if content.has_key('result'): + results.append({'triggerid': content['result'][0]['triggerid']}) + + return results + +def main(): + ''' + Create a trigger in zabbix + + Example: + "params": { + "description": "Processor load is too high on {HOST.NAME}", + "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", + "dependencies": [ + { + "triggerid": "14062" + } + ] + }, + + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + expression=dict(default=None, type='str'), + description=dict(default=None, type='str'), + dependencies=dict(default=[], type='list'), + priority=dict(default='avg', type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'trigger' + idname = "triggerid" + state = module.params['state'] + description = module.params['description'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'description': description}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'description': description, + 'expression': module.params['expression'], + 'dependencies': get_deps(zapi, module.params['dependencies']), + 'priority': get_priority(module.params['priority']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py new file mode 100644 index 000000000..220caa6f1 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_user.py @@ -0,0 +1,174 @@ +#!/usr/bin/env python +''' +ansible module for zabbix users +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix user ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_usergroups(zapi, usergroups): + ''' Get usergroups + ''' + ugroups = [] + for ugr in usergroups: + content = zapi.get_content('usergroup', + 'get', + {'search': {'name': ugr}, + #'selectUsers': 'userid', + #'getRights': 'extend' + }) + if content['result']: + ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) + + return ugroups or None + +def get_usertype(user_type): + ''' + Determine zabbix user account type + ''' + if not user_type: + return None + + utype = 1 + if 'super' in user_type: + utype = 3 + elif 'admin' in user_type or user_type == 'admin': + utype = 2 + + return utype + +def main(): + ''' + ansible zabbix module for users + ''' + + ##def user(self, name, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + alias=dict(default=None, type='str'), + name=dict(default=None, type='str'), + surname=dict(default=None, type='str'), + user_type=dict(default=None, type='str'), + passwd=dict(default=None, type='str'), + user_groups=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) + + ## before we can create a user media and users with media types we need media + zbx_class_name = 'user' + idname = "userid" + alias = module.params['alias'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'output': 'extend', + 'search': {'alias': alias}, + "selectUsrgrps": 'usergrpid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content) or len(content['result']) == 0: + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'alias': alias, + 'passwd': module.params['passwd'], + 'usrgrps': get_usergroups(zapi, module.params['user_groups']), + 'name': module.params['name'], + 'surname': module.params['surname'], + 'type': get_usertype(module.params['user_type']), + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'passwd': + differences[key] = value + + elif key == 'usrgrps': + # this must be done as a list of ordered dictionaries fails comparison + if not all([True for _ in zab_results[key][0] if _ in value[0]]): + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py new file mode 100644 index 000000000..f590c58fe --- /dev/null +++ b/roles/lib_zabbix/library/zbx_user_media.py @@ -0,0 +1,240 @@ +#!/usr/bin/env python +''' + Ansible module for user media +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix user media ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_mtype(zapi, mtype): + '''Get mediatype + + If passed an int, return it as the mediatypeid + if its a string, then try to fetch through a description + ''' + if isinstance(mtype, int): + return mtype + try: + return int(mtype) + except ValueError: + pass + + content = zapi.get_content('mediatype', 'get', {'search': {'description': mtype}}) + if content.has_key['result'] and content['result']: + return content['result'][0]['mediatypeid'] + + return None + +def get_user(zapi, user): + ''' Get userids from user aliases + ''' + content = zapi.get_content('user', 'get', {'search': {'alias': user}}) + if content['result']: + return content['result'][0] + + return None + +def get_severity(severity): + ''' determine severity + ''' + if isinstance(severity, int) or \ + isinstance(severity, str): + return severity + + val = 0 + sev_map = { + 'not': 2**0, + 'inf': 2**1, + 'war': 2**2, + 'ave': 2**3, + 'avg': 2**3, + 'hig': 2**4, + 'dis': 2**5, + } + for level in severity: + val |= sev_map[level[:3].lower()] + return val + +def get_zbx_user_query_data(zapi, user_name): + ''' If name exists, retrieve it, and build query params. + ''' + query = {} + if user_name: + zbx_user = get_user(zapi, user_name) + query = {'userids': zbx_user['userid']} + + return query + +def find_media(medias, user_media): + ''' Find the user media in the list of medias + ''' + for media in medias: + if all([media[key] == user_media[key] for key in user_media.keys()]): + return media + return None + +def get_active(in_active): + '''Determine active value + ''' + active = 1 + if in_active: + active = 0 + + return active + +def main(): + ''' + Ansible zabbix module for mediatype + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + active=dict(default=False, type='bool'), + medias=dict(default=None, type='list'), + mediaid=dict(default=None, type='int'), + mediatype=dict(default=None, type='str'), + mediatype_desc=dict(default=None, type='str'), + #d-d,hh:mm-hh:mm;d-d,hh:mm-hh:mm... + period=dict(default=None, type='str'), + sendto=dict(default=None, type='str'), + severity=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'user' + idname = "mediaid" + state = module.params['state'] + + # User media is fetched through the usermedia.get + zbx_user_query = get_zbx_user_query_data(zapi, module.params['name']) + content = zapi.get_content('usermedia', 'get', zbx_user_query) + + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content) or len(content['result']) == 0: + module.exit_json(changed=False, state="absent") + + # TODO: Do we remove all the queried results? This could be catastrophic or desired. + #ids = [med[idname] for med in content['result']] + ids = [content['result'][0][idname]] + content = zapi.get_content(zbx_class_name, 'deletemedia', ids) + + if content.has_key('error'): + module.exit_json(changed=False, results=content['error'], state="absent") + + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + active = get_active(module.params['active']) + mtypeid = None + if module.params['mediatype']: + mtypeid = get_mtype(zapi, module.params['mediatype']) + elif module.params['mediatype_desc']: + mtypeid = get_mtype(zapi, module.params['mediatype_desc']) + + medias = module.params['medias'] + if medias == None: + medias = [{'mediatypeid': mtypeid, + 'sendto': module.params['sendto'], + 'active': active, + 'severity': int(get_severity(module.params['severity'])), + 'period': module.params['period'], + }] + + params = {'users': [zbx_user_query], + 'medias': medias, + 'output': 'extend', + } + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'addmedia', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + + # mediaid signifies an update + # If user params exists, check to see if they already exist in zabbix + # if they exist, then return as no update + # elif they do not exist, then take user params only + differences = {'medias': [], 'users': {}} + for media in params['medias']: + m_result = find_media(content['result'], media) + if not m_result: + differences['medias'].append(media) + + if not differences['medias']: + module.exit_json(changed=False, results=content['result'], state="present") + + for user in params['users']: + differences['users']['userid'] = user['userids'] + + # We have differences and need to update + content = zapi.get_content(zbx_class_name, 'updatemedia', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_usergroup.py b/roles/lib_zabbix/library/zbx_usergroup.py new file mode 100644 index 000000000..11aef106c --- /dev/null +++ b/roles/lib_zabbix/library/zbx_usergroup.py @@ -0,0 +1,208 @@ +#!/usr/bin/env python +''' +zabbix ansible module for usergroups +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix usergroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rights(zapi, rights): + '''Get rights + ''' + if rights == None: + return None + + perms = [] + for right in rights: + hstgrp = right.keys()[0] + perm = right.values()[0] + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) + if content['result']: + permission = 0 + if perm == 'ro': + permission = 2 + elif perm == 'rw': + permission = 3 + perms.append({'id': content['result'][0]['groupid'], + 'permission': permission}) + return perms + +def get_gui_access(access): + ''' Return the gui_access for a usergroup + ''' + access = access.lower() + if access == 'internal': + return 1 + elif access == 'disabled': + return 2 + + return 0 + +def get_debug_mode(mode): + ''' Return the debug_mode for a usergroup + ''' + mode = mode.lower() + if mode == 'enabled': + return 1 + + return 0 + +def get_user_status(status): + ''' Return the user_status for a usergroup + ''' + status = status.lower() + if status == 'enabled': + return 0 + + return 1 + + +#def get_userids(zapi, users): +# ''' Get userids from user aliases +# ''' +# if not users: +# return None +# +# userids = [] +# for alias in users: +# content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) +# if content['result']: +# userids.append(content['result'][0]['userid']) +# +# return userids + +def main(): + ''' Ansible module for usergroup + ''' + + ##def usergroup(self, name, rights=None, users=None, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), + debug_mode=dict(default='disabled', type='str'), + gui_access=dict(default='default', type='str'), + status=dict(default='enabled', type='str'), + name=dict(default=None, type='str', required=True), + rights=dict(default=None, type='list'), + #users=dict(default=None, type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], + module.params['user'], + module.params['password'], + module.params['debug'])) + + zbx_class_name = 'usergroup' + idname = "usrgrpid" + uname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': uname}, + 'selectUsers': 'userid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + if not uname: + module.exit_json(failed=True, changed=False, results='Need to pass in a user.', state="error") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + + params = {'name': uname, + 'rights': get_rights(zapi, module.params['rights']), + 'users_status': get_user_status(module.params['status']), + 'gui_access': get_gui_access(module.params['gui_access']), + 'debug_mode': get_debug_mode(module.params['debug_mode']), + #'userids': get_userids(zapi, module.params['users']), + } + + _ = [params.pop(key, None) for key in params.keys() if params[key] == None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'rights': + differences['rights'] = value + + #elif key == 'userids' and zab_results.has_key('users'): + #if zab_results['users'] != value: + #differences['userids'] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/README.md b/roles/os_zabbix/README.md new file mode 100644 index 000000000..ac3dc2833 --- /dev/null +++ b/roles/os_zabbix/README.md @@ -0,0 +1,40 @@ +os_zabbix +========= + +Automate zabbix tasks. + +Requirements +------------ + +This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Role Variables +-------------- + +zab_server +zab_username +zab_password + +Dependencies +------------ + +This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Example Playbook +---------------- + + - zbx_host: + server: zab_server + user: zab_user + password: zab_password + name: 'myhost' + +License +------- + +ASL 2.0 + +Author Information +------------------ + +OpenShift operations, Red Hat, Inc diff --git a/roles/os_zabbix/defaults/main.yml b/roles/os_zabbix/defaults/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/defaults/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/handlers/main.yml b/roles/os_zabbix/handlers/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/handlers/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/library/__init__.py b/roles/os_zabbix/library/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/roles/os_zabbix/library/get_drule.yml b/roles/os_zabbix/library/get_drule.yml deleted file mode 100644 index a3e39f535..000000000 --- a/roles/os_zabbix/library/get_drule.yml +++ /dev/null @@ -1,115 +0,0 @@ ---- -# This is a test playbook to create one of each of the zabbix ansible modules. -# ensure that the zbxapi module is installed -# ansible-playbook test.yml -- name: Test zabbix ansible module - hosts: localhost - gather_facts: no - vars: -#zbx_server: https://localhost/zabbix/api_jsonrpc.php -#zbx_user: Admin -#zbx_password: zabbix - - pre_tasks: - - name: Template Discovery rules - zbx_template: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Template App HaProxy' - state: list - register: template_output - - - debug: var=template_output - - - name: Discovery rules - zbx_discovery_rule: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'haproxy.discovery sender' - state: list - register: drule - - - debug: var=drule - -# - name: Create an application -# zbx_application: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'Test App' -# template_name: "test template" -# register: item_output -# -# - name: Create an item -# zbx_item: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'test item' -# key: 'kenny.item.1' -# applications: -# - 'Test App' -# template_name: "test template" -# register: item_output -# -# - debug: var=item_output -# -# - name: Create an trigger -# zbx_trigger: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# expression: '{test template:kenny.item.1.last()}>2' -# description: 'Kenny desc' -# register: trigger_output -# -# - debug: var=trigger_output -# -# - name: Create a hostgroup -# zbx_hostgroup: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'kenny hostgroup' -# register: hostgroup_output -# -# - debug: var=hostgroup_output -# -# - name: Create a host -# zbx_host: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'kenny host' -# template_names: -# - test template -# hostgroup_names: -# - kenny hostgroup -# register: host_output -# -# - debug: var=host_output -# -# - name: Create a usergroup -# zbx_usergroup: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: kenny usergroup -# rights: -# - 'kenny hostgroup': rw -# register: usergroup_output -# -# - debug: var=usergroup_output -# -# - name: Create a user -# zbx_user: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# alias: kwoodson -# state: list -# register: user_output -# -# - debug: var=user_output diff --git a/roles/os_zabbix/library/test.yml b/roles/os_zabbix/library/test.yml deleted file mode 100644 index cedace1a0..000000000 --- a/roles/os_zabbix/library/test.yml +++ /dev/null @@ -1,131 +0,0 @@ ---- -# This is a test playbook to create one of each of the zabbix ansible modules. -# ensure that the zbxapi module is installed -# ansible-playbook test.yml -- name: Test zabbix ansible module - hosts: localhost - gather_facts: no - vars: - zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php - zbx_user: Admin - zbx_password: zabbix - - pre_tasks: - - name: Create a template - zbx_template: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test template' - register: template_output - - - debug: var=template_output - - - name: Create a discoveryrule - zbx_discoveryrule: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: test discoverule - key: test_listener - template_name: test template - lifetime: 14 - register: discoveryrule - - - debug: var=discoveryrule - - - name: Create an itemprototype - zbx_itemprototype: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test itemprototype on {#TEST_LISTENER}' - key: 'test[{#TEST_LISTENER}]' - template_name: test template - discoveryrule_name: test discoverule - register: itemproto - - - debug: var=itemproto - - - name: Create an application - zbx_application: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test App' - template_name: "test template" - register: item_output - - - name: Create an item - zbx_item: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test item' - key: 'kenny.item.1' - applications: - - 'Test App' - template_name: "test template" - register: item_output - - - debug: var=item_output - - - name: Create an trigger - zbx_trigger: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - expression: '{test template:kenny.item.1.last()}>2' - description: 'Kenny desc' - register: trigger_output - - - debug: var=trigger_output - - - name: Create a hostgroup - zbx_hostgroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny hostgroup' - register: hostgroup_output - - - debug: var=hostgroup_output - - - name: Create a host - zbx_host: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny host' - template_names: - - test template - hostgroup_names: - - kenny hostgroup - register: host_output - - - debug: var=host_output - - - name: Create a usergroup - zbx_usergroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: kenny usergroup - rights: - - 'kenny hostgroup': rw - register: usergroup_output - - - debug: var=usergroup_output - - - name: Create a user - zbx_user: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - alias: kenny user - passwd: zabbix - usergroups: - - kenny usergroup - register: user_output - - - debug: var=user_output diff --git a/roles/os_zabbix/library/zbx_application.py b/roles/os_zabbix/library/zbx_application.py deleted file mode 100644 index 5d4acf72d..000000000 --- a/roles/os_zabbix/library/zbx_application.py +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for application -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix application ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append(content['result'][0]['templateid']) - return template_ids - -def main(): - ''' Ansible module for application - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - template_name=dict(default=None, type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the application for the rest of the calls - zbx_class_name = 'application' - idname = 'applicationid' - aname = module.params['name'] - state = module.params['state'] - # get a applicationid, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': aname}, - 'selectHost': 'hostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], - 'name': aname, - } - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_discoveryrule.py b/roles/os_zabbix/library/zbx_discoveryrule.py deleted file mode 100644 index 56b87fecc..000000000 --- a/roles/os_zabbix/library/zbx_discoveryrule.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(vtype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'JMX': 16, - } - - for typ in _types.keys(): - if vtype in typ or vtype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'discoveryrule' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - #'selectDServices': 'extend', - #'selectDChecks': 'extend', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'lifetime': module.params['lifetime'], - 'type': get_type(module.params['ztype']), - } - if params['type'] in [2, 5, 7, 11]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_host.py b/roles/os_zabbix/library/zbx_host.py deleted file mode 100644 index 12c5f3456..000000000 --- a/roles/os_zabbix/library/zbx_host.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix host ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_group_ids(zapi, hostgroup_names): - ''' - get hostgroups - ''' - # Fetch groups by name - group_ids = [] - for hgr in hostgroup_names: - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) - if content.has_key('result'): - group_ids.append({'groupid': content['result'][0]['groupid']}) - - return group_ids - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append({'templateid': content['result'][0]['templateid']}) - return template_ids - -def main(): - ''' - Ansible module for zabbix host - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - hostgroup_names=dict(default=[], type='list'), - template_names=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - interfaces=dict(default=None, type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'host' - idname = "hostid" - hname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': hname}, - 'selectGroups': 'groupid', - 'selectParentTemplates': 'templateid', - 'selectInterfaces': 'interfaceid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent - 'main': 1, # default interface? 1 = true - 'useip': 1, # default interface? 1 = true - 'ip': '127.0.0.1', # default interface? 1 = true - 'dns': '', # dns for host - 'port': '10050', # port for interface? 10050 - }] - params = {'host': hname, - 'groups': get_group_ids(zapi, module.params['hostgroup_names']), - 'templates': get_template_ids(zapi, module.params['template_names']), - 'interfaces': ifs, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_hostgroup.py b/roles/os_zabbix/library/zbx_hostgroup.py deleted file mode 100644 index a1eb875d4..000000000 --- a/roles/os_zabbix/library/zbx_hostgroup.py +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/bin/env python -''' Ansible module for hostgroup -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix hostgroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' ansible module for hostgroup - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'hostgroup' - idname = "groupid" - hname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': hname}, - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': hname} - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_item.py b/roles/os_zabbix/library/zbx_item.py deleted file mode 100644 index 45ba6c2b0..000000000 --- a/roles/os_zabbix/library/zbx_item.py +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for zabbix items -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix item ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - ansible zabbix module for zbx_item - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - template_name=dict(default=None, type='str'), - zabbix_type=dict(default=2, type='int'), - value_type=dict(default='int', type='str'), - applications=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'item' - idname = "itemid" - state = module.params['state'] - key = module.params['key'] - template_name = module.params['template_name'] - - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - templateid = None - if content['result']: - templateid = content['result'][0]['templateid'] - else: - module.exit_json(changed=False, - results='Error: Could find template with name %s for item.' % template_name, - state="Unkown") - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'key_': key}, - 'selectApplications': 'applicationid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': module.params.get('name', module.params['key']), - 'key_': key, - 'hostid': templateid, - 'type': module.params['zabbix_type'], - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_itemprototype.py b/roles/os_zabbix/library/zbx_itemprototype.py deleted file mode 100644 index f0eb6bbbd..000000000 --- a/roles/os_zabbix/library/zbx_itemprototype.py +++ /dev/null @@ -1,241 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rule_id(zapi, discoveryrule_name): - '''get a discoveryrule by name - ''' - content = zapi.get_content('discoveryrule', - 'get', - {'search': {'name': discoveryrule_name}, - 'output': 'extend', - }) - if not content['result']: - return None - return content['result'][0]['itemid'] - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(ztype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'aggregate': 8, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'calculated': 15, - 'JMX': 16, - } - - for typ in _types.keys(): - if ztype in typ or ztype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_status(status): - ''' Determine status - ''' - _status = 0 - if status == 'disabled': - _status = 1 - elif status == 'unsupported': - _status = 3 - - return _status - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - value_type=dict(default='float', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - status=dict(default='enabled', type='str'), - discoveryrule_name=dict(default=None, type='str'), - applications=dict(default=[], type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'itemprototype' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - 'selectApplications': 'applicationid', - 'selectDiscoveryRule': 'itemid', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), - 'type': get_type(module.params['ztype']), - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - if params['type'] in [2, 5, 7, 8, 11, 15]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'ruleid': - if value != zab_results['discoveryRule']['itemid']: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_mediatype.py b/roles/os_zabbix/library/zbx_mediatype.py deleted file mode 100644 index a49aecd0f..000000000 --- a/roles/os_zabbix/library/zbx_mediatype.py +++ /dev/null @@ -1,149 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for mediatype -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix mediatype ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True -def get_mtype(mtype): - ''' - Transport used by the media type. - Possible values: - 0 - email; - 1 - script; - 2 - SMS; - 3 - Jabber; - 100 - Ez Texting. - ''' - mtype = mtype.lower() - media_type = None - if mtype == 'script': - media_type = 1 - elif mtype == 'sms': - media_type = 2 - elif mtype == 'jabber': - media_type = 3 - elif mtype == 'script': - media_type = 100 - else: - media_type = 0 - - return media_type - -def main(): - ''' - Ansible zabbix module for mediatype - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - description=dict(default=None, type='str'), - mtype=dict(default=None, type='str'), - smtp_server=dict(default=None, type='str'), - smtp_helo=dict(default=None, type='str'), - smtp_email=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'mediatype' - idname = "mediatypeid" - description = module.params['description'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'description': description, - 'type': get_mtype(module.params['media_type']), - 'smtp_server': module.params['smtp_server'], - 'smtp_helo': module.params['smtp_helo'], - 'smtp_email': module.params['smtp_email'], - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and \ - zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_template.py b/roles/os_zabbix/library/zbx_template.py deleted file mode 100644 index 20ea48a85..000000000 --- a/roles/os_zabbix/library/zbx_template.py +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for template -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix template ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' Ansible module for template - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zbc = ZabbixConnection(module.params['server'], user, passwd, module.params['debug']) - zapi = ZabbixAPI(zbc) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'template' - idname = 'templateid' - tname = module.params['name'] - state = module.params['state'] - # get a template, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': tname}, - 'selectParentTemplates': 'templateid', - 'selectGroups': 'groupid', - 'selectApplications': 'applicationid', - 'selectDiscoveries': 'extend', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'groups': module.params.get('groups', [{'groupid': '1'}]), - 'host': tname, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_trigger.py b/roles/os_zabbix/library/zbx_trigger.py deleted file mode 100644 index 7cc9356c8..000000000 --- a/roles/os_zabbix/library/zbx_trigger.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix triggers -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix trigger ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - - -def get_priority(priority): - ''' determine priority - ''' - prior = 0 - if 'info' in priority: - prior = 1 - elif 'warn' in priority: - prior = 2 - elif 'avg' == priority or 'ave' in priority: - prior = 3 - elif 'high' in priority: - prior = 4 - elif 'dis' in priority: - prior = 5 - - return prior - -def get_deps(zapi, deps): - ''' get trigger dependencies - ''' - results = [] - for desc in deps: - content = zapi.get_content('trigger', - 'get', - {'search': {'description': desc}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if content.has_key('result'): - results.append({'triggerid': content['result'][0]['triggerid']}) - - return results - -def main(): - ''' - Create a trigger in zabbix - - Example: - "params": { - "description": "Processor load is too high on {HOST.NAME}", - "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", - "dependencies": [ - { - "triggerid": "14062" - } - ] - }, - - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - expression=dict(default=None, type='str'), - description=dict(default=None, type='str'), - dependencies=dict(default=[], type='list'), - priority=dict(default='avg', type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'trigger' - idname = "triggerid" - state = module.params['state'] - description = module.params['description'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'description': description}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'description': description, - 'expression': module.params['expression'], - 'dependencies': get_deps(zapi, module.params['dependencies']), - 'priority': get_priority(module.params['priority']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/os_zabbix/library/zbx_user.py deleted file mode 100644 index c45c9a75d..000000000 --- a/roles/os_zabbix/library/zbx_user.py +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix users -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix user ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_usergroups(zapi, usergroups): - ''' Get usergroups - ''' - ugroups = [] - for ugr in usergroups: - content = zapi.get_content('usergroup', - 'get', - {'search': {'name': ugr}, - #'selectUsers': 'userid', - #'getRights': 'extend' - }) - if content['result']: - ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) - - return ugroups or None - -def get_usertype(user_type): - ''' - Determine zabbix user account type - ''' - if not user_type: - return None - - utype = 1 - if 'super' in user_type: - utype = 3 - elif 'admin' in user_type or user_type == 'admin': - utype = 2 - - return utype - -def main(): - ''' - ansible zabbix module for users - ''' - - ##def user(self, name, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - alias=dict(default=None, type='str'), - name=dict(default=None, type='str'), - surname=dict(default=None, type='str'), - user_type=dict(default=None, type='str'), - passwd=dict(default=None, type='str'), - usergroups=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) - - ## before we can create a user media and users with media types we need media - zbx_class_name = 'user' - idname = "userid" - alias = module.params['alias'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'output': 'extend', - 'search': {'alias': alias}, - "selectUsrgrps": 'usergrpid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'alias': alias, - 'passwd': module.params['passwd'], - 'usrgrps': get_usergroups(zapi, module.params['usergroups']), - 'name': module.params['name'], - 'surname': module.params['surname'], - 'type': get_usertype(module.params['user_type']), - } - - # Remove any None valued params - _ = [params.pop(key, None) for key in params.keys() if params[key] is None] - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'passwd': - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_usergroup.py b/roles/os_zabbix/library/zbx_usergroup.py deleted file mode 100644 index ede4c9df1..000000000 --- a/roles/os_zabbix/library/zbx_usergroup.py +++ /dev/null @@ -1,160 +0,0 @@ -#!/usr/bin/env python -''' -zabbix ansible module for usergroups -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix usergroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rights(zapi, rights): - '''Get rights - ''' - perms = [] - for right in rights: - hstgrp = right.keys()[0] - perm = right.values()[0] - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) - if content['result']: - permission = 0 - if perm == 'ro': - permission = 2 - elif perm == 'rw': - permission = 3 - perms.append({'id': content['result'][0]['groupid'], - 'permission': permission}) - return perms - -def get_userids(zapi, users): - ''' Get userids from user aliases - ''' - userids = [] - for alias in users: - content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) - if content['result']: - userids.append(content['result'][0]['userid']) - - return userids - -def main(): - ''' Ansible module for usergroup - ''' - - ##def usergroup(self, name, rights=None, users=None, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - rights=dict(default=[], type='list'), - users=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - zbx_class_name = 'usergroup' - idname = "usrgrpid" - uname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': uname}, - 'selectUsers': 'userid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': uname, - 'rights': get_rights(zapi, module.params['rights']), - 'userids': get_userids(zapi, module.params['users']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'rights': - differences['rights'] = value - - elif key == 'userids' and zab_results.has_key('users'): - if zab_results['users'] != value: - differences['userids'] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/meta/main.yml b/roles/os_zabbix/meta/main.yml new file mode 100644 index 000000000..360f5aad2 --- /dev/null +++ b/roles/os_zabbix/meta/main.yml @@ -0,0 +1,9 @@ +--- +galaxy_info: + author: OpenShift + description: ZabbixAPI + company: Red Hat, Inc + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: +- lib_zabbix diff --git a/roles/os_zabbix/tasks/clean_zabbix.yml b/roles/os_zabbix/tasks/clean_zabbix.yml new file mode 100644 index 000000000..1bcc07d42 --- /dev/null +++ b/roles/os_zabbix/tasks/clean_zabbix.yml @@ -0,0 +1,47 @@ +--- +- name: CLEAN List template for heartbeat + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + state: list + name: 'Template Heartbeat' + register: templ_heartbeat + +- name: CLEAN List template app zabbix server + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + state: list + name: 'Template App Zabbix Server' + register: templ_zabbix_server + +- name: CLEAN List template app zabbix server + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + state: list + name: 'Template App Zabbix Agent' + register: templ_zabbix_agent + +- name: CLEAN List all templates + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + state: list + register: templates + +- debug: var=templ_heartbeat.results + +- name: Remove templates if heartbeat template is missing + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + name: "{{ item }}" + state: absent + with_items: "{{ templates.results | difference(templ_zabbix_agent.results) | difference(templ_zabbix_server.results) | oo_collect('host') }}" + when: templ_heartbeat.results | length == 0 diff --git a/roles/os_zabbix/tasks/create_template.yml b/roles/os_zabbix/tasks/create_template.yml new file mode 100644 index 000000000..070390aba --- /dev/null +++ b/roles/os_zabbix/tasks/create_template.yml @@ -0,0 +1,56 @@ +--- +- debug: var=template + +- name: Template Create Template + zbx_template: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + name: "{{ template.name }}" + register: created_template + +- debug: var=created_template + +- name: Create Application + zbx_application: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + name: "{{ item }}" + template_name: "{{ template.name }}" + with_items: template.zapplications + register: created_application + when: template.zapplications is defined + +- debug: var=created_application + +- name: Create Items + zbx_item: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + key: "{{ item.key }}" + name: "{{ item.name | default(item.key, true) }}" + value_type: "{{ item.value_type | default('int') }}" + template_name: "{{ template.name }}" + applications: "{{ item.application }}" + with_items: template.zitems + register: created_items + when: template.zitems is defined + +#- debug: var=ctp_created_items + +- name: Create Triggers + zbx_trigger: + server: "{{ server }}" + user: "{{ user }}" + password: "{{ password }}" + description: "{{ item.description }}" + expression: "{{ item.expression }}" + priority: "{{ item.priority }}" + with_items: template.ztriggers + when: template.ztriggers is defined + +#- debug: var=ctp_created_triggers + + diff --git a/roles/os_zabbix/tasks/create_user.yml b/roles/os_zabbix/tasks/create_user.yml new file mode 100644 index 000000000..1f752a9e1 --- /dev/null +++ b/roles/os_zabbix/tasks/create_user.yml @@ -0,0 +1,11 @@ +--- +- name: Update zabbix credentialss for a user + zbx_user: + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + alias: "{{ ozb_username }}" + passwd: "{{ ozb_new_password | default(ozb_password, true) }}" + register: user + +- debug: var=user.results diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml new file mode 100644 index 000000000..06c0a09fc --- /dev/null +++ b/roles/os_zabbix/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Main List all templates + zbx_template: + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + state: list + register: templates + +- debug: var=templates + +- include_vars: template_heartbeat.yml +- include_vars: template_os_linux.yml + +- name: Include Template Heartbeat + include: create_template.yml + vars: + template: "{{ g_template_heartbeat }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + +#- name: Include Template os_linux +# include: create_template.yml +# vars: +# template: "{{ g_template_os_linux }}" +# server: "{{ ozb_server }}" +# user: "{{ ozb_user }}" +# password: "{{ ozb_password }}" + diff --git a/roles/os_zabbix/vars/main.yml b/roles/os_zabbix/vars/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/vars/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml new file mode 100644 index 000000000..158d6c79a --- /dev/null +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -0,0 +1,13 @@ +--- +g_template_heartbeat: + name: Template Heartbeat + zapplications: + - Heartbeat + zitems: + - name: Heartbeat Ping + application: Heartbeat + key: heartbeat.ping + ztriggers: + - description: 'Heartbeat.ping has failed on {HOST.NAME}' + expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' + priority: avg diff --git a/roles/os_zabbix/vars/template_host.yml b/roles/os_zabbix/vars/template_host.yml new file mode 100644 index 000000000..e7cc667cb --- /dev/null +++ b/roles/os_zabbix/vars/template_host.yml @@ -0,0 +1,27 @@ +--- +g_template_host: + params: + name: Template Host + host: Template Host + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Host + zitems: + - name: Host Ping + hostid: + key_: host.ping + type: 2 + value_type: 0 + output: extend + search: + key_: host.ping + ztriggers: + - description: 'Host ping has failed on {HOST.NAME}' + expression: '{Template Host:host.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Host ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_master.yml b/roles/os_zabbix/vars/template_master.yml new file mode 100644 index 000000000..5f9b41a4f --- /dev/null +++ b/roles/os_zabbix/vars/template_master.yml @@ -0,0 +1,27 @@ +--- +g_template_master: + params: + name: Template Master + host: Template Master + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Master + zitems: + - name: Master Etcd Ping + hostid: + key_: master.etcd.ping + type: 2 + value_type: 0 + output: extend + search: + key_: master.etcd.ping + ztriggers: + - description: 'Master Etcd ping has failed on {HOST.NAME}' + expression: '{Template Master:master.etcd.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Master Etcd ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_node.yml b/roles/os_zabbix/vars/template_node.yml new file mode 100644 index 000000000..98c343a24 --- /dev/null +++ b/roles/os_zabbix/vars/template_node.yml @@ -0,0 +1,27 @@ +--- +g_template_node: + params: + name: Template Node + host: Template Node + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Node + zitems: + - name: Kubelet Ping + hostid: + key_: kubelet.ping + type: 2 + value_type: 0 + output: extend + search: + key_: kubelet.ping + ztriggers: + - description: 'Kubelet ping has failed on {HOST.NAME}' + expression: '{Template Node:kubelet.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Kubelet ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml new file mode 100644 index 000000000..1cc928bce --- /dev/null +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -0,0 +1,143 @@ +--- +g_template_os_linux: + name: Template OS Linux + zapplications: + - Disk + - Memory + - Kernel + zitems: + - key: kernel.uname.sysname + application: Kernel + value_type: string + + - key: kernel.all.cpu.wait.total + application: Kernel + value_type: int + + - key: kernel.all.cpu.irq.hard + application: Kernel + value_type: int + + - key: kernel.all.cpu.idle + application: Kernel + value_type: int + + - key: kernel.uname.distro + application: Kernel + value_type: string + + - key: kernel.uname.nodename + application: Kernel + value_type: string + + - key: kernel.all.cpu.irq.soft + application: Kernel + value_type: int + + - key: kernel.all.load.15_minute + application: Kernel + value_type: float + + - key: kernel.all.cpu.sys + application: Kernel + value_type: int + + - key: kernel.all.load.5_minute + application: Kernel + value_type: float + + - key: mem.freemem + application: Memory + value_type: int + + - key: kernel.all.cpu.nice + application: Kernel + value_type: int + + - key: mem.util.bufmem + application: Memory + value_type: int + + - key: swap.used + application: Memory + value_type: int + + - key: kernel.all.load.1_minute + application: Kernel + value_type: float + + - key: kernel.uname.version + application: Kernel + value_type: string + + - key: swap.length + application: Memory + value_type: int + + - key: mem.physmem + application: Memory + value_type: int + + - key: kernel.all.uptime + application: Kernel + value_type: int + + - key: swap.free + application: Memory + value_type: int + + - key: mem.util.used + application: Memory + value_type: int + + - key: kernel.all.cpu.user + application: Kernel + value_type: int + + - key: kernel.uname.machine + application: Kernel + value_type: string + + - key: hinv.ncpu + application: Kernel + value_type: int + + - key: mem.util.cached + application: Memory + value_type: int + + - key: kernel.all.cpu.steal + application: Kernel + value_type: int + + - key: kernel.all.pswitch + application: Kernel + value_type: int + + - key: kernel.uname.release + application: Kernel + value_type: string + + - key: proc.nprocs + application: Kernel + value_type: int + + - key: filesys.avail + application: Disk + value_type: int + + - key: filesys.capacity + application: Disk + value_type: int + + - key: filesys.free + application: Disk + value_type: int + + - key: filesys.full + application: Disk + value_type: float + + - key: filesys.used + application: Disk + value_type: float diff --git a/roles/os_zabbix/vars/template_router.yml b/roles/os_zabbix/vars/template_router.yml new file mode 100644 index 000000000..4dae7da1e --- /dev/null +++ b/roles/os_zabbix/vars/template_router.yml @@ -0,0 +1,27 @@ +--- +g_template_router: + params: + name: Template Router + host: Template Router + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Router + zitems: + - name: Router Backends down + hostid: + key_: router.backends.down + type: 2 + value_type: 0 + output: extend + search: + key_: router.backends.down + ztriggers: + - description: 'Number of router backends down on {HOST.NAME}' + expression: '{Template Router:router.backends.down.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Number of router backends down on {HOST.NAME}' + expandExpression: True -- cgit v1.2.3 From 91eebb77744753bde5b4b83e7c7634ee47e5b859 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 27 Aug 2015 11:12:42 -0400 Subject: Revert "Zabbix API updates" --- filter_plugins/oo_zabbix_filters.py | 29 --- playbooks/adhoc/zabbix_setup/clean_zabbix.yml | 51 +++++ playbooks/adhoc/zabbix_setup/create_template.yml | 57 +++++ playbooks/adhoc/zabbix_setup/create_user.yml | 31 +++ playbooks/adhoc/zabbix_setup/filter_plugins | 1 + playbooks/adhoc/zabbix_setup/roles | 1 + playbooks/adhoc/zabbix_setup/setup_zabbix.yml | 38 ++++ .../adhoc/zabbix_setup/vars/template_heartbeat.yml | 11 + .../adhoc/zabbix_setup/vars/template_host.yml | 27 +++ .../adhoc/zabbix_setup/vars/template_master.yml | 27 +++ .../adhoc/zabbix_setup/vars/template_node.yml | 27 +++ .../adhoc/zabbix_setup/vars/template_os_linux.yml | 90 ++++++++ .../adhoc/zabbix_setup/vars/template_router.yml | 27 +++ roles/lib_zabbix/README.md | 38 ---- roles/lib_zabbix/library/__init__.py | 0 roles/lib_zabbix/library/test.yml | 131 ----------- roles/lib_zabbix/library/zbx_application.py | 139 ------------ roles/lib_zabbix/library/zbx_discoveryrule.py | 177 --------------- roles/lib_zabbix/library/zbx_host.py | 163 -------------- roles/lib_zabbix/library/zbx_hostgroup.py | 116 ---------- roles/lib_zabbix/library/zbx_item.py | 173 --------------- roles/lib_zabbix/library/zbx_itemprototype.py | 241 --------------------- roles/lib_zabbix/library/zbx_mediatype.py | 168 -------------- roles/lib_zabbix/library/zbx_template.py | 133 ------------ roles/lib_zabbix/library/zbx_trigger.py | 174 --------------- roles/lib_zabbix/library/zbx_user.py | 174 --------------- roles/lib_zabbix/library/zbx_user_media.py | 240 -------------------- roles/lib_zabbix/library/zbx_usergroup.py | 208 ------------------ roles/os_zabbix/README.md | 40 ---- roles/os_zabbix/defaults/main.yml | 1 - roles/os_zabbix/handlers/main.yml | 1 - roles/os_zabbix/library/__init__.py | 0 roles/os_zabbix/library/get_drule.yml | 115 ++++++++++ roles/os_zabbix/library/test.yml | 131 +++++++++++ roles/os_zabbix/library/zbx_application.py | 135 ++++++++++++ roles/os_zabbix/library/zbx_discoveryrule.py | 177 +++++++++++++++ roles/os_zabbix/library/zbx_host.py | 163 ++++++++++++++ roles/os_zabbix/library/zbx_hostgroup.py | 116 ++++++++++ roles/os_zabbix/library/zbx_item.py | 170 +++++++++++++++ roles/os_zabbix/library/zbx_itemprototype.py | 241 +++++++++++++++++++++ roles/os_zabbix/library/zbx_mediatype.py | 149 +++++++++++++ roles/os_zabbix/library/zbx_template.py | 127 +++++++++++ roles/os_zabbix/library/zbx_trigger.py | 175 +++++++++++++++ roles/os_zabbix/library/zbx_user.py | 169 +++++++++++++++ roles/os_zabbix/library/zbx_usergroup.py | 160 ++++++++++++++ roles/os_zabbix/meta/main.yml | 9 - roles/os_zabbix/tasks/clean_zabbix.yml | 47 ---- roles/os_zabbix/tasks/create_template.yml | 56 ----- roles/os_zabbix/tasks/create_user.yml | 11 - roles/os_zabbix/tasks/main.yml | 30 --- roles/os_zabbix/vars/main.yml | 1 - roles/os_zabbix/vars/template_heartbeat.yml | 13 -- roles/os_zabbix/vars/template_host.yml | 27 --- roles/os_zabbix/vars/template_master.yml | 27 --- roles/os_zabbix/vars/template_node.yml | 27 --- roles/os_zabbix/vars/template_os_linux.yml | 143 ------------ roles/os_zabbix/vars/template_router.yml | 27 --- 57 files changed, 2416 insertions(+), 2764 deletions(-) create mode 100644 playbooks/adhoc/zabbix_setup/clean_zabbix.yml create mode 100644 playbooks/adhoc/zabbix_setup/create_template.yml create mode 100644 playbooks/adhoc/zabbix_setup/create_user.yml create mode 120000 playbooks/adhoc/zabbix_setup/filter_plugins create mode 120000 playbooks/adhoc/zabbix_setup/roles create mode 100644 playbooks/adhoc/zabbix_setup/setup_zabbix.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_host.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_master.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_node.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml create mode 100644 playbooks/adhoc/zabbix_setup/vars/template_router.yml delete mode 100644 roles/lib_zabbix/README.md delete mode 100644 roles/lib_zabbix/library/__init__.py delete mode 100644 roles/lib_zabbix/library/test.yml delete mode 100644 roles/lib_zabbix/library/zbx_application.py delete mode 100644 roles/lib_zabbix/library/zbx_discoveryrule.py delete mode 100644 roles/lib_zabbix/library/zbx_host.py delete mode 100644 roles/lib_zabbix/library/zbx_hostgroup.py delete mode 100644 roles/lib_zabbix/library/zbx_item.py delete mode 100644 roles/lib_zabbix/library/zbx_itemprototype.py delete mode 100644 roles/lib_zabbix/library/zbx_mediatype.py delete mode 100644 roles/lib_zabbix/library/zbx_template.py delete mode 100644 roles/lib_zabbix/library/zbx_trigger.py delete mode 100644 roles/lib_zabbix/library/zbx_user.py delete mode 100644 roles/lib_zabbix/library/zbx_user_media.py delete mode 100644 roles/lib_zabbix/library/zbx_usergroup.py delete mode 100644 roles/os_zabbix/README.md delete mode 100644 roles/os_zabbix/defaults/main.yml delete mode 100644 roles/os_zabbix/handlers/main.yml create mode 100644 roles/os_zabbix/library/__init__.py create mode 100644 roles/os_zabbix/library/get_drule.yml create mode 100644 roles/os_zabbix/library/test.yml create mode 100644 roles/os_zabbix/library/zbx_application.py create mode 100644 roles/os_zabbix/library/zbx_discoveryrule.py create mode 100644 roles/os_zabbix/library/zbx_host.py create mode 100644 roles/os_zabbix/library/zbx_hostgroup.py create mode 100644 roles/os_zabbix/library/zbx_item.py create mode 100644 roles/os_zabbix/library/zbx_itemprototype.py create mode 100644 roles/os_zabbix/library/zbx_mediatype.py create mode 100644 roles/os_zabbix/library/zbx_template.py create mode 100644 roles/os_zabbix/library/zbx_trigger.py create mode 100644 roles/os_zabbix/library/zbx_user.py create mode 100644 roles/os_zabbix/library/zbx_usergroup.py delete mode 100644 roles/os_zabbix/meta/main.yml delete mode 100644 roles/os_zabbix/tasks/clean_zabbix.yml delete mode 100644 roles/os_zabbix/tasks/create_template.yml delete mode 100644 roles/os_zabbix/tasks/create_user.yml delete mode 100644 roles/os_zabbix/tasks/main.yml delete mode 100644 roles/os_zabbix/vars/main.yml delete mode 100644 roles/os_zabbix/vars/template_heartbeat.yml delete mode 100644 roles/os_zabbix/vars/template_host.yml delete mode 100644 roles/os_zabbix/vars/template_master.yml delete mode 100644 roles/os_zabbix/vars/template_node.yml delete mode 100644 roles/os_zabbix/vars/template_os_linux.yml delete mode 100644 roles/os_zabbix/vars/template_router.yml diff --git a/filter_plugins/oo_zabbix_filters.py b/filter_plugins/oo_zabbix_filters.py index c44b874e8..a473993a2 100644 --- a/filter_plugins/oo_zabbix_filters.py +++ b/filter_plugins/oo_zabbix_filters.py @@ -59,17 +59,6 @@ class FilterModule(object): return data[zabbix_item]['params'] return None - @staticmethod - def oo_build_zabbix_collect(data, string, value): - ''' Build a list of dicts from a list of data matched on string attribute - ''' - rval = [] - for item in data: - if item[string] == value: - rval.append(item) - - return rval - @staticmethod def oo_build_zabbix_list_dict(values, string): ''' Build a list of dicts with string as key for each value @@ -79,22 +68,6 @@ class FilterModule(object): rval.append({string: value}) return rval - @staticmethod - def oo_remove_attr_from_list_dict(data, attr): - ''' Remove a specific attribute from a dict - ''' - attrs = [] - if isinstance(attr, str): - attrs.append(attr) - else: - attrs = attr - - for attribute in attrs: - for _entry in data: - _entry.pop(attribute, None) - - return data - def filters(self): ''' returns a mapping of filters to methods ''' return { @@ -103,6 +76,4 @@ class FilterModule(object): "oo_set_zbx_trigger_triggerid": self.oo_set_zbx_trigger_triggerid, "oo_build_zabbix_list_dict": self.oo_build_zabbix_list_dict, "create_data": self.create_data, - "oo_build_zabbix_collect": self.oo_build_zabbix_collect, - "oo_remove_attr_from_list_dict": self.oo_remove_attr_from_list_dict, } diff --git a/playbooks/adhoc/zabbix_setup/clean_zabbix.yml b/playbooks/adhoc/zabbix_setup/clean_zabbix.yml new file mode 100644 index 000000000..a31cbef65 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/clean_zabbix.yml @@ -0,0 +1,51 @@ +--- +- hosts: localhost + gather_facts: no + vars: + g_zserver: http://localhost/zabbix/api_jsonrpc.php + g_zuser: Admin + g_zpassword: zabbix + roles: + - ../../../roles/os_zabbix + post_tasks: + + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + name: 'Template Heartbeat' + register: templ_heartbeat + + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + name: 'Template App Zabbix Server' + register: templ_zabbix_server + + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + name: 'Template App Zabbix Agent' + register: templ_zabbix_agent + + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + register: templates + + - debug: var=templ_heartbeat.results + + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: absent + with_items: "{{ templates.results | difference(templ_zabbix_agent.results) | difference(templ_zabbix_server.results) | oo_collect('host') }}" + when: templ_heartbeat.results | length == 0 diff --git a/playbooks/adhoc/zabbix_setup/create_template.yml b/playbooks/adhoc/zabbix_setup/create_template.yml new file mode 100644 index 000000000..50fff53b2 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/create_template.yml @@ -0,0 +1,57 @@ +--- +- debug: var=ctp_template + +- name: Create Template + zbx_template: + server: "{{ ctp_zserver }}" + user: "{{ ctp_zuser }}" + password: "{{ ctp_zpassword }}" + name: "{{ ctp_template.name }}" + register: ctp_created_template + +- debug: var=ctp_created_template + +#- name: Create Application +# zbxapi: +# server: "{{ ctp_zserver }}" +# user: "{{ ctp_zuser }}" +# password: "{{ ctp_zpassword }}" +# zbx_class: Application +# state: present +# params: +# name: "{{ ctp_template.application.name}}" +# hostid: "{{ ctp_created_template.results[0].templateid }}" +# search: +# name: "{{ ctp_template.application.name}}" +# register: ctp_created_application + +#- debug: var=ctp_created_application + +- name: Create Items + zbx_item: + server: "{{ ctp_zserver }}" + user: "{{ ctp_zuser }}" + password: "{{ ctp_zpassword }}" + key: "{{ item.key }}" + name: "{{ item.name | default(item.key, true) }}" + value_type: "{{ item.value_type | default('int') }}" + template_name: "{{ ctp_template.name }}" + with_items: ctp_template.zitems + register: ctp_created_items + +#- debug: var=ctp_created_items + +- name: Create Triggers + zbx_trigger: + server: "{{ ctp_zserver }}" + user: "{{ ctp_zuser }}" + password: "{{ ctp_zpassword }}" + description: "{{ item.description }}" + expression: "{{ item.expression }}" + priority: "{{ item.priority }}" + with_items: ctp_template.ztriggers + when: ctp_template.ztriggers is defined + +#- debug: var=ctp_created_triggers + + diff --git a/playbooks/adhoc/zabbix_setup/create_user.yml b/playbooks/adhoc/zabbix_setup/create_user.yml new file mode 100644 index 000000000..dd74798b7 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/create_user.yml @@ -0,0 +1,31 @@ +--- +# export PYTHONPATH='/usr/lib/python2.7/site-packages/:/home/kwoodson/git/openshift-tools' +# ansible-playbook -e 'cli_password=zabbix' -e 'cli_new_password=new-zabbix' create_user.yml +- hosts: localhost + gather_facts: no + vars_files: + - vars/template_heartbeat.yml + - vars/template_os_linux.yml + vars: + g_zserver: http://localhost/zabbix/api_jsonrpc.php + g_zuser: admin + g_zpassword: "{{ cli_password }}" + roles: + - ../../../roles/os_zabbix + post_tasks: + - zbx_user: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + register: users + + - debug: var=users + + - name: Update zabbix creds for admin + zbx_user: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + alias: Admin + passwd: "{{ cli_new_password | default(g_zpassword, true) }}" diff --git a/playbooks/adhoc/zabbix_setup/filter_plugins b/playbooks/adhoc/zabbix_setup/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/roles b/playbooks/adhoc/zabbix_setup/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/roles @@ -0,0 +1 @@ +../../../roles/ \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/setup_zabbix.yml b/playbooks/adhoc/zabbix_setup/setup_zabbix.yml new file mode 100644 index 000000000..1729194b5 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/setup_zabbix.yml @@ -0,0 +1,38 @@ +--- +- hosts: localhost + gather_facts: no + vars_files: + - vars/template_heartbeat.yml + - vars/template_os_linux.yml + vars: + g_zserver: http://localhost/zabbix/api_jsonrpc.php + g_zuser: Admin + g_zpassword: zabbix + roles: + - ../../../roles/os_zabbix + post_tasks: + - zbx_template: + server: "{{ g_zserver }}" + user: "{{ g_zuser }}" + password: "{{ g_zpassword }}" + state: list + register: templates + + - debug: var=templates + + - name: Include Template + include: create_template.yml + vars: + ctp_template: "{{ g_template_heartbeat }}" + ctp_zserver: "{{ g_zserver }}" + ctp_zuser: "{{ g_zuser }}" + ctp_zpassword: "{{ g_zpassword }}" + + - name: Include Template + include: create_template.yml + vars: + ctp_template: "{{ g_template_os_linux }}" + ctp_zserver: "{{ g_zserver }}" + ctp_zuser: "{{ g_zuser }}" + ctp_zpassword: "{{ g_zpassword }}" + diff --git a/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml b/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml new file mode 100644 index 000000000..22cc75554 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml @@ -0,0 +1,11 @@ +--- +g_template_heartbeat: + name: Template Heartbeat + zitems: + - name: Heartbeat Ping + hostid: + key: heartbeat.ping + ztriggers: + - description: 'Heartbeat.ping has failed on {HOST.NAME}' + expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' + priority: avg diff --git a/playbooks/adhoc/zabbix_setup/vars/template_host.yml b/playbooks/adhoc/zabbix_setup/vars/template_host.yml new file mode 100644 index 000000000..e7cc667cb --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_host.yml @@ -0,0 +1,27 @@ +--- +g_template_host: + params: + name: Template Host + host: Template Host + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Host + zitems: + - name: Host Ping + hostid: + key_: host.ping + type: 2 + value_type: 0 + output: extend + search: + key_: host.ping + ztriggers: + - description: 'Host ping has failed on {HOST.NAME}' + expression: '{Template Host:host.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Host ping has failed on*' + expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_master.yml b/playbooks/adhoc/zabbix_setup/vars/template_master.yml new file mode 100644 index 000000000..5f9b41a4f --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_master.yml @@ -0,0 +1,27 @@ +--- +g_template_master: + params: + name: Template Master + host: Template Master + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Master + zitems: + - name: Master Etcd Ping + hostid: + key_: master.etcd.ping + type: 2 + value_type: 0 + output: extend + search: + key_: master.etcd.ping + ztriggers: + - description: 'Master Etcd ping has failed on {HOST.NAME}' + expression: '{Template Master:master.etcd.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Master Etcd ping has failed on*' + expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_node.yml b/playbooks/adhoc/zabbix_setup/vars/template_node.yml new file mode 100644 index 000000000..98c343a24 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_node.yml @@ -0,0 +1,27 @@ +--- +g_template_node: + params: + name: Template Node + host: Template Node + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Node + zitems: + - name: Kubelet Ping + hostid: + key_: kubelet.ping + type: 2 + value_type: 0 + output: extend + search: + key_: kubelet.ping + ztriggers: + - description: 'Kubelet ping has failed on {HOST.NAME}' + expression: '{Template Node:kubelet.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Kubelet ping has failed on*' + expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml b/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml new file mode 100644 index 000000000..9cc038ffa --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml @@ -0,0 +1,90 @@ +--- +g_template_os_linux: + name: Template OS Linux + zitems: + - key: kernel.uname.sysname + value_type: string + + - key: kernel.all.cpu.wait.total + value_type: int + + - key: kernel.all.cpu.irq.hard + value_type: int + + - key: kernel.all.cpu.idle + value_type: int + + - key: kernel.uname.distro + value_type: string + + - key: kernel.uname.nodename + value_type: string + + - key: kernel.all.cpu.irq.soft + value_type: int + + - key: kernel.all.load.15_minute + value_type: float + + - key: kernel.all.cpu.sys + value_type: int + + - key: kernel.all.load.5_minute + value_type: float + + - key: mem.freemem + value_type: int + + - key: kernel.all.cpu.nice + value_type: int + + - key: mem.util.bufmem + value_type: int + + - key: swap.used + value_type: int + + - key: kernel.all.load.1_minute + value_type: float + + - key: kernel.uname.version + value_type: string + + - key: swap.length + value_type: int + + - key: mem.physmem + value_type: int + + - key: kernel.all.uptime + value_type: int + + - key: swap.free + value_type: int + + - key: mem.util.used + value_type: int + + - key: kernel.all.cpu.user + value_type: int + + - key: kernel.uname.machine + value_type: string + + - key: hinv.ncpu + value_type: int + + - key: mem.util.cached + value_type: int + + - key: kernel.all.cpu.steal + value_type: int + + - key: kernel.all.pswitch + value_type: int + + - key: kernel.uname.release + value_type: string + + - key: proc.nprocs + value_type: int diff --git a/playbooks/adhoc/zabbix_setup/vars/template_router.yml b/playbooks/adhoc/zabbix_setup/vars/template_router.yml new file mode 100644 index 000000000..4dae7da1e --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/vars/template_router.yml @@ -0,0 +1,27 @@ +--- +g_template_router: + params: + name: Template Router + host: Template Router + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Router + zitems: + - name: Router Backends down + hostid: + key_: router.backends.down + type: 2 + value_type: 0 + output: extend + search: + key_: router.backends.down + ztriggers: + - description: 'Number of router backends down on {HOST.NAME}' + expression: '{Template Router:router.backends.down.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Number of router backends down on {HOST.NAME}' + expandExpression: True diff --git a/roles/lib_zabbix/README.md b/roles/lib_zabbix/README.md deleted file mode 100644 index 69debc698..000000000 --- a/roles/lib_zabbix/README.md +++ /dev/null @@ -1,38 +0,0 @@ -zabbix -========= - -Automate zabbix tasks. - -Requirements ------------- - -This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. - -Role Variables --------------- - -None - -Dependencies ------------- - -This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. - -Example Playbook ----------------- - - - zbx_host: - server: zab_server - user: zab_user - password: zab_password - name: 'myhost' - -License -------- - -ASL 2.0 - -Author Information ------------------- - -OpenShift operations, Red Hat, Inc diff --git a/roles/lib_zabbix/library/__init__.py b/roles/lib_zabbix/library/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/roles/lib_zabbix/library/test.yml b/roles/lib_zabbix/library/test.yml deleted file mode 100644 index cedace1a0..000000000 --- a/roles/lib_zabbix/library/test.yml +++ /dev/null @@ -1,131 +0,0 @@ ---- -# This is a test playbook to create one of each of the zabbix ansible modules. -# ensure that the zbxapi module is installed -# ansible-playbook test.yml -- name: Test zabbix ansible module - hosts: localhost - gather_facts: no - vars: - zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php - zbx_user: Admin - zbx_password: zabbix - - pre_tasks: - - name: Create a template - zbx_template: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test template' - register: template_output - - - debug: var=template_output - - - name: Create a discoveryrule - zbx_discoveryrule: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: test discoverule - key: test_listener - template_name: test template - lifetime: 14 - register: discoveryrule - - - debug: var=discoveryrule - - - name: Create an itemprototype - zbx_itemprototype: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test itemprototype on {#TEST_LISTENER}' - key: 'test[{#TEST_LISTENER}]' - template_name: test template - discoveryrule_name: test discoverule - register: itemproto - - - debug: var=itemproto - - - name: Create an application - zbx_application: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test App' - template_name: "test template" - register: item_output - - - name: Create an item - zbx_item: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test item' - key: 'kenny.item.1' - applications: - - 'Test App' - template_name: "test template" - register: item_output - - - debug: var=item_output - - - name: Create an trigger - zbx_trigger: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - expression: '{test template:kenny.item.1.last()}>2' - description: 'Kenny desc' - register: trigger_output - - - debug: var=trigger_output - - - name: Create a hostgroup - zbx_hostgroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny hostgroup' - register: hostgroup_output - - - debug: var=hostgroup_output - - - name: Create a host - zbx_host: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny host' - template_names: - - test template - hostgroup_names: - - kenny hostgroup - register: host_output - - - debug: var=host_output - - - name: Create a usergroup - zbx_usergroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: kenny usergroup - rights: - - 'kenny hostgroup': rw - register: usergroup_output - - - debug: var=usergroup_output - - - name: Create a user - zbx_user: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - alias: kenny user - passwd: zabbix - usergroups: - - kenny usergroup - register: user_output - - - debug: var=user_output diff --git a/roles/lib_zabbix/library/zbx_application.py b/roles/lib_zabbix/library/zbx_application.py deleted file mode 100644 index 01df1a98e..000000000 --- a/roles/lib_zabbix/library/zbx_application.py +++ /dev/null @@ -1,139 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for application -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix application ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append(content['result'][0]['templateid']) - return template_ids - -def main(): - ''' Ansible module for application - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - template_name=dict(default=None, type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], - module.params['user'], - module.params['password'], - module.params['debug'])) - - #Set the instance and the application for the rest of the calls - zbx_class_name = 'application' - idname = 'applicationid' - aname = module.params['name'] - state = module.params['state'] - # get a applicationid, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': aname}, - 'selectHost': 'hostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], - 'name': aname, - } - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - - if content.has_key('error'): - module.exit_json(failed=True, changed=False, results=content['error'], state="present") - - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py deleted file mode 100644 index 56b87fecc..000000000 --- a/roles/lib_zabbix/library/zbx_discoveryrule.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(vtype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'JMX': 16, - } - - for typ in _types.keys(): - if vtype in typ or vtype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'discoveryrule' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - #'selectDServices': 'extend', - #'selectDChecks': 'extend', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'lifetime': module.params['lifetime'], - 'type': get_type(module.params['ztype']), - } - if params['type'] in [2, 5, 7, 11]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_host.py b/roles/lib_zabbix/library/zbx_host.py deleted file mode 100644 index 12c5f3456..000000000 --- a/roles/lib_zabbix/library/zbx_host.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix host ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_group_ids(zapi, hostgroup_names): - ''' - get hostgroups - ''' - # Fetch groups by name - group_ids = [] - for hgr in hostgroup_names: - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) - if content.has_key('result'): - group_ids.append({'groupid': content['result'][0]['groupid']}) - - return group_ids - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append({'templateid': content['result'][0]['templateid']}) - return template_ids - -def main(): - ''' - Ansible module for zabbix host - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - hostgroup_names=dict(default=[], type='list'), - template_names=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - interfaces=dict(default=None, type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'host' - idname = "hostid" - hname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': hname}, - 'selectGroups': 'groupid', - 'selectParentTemplates': 'templateid', - 'selectInterfaces': 'interfaceid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent - 'main': 1, # default interface? 1 = true - 'useip': 1, # default interface? 1 = true - 'ip': '127.0.0.1', # default interface? 1 = true - 'dns': '', # dns for host - 'port': '10050', # port for interface? 10050 - }] - params = {'host': hname, - 'groups': get_group_ids(zapi, module.params['hostgroup_names']), - 'templates': get_template_ids(zapi, module.params['template_names']), - 'interfaces': ifs, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_hostgroup.py b/roles/lib_zabbix/library/zbx_hostgroup.py deleted file mode 100644 index a1eb875d4..000000000 --- a/roles/lib_zabbix/library/zbx_hostgroup.py +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/bin/env python -''' Ansible module for hostgroup -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix hostgroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' ansible module for hostgroup - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'hostgroup' - idname = "groupid" - hname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': hname}, - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': hname} - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py deleted file mode 100644 index 64dbb976f..000000000 --- a/roles/lib_zabbix/library/zbx_item.py +++ /dev/null @@ -1,173 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for zabbix items -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix item ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - if isinstance(application_names, str): - application_names = [application_names] - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - ansible zabbix module for zbx_item - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - template_name=dict(default=None, type='str'), - zabbix_type=dict(default=2, type='int'), - value_type=dict(default='int', type='str'), - applications=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'item' - idname = "itemid" - state = module.params['state'] - key = module.params['key'] - template_name = module.params['template_name'] - - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - templateid = None - if content['result']: - templateid = content['result'][0]['templateid'] - else: - module.exit_json(changed=False, - results='Error: Could find template with name %s for item.' % template_name, - state="Unkown") - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'key_': key}, - 'selectApplications': 'applicationid', - }) - - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': module.params.get('name', module.params['key']), - 'key_': key, - 'hostid': templateid, - 'type': module.params['zabbix_type'], - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py deleted file mode 100644 index f0eb6bbbd..000000000 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ /dev/null @@ -1,241 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rule_id(zapi, discoveryrule_name): - '''get a discoveryrule by name - ''' - content = zapi.get_content('discoveryrule', - 'get', - {'search': {'name': discoveryrule_name}, - 'output': 'extend', - }) - if not content['result']: - return None - return content['result'][0]['itemid'] - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(ztype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'aggregate': 8, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'calculated': 15, - 'JMX': 16, - } - - for typ in _types.keys(): - if ztype in typ or ztype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_status(status): - ''' Determine status - ''' - _status = 0 - if status == 'disabled': - _status = 1 - elif status == 'unsupported': - _status = 3 - - return _status - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - value_type=dict(default='float', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - status=dict(default='enabled', type='str'), - discoveryrule_name=dict(default=None, type='str'), - applications=dict(default=[], type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'itemprototype' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - 'selectApplications': 'applicationid', - 'selectDiscoveryRule': 'itemid', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), - 'type': get_type(module.params['ztype']), - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - if params['type'] in [2, 5, 7, 8, 11, 15]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'ruleid': - if value != zab_results['discoveryRule']['itemid']: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_mediatype.py b/roles/lib_zabbix/library/zbx_mediatype.py deleted file mode 100644 index b8dcaf7aa..000000000 --- a/roles/lib_zabbix/library/zbx_mediatype.py +++ /dev/null @@ -1,168 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for mediatype -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix mediatype ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_mtype(mtype): - ''' - Transport used by the media type. - Possible values: - 0 - email; - 1 - script; - 2 - SMS; - 3 - Jabber; - 100 - Ez Texting. - ''' - mtype = mtype.lower() - media_type = None - if mtype == 'script': - media_type = 1 - elif mtype == 'sms': - media_type = 2 - elif mtype == 'jabber': - media_type = 3 - elif mtype == 'script': - media_type = 100 - else: - media_type = 0 - - return media_type - -def main(): - ''' - Ansible zabbix module for mediatype - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - description=dict(default=None, type='str'), - mtype=dict(default=None, type='str'), - smtp_server=dict(default=None, type='str'), - smtp_helo=dict(default=None, type='str'), - smtp_email=dict(default=None, type='str'), - passwd=dict(default=None, type='str'), - path=dict(default=None, type='str'), - username=dict(default=None, type='str'), - status=dict(default='enabled', type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'mediatype' - idname = "mediatypeid" - description = module.params['description'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - status = 1 - if module.params['status']: - status = 0 - params = {'description': description, - 'type': get_mtype(module.params['mtype']), - 'smtp_server': module.params['smtp_server'], - 'smtp_helo': module.params['smtp_helo'], - 'smtp_email': module.params['smtp_email'], - 'passwd': module.params['passwd'], - 'exec_path': module.params['path'], - 'username': module.params['username'], - 'status': status, - } - - # Remove any None valued params - _ = [params.pop(key, None) for key in params.keys() if params[key] is None] - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - - if content.has_key('error'): - module.exit_json(failed=True, changed=False, results=content['error'], state="present") - - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and \ - zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_template.py b/roles/lib_zabbix/library/zbx_template.py deleted file mode 100644 index f86f22003..000000000 --- a/roles/lib_zabbix/library/zbx_template.py +++ /dev/null @@ -1,133 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for template -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix template ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' Ansible module for template - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - zbc = ZabbixConnection(module.params['server'], - module.params['user'], - module.params['password'], - module.params['debug']) - zapi = ZabbixAPI(zbc) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'template' - idname = 'templateid' - tname = module.params['name'] - state = module.params['state'] - # get a template, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': tname}, - 'selectParentTemplates': 'templateid', - 'selectGroups': 'groupid', - 'selectApplications': 'applicationid', - 'selectDiscoveries': 'extend', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - if not tname: - module.exit_json(failed=True, - changed=False, - results='Must specifiy a template name.', - state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'groups': module.params.get('groups', [{'groupid': '1'}]), - 'host': tname, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py deleted file mode 100644 index 6f5392437..000000000 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix triggers -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix trigger ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_priority(priority): - ''' determine priority - ''' - prior = 0 - if 'info' in priority: - prior = 1 - elif 'warn' in priority: - prior = 2 - elif 'avg' == priority or 'ave' in priority: - prior = 3 - elif 'high' in priority: - prior = 4 - elif 'dis' in priority: - prior = 5 - - return prior - -def get_deps(zapi, deps): - ''' get trigger dependencies - ''' - results = [] - for desc in deps: - content = zapi.get_content('trigger', - 'get', - {'search': {'description': desc}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if content.has_key('result'): - results.append({'triggerid': content['result'][0]['triggerid']}) - - return results - -def main(): - ''' - Create a trigger in zabbix - - Example: - "params": { - "description": "Processor load is too high on {HOST.NAME}", - "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", - "dependencies": [ - { - "triggerid": "14062" - } - ] - }, - - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - expression=dict(default=None, type='str'), - description=dict(default=None, type='str'), - dependencies=dict(default=[], type='list'), - priority=dict(default='avg', type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'trigger' - idname = "triggerid" - state = module.params['state'] - description = module.params['description'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'description': description}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'description': description, - 'expression': module.params['expression'], - 'dependencies': get_deps(zapi, module.params['dependencies']), - 'priority': get_priority(module.params['priority']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py deleted file mode 100644 index 220caa6f1..000000000 --- a/roles/lib_zabbix/library/zbx_user.py +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix users -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix user ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_usergroups(zapi, usergroups): - ''' Get usergroups - ''' - ugroups = [] - for ugr in usergroups: - content = zapi.get_content('usergroup', - 'get', - {'search': {'name': ugr}, - #'selectUsers': 'userid', - #'getRights': 'extend' - }) - if content['result']: - ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) - - return ugroups or None - -def get_usertype(user_type): - ''' - Determine zabbix user account type - ''' - if not user_type: - return None - - utype = 1 - if 'super' in user_type: - utype = 3 - elif 'admin' in user_type or user_type == 'admin': - utype = 2 - - return utype - -def main(): - ''' - ansible zabbix module for users - ''' - - ##def user(self, name, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - alias=dict(default=None, type='str'), - name=dict(default=None, type='str'), - surname=dict(default=None, type='str'), - user_type=dict(default=None, type='str'), - passwd=dict(default=None, type='str'), - user_groups=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) - - ## before we can create a user media and users with media types we need media - zbx_class_name = 'user' - idname = "userid" - alias = module.params['alias'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'output': 'extend', - 'search': {'alias': alias}, - "selectUsrgrps": 'usergrpid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content) or len(content['result']) == 0: - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'alias': alias, - 'passwd': module.params['passwd'], - 'usrgrps': get_usergroups(zapi, module.params['user_groups']), - 'name': module.params['name'], - 'surname': module.params['surname'], - 'type': get_usertype(module.params['user_type']), - } - - # Remove any None valued params - _ = [params.pop(key, None) for key in params.keys() if params[key] is None] - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'passwd': - differences[key] = value - - elif key == 'usrgrps': - # this must be done as a list of ordered dictionaries fails comparison - if not all([True for _ in zab_results[key][0] if _ in value[0]]): - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py deleted file mode 100644 index f590c58fe..000000000 --- a/roles/lib_zabbix/library/zbx_user_media.py +++ /dev/null @@ -1,240 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for user media -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix user media ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_mtype(zapi, mtype): - '''Get mediatype - - If passed an int, return it as the mediatypeid - if its a string, then try to fetch through a description - ''' - if isinstance(mtype, int): - return mtype - try: - return int(mtype) - except ValueError: - pass - - content = zapi.get_content('mediatype', 'get', {'search': {'description': mtype}}) - if content.has_key['result'] and content['result']: - return content['result'][0]['mediatypeid'] - - return None - -def get_user(zapi, user): - ''' Get userids from user aliases - ''' - content = zapi.get_content('user', 'get', {'search': {'alias': user}}) - if content['result']: - return content['result'][0] - - return None - -def get_severity(severity): - ''' determine severity - ''' - if isinstance(severity, int) or \ - isinstance(severity, str): - return severity - - val = 0 - sev_map = { - 'not': 2**0, - 'inf': 2**1, - 'war': 2**2, - 'ave': 2**3, - 'avg': 2**3, - 'hig': 2**4, - 'dis': 2**5, - } - for level in severity: - val |= sev_map[level[:3].lower()] - return val - -def get_zbx_user_query_data(zapi, user_name): - ''' If name exists, retrieve it, and build query params. - ''' - query = {} - if user_name: - zbx_user = get_user(zapi, user_name) - query = {'userids': zbx_user['userid']} - - return query - -def find_media(medias, user_media): - ''' Find the user media in the list of medias - ''' - for media in medias: - if all([media[key] == user_media[key] for key in user_media.keys()]): - return media - return None - -def get_active(in_active): - '''Determine active value - ''' - active = 1 - if in_active: - active = 0 - - return active - -def main(): - ''' - Ansible zabbix module for mediatype - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - active=dict(default=False, type='bool'), - medias=dict(default=None, type='list'), - mediaid=dict(default=None, type='int'), - mediatype=dict(default=None, type='str'), - mediatype_desc=dict(default=None, type='str'), - #d-d,hh:mm-hh:mm;d-d,hh:mm-hh:mm... - period=dict(default=None, type='str'), - sendto=dict(default=None, type='str'), - severity=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'user' - idname = "mediaid" - state = module.params['state'] - - # User media is fetched through the usermedia.get - zbx_user_query = get_zbx_user_query_data(zapi, module.params['name']) - content = zapi.get_content('usermedia', 'get', zbx_user_query) - - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content) or len(content['result']) == 0: - module.exit_json(changed=False, state="absent") - - # TODO: Do we remove all the queried results? This could be catastrophic or desired. - #ids = [med[idname] for med in content['result']] - ids = [content['result'][0][idname]] - content = zapi.get_content(zbx_class_name, 'deletemedia', ids) - - if content.has_key('error'): - module.exit_json(changed=False, results=content['error'], state="absent") - - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - active = get_active(module.params['active']) - mtypeid = None - if module.params['mediatype']: - mtypeid = get_mtype(zapi, module.params['mediatype']) - elif module.params['mediatype_desc']: - mtypeid = get_mtype(zapi, module.params['mediatype_desc']) - - medias = module.params['medias'] - if medias == None: - medias = [{'mediatypeid': mtypeid, - 'sendto': module.params['sendto'], - 'active': active, - 'severity': int(get_severity(module.params['severity'])), - 'period': module.params['period'], - }] - - params = {'users': [zbx_user_query], - 'medias': medias, - 'output': 'extend', - } - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'addmedia', params) - - if content.has_key('error'): - module.exit_json(failed=True, changed=False, results=content['error'], state="present") - - module.exit_json(changed=True, results=content['result'], state='present') - - # mediaid signifies an update - # If user params exists, check to see if they already exist in zabbix - # if they exist, then return as no update - # elif they do not exist, then take user params only - differences = {'medias': [], 'users': {}} - for media in params['medias']: - m_result = find_media(content['result'], media) - if not m_result: - differences['medias'].append(media) - - if not differences['medias']: - module.exit_json(changed=False, results=content['result'], state="present") - - for user in params['users']: - differences['users']['userid'] = user['userids'] - - # We have differences and need to update - content = zapi.get_content(zbx_class_name, 'updatemedia', differences) - - if content.has_key('error'): - module.exit_json(failed=True, changed=False, results=content['error'], state="present") - - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/lib_zabbix/library/zbx_usergroup.py b/roles/lib_zabbix/library/zbx_usergroup.py deleted file mode 100644 index 11aef106c..000000000 --- a/roles/lib_zabbix/library/zbx_usergroup.py +++ /dev/null @@ -1,208 +0,0 @@ -#!/usr/bin/env python -''' -zabbix ansible module for usergroups -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix usergroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rights(zapi, rights): - '''Get rights - ''' - if rights == None: - return None - - perms = [] - for right in rights: - hstgrp = right.keys()[0] - perm = right.values()[0] - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) - if content['result']: - permission = 0 - if perm == 'ro': - permission = 2 - elif perm == 'rw': - permission = 3 - perms.append({'id': content['result'][0]['groupid'], - 'permission': permission}) - return perms - -def get_gui_access(access): - ''' Return the gui_access for a usergroup - ''' - access = access.lower() - if access == 'internal': - return 1 - elif access == 'disabled': - return 2 - - return 0 - -def get_debug_mode(mode): - ''' Return the debug_mode for a usergroup - ''' - mode = mode.lower() - if mode == 'enabled': - return 1 - - return 0 - -def get_user_status(status): - ''' Return the user_status for a usergroup - ''' - status = status.lower() - if status == 'enabled': - return 0 - - return 1 - - -#def get_userids(zapi, users): -# ''' Get userids from user aliases -# ''' -# if not users: -# return None -# -# userids = [] -# for alias in users: -# content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) -# if content['result']: -# userids.append(content['result'][0]['userid']) -# -# return userids - -def main(): - ''' Ansible module for usergroup - ''' - - ##def usergroup(self, name, rights=None, users=None, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), - password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), - debug_mode=dict(default='disabled', type='str'), - gui_access=dict(default='default', type='str'), - status=dict(default='enabled', type='str'), - name=dict(default=None, type='str', required=True), - rights=dict(default=None, type='list'), - #users=dict(default=None, type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], - module.params['user'], - module.params['password'], - module.params['debug'])) - - zbx_class_name = 'usergroup' - idname = "usrgrpid" - uname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': uname}, - 'selectUsers': 'userid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - if not uname: - module.exit_json(failed=True, changed=False, results='Need to pass in a user.', state="error") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - - params = {'name': uname, - 'rights': get_rights(zapi, module.params['rights']), - 'users_status': get_user_status(module.params['status']), - 'gui_access': get_gui_access(module.params['gui_access']), - 'debug_mode': get_debug_mode(module.params['debug_mode']), - #'userids': get_userids(zapi, module.params['users']), - } - - _ = [params.pop(key, None) for key in params.keys() if params[key] == None] - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'rights': - differences['rights'] = value - - #elif key == 'userids' and zab_results.has_key('users'): - #if zab_results['users'] != value: - #differences['userids'] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/README.md b/roles/os_zabbix/README.md deleted file mode 100644 index ac3dc2833..000000000 --- a/roles/os_zabbix/README.md +++ /dev/null @@ -1,40 +0,0 @@ -os_zabbix -========= - -Automate zabbix tasks. - -Requirements ------------- - -This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. - -Role Variables --------------- - -zab_server -zab_username -zab_password - -Dependencies ------------- - -This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. - -Example Playbook ----------------- - - - zbx_host: - server: zab_server - user: zab_user - password: zab_password - name: 'myhost' - -License -------- - -ASL 2.0 - -Author Information ------------------- - -OpenShift operations, Red Hat, Inc diff --git a/roles/os_zabbix/defaults/main.yml b/roles/os_zabbix/defaults/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/os_zabbix/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/os_zabbix/handlers/main.yml b/roles/os_zabbix/handlers/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/os_zabbix/handlers/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/os_zabbix/library/__init__.py b/roles/os_zabbix/library/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/roles/os_zabbix/library/get_drule.yml b/roles/os_zabbix/library/get_drule.yml new file mode 100644 index 000000000..a3e39f535 --- /dev/null +++ b/roles/os_zabbix/library/get_drule.yml @@ -0,0 +1,115 @@ +--- +# This is a test playbook to create one of each of the zabbix ansible modules. +# ensure that the zbxapi module is installed +# ansible-playbook test.yml +- name: Test zabbix ansible module + hosts: localhost + gather_facts: no + vars: +#zbx_server: https://localhost/zabbix/api_jsonrpc.php +#zbx_user: Admin +#zbx_password: zabbix + + pre_tasks: + - name: Template Discovery rules + zbx_template: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Template App HaProxy' + state: list + register: template_output + + - debug: var=template_output + + - name: Discovery rules + zbx_discovery_rule: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'haproxy.discovery sender' + state: list + register: drule + + - debug: var=drule + +# - name: Create an application +# zbx_application: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'Test App' +# template_name: "test template" +# register: item_output +# +# - name: Create an item +# zbx_item: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'test item' +# key: 'kenny.item.1' +# applications: +# - 'Test App' +# template_name: "test template" +# register: item_output +# +# - debug: var=item_output +# +# - name: Create an trigger +# zbx_trigger: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# expression: '{test template:kenny.item.1.last()}>2' +# description: 'Kenny desc' +# register: trigger_output +# +# - debug: var=trigger_output +# +# - name: Create a hostgroup +# zbx_hostgroup: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'kenny hostgroup' +# register: hostgroup_output +# +# - debug: var=hostgroup_output +# +# - name: Create a host +# zbx_host: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: 'kenny host' +# template_names: +# - test template +# hostgroup_names: +# - kenny hostgroup +# register: host_output +# +# - debug: var=host_output +# +# - name: Create a usergroup +# zbx_usergroup: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# name: kenny usergroup +# rights: +# - 'kenny hostgroup': rw +# register: usergroup_output +# +# - debug: var=usergroup_output +# +# - name: Create a user +# zbx_user: +# server: "{{ zbx_server }}" +# user: "{{ zbx_user }}" +# password: "{{ zbx_password }}" +# alias: kwoodson +# state: list +# register: user_output +# +# - debug: var=user_output diff --git a/roles/os_zabbix/library/test.yml b/roles/os_zabbix/library/test.yml new file mode 100644 index 000000000..cedace1a0 --- /dev/null +++ b/roles/os_zabbix/library/test.yml @@ -0,0 +1,131 @@ +--- +# This is a test playbook to create one of each of the zabbix ansible modules. +# ensure that the zbxapi module is installed +# ansible-playbook test.yml +- name: Test zabbix ansible module + hosts: localhost + gather_facts: no + vars: + zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php + zbx_user: Admin + zbx_password: zabbix + + pre_tasks: + - name: Create a template + zbx_template: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'test template' + register: template_output + + - debug: var=template_output + + - name: Create a discoveryrule + zbx_discoveryrule: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: test discoverule + key: test_listener + template_name: test template + lifetime: 14 + register: discoveryrule + + - debug: var=discoveryrule + + - name: Create an itemprototype + zbx_itemprototype: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test itemprototype on {#TEST_LISTENER}' + key: 'test[{#TEST_LISTENER}]' + template_name: test template + discoveryrule_name: test discoverule + register: itemproto + + - debug: var=itemproto + + - name: Create an application + zbx_application: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'Test App' + template_name: "test template" + register: item_output + + - name: Create an item + zbx_item: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'test item' + key: 'kenny.item.1' + applications: + - 'Test App' + template_name: "test template" + register: item_output + + - debug: var=item_output + + - name: Create an trigger + zbx_trigger: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + expression: '{test template:kenny.item.1.last()}>2' + description: 'Kenny desc' + register: trigger_output + + - debug: var=trigger_output + + - name: Create a hostgroup + zbx_hostgroup: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'kenny hostgroup' + register: hostgroup_output + + - debug: var=hostgroup_output + + - name: Create a host + zbx_host: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: 'kenny host' + template_names: + - test template + hostgroup_names: + - kenny hostgroup + register: host_output + + - debug: var=host_output + + - name: Create a usergroup + zbx_usergroup: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + name: kenny usergroup + rights: + - 'kenny hostgroup': rw + register: usergroup_output + + - debug: var=usergroup_output + + - name: Create a user + zbx_user: + server: "{{ zbx_server }}" + user: "{{ zbx_user }}" + password: "{{ zbx_password }}" + alias: kenny user + passwd: zabbix + usergroups: + - kenny usergroup + register: user_output + + - debug: var=user_output diff --git a/roles/os_zabbix/library/zbx_application.py b/roles/os_zabbix/library/zbx_application.py new file mode 100644 index 000000000..5d4acf72d --- /dev/null +++ b/roles/os_zabbix/library/zbx_application.py @@ -0,0 +1,135 @@ +#!/usr/bin/env python +''' +Ansible module for application +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix application ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + return template_ids + +def main(): + ''' Ansible module for application + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + template_name=dict(default=None, type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the application for the rest of the calls + zbx_class_name = 'application' + idname = 'applicationid' + aname = module.params['name'] + state = module.params['state'] + # get a applicationid, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': aname}, + 'selectHost': 'hostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], + 'name': aname, + } + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_discoveryrule.py b/roles/os_zabbix/library/zbx_discoveryrule.py new file mode 100644 index 000000000..56b87fecc --- /dev/null +++ b/roles/os_zabbix/library/zbx_discoveryrule.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(vtype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'JMX': 16, + } + + for typ in _types.keys(): + if vtype in typ or vtype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'discoveryrule' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + #'selectDServices': 'extend', + #'selectDChecks': 'extend', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'lifetime': module.params['lifetime'], + 'type': get_type(module.params['ztype']), + } + if params['type'] in [2, 5, 7, 11]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_host.py b/roles/os_zabbix/library/zbx_host.py new file mode 100644 index 000000000..12c5f3456 --- /dev/null +++ b/roles/os_zabbix/library/zbx_host.py @@ -0,0 +1,163 @@ +#!/usr/bin/env python +''' +Zabbix host ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_group_ids(zapi, hostgroup_names): + ''' + get hostgroups + ''' + # Fetch groups by name + group_ids = [] + for hgr in hostgroup_names: + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) + if content.has_key('result'): + group_ids.append({'groupid': content['result'][0]['groupid']}) + + return group_ids + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append({'templateid': content['result'][0]['templateid']}) + return template_ids + +def main(): + ''' + Ansible module for zabbix host + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + hostgroup_names=dict(default=[], type='list'), + template_names=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + interfaces=dict(default=None, type='list'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'host' + idname = "hostid" + hname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': hname}, + 'selectGroups': 'groupid', + 'selectParentTemplates': 'templateid', + 'selectInterfaces': 'interfaceid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent + 'main': 1, # default interface? 1 = true + 'useip': 1, # default interface? 1 = true + 'ip': '127.0.0.1', # default interface? 1 = true + 'dns': '', # dns for host + 'port': '10050', # port for interface? 10050 + }] + params = {'host': hname, + 'groups': get_group_ids(zapi, module.params['hostgroup_names']), + 'templates': get_template_ids(zapi, module.params['template_names']), + 'interfaces': ifs, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_hostgroup.py b/roles/os_zabbix/library/zbx_hostgroup.py new file mode 100644 index 000000000..a1eb875d4 --- /dev/null +++ b/roles/os_zabbix/library/zbx_hostgroup.py @@ -0,0 +1,116 @@ +#!/usr/bin/env python +''' Ansible module for hostgroup +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix hostgroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' ansible module for hostgroup + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'hostgroup' + idname = "groupid" + hname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': hname}, + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': hname} + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_item.py b/roles/os_zabbix/library/zbx_item.py new file mode 100644 index 000000000..45ba6c2b0 --- /dev/null +++ b/roles/os_zabbix/library/zbx_item.py @@ -0,0 +1,170 @@ +#!/usr/bin/env python +''' + Ansible module for zabbix items +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix item ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + ansible zabbix module for zbx_item + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + template_name=dict(default=None, type='str'), + zabbix_type=dict(default=2, type='int'), + value_type=dict(default='int', type='str'), + applications=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'item' + idname = "itemid" + state = module.params['state'] + key = module.params['key'] + template_name = module.params['template_name'] + + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + templateid = None + if content['result']: + templateid = content['result'][0]['templateid'] + else: + module.exit_json(changed=False, + results='Error: Could find template with name %s for item.' % template_name, + state="Unkown") + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'key_': key}, + 'selectApplications': 'applicationid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': module.params.get('name', module.params['key']), + 'key_': key, + 'hostid': templateid, + 'type': module.params['zabbix_type'], + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_itemprototype.py b/roles/os_zabbix/library/zbx_itemprototype.py new file mode 100644 index 000000000..f0eb6bbbd --- /dev/null +++ b/roles/os_zabbix/library/zbx_itemprototype.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rule_id(zapi, discoveryrule_name): + '''get a discoveryrule by name + ''' + content = zapi.get_content('discoveryrule', + 'get', + {'search': {'name': discoveryrule_name}, + 'output': 'extend', + }) + if not content['result']: + return None + return content['result'][0]['itemid'] + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(ztype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'aggregate': 8, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'calculated': 15, + 'JMX': 16, + } + + for typ in _types.keys(): + if ztype in typ or ztype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_status(status): + ''' Determine status + ''' + _status = 0 + if status == 'disabled': + _status = 1 + elif status == 'unsupported': + _status = 3 + + return _status + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=os.environ['ZABBIX_USER'], type='str'), + password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + value_type=dict(default='float', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + status=dict(default='enabled', type='str'), + discoveryrule_name=dict(default=None, type='str'), + applications=dict(default=[], type='list'), + ), + #supports_check_mode=True + ) + + user = module.params['user'] + passwd = module.params['password'] + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'itemprototype' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + 'selectApplications': 'applicationid', + 'selectDiscoveryRule': 'itemid', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), + 'type': get_type(module.params['ztype']), + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + if params['type'] in [2, 5, 7, 8, 11, 15]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'ruleid': + if value != zab_results['discoveryRule']['itemid']: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_mediatype.py b/roles/os_zabbix/library/zbx_mediatype.py new file mode 100644 index 000000000..a49aecd0f --- /dev/null +++ b/roles/os_zabbix/library/zbx_mediatype.py @@ -0,0 +1,149 @@ +#!/usr/bin/env python +''' + Ansible module for mediatype +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix mediatype ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True +def get_mtype(mtype): + ''' + Transport used by the media type. + Possible values: + 0 - email; + 1 - script; + 2 - SMS; + 3 - Jabber; + 100 - Ez Texting. + ''' + mtype = mtype.lower() + media_type = None + if mtype == 'script': + media_type = 1 + elif mtype == 'sms': + media_type = 2 + elif mtype == 'jabber': + media_type = 3 + elif mtype == 'script': + media_type = 100 + else: + media_type = 0 + + return media_type + +def main(): + ''' + Ansible zabbix module for mediatype + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + description=dict(default=None, type='str'), + mtype=dict(default=None, type='str'), + smtp_server=dict(default=None, type='str'), + smtp_helo=dict(default=None, type='str'), + smtp_email=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'mediatype' + idname = "mediatypeid" + description = module.params['description'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'description': description, + 'type': get_mtype(module.params['media_type']), + 'smtp_server': module.params['smtp_server'], + 'smtp_helo': module.params['smtp_helo'], + 'smtp_email': module.params['smtp_email'], + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and \ + zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_template.py b/roles/os_zabbix/library/zbx_template.py new file mode 100644 index 000000000..20ea48a85 --- /dev/null +++ b/roles/os_zabbix/library/zbx_template.py @@ -0,0 +1,127 @@ +#!/usr/bin/env python +''' +Ansible module for template +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix template ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' Ansible module for template + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zbc = ZabbixConnection(module.params['server'], user, passwd, module.params['debug']) + zapi = ZabbixAPI(zbc) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'template' + idname = 'templateid' + tname = module.params['name'] + state = module.params['state'] + # get a template, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': tname}, + 'selectParentTemplates': 'templateid', + 'selectGroups': 'groupid', + 'selectApplications': 'applicationid', + 'selectDiscoveries': 'extend', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'groups': module.params.get('groups', [{'groupid': '1'}]), + 'host': tname, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_trigger.py b/roles/os_zabbix/library/zbx_trigger.py new file mode 100644 index 000000000..7cc9356c8 --- /dev/null +++ b/roles/os_zabbix/library/zbx_trigger.py @@ -0,0 +1,175 @@ +#!/usr/bin/env python +''' +ansible module for zabbix triggers +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix trigger ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + + +def get_priority(priority): + ''' determine priority + ''' + prior = 0 + if 'info' in priority: + prior = 1 + elif 'warn' in priority: + prior = 2 + elif 'avg' == priority or 'ave' in priority: + prior = 3 + elif 'high' in priority: + prior = 4 + elif 'dis' in priority: + prior = 5 + + return prior + +def get_deps(zapi, deps): + ''' get trigger dependencies + ''' + results = [] + for desc in deps: + content = zapi.get_content('trigger', + 'get', + {'search': {'description': desc}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if content.has_key('result'): + results.append({'triggerid': content['result'][0]['triggerid']}) + + return results + +def main(): + ''' + Create a trigger in zabbix + + Example: + "params": { + "description": "Processor load is too high on {HOST.NAME}", + "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", + "dependencies": [ + { + "triggerid": "14062" + } + ] + }, + + ''' + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + expression=dict(default=None, type='str'), + description=dict(default=None, type='str'), + dependencies=dict(default=[], type='list'), + priority=dict(default='avg', type='str'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'trigger' + idname = "triggerid" + state = module.params['state'] + description = module.params['description'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'description': description}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'description': description, + 'expression': module.params['expression'], + 'dependencies': get_deps(zapi, module.params['dependencies']), + 'priority': get_priority(module.params['priority']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/os_zabbix/library/zbx_user.py new file mode 100644 index 000000000..c45c9a75d --- /dev/null +++ b/roles/os_zabbix/library/zbx_user.py @@ -0,0 +1,169 @@ +#!/usr/bin/env python +''' +ansible module for zabbix users +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix user ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_usergroups(zapi, usergroups): + ''' Get usergroups + ''' + ugroups = [] + for ugr in usergroups: + content = zapi.get_content('usergroup', + 'get', + {'search': {'name': ugr}, + #'selectUsers': 'userid', + #'getRights': 'extend' + }) + if content['result']: + ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) + + return ugroups or None + +def get_usertype(user_type): + ''' + Determine zabbix user account type + ''' + if not user_type: + return None + + utype = 1 + if 'super' in user_type: + utype = 3 + elif 'admin' in user_type or user_type == 'admin': + utype = 2 + + return utype + +def main(): + ''' + ansible zabbix module for users + ''' + + ##def user(self, name, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + alias=dict(default=None, type='str'), + name=dict(default=None, type='str'), + surname=dict(default=None, type='str'), + user_type=dict(default=None, type='str'), + passwd=dict(default=None, type='str'), + usergroups=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) + + ## before we can create a user media and users with media types we need media + zbx_class_name = 'user' + idname = "userid" + alias = module.params['alias'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'output': 'extend', + 'search': {'alias': alias}, + "selectUsrgrps": 'usergrpid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'alias': alias, + 'passwd': module.params['passwd'], + 'usrgrps': get_usergroups(zapi, module.params['usergroups']), + 'name': module.params['name'], + 'surname': module.params['surname'], + 'type': get_usertype(module.params['user_type']), + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'passwd': + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/library/zbx_usergroup.py b/roles/os_zabbix/library/zbx_usergroup.py new file mode 100644 index 000000000..ede4c9df1 --- /dev/null +++ b/roles/os_zabbix/library/zbx_usergroup.py @@ -0,0 +1,160 @@ +#!/usr/bin/env python +''' +zabbix ansible module for usergroups +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix usergroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rights(zapi, rights): + '''Get rights + ''' + perms = [] + for right in rights: + hstgrp = right.keys()[0] + perm = right.values()[0] + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) + if content['result']: + permission = 0 + if perm == 'ro': + permission = 2 + elif perm == 'rw': + permission = 3 + perms.append({'id': content['result'][0]['groupid'], + 'permission': permission}) + return perms + +def get_userids(zapi, users): + ''' Get userids from user aliases + ''' + userids = [] + for alias in users: + content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) + if content['result']: + userids.append(content['result'][0]['userid']) + + return userids + +def main(): + ''' Ansible module for usergroup + ''' + + ##def usergroup(self, name, rights=None, users=None, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + user=dict(default=None, type='str'), + password=dict(default=None, type='str'), + name=dict(default=None, type='str'), + rights=dict(default=[], type='list'), + users=dict(default=[], type='list'), + debug=dict(default=False, type='bool'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + user = module.params.get('user', os.environ['ZABBIX_USER']) + passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) + + zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) + + zbx_class_name = 'usergroup' + idname = "usrgrpid" + uname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': uname}, + 'selectUsers': 'userid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': uname, + 'rights': get_rights(zapi, module.params['rights']), + 'userids': get_userids(zapi, module.params['users']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'rights': + differences['rights'] = value + + elif key == 'userids' and zab_results.has_key('users'): + if zab_results['users'] != value: + differences['userids'] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/os_zabbix/meta/main.yml b/roles/os_zabbix/meta/main.yml deleted file mode 100644 index 360f5aad2..000000000 --- a/roles/os_zabbix/meta/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -galaxy_info: - author: OpenShift - description: ZabbixAPI - company: Red Hat, Inc - license: ASL 2.0 - min_ansible_version: 1.2 -dependencies: -- lib_zabbix diff --git a/roles/os_zabbix/tasks/clean_zabbix.yml b/roles/os_zabbix/tasks/clean_zabbix.yml deleted file mode 100644 index 1bcc07d42..000000000 --- a/roles/os_zabbix/tasks/clean_zabbix.yml +++ /dev/null @@ -1,47 +0,0 @@ ---- -- name: CLEAN List template for heartbeat - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - state: list - name: 'Template Heartbeat' - register: templ_heartbeat - -- name: CLEAN List template app zabbix server - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - state: list - name: 'Template App Zabbix Server' - register: templ_zabbix_server - -- name: CLEAN List template app zabbix server - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - state: list - name: 'Template App Zabbix Agent' - register: templ_zabbix_agent - -- name: CLEAN List all templates - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - state: list - register: templates - -- debug: var=templ_heartbeat.results - -- name: Remove templates if heartbeat template is missing - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - name: "{{ item }}" - state: absent - with_items: "{{ templates.results | difference(templ_zabbix_agent.results) | difference(templ_zabbix_server.results) | oo_collect('host') }}" - when: templ_heartbeat.results | length == 0 diff --git a/roles/os_zabbix/tasks/create_template.yml b/roles/os_zabbix/tasks/create_template.yml deleted file mode 100644 index 070390aba..000000000 --- a/roles/os_zabbix/tasks/create_template.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -- debug: var=template - -- name: Template Create Template - zbx_template: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - name: "{{ template.name }}" - register: created_template - -- debug: var=created_template - -- name: Create Application - zbx_application: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - name: "{{ item }}" - template_name: "{{ template.name }}" - with_items: template.zapplications - register: created_application - when: template.zapplications is defined - -- debug: var=created_application - -- name: Create Items - zbx_item: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - key: "{{ item.key }}" - name: "{{ item.name | default(item.key, true) }}" - value_type: "{{ item.value_type | default('int') }}" - template_name: "{{ template.name }}" - applications: "{{ item.application }}" - with_items: template.zitems - register: created_items - when: template.zitems is defined - -#- debug: var=ctp_created_items - -- name: Create Triggers - zbx_trigger: - server: "{{ server }}" - user: "{{ user }}" - password: "{{ password }}" - description: "{{ item.description }}" - expression: "{{ item.expression }}" - priority: "{{ item.priority }}" - with_items: template.ztriggers - when: template.ztriggers is defined - -#- debug: var=ctp_created_triggers - - diff --git a/roles/os_zabbix/tasks/create_user.yml b/roles/os_zabbix/tasks/create_user.yml deleted file mode 100644 index 1f752a9e1..000000000 --- a/roles/os_zabbix/tasks/create_user.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Update zabbix credentialss for a user - zbx_user: - server: "{{ ozb_server }}" - user: "{{ ozb_user }}" - password: "{{ ozb_password }}" - alias: "{{ ozb_username }}" - passwd: "{{ ozb_new_password | default(ozb_password, true) }}" - register: user - -- debug: var=user.results diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml deleted file mode 100644 index 06c0a09fc..000000000 --- a/roles/os_zabbix/tasks/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -- name: Main List all templates - zbx_template: - server: "{{ ozb_server }}" - user: "{{ ozb_user }}" - password: "{{ ozb_password }}" - state: list - register: templates - -- debug: var=templates - -- include_vars: template_heartbeat.yml -- include_vars: template_os_linux.yml - -- name: Include Template Heartbeat - include: create_template.yml - vars: - template: "{{ g_template_heartbeat }}" - server: "{{ ozb_server }}" - user: "{{ ozb_user }}" - password: "{{ ozb_password }}" - -#- name: Include Template os_linux -# include: create_template.yml -# vars: -# template: "{{ g_template_os_linux }}" -# server: "{{ ozb_server }}" -# user: "{{ ozb_user }}" -# password: "{{ ozb_password }}" - diff --git a/roles/os_zabbix/vars/main.yml b/roles/os_zabbix/vars/main.yml deleted file mode 100644 index ed97d539c..000000000 --- a/roles/os_zabbix/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml deleted file mode 100644 index 158d6c79a..000000000 --- a/roles/os_zabbix/vars/template_heartbeat.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -g_template_heartbeat: - name: Template Heartbeat - zapplications: - - Heartbeat - zitems: - - name: Heartbeat Ping - application: Heartbeat - key: heartbeat.ping - ztriggers: - - description: 'Heartbeat.ping has failed on {HOST.NAME}' - expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' - priority: avg diff --git a/roles/os_zabbix/vars/template_host.yml b/roles/os_zabbix/vars/template_host.yml deleted file mode 100644 index e7cc667cb..000000000 --- a/roles/os_zabbix/vars/template_host.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_host: - params: - name: Template Host - host: Template Host - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Host - zitems: - - name: Host Ping - hostid: - key_: host.ping - type: 2 - value_type: 0 - output: extend - search: - key_: host.ping - ztriggers: - - description: 'Host ping has failed on {HOST.NAME}' - expression: '{Template Host:host.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Host ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_master.yml b/roles/os_zabbix/vars/template_master.yml deleted file mode 100644 index 5f9b41a4f..000000000 --- a/roles/os_zabbix/vars/template_master.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_master: - params: - name: Template Master - host: Template Master - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Master - zitems: - - name: Master Etcd Ping - hostid: - key_: master.etcd.ping - type: 2 - value_type: 0 - output: extend - search: - key_: master.etcd.ping - ztriggers: - - description: 'Master Etcd ping has failed on {HOST.NAME}' - expression: '{Template Master:master.etcd.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Master Etcd ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_node.yml b/roles/os_zabbix/vars/template_node.yml deleted file mode 100644 index 98c343a24..000000000 --- a/roles/os_zabbix/vars/template_node.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_node: - params: - name: Template Node - host: Template Node - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Node - zitems: - - name: Kubelet Ping - hostid: - key_: kubelet.ping - type: 2 - value_type: 0 - output: extend - search: - key_: kubelet.ping - ztriggers: - - description: 'Kubelet ping has failed on {HOST.NAME}' - expression: '{Template Node:kubelet.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Kubelet ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml deleted file mode 100644 index 1cc928bce..000000000 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ /dev/null @@ -1,143 +0,0 @@ ---- -g_template_os_linux: - name: Template OS Linux - zapplications: - - Disk - - Memory - - Kernel - zitems: - - key: kernel.uname.sysname - application: Kernel - value_type: string - - - key: kernel.all.cpu.wait.total - application: Kernel - value_type: int - - - key: kernel.all.cpu.irq.hard - application: Kernel - value_type: int - - - key: kernel.all.cpu.idle - application: Kernel - value_type: int - - - key: kernel.uname.distro - application: Kernel - value_type: string - - - key: kernel.uname.nodename - application: Kernel - value_type: string - - - key: kernel.all.cpu.irq.soft - application: Kernel - value_type: int - - - key: kernel.all.load.15_minute - application: Kernel - value_type: float - - - key: kernel.all.cpu.sys - application: Kernel - value_type: int - - - key: kernel.all.load.5_minute - application: Kernel - value_type: float - - - key: mem.freemem - application: Memory - value_type: int - - - key: kernel.all.cpu.nice - application: Kernel - value_type: int - - - key: mem.util.bufmem - application: Memory - value_type: int - - - key: swap.used - application: Memory - value_type: int - - - key: kernel.all.load.1_minute - application: Kernel - value_type: float - - - key: kernel.uname.version - application: Kernel - value_type: string - - - key: swap.length - application: Memory - value_type: int - - - key: mem.physmem - application: Memory - value_type: int - - - key: kernel.all.uptime - application: Kernel - value_type: int - - - key: swap.free - application: Memory - value_type: int - - - key: mem.util.used - application: Memory - value_type: int - - - key: kernel.all.cpu.user - application: Kernel - value_type: int - - - key: kernel.uname.machine - application: Kernel - value_type: string - - - key: hinv.ncpu - application: Kernel - value_type: int - - - key: mem.util.cached - application: Memory - value_type: int - - - key: kernel.all.cpu.steal - application: Kernel - value_type: int - - - key: kernel.all.pswitch - application: Kernel - value_type: int - - - key: kernel.uname.release - application: Kernel - value_type: string - - - key: proc.nprocs - application: Kernel - value_type: int - - - key: filesys.avail - application: Disk - value_type: int - - - key: filesys.capacity - application: Disk - value_type: int - - - key: filesys.free - application: Disk - value_type: int - - - key: filesys.full - application: Disk - value_type: float - - - key: filesys.used - application: Disk - value_type: float diff --git a/roles/os_zabbix/vars/template_router.yml b/roles/os_zabbix/vars/template_router.yml deleted file mode 100644 index 4dae7da1e..000000000 --- a/roles/os_zabbix/vars/template_router.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_router: - params: - name: Template Router - host: Template Router - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Router - zitems: - - name: Router Backends down - hostid: - key_: router.backends.down - type: 2 - value_type: 0 - output: extend - search: - key_: router.backends.down - ztriggers: - - description: 'Number of router backends down on {HOST.NAME}' - expression: '{Template Router:router.backends.down.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Number of router backends down on {HOST.NAME}' - expandExpression: True -- cgit v1.2.3 From 6437064683947e0006a1613064eff1a07174c196 Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Thu, 27 Aug 2015 13:53:48 -0300 Subject: Fix name was too long --- roles/openshift_facts/library/openshift_facts.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index c1c4e1b5c..9fa25d2c2 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -323,7 +323,7 @@ def set_fluentd_facts_if_unset(facts): facts['common']['use_fluentd'] = use_fluentd return facts -def set_cluster_metrics_facts_if_unset(facts): +def set_metrics_facts_if_unset(facts): """ Set cluster metrics facts if not already present in facts dict dict: the facts dict updated with the generated cluster metrics facts if missing @@ -718,7 +718,7 @@ class OpenShiftFacts(object): facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) - facts = set_cluster_metrics_facts_if_unset(facts) + facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_registry_url_if_unset(facts) facts = set_sdn_facts_if_unset(facts) -- cgit v1.2.3 From 693be4802c2b3886b82681c5c1666b9f13d9ca36 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 21 Aug 2015 17:44:30 -0400 Subject: Updates for zbx ans module --- filter_plugins/oo_filters.py | 24 +- filter_plugins/oo_zabbix_filters.py | 29 +++ git/pylint.sh | 2 +- playbooks/adhoc/zabbix_setup/clean_zabbix.yml | 57 ++--- playbooks/adhoc/zabbix_setup/create_template.yml | 57 ----- playbooks/adhoc/zabbix_setup/create_user.yml | 31 --- playbooks/adhoc/zabbix_setup/filter_plugins | 1 - playbooks/adhoc/zabbix_setup/roles | 1 - playbooks/adhoc/zabbix_setup/setup_zabbix.yml | 38 ---- .../adhoc/zabbix_setup/vars/template_heartbeat.yml | 11 - .../adhoc/zabbix_setup/vars/template_host.yml | 27 --- .../adhoc/zabbix_setup/vars/template_master.yml | 27 --- .../adhoc/zabbix_setup/vars/template_node.yml | 27 --- .../adhoc/zabbix_setup/vars/template_os_linux.yml | 90 -------- .../adhoc/zabbix_setup/vars/template_router.yml | 27 --- roles/lib_zabbix/README.md | 38 ++++ roles/lib_zabbix/library/__init__.py | 3 + roles/lib_zabbix/library/zbx_application.py | 139 ++++++++++++ roles/lib_zabbix/library/zbx_discoveryrule.py | 177 +++++++++++++++ roles/lib_zabbix/library/zbx_host.py | 163 ++++++++++++++ roles/lib_zabbix/library/zbx_hostgroup.py | 116 ++++++++++ roles/lib_zabbix/library/zbx_item.py | 178 +++++++++++++++ roles/lib_zabbix/library/zbx_itemprototype.py | 241 ++++++++++++++++++++ roles/lib_zabbix/library/zbx_mediatype.py | 168 ++++++++++++++ roles/lib_zabbix/library/zbx_template.py | 132 +++++++++++ roles/lib_zabbix/library/zbx_trigger.py | 173 +++++++++++++++ roles/lib_zabbix/library/zbx_user.py | 190 ++++++++++++++++ roles/lib_zabbix/library/zbx_user_media.py | 245 +++++++++++++++++++++ roles/lib_zabbix/library/zbx_usergroup.py | 208 +++++++++++++++++ roles/lib_zabbix/tasks/create_template.yml | 61 +++++ roles/lib_zabbix/tasks/create_user.yml | 11 + roles/os_zabbix/README.md | 40 ++++ roles/os_zabbix/defaults/main.yml | 1 + roles/os_zabbix/handlers/main.yml | 1 + roles/os_zabbix/library/__init__.py | 0 roles/os_zabbix/library/get_drule.yml | 115 ---------- roles/os_zabbix/library/test.yml | 131 ----------- roles/os_zabbix/library/zbx_application.py | 135 ------------ roles/os_zabbix/library/zbx_discoveryrule.py | 177 --------------- roles/os_zabbix/library/zbx_host.py | 163 -------------- roles/os_zabbix/library/zbx_hostgroup.py | 116 ---------- roles/os_zabbix/library/zbx_item.py | 170 -------------- roles/os_zabbix/library/zbx_itemprototype.py | 241 -------------------- roles/os_zabbix/library/zbx_mediatype.py | 149 ------------- roles/os_zabbix/library/zbx_template.py | 127 ----------- roles/os_zabbix/library/zbx_trigger.py | 175 --------------- roles/os_zabbix/library/zbx_user.py | 169 -------------- roles/os_zabbix/library/zbx_usergroup.py | 160 -------------- roles/os_zabbix/meta/main.yml | 9 + roles/os_zabbix/tasks/main.yml | 30 +++ roles/os_zabbix/vars/main.yml | 1 + roles/os_zabbix/vars/template_heartbeat.yml | 12 + roles/os_zabbix/vars/template_host.yml | 27 +++ roles/os_zabbix/vars/template_master.yml | 27 +++ roles/os_zabbix/vars/template_node.yml | 27 +++ roles/os_zabbix/vars/template_os_linux.yml | 173 +++++++++++++++ roles/os_zabbix/vars/template_router.yml | 27 +++ 57 files changed, 2702 insertions(+), 2393 deletions(-) delete mode 100644 playbooks/adhoc/zabbix_setup/create_template.yml delete mode 100644 playbooks/adhoc/zabbix_setup/create_user.yml delete mode 120000 playbooks/adhoc/zabbix_setup/filter_plugins delete mode 120000 playbooks/adhoc/zabbix_setup/roles delete mode 100644 playbooks/adhoc/zabbix_setup/setup_zabbix.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_host.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_master.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_node.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml delete mode 100644 playbooks/adhoc/zabbix_setup/vars/template_router.yml create mode 100644 roles/lib_zabbix/README.md create mode 100644 roles/lib_zabbix/library/__init__.py create mode 100644 roles/lib_zabbix/library/zbx_application.py create mode 100644 roles/lib_zabbix/library/zbx_discoveryrule.py create mode 100644 roles/lib_zabbix/library/zbx_host.py create mode 100644 roles/lib_zabbix/library/zbx_hostgroup.py create mode 100644 roles/lib_zabbix/library/zbx_item.py create mode 100644 roles/lib_zabbix/library/zbx_itemprototype.py create mode 100644 roles/lib_zabbix/library/zbx_mediatype.py create mode 100644 roles/lib_zabbix/library/zbx_template.py create mode 100644 roles/lib_zabbix/library/zbx_trigger.py create mode 100644 roles/lib_zabbix/library/zbx_user.py create mode 100644 roles/lib_zabbix/library/zbx_user_media.py create mode 100644 roles/lib_zabbix/library/zbx_usergroup.py create mode 100644 roles/lib_zabbix/tasks/create_template.yml create mode 100644 roles/lib_zabbix/tasks/create_user.yml create mode 100644 roles/os_zabbix/README.md create mode 100644 roles/os_zabbix/defaults/main.yml create mode 100644 roles/os_zabbix/handlers/main.yml delete mode 100644 roles/os_zabbix/library/__init__.py delete mode 100644 roles/os_zabbix/library/get_drule.yml delete mode 100644 roles/os_zabbix/library/test.yml delete mode 100644 roles/os_zabbix/library/zbx_application.py delete mode 100644 roles/os_zabbix/library/zbx_discoveryrule.py delete mode 100644 roles/os_zabbix/library/zbx_host.py delete mode 100644 roles/os_zabbix/library/zbx_hostgroup.py delete mode 100644 roles/os_zabbix/library/zbx_item.py delete mode 100644 roles/os_zabbix/library/zbx_itemprototype.py delete mode 100644 roles/os_zabbix/library/zbx_mediatype.py delete mode 100644 roles/os_zabbix/library/zbx_template.py delete mode 100644 roles/os_zabbix/library/zbx_trigger.py delete mode 100644 roles/os_zabbix/library/zbx_user.py delete mode 100644 roles/os_zabbix/library/zbx_usergroup.py create mode 100644 roles/os_zabbix/meta/main.yml create mode 100644 roles/os_zabbix/tasks/main.yml create mode 100644 roles/os_zabbix/vars/main.yml create mode 100644 roles/os_zabbix/vars/template_heartbeat.yml create mode 100644 roles/os_zabbix/vars/template_host.yml create mode 100644 roles/os_zabbix/vars/template_master.yml create mode 100644 roles/os_zabbix/vars/template_node.yml create mode 100644 roles/os_zabbix/vars/template_os_linux.yml create mode 100644 roles/os_zabbix/vars/template_router.yml diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index c3408702d..a57b0f895 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -73,7 +73,7 @@ class FilterModule(object): if filters is not None: if not issubclass(type(filters), dict): - raise errors.AnsibleFilterError("|fialed expects filter to be a" + raise errors.AnsibleFilterError("|failed expects filter to be a" " dict") retval = [FilterModule.get_attr(d, attribute) for d in data if ( all([d.get(key, None) == filters[key] for key in filters]))] @@ -82,6 +82,25 @@ class FilterModule(object): return retval + @staticmethod + def oo_select_keys_from_list(data, keys): + ''' This returns a list, which contains the value portions for the keys + Ex: data = { 'a':1, 'b':2, 'c':3 } + keys = ['a', 'c'] + returns [1, 3] + ''' + + if not issubclass(type(data), list): + raise errors.AnsibleFilterError("|failed expects to filter on a list") + + if not issubclass(type(keys), list): + raise errors.AnsibleFilterError("|failed expects first param is a list") + + # Gather up the values for the list of keys passed in + retval = [FilterModule.oo_select_keys(item, keys) for item in data] + + return FilterModule.oo_flatten(retval) + @staticmethod def oo_select_keys(data, keys): ''' This returns a list, which contains the value portions for the keys @@ -97,7 +116,7 @@ class FilterModule(object): raise errors.AnsibleFilterError("|failed expects first param is a list") # Gather up the values for the list of keys passed in - retval = [data[key] for key in keys] + retval = [data[key] for key in keys if data.has_key(key)] return retval @@ -312,6 +331,7 @@ class FilterModule(object): ''' returns a mapping of filters to methods ''' return { "oo_select_keys": self.oo_select_keys, + "oo_select_keys_from_list": self.oo_select_keys_from_list, "oo_collect": self.oo_collect, "oo_flatten": self.oo_flatten, "oo_pdb": self.oo_pdb, diff --git a/filter_plugins/oo_zabbix_filters.py b/filter_plugins/oo_zabbix_filters.py index a473993a2..c44b874e8 100644 --- a/filter_plugins/oo_zabbix_filters.py +++ b/filter_plugins/oo_zabbix_filters.py @@ -59,6 +59,17 @@ class FilterModule(object): return data[zabbix_item]['params'] return None + @staticmethod + def oo_build_zabbix_collect(data, string, value): + ''' Build a list of dicts from a list of data matched on string attribute + ''' + rval = [] + for item in data: + if item[string] == value: + rval.append(item) + + return rval + @staticmethod def oo_build_zabbix_list_dict(values, string): ''' Build a list of dicts with string as key for each value @@ -68,6 +79,22 @@ class FilterModule(object): rval.append({string: value}) return rval + @staticmethod + def oo_remove_attr_from_list_dict(data, attr): + ''' Remove a specific attribute from a dict + ''' + attrs = [] + if isinstance(attr, str): + attrs.append(attr) + else: + attrs = attr + + for attribute in attrs: + for _entry in data: + _entry.pop(attribute, None) + + return data + def filters(self): ''' returns a mapping of filters to methods ''' return { @@ -76,4 +103,6 @@ class FilterModule(object): "oo_set_zbx_trigger_triggerid": self.oo_set_zbx_trigger_triggerid, "oo_build_zabbix_list_dict": self.oo_build_zabbix_list_dict, "create_data": self.create_data, + "oo_build_zabbix_collect": self.oo_build_zabbix_collect, + "oo_remove_attr_from_list_dict": self.oo_remove_attr_from_list_dict, } diff --git a/git/pylint.sh b/git/pylint.sh index 8666931e9..55e8b6131 100755 --- a/git/pylint.sh +++ b/git/pylint.sh @@ -13,7 +13,7 @@ OLDREV=$1 NEWREV=$2 #TRG_BRANCH=$3 -PYTHON=/var/lib/jenkins/python27/bin/python +PYTHON=$(which python) set +e PY_DIFF=$(/usr/bin/git diff --name-only $OLDREV $NEWREV --diff-filter=ACM | grep ".py$") diff --git a/playbooks/adhoc/zabbix_setup/clean_zabbix.yml b/playbooks/adhoc/zabbix_setup/clean_zabbix.yml index a31cbef65..1e884240a 100644 --- a/playbooks/adhoc/zabbix_setup/clean_zabbix.yml +++ b/playbooks/adhoc/zabbix_setup/clean_zabbix.yml @@ -2,50 +2,57 @@ - hosts: localhost gather_facts: no vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: Admin - g_zpassword: zabbix + g_server: http://localhost:8080/zabbix/api_jsonrpc.php + g_user: '' + g_password: '' + roles: - - ../../../roles/os_zabbix - post_tasks: + - lib_zabbix - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" + post_tasks: + - name: CLEAN List template for heartbeat + zbx_template: + zbx_server: "{{ g_server }}" + zbx_user: "{{ g_user }}" + zbx_password: "{{ g_password }}" state: list name: 'Template Heartbeat' register: templ_heartbeat - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" + - name: CLEAN List template app zabbix server + zbx_template: + zbx_server: "{{ g_server }}" + zbx_user: "{{ g_user }}" + zbx_password: "{{ g_password }}" state: list name: 'Template App Zabbix Server' register: templ_zabbix_server - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" + - name: CLEAN List template app zabbix server + zbx_template: + zbx_server: "{{ g_server }}" + zbx_user: "{{ g_user }}" + zbx_password: "{{ g_password }}" state: list name: 'Template App Zabbix Agent' register: templ_zabbix_agent - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" + - name: CLEAN List all templates + zbx_template: + zbx_server: "{{ g_server }}" + zbx_user: "{{ g_user }}" + zbx_password: "{{ g_password }}" state: list register: templates - debug: var=templ_heartbeat.results - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" + - name: Remove templates if heartbeat template is missing + zbx_template: + zbx_server: "{{ g_server }}" + zbx_user: "{{ g_user }}" + zbx_password: "{{ g_password }}" + name: "{{ item }}" state: absent with_items: "{{ templates.results | difference(templ_zabbix_agent.results) | difference(templ_zabbix_server.results) | oo_collect('host') }}" when: templ_heartbeat.results | length == 0 diff --git a/playbooks/adhoc/zabbix_setup/create_template.yml b/playbooks/adhoc/zabbix_setup/create_template.yml deleted file mode 100644 index 50fff53b2..000000000 --- a/playbooks/adhoc/zabbix_setup/create_template.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- debug: var=ctp_template - -- name: Create Template - zbx_template: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - name: "{{ ctp_template.name }}" - register: ctp_created_template - -- debug: var=ctp_created_template - -#- name: Create Application -# zbxapi: -# server: "{{ ctp_zserver }}" -# user: "{{ ctp_zuser }}" -# password: "{{ ctp_zpassword }}" -# zbx_class: Application -# state: present -# params: -# name: "{{ ctp_template.application.name}}" -# hostid: "{{ ctp_created_template.results[0].templateid }}" -# search: -# name: "{{ ctp_template.application.name}}" -# register: ctp_created_application - -#- debug: var=ctp_created_application - -- name: Create Items - zbx_item: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - key: "{{ item.key }}" - name: "{{ item.name | default(item.key, true) }}" - value_type: "{{ item.value_type | default('int') }}" - template_name: "{{ ctp_template.name }}" - with_items: ctp_template.zitems - register: ctp_created_items - -#- debug: var=ctp_created_items - -- name: Create Triggers - zbx_trigger: - server: "{{ ctp_zserver }}" - user: "{{ ctp_zuser }}" - password: "{{ ctp_zpassword }}" - description: "{{ item.description }}" - expression: "{{ item.expression }}" - priority: "{{ item.priority }}" - with_items: ctp_template.ztriggers - when: ctp_template.ztriggers is defined - -#- debug: var=ctp_created_triggers - - diff --git a/playbooks/adhoc/zabbix_setup/create_user.yml b/playbooks/adhoc/zabbix_setup/create_user.yml deleted file mode 100644 index dd74798b7..000000000 --- a/playbooks/adhoc/zabbix_setup/create_user.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# export PYTHONPATH='/usr/lib/python2.7/site-packages/:/home/kwoodson/git/openshift-tools' -# ansible-playbook -e 'cli_password=zabbix' -e 'cli_new_password=new-zabbix' create_user.yml -- hosts: localhost - gather_facts: no - vars_files: - - vars/template_heartbeat.yml - - vars/template_os_linux.yml - vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: admin - g_zpassword: "{{ cli_password }}" - roles: - - ../../../roles/os_zabbix - post_tasks: - - zbx_user: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - register: users - - - debug: var=users - - - name: Update zabbix creds for admin - zbx_user: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - alias: Admin - passwd: "{{ cli_new_password | default(g_zpassword, true) }}" diff --git a/playbooks/adhoc/zabbix_setup/filter_plugins b/playbooks/adhoc/zabbix_setup/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/adhoc/zabbix_setup/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/roles b/playbooks/adhoc/zabbix_setup/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/playbooks/adhoc/zabbix_setup/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/ \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/setup_zabbix.yml b/playbooks/adhoc/zabbix_setup/setup_zabbix.yml deleted file mode 100644 index 1729194b5..000000000 --- a/playbooks/adhoc/zabbix_setup/setup_zabbix.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- hosts: localhost - gather_facts: no - vars_files: - - vars/template_heartbeat.yml - - vars/template_os_linux.yml - vars: - g_zserver: http://localhost/zabbix/api_jsonrpc.php - g_zuser: Admin - g_zpassword: zabbix - roles: - - ../../../roles/os_zabbix - post_tasks: - - zbx_template: - server: "{{ g_zserver }}" - user: "{{ g_zuser }}" - password: "{{ g_zpassword }}" - state: list - register: templates - - - debug: var=templates - - - name: Include Template - include: create_template.yml - vars: - ctp_template: "{{ g_template_heartbeat }}" - ctp_zserver: "{{ g_zserver }}" - ctp_zuser: "{{ g_zuser }}" - ctp_zpassword: "{{ g_zpassword }}" - - - name: Include Template - include: create_template.yml - vars: - ctp_template: "{{ g_template_os_linux }}" - ctp_zserver: "{{ g_zserver }}" - ctp_zuser: "{{ g_zuser }}" - ctp_zpassword: "{{ g_zpassword }}" - diff --git a/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml b/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml deleted file mode 100644 index 22cc75554..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_heartbeat.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -g_template_heartbeat: - name: Template Heartbeat - zitems: - - name: Heartbeat Ping - hostid: - key: heartbeat.ping - ztriggers: - - description: 'Heartbeat.ping has failed on {HOST.NAME}' - expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' - priority: avg diff --git a/playbooks/adhoc/zabbix_setup/vars/template_host.yml b/playbooks/adhoc/zabbix_setup/vars/template_host.yml deleted file mode 100644 index e7cc667cb..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_host.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_host: - params: - name: Template Host - host: Template Host - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Host - zitems: - - name: Host Ping - hostid: - key_: host.ping - type: 2 - value_type: 0 - output: extend - search: - key_: host.ping - ztriggers: - - description: 'Host ping has failed on {HOST.NAME}' - expression: '{Template Host:host.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Host ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_master.yml b/playbooks/adhoc/zabbix_setup/vars/template_master.yml deleted file mode 100644 index 5f9b41a4f..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_master.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_master: - params: - name: Template Master - host: Template Master - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Master - zitems: - - name: Master Etcd Ping - hostid: - key_: master.etcd.ping - type: 2 - value_type: 0 - output: extend - search: - key_: master.etcd.ping - ztriggers: - - description: 'Master Etcd ping has failed on {HOST.NAME}' - expression: '{Template Master:master.etcd.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Master Etcd ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_node.yml b/playbooks/adhoc/zabbix_setup/vars/template_node.yml deleted file mode 100644 index 98c343a24..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_node.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_node: - params: - name: Template Node - host: Template Node - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Node - zitems: - - name: Kubelet Ping - hostid: - key_: kubelet.ping - type: 2 - value_type: 0 - output: extend - search: - key_: kubelet.ping - ztriggers: - - description: 'Kubelet ping has failed on {HOST.NAME}' - expression: '{Template Node:kubelet.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Kubelet ping has failed on*' - expandExpression: True diff --git a/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml b/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml deleted file mode 100644 index 9cc038ffa..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_os_linux.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- -g_template_os_linux: - name: Template OS Linux - zitems: - - key: kernel.uname.sysname - value_type: string - - - key: kernel.all.cpu.wait.total - value_type: int - - - key: kernel.all.cpu.irq.hard - value_type: int - - - key: kernel.all.cpu.idle - value_type: int - - - key: kernel.uname.distro - value_type: string - - - key: kernel.uname.nodename - value_type: string - - - key: kernel.all.cpu.irq.soft - value_type: int - - - key: kernel.all.load.15_minute - value_type: float - - - key: kernel.all.cpu.sys - value_type: int - - - key: kernel.all.load.5_minute - value_type: float - - - key: mem.freemem - value_type: int - - - key: kernel.all.cpu.nice - value_type: int - - - key: mem.util.bufmem - value_type: int - - - key: swap.used - value_type: int - - - key: kernel.all.load.1_minute - value_type: float - - - key: kernel.uname.version - value_type: string - - - key: swap.length - value_type: int - - - key: mem.physmem - value_type: int - - - key: kernel.all.uptime - value_type: int - - - key: swap.free - value_type: int - - - key: mem.util.used - value_type: int - - - key: kernel.all.cpu.user - value_type: int - - - key: kernel.uname.machine - value_type: string - - - key: hinv.ncpu - value_type: int - - - key: mem.util.cached - value_type: int - - - key: kernel.all.cpu.steal - value_type: int - - - key: kernel.all.pswitch - value_type: int - - - key: kernel.uname.release - value_type: string - - - key: proc.nprocs - value_type: int diff --git a/playbooks/adhoc/zabbix_setup/vars/template_router.yml b/playbooks/adhoc/zabbix_setup/vars/template_router.yml deleted file mode 100644 index 4dae7da1e..000000000 --- a/playbooks/adhoc/zabbix_setup/vars/template_router.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_router: - params: - name: Template Router - host: Template Router - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Router - zitems: - - name: Router Backends down - hostid: - key_: router.backends.down - type: 2 - value_type: 0 - output: extend - search: - key_: router.backends.down - ztriggers: - - description: 'Number of router backends down on {HOST.NAME}' - expression: '{Template Router:router.backends.down.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Number of router backends down on {HOST.NAME}' - expandExpression: True diff --git a/roles/lib_zabbix/README.md b/roles/lib_zabbix/README.md new file mode 100644 index 000000000..69debc698 --- /dev/null +++ b/roles/lib_zabbix/README.md @@ -0,0 +1,38 @@ +zabbix +========= + +Automate zabbix tasks. + +Requirements +------------ + +This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Role Variables +-------------- + +None + +Dependencies +------------ + +This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Example Playbook +---------------- + + - zbx_host: + server: zab_server + user: zab_user + password: zab_password + name: 'myhost' + +License +------- + +ASL 2.0 + +Author Information +------------------ + +OpenShift operations, Red Hat, Inc diff --git a/roles/lib_zabbix/library/__init__.py b/roles/lib_zabbix/library/__init__.py new file mode 100644 index 000000000..0c7e19e41 --- /dev/null +++ b/roles/lib_zabbix/library/__init__.py @@ -0,0 +1,3 @@ +''' +ZabbixAPI ansible module +''' diff --git a/roles/lib_zabbix/library/zbx_application.py b/roles/lib_zabbix/library/zbx_application.py new file mode 100644 index 000000000..ffa00e052 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_application.py @@ -0,0 +1,139 @@ +#!/usr/bin/env python +''' +Ansible module for application +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix application ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + return template_ids + +def main(): + ''' Ansible module for application + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + template_name=dict(default=None, type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the application for the rest of the calls + zbx_class_name = 'application' + idname = 'applicationid' + aname = module.params['name'] + state = module.params['state'] + # get a applicationid, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': aname}, + 'selectHost': 'hostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], + 'name': aname, + } + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py new file mode 100644 index 000000000..79ee91180 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(vtype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'JMX': 16, + } + + for typ in _types.keys(): + if vtype in typ or vtype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'discoveryrule' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + #'selectDServices': 'extend', + #'selectDChecks': 'extend', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'lifetime': module.params['lifetime'], + 'type': get_type(module.params['ztype']), + } + if params['type'] in [2, 5, 7, 11]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_host.py b/roles/lib_zabbix/library/zbx_host.py new file mode 100644 index 000000000..7be03653e --- /dev/null +++ b/roles/lib_zabbix/library/zbx_host.py @@ -0,0 +1,163 @@ +#!/usr/bin/env python +''' +Zabbix host ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_group_ids(zapi, hostgroup_names): + ''' + get hostgroups + ''' + # Fetch groups by name + group_ids = [] + for hgr in hostgroup_names: + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) + if content.has_key('result'): + group_ids.append({'groupid': content['result'][0]['groupid']}) + + return group_ids + +def get_template_ids(zapi, template_names): + ''' + get related templates + ''' + template_ids = [] + # Fetch templates by name + for template_name in template_names: + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append({'templateid': content['result'][0]['templateid']}) + return template_ids + +def main(): + ''' + Ansible module for zabbix host + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + hostgroup_names=dict(default=[], type='list'), + template_names=dict(default=[], type='list'), + state=dict(default='present', type='str'), + interfaces=dict(default=None, type='list'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'host' + idname = "hostid" + hname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': hname}, + 'selectGroups': 'groupid', + 'selectParentTemplates': 'templateid', + 'selectInterfaces': 'interfaceid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent + 'main': 1, # default interface? 1 = true + 'useip': 1, # default interface? 1 = true + 'ip': '127.0.0.1', # default interface? 1 = true + 'dns': '', # dns for host + 'port': '10050', # port for interface? 10050 + }] + params = {'host': hname, + 'groups': get_group_ids(zapi, module.params['hostgroup_names']), + 'templates': get_template_ids(zapi, module.params['template_names']), + 'interfaces': ifs, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_hostgroup.py b/roles/lib_zabbix/library/zbx_hostgroup.py new file mode 100644 index 000000000..f161d3d9f --- /dev/null +++ b/roles/lib_zabbix/library/zbx_hostgroup.py @@ -0,0 +1,116 @@ +#!/usr/bin/env python +''' Ansible module for hostgroup +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix hostgroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' ansible module for hostgroup + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'hostgroup' + idname = "groupid" + hname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': hname}, + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': hname} + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py new file mode 100644 index 000000000..60da243fe --- /dev/null +++ b/roles/lib_zabbix/library/zbx_item.py @@ -0,0 +1,178 @@ +#!/usr/bin/env python +''' + Ansible module for zabbix items +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix item ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + if isinstance(application_names, str): + application_names = [application_names] + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + ansible zabbix module for zbx_item + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + template_name=dict(default=None, type='str'), + zabbix_type=dict(default=2, type='int'), + value_type=dict(default='int', type='str'), + applications=dict(default=[], type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'item' + idname = "itemid" + state = module.params['state'] + key = module.params['key'] + template_name = module.params['template_name'] + + content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) + templateid = None + if content['result']: + templateid = content['result'][0]['templateid'] + else: + module.exit_json(changed=False, + results='Error: Could find template with name %s for item.' % template_name, + state="Unkown") + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'key_': key}, + 'selectApplications': 'applicationid', + }) + + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'name': module.params.get('name', module.params['key']), + 'key_': key, + 'hostid': templateid, + 'type': module.params['zabbix_type'], + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'applications': + zab_apps = set([item['applicationid'] for item in zab_results[key]]) + if zab_apps != set(value): + differences[key] = zab_apps + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py new file mode 100644 index 000000000..47100f613 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -0,0 +1,241 @@ +#!/usr/bin/env python +''' +Zabbix discovery rule ansible module +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rule_id(zapi, discoveryrule_name): + '''get a discoveryrule by name + ''' + content = zapi.get_content('discoveryrule', + 'get', + {'search': {'name': discoveryrule_name}, + 'output': 'extend', + }) + if not content['result']: + return None + return content['result'][0]['itemid'] + +def get_template(zapi, template_name): + '''get a template by name + ''' + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'output': 'extend', + 'selectInterfaces': 'interfaceid', + }) + if not content['result']: + return None + return content['result'][0] + +def get_type(ztype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'aggregate': 8, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'calculated': 15, + 'JMX': 16, + } + + for typ in _types.keys(): + if ztype in typ or ztype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + +def get_value_type(value_type): + ''' + Possible values: + 0 - numeric float; + 1 - character; + 2 - log; + 3 - numeric unsigned; + 4 - text + ''' + vtype = 0 + if 'int' in value_type: + vtype = 3 + elif 'char' in value_type: + vtype = 1 + elif 'str' in value_type: + vtype = 4 + + return vtype + +def get_status(status): + ''' Determine status + ''' + _status = 0 + if status == 'disabled': + _status = 1 + elif status == 'unsupported': + _status = 3 + + return _status + +def get_app_ids(zapi, application_names): + ''' get application ids from names + ''' + app_ids = [] + for app_name in application_names: + content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + if content.has_key('result'): + app_ids.append(content['result'][0]['applicationid']) + return app_ids + +def main(): + ''' + Ansible module for zabbix discovery rules + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + key=dict(default=None, type='str'), + interfaceid=dict(default=None, type='int'), + ztype=dict(default='trapper', type='str'), + value_type=dict(default='float', type='str'), + delay=dict(default=60, type='int'), + lifetime=dict(default=30, type='int'), + template_name=dict(default=[], type='list'), + state=dict(default='present', type='str'), + status=dict(default='enabled', type='str'), + discoveryrule_name=dict(default=None, type='str'), + applications=dict(default=[], type='list'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'itemprototype' + idname = "itemid" + dname = module.params['name'] + state = module.params['state'] + + # selectInterfaces doesn't appear to be working but is needed. + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': dname}, + 'selectApplications': 'applicationid', + 'selectDiscoveryRule': 'itemid', + #'selectDhosts': 'dhostid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + template = get_template(zapi, module.params['template_name']) + params = {'name': dname, + 'key_': module.params['key'], + 'hostid': template['templateid'], + 'interfaceid': module.params['interfaceid'], + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), + 'type': get_type(module.params['ztype']), + 'value_type': get_value_type(module.params['value_type']), + 'applications': get_app_ids(zapi, module.params['applications']), + } + if params['type'] in [2, 5, 7, 8, 11, 15]: + params.pop('interfaceid') + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'ruleid': + if value != zab_results['discoveryRule']['itemid']: + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_mediatype.py b/roles/lib_zabbix/library/zbx_mediatype.py new file mode 100644 index 000000000..cc72cc9a8 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_mediatype.py @@ -0,0 +1,168 @@ +#!/usr/bin/env python +''' + Ansible module for mediatype +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix mediatype ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_mtype(mtype): + ''' + Transport used by the media type. + Possible values: + 0 - email; + 1 - script; + 2 - SMS; + 3 - Jabber; + 100 - Ez Texting. + ''' + mtype = mtype.lower() + media_type = None + if mtype == 'script': + media_type = 1 + elif mtype == 'sms': + media_type = 2 + elif mtype == 'jabber': + media_type = 3 + elif mtype == 'script': + media_type = 100 + else: + media_type = 0 + + return media_type + +def main(): + ''' + Ansible zabbix module for mediatype + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + description=dict(default=None, type='str'), + mtype=dict(default=None, type='str'), + smtp_server=dict(default=None, type='str'), + smtp_helo=dict(default=None, type='str'), + smtp_email=dict(default=None, type='str'), + passwd=dict(default=None, type='str'), + path=dict(default=None, type='str'), + username=dict(default=None, type='str'), + status=dict(default='enabled', type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'mediatype' + idname = "mediatypeid" + description = module.params['description'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + status = 1 + if module.params['status']: + status = 0 + params = {'description': description, + 'type': get_mtype(module.params['mtype']), + 'smtp_server': module.params['smtp_server'], + 'smtp_helo': module.params['smtp_helo'], + 'smtp_email': module.params['smtp_email'], + 'passwd': module.params['passwd'], + 'exec_path': module.params['path'], + 'username': module.params['username'], + 'status': status, + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if zab_results[key] != value and \ + zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_template.py b/roles/lib_zabbix/library/zbx_template.py new file mode 100644 index 000000000..1592fa268 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_template.py @@ -0,0 +1,132 @@ +#!/usr/bin/env python +''' +Ansible module for template +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix template ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def main(): + ''' Ansible module for template + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'template' + idname = 'templateid' + tname = module.params['name'] + state = module.params['state'] + # get a template, see if it exists + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'host': tname}, + 'selectParentTemplates': 'templateid', + 'selectGroups': 'groupid', + 'selectApplications': 'applicationid', + 'selectDiscoveries': 'extend', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + if not tname: + module.exit_json(failed=True, + changed=False, + results='Must specifiy a template name.', + state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'groups': module.params.get('groups', [{'groupid': '1'}]), + 'host': tname, + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'templates' and zab_results.has_key('parentTemplates'): + if zab_results['parentTemplates'] != value: + differences[key] = value + elif zab_results[key] != str(value) and zab_results[key] != value: + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=content['result'], state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py new file mode 100644 index 000000000..ffad5b40a --- /dev/null +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -0,0 +1,173 @@ +#!/usr/bin/env python +''' +ansible module for zabbix triggers +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix trigger ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_priority(priority): + ''' determine priority + ''' + prior = 0 + if 'info' in priority: + prior = 1 + elif 'warn' in priority: + prior = 2 + elif 'avg' == priority or 'ave' in priority: + prior = 3 + elif 'high' in priority: + prior = 4 + elif 'dis' in priority: + prior = 5 + + return prior + +def get_deps(zapi, deps): + ''' get trigger dependencies + ''' + results = [] + for desc in deps: + content = zapi.get_content('trigger', + 'get', + {'search': {'description': desc}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if content.has_key('result'): + results.append({'triggerid': content['result'][0]['triggerid']}) + + return results + +def main(): + ''' + Create a trigger in zabbix + + Example: + "params": { + "description": "Processor load is too high on {HOST.NAME}", + "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", + "dependencies": [ + { + "triggerid": "14062" + } + ] + }, + + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + expression=dict(default=None, type='str'), + description=dict(default=None, type='str'), + dependencies=dict(default=[], type='list'), + priority=dict(default='avg', type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'trigger' + idname = "triggerid" + state = module.params['state'] + description = module.params['description'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'description': description}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + params = {'description': description, + 'expression': module.params['expression'], + 'dependencies': get_deps(zapi, module.params['dependencies']), + 'priority': get_priority(module.params['priority']), + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py new file mode 100644 index 000000000..a9906d773 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_user.py @@ -0,0 +1,190 @@ +#!/usr/bin/env python +''' +ansible module for zabbix users +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix user ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_usergroups(zapi, usergroups): + ''' Get usergroups + ''' + ugroups = [] + for ugr in usergroups: + content = zapi.get_content('usergroup', + 'get', + {'search': {'name': ugr}, + #'selectUsers': 'userid', + #'getRights': 'extend' + }) + if content['result']: + ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) + + return ugroups or None + +def get_passwd(passwd): + '''Determine if password is set, if not, return 'zabbix' + ''' + if passwd: + return passwd + + return 'zabbix' + +def get_usertype(user_type): + ''' + Determine zabbix user account type + ''' + if not user_type: + return None + + utype = 1 + if 'super' in user_type: + utype = 3 + elif 'admin' in user_type or user_type == 'admin': + utype = 2 + + return utype + +def main(): + ''' + ansible zabbix module for users + ''' + + ##def user(self, name, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + login=dict(default=None, type='str'), + first_name=dict(default=None, type='str'), + last_name=dict(default=None, type='str'), + user_type=dict(default=None, type='str'), + password=dict(default=None, type='str'), + update_password=dict(default=False, type='bool'), + user_groups=dict(default=[], type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + ## before we can create a user media and users with media types we need media + zbx_class_name = 'user' + idname = "userid" + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'output': 'extend', + 'search': {'alias': module.params['login']}, + "selectUsrgrps": 'usergrpid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content) or len(content['result']) == 0: + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + + params = {'alias': module.params['login'], + 'passwd': get_passwd(module.params['password']), + 'usrgrps': get_usergroups(zapi, module.params['user_groups']), + 'name': module.params['first_name'], + 'surname': module.params['last_name'], + 'type': get_usertype(module.params['user_type']), + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('Error'): + module.exit_json(failed=True, changed=False, results=content, state='present') + + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + + # Update password + if not module.params['update_password']: + params.pop('passwd', None) + + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'usrgrps': + # this must be done as a list of ordered dictionaries fails comparison + if not all([True for _ in zab_results[key][0] if _ in value[0]]): + differences[key] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py new file mode 100644 index 000000000..aad3554dd --- /dev/null +++ b/roles/lib_zabbix/library/zbx_user_media.py @@ -0,0 +1,245 @@ +#!/usr/bin/env python +''' + Ansible module for user media +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix user media ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_mtype(zapi, mtype): + '''Get mediatype + + If passed an int, return it as the mediatypeid + if its a string, then try to fetch through a description + ''' + if isinstance(mtype, int): + return mtype + try: + return int(mtype) + except ValueError: + pass + + content = zapi.get_content('mediatype', 'get', {'search': {'description': mtype}}) + if content.has_key['result'] and content['result']: + return content['result'][0]['mediatypeid'] + + return None + +def get_user(zapi, user): + ''' Get userids from user aliases + ''' + content = zapi.get_content('user', 'get', {'search': {'alias': user}}) + if content['result']: + return content['result'][0] + + return None + +def get_severity(severity): + ''' determine severity + ''' + if isinstance(severity, int) or \ + isinstance(severity, str): + return severity + + val = 0 + sev_map = { + 'not': 2**0, + 'inf': 2**1, + 'war': 2**2, + 'ave': 2**3, + 'avg': 2**3, + 'hig': 2**4, + 'dis': 2**5, + } + for level in severity: + val |= sev_map[level[:3].lower()] + return val + +def get_zbx_user_query_data(zapi, user_name): + ''' If name exists, retrieve it, and build query params. + ''' + query = {} + if user_name: + zbx_user = get_user(zapi, user_name) + query = {'userid': zbx_user['userid']} + + return query + +def find_media(medias, user_media): + ''' Find the user media in the list of medias + ''' + for media in medias: + if all([media[key] == user_media[key] for key in user_media.keys()]): + return media + return None + +def get_active(in_active): + '''Determine active value + ''' + active = 1 + if in_active: + active = 0 + + return active + +def get_mediatype(zapi, mediatype, mediatype_desc): + ''' Determine mediatypeid + ''' + mtypeid = None + if mediatype: + mtypeid = get_mtype(zapi, mediatype) + elif mediatype_desc: + mtypeid = get_mtype(zapi, mediatype_desc) + + return mtypeid + +def main(): + ''' + Ansible zabbix module for mediatype + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), + zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_debug=dict(default=False, type='bool'), + login=dict(default=None, type='str'), + active=dict(default=False, type='bool'), + medias=dict(default=None, type='list'), + mediaid=dict(default=None, type='int'), + mediatype=dict(default=None, type='str'), + mediatype_desc=dict(default=None, type='str'), + #d-d,hh:mm-hh:mm;d-d,hh:mm-hh:mm... + period=dict(default=None, type='str'), + sendto=dict(default=None, type='str'), + severity=dict(default=None, type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'user' + idname = "mediaid" + state = module.params['state'] + + # User media is fetched through the usermedia.get + zbx_user_query = get_zbx_user_query_data(zapi, module.params['login']) + content = zapi.get_content('usermedia', 'get', zbx_user_query) + + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content) or len(content['result']) == 0: + module.exit_json(changed=False, state="absent") + + if not module.params['login']: + module.exit_json(failed=True, changed=False, results='Must specifiy a user login.', state="absent") + + content = zapi.get_content(zbx_class_name, 'deletemedia', [content['result'][0][idname]]) + + if content.has_key('error'): + module.exit_json(changed=False, results=content['error'], state="absent") + + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + active = get_active(module.params['active']) + mtypeid = get_mediatype(zapi, module.params['mediatype'], module.params['mediatype_desc']) + + medias = module.params['medias'] + if medias == None: + medias = [{'mediatypeid': mtypeid, + 'sendto': module.params['sendto'], + 'active': active, + 'severity': int(get_severity(module.params['severity'])), + 'period': module.params['period'], + }] + + params = {'users': [zbx_user_query], + 'medias': medias, + 'output': 'extend', + } + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'addmedia', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + + # mediaid signifies an update + # If user params exists, check to see if they already exist in zabbix + # if they exist, then return as no update + # elif they do not exist, then take user params only + diff = {'medias': [], 'users': {}} + _ = [diff['medias'].append(media) for media in params['medias'] if not find_media(content['result'], media)] + + if not diff['medias']: + module.exit_json(changed=False, results=content['result'], state="present") + + for user in params['users']: + diff['users']['userid'] = user['userid'] + + # We have differences and need to update + content = zapi.get_content(zbx_class_name, 'updatemedia', diff) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_usergroup.py b/roles/lib_zabbix/library/zbx_usergroup.py new file mode 100644 index 000000000..297d8ef91 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_usergroup.py @@ -0,0 +1,208 @@ +#!/usr/bin/env python +''' +zabbix ansible module for usergroups +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix usergroup ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_rights(zapi, rights): + '''Get rights + ''' + if rights == None: + return None + + perms = [] + for right in rights: + hstgrp = right.keys()[0] + perm = right.values()[0] + content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) + if content['result']: + permission = 0 + if perm == 'ro': + permission = 2 + elif perm == 'rw': + permission = 3 + perms.append({'id': content['result'][0]['groupid'], + 'permission': permission}) + return perms + +def get_gui_access(access): + ''' Return the gui_access for a usergroup + ''' + access = access.lower() + if access == 'internal': + return 1 + elif access == 'disabled': + return 2 + + return 0 + +def get_debug_mode(mode): + ''' Return the debug_mode for a usergroup + ''' + mode = mode.lower() + if mode == 'enabled': + return 1 + + return 0 + +def get_user_status(status): + ''' Return the user_status for a usergroup + ''' + status = status.lower() + if status == 'enabled': + return 0 + + return 1 + + +#def get_userids(zapi, users): +# ''' Get userids from user aliases +# ''' +# if not users: +# return None +# +# userids = [] +# for alias in users: +# content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) +# if content['result']: +# userids.append(content['result'][0]['userid']) +# +# return userids + +def main(): + ''' Ansible module for usergroup + ''' + + ##def usergroup(self, name, rights=None, users=None, state='present', params=None): + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), + zbx_debug=dict(default=False, type='bool'), + debug_mode=dict(default='disabled', type='str'), + gui_access=dict(default='default', type='str'), + status=dict(default='enabled', type='str'), + name=dict(default=None, type='str', required=True), + rights=dict(default=None, type='list'), + #users=dict(default=None, type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + zbx_class_name = 'usergroup' + idname = "usrgrpid" + uname = module.params['name'] + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': uname}, + 'selectUsers': 'userid', + }) + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + if not uname: + module.exit_json(failed=True, changed=False, results='Need to pass in a user.', state="error") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + if state == 'present': + + params = {'name': uname, + 'rights': get_rights(zapi, module.params['rights']), + 'users_status': get_user_status(module.params['status']), + 'gui_access': get_gui_access(module.params['gui_access']), + 'debug_mode': get_debug_mode(module.params['debug_mode']), + #'userids': get_userids(zapi, module.params['users']), + } + + _ = [params.pop(key, None) for key in params.keys() if params[key] == None] + + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + module.exit_json(changed=True, results=content['result'], state='present') + # already exists, we need to update it + # let's compare properties + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + if key == 'rights': + differences['rights'] = value + + #elif key == 'userids' and zab_results.has_key('users'): + #if zab_results['users'] != value: + #differences['userids'] = value + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml new file mode 100644 index 000000000..022ca52f2 --- /dev/null +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -0,0 +1,61 @@ +--- +- debug: var=template + +- name: Template Create Template + zbx_template: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ template.name }}" + register: created_template + +- debug: var=created_template + +- set_fact: + lzbx_applications: "{{ template.zitems | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}" + +- debug: var=lzbx_applications + +- name: Create Application + zbx_application: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ item }}" + template_name: "{{ template.name }}" + with_items: lzbx_applications + register: created_application + when: template.zitems is defined + +- debug: var=created_application + +- name: Create Items + zbx_item: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + key: "{{ item.key }}" + name: "{{ item.name | default(item.key, true) }}" + value_type: "{{ item.value_type | default('int') }}" + template_name: "{{ template.name }}" + applications: "{{ item.applications }}" + with_items: template.zitems + register: created_items + when: template.zitems is defined + +#- debug: var=ctp_created_items + +- name: Create Triggers + zbx_trigger: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + description: "{{ item.description }}" + expression: "{{ item.expression }}" + priority: "{{ item.priority }}" + with_items: template.ztriggers + when: template.ztriggers is defined + +#- debug: var=ctp_created_triggers + + diff --git a/roles/lib_zabbix/tasks/create_user.yml b/roles/lib_zabbix/tasks/create_user.yml new file mode 100644 index 000000000..1f752a9e1 --- /dev/null +++ b/roles/lib_zabbix/tasks/create_user.yml @@ -0,0 +1,11 @@ +--- +- name: Update zabbix credentialss for a user + zbx_user: + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + alias: "{{ ozb_username }}" + passwd: "{{ ozb_new_password | default(ozb_password, true) }}" + register: user + +- debug: var=user.results diff --git a/roles/os_zabbix/README.md b/roles/os_zabbix/README.md new file mode 100644 index 000000000..ac3dc2833 --- /dev/null +++ b/roles/os_zabbix/README.md @@ -0,0 +1,40 @@ +os_zabbix +========= + +Automate zabbix tasks. + +Requirements +------------ + +This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Role Variables +-------------- + +zab_server +zab_username +zab_password + +Dependencies +------------ + +This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now. + +Example Playbook +---------------- + + - zbx_host: + server: zab_server + user: zab_user + password: zab_password + name: 'myhost' + +License +------- + +ASL 2.0 + +Author Information +------------------ + +OpenShift operations, Red Hat, Inc diff --git a/roles/os_zabbix/defaults/main.yml b/roles/os_zabbix/defaults/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/defaults/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/handlers/main.yml b/roles/os_zabbix/handlers/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/handlers/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/library/__init__.py b/roles/os_zabbix/library/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/roles/os_zabbix/library/get_drule.yml b/roles/os_zabbix/library/get_drule.yml deleted file mode 100644 index a3e39f535..000000000 --- a/roles/os_zabbix/library/get_drule.yml +++ /dev/null @@ -1,115 +0,0 @@ ---- -# This is a test playbook to create one of each of the zabbix ansible modules. -# ensure that the zbxapi module is installed -# ansible-playbook test.yml -- name: Test zabbix ansible module - hosts: localhost - gather_facts: no - vars: -#zbx_server: https://localhost/zabbix/api_jsonrpc.php -#zbx_user: Admin -#zbx_password: zabbix - - pre_tasks: - - name: Template Discovery rules - zbx_template: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Template App HaProxy' - state: list - register: template_output - - - debug: var=template_output - - - name: Discovery rules - zbx_discovery_rule: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'haproxy.discovery sender' - state: list - register: drule - - - debug: var=drule - -# - name: Create an application -# zbx_application: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'Test App' -# template_name: "test template" -# register: item_output -# -# - name: Create an item -# zbx_item: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'test item' -# key: 'kenny.item.1' -# applications: -# - 'Test App' -# template_name: "test template" -# register: item_output -# -# - debug: var=item_output -# -# - name: Create an trigger -# zbx_trigger: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# expression: '{test template:kenny.item.1.last()}>2' -# description: 'Kenny desc' -# register: trigger_output -# -# - debug: var=trigger_output -# -# - name: Create a hostgroup -# zbx_hostgroup: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'kenny hostgroup' -# register: hostgroup_output -# -# - debug: var=hostgroup_output -# -# - name: Create a host -# zbx_host: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: 'kenny host' -# template_names: -# - test template -# hostgroup_names: -# - kenny hostgroup -# register: host_output -# -# - debug: var=host_output -# -# - name: Create a usergroup -# zbx_usergroup: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# name: kenny usergroup -# rights: -# - 'kenny hostgroup': rw -# register: usergroup_output -# -# - debug: var=usergroup_output -# -# - name: Create a user -# zbx_user: -# server: "{{ zbx_server }}" -# user: "{{ zbx_user }}" -# password: "{{ zbx_password }}" -# alias: kwoodson -# state: list -# register: user_output -# -# - debug: var=user_output diff --git a/roles/os_zabbix/library/test.yml b/roles/os_zabbix/library/test.yml deleted file mode 100644 index cedace1a0..000000000 --- a/roles/os_zabbix/library/test.yml +++ /dev/null @@ -1,131 +0,0 @@ ---- -# This is a test playbook to create one of each of the zabbix ansible modules. -# ensure that the zbxapi module is installed -# ansible-playbook test.yml -- name: Test zabbix ansible module - hosts: localhost - gather_facts: no - vars: - zbx_server: http://localhost:8080/zabbix/api_jsonrpc.php - zbx_user: Admin - zbx_password: zabbix - - pre_tasks: - - name: Create a template - zbx_template: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test template' - register: template_output - - - debug: var=template_output - - - name: Create a discoveryrule - zbx_discoveryrule: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: test discoverule - key: test_listener - template_name: test template - lifetime: 14 - register: discoveryrule - - - debug: var=discoveryrule - - - name: Create an itemprototype - zbx_itemprototype: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test itemprototype on {#TEST_LISTENER}' - key: 'test[{#TEST_LISTENER}]' - template_name: test template - discoveryrule_name: test discoverule - register: itemproto - - - debug: var=itemproto - - - name: Create an application - zbx_application: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'Test App' - template_name: "test template" - register: item_output - - - name: Create an item - zbx_item: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'test item' - key: 'kenny.item.1' - applications: - - 'Test App' - template_name: "test template" - register: item_output - - - debug: var=item_output - - - name: Create an trigger - zbx_trigger: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - expression: '{test template:kenny.item.1.last()}>2' - description: 'Kenny desc' - register: trigger_output - - - debug: var=trigger_output - - - name: Create a hostgroup - zbx_hostgroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny hostgroup' - register: hostgroup_output - - - debug: var=hostgroup_output - - - name: Create a host - zbx_host: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: 'kenny host' - template_names: - - test template - hostgroup_names: - - kenny hostgroup - register: host_output - - - debug: var=host_output - - - name: Create a usergroup - zbx_usergroup: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - name: kenny usergroup - rights: - - 'kenny hostgroup': rw - register: usergroup_output - - - debug: var=usergroup_output - - - name: Create a user - zbx_user: - server: "{{ zbx_server }}" - user: "{{ zbx_user }}" - password: "{{ zbx_password }}" - alias: kenny user - passwd: zabbix - usergroups: - - kenny usergroup - register: user_output - - - debug: var=user_output diff --git a/roles/os_zabbix/library/zbx_application.py b/roles/os_zabbix/library/zbx_application.py deleted file mode 100644 index 5d4acf72d..000000000 --- a/roles/os_zabbix/library/zbx_application.py +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for application -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix application ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append(content['result'][0]['templateid']) - return template_ids - -def main(): - ''' Ansible module for application - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - template_name=dict(default=None, type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the application for the rest of the calls - zbx_class_name = 'application' - idname = 'applicationid' - aname = module.params['name'] - state = module.params['state'] - # get a applicationid, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': aname}, - 'selectHost': 'hostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], - 'name': aname, - } - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_discoveryrule.py b/roles/os_zabbix/library/zbx_discoveryrule.py deleted file mode 100644 index 56b87fecc..000000000 --- a/roles/os_zabbix/library/zbx_discoveryrule.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(vtype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'JMX': 16, - } - - for typ in _types.keys(): - if vtype in typ or vtype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'discoveryrule' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - #'selectDServices': 'extend', - #'selectDChecks': 'extend', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'lifetime': module.params['lifetime'], - 'type': get_type(module.params['ztype']), - } - if params['type'] in [2, 5, 7, 11]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_host.py b/roles/os_zabbix/library/zbx_host.py deleted file mode 100644 index 12c5f3456..000000000 --- a/roles/os_zabbix/library/zbx_host.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix host ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_group_ids(zapi, hostgroup_names): - ''' - get hostgroups - ''' - # Fetch groups by name - group_ids = [] - for hgr in hostgroup_names: - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hgr}}) - if content.has_key('result'): - group_ids.append({'groupid': content['result'][0]['groupid']}) - - return group_ids - -def get_template_ids(zapi, template_names): - ''' - get related templates - ''' - template_ids = [] - # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append({'templateid': content['result'][0]['templateid']}) - return template_ids - -def main(): - ''' - Ansible module for zabbix host - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - hostgroup_names=dict(default=[], type='list'), - template_names=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - interfaces=dict(default=None, type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'host' - idname = "hostid" - hname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': hname}, - 'selectGroups': 'groupid', - 'selectParentTemplates': 'templateid', - 'selectInterfaces': 'interfaceid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent - 'main': 1, # default interface? 1 = true - 'useip': 1, # default interface? 1 = true - 'ip': '127.0.0.1', # default interface? 1 = true - 'dns': '', # dns for host - 'port': '10050', # port for interface? 10050 - }] - params = {'host': hname, - 'groups': get_group_ids(zapi, module.params['hostgroup_names']), - 'templates': get_template_ids(zapi, module.params['template_names']), - 'interfaces': ifs, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_hostgroup.py b/roles/os_zabbix/library/zbx_hostgroup.py deleted file mode 100644 index a1eb875d4..000000000 --- a/roles/os_zabbix/library/zbx_hostgroup.py +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/bin/env python -''' Ansible module for hostgroup -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix hostgroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' ansible module for hostgroup - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'hostgroup' - idname = "groupid" - hname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': hname}, - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': hname} - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_item.py b/roles/os_zabbix/library/zbx_item.py deleted file mode 100644 index 45ba6c2b0..000000000 --- a/roles/os_zabbix/library/zbx_item.py +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for zabbix items -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix item ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - ansible zabbix module for zbx_item - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - template_name=dict(default=None, type='str'), - zabbix_type=dict(default=2, type='int'), - value_type=dict(default='int', type='str'), - applications=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'item' - idname = "itemid" - state = module.params['state'] - key = module.params['key'] - template_name = module.params['template_name'] - - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - templateid = None - if content['result']: - templateid = content['result'][0]['templateid'] - else: - module.exit_json(changed=False, - results='Error: Could find template with name %s for item.' % template_name, - state="Unkown") - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'key_': key}, - 'selectApplications': 'applicationid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': module.params.get('name', module.params['key']), - 'key_': key, - 'hostid': templateid, - 'type': module.params['zabbix_type'], - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_itemprototype.py b/roles/os_zabbix/library/zbx_itemprototype.py deleted file mode 100644 index f0eb6bbbd..000000000 --- a/roles/os_zabbix/library/zbx_itemprototype.py +++ /dev/null @@ -1,241 +0,0 @@ -#!/usr/bin/env python -''' -Zabbix discovery rule ansible module -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rule_id(zapi, discoveryrule_name): - '''get a discoveryrule by name - ''' - content = zapi.get_content('discoveryrule', - 'get', - {'search': {'name': discoveryrule_name}, - 'output': 'extend', - }) - if not content['result']: - return None - return content['result'][0]['itemid'] - -def get_template(zapi, template_name): - '''get a template by name - ''' - content = zapi.get_content('template', - 'get', - {'search': {'host': template_name}, - 'output': 'extend', - 'selectInterfaces': 'interfaceid', - }) - if not content['result']: - return None - return content['result'][0] - -def get_type(ztype): - ''' - Determine which type of discoverrule this is - ''' - _types = {'agent': 0, - 'SNMPv1': 1, - 'trapper': 2, - 'simple': 3, - 'SNMPv2': 4, - 'internal': 5, - 'SNMPv3': 6, - 'active': 7, - 'aggregate': 8, - 'external': 10, - 'database monitor': 11, - 'ipmi': 12, - 'ssh': 13, - 'telnet': 14, - 'calculated': 15, - 'JMX': 16, - } - - for typ in _types.keys(): - if ztype in typ or ztype == typ: - _vtype = _types[typ] - break - else: - _vtype = 2 - - return _vtype - -def get_value_type(value_type): - ''' - Possible values: - 0 - numeric float; - 1 - character; - 2 - log; - 3 - numeric unsigned; - 4 - text - ''' - vtype = 0 - if 'int' in value_type: - vtype = 3 - elif 'char' in value_type: - vtype = 1 - elif 'str' in value_type: - vtype = 4 - - return vtype - -def get_status(status): - ''' Determine status - ''' - _status = 0 - if status == 'disabled': - _status = 1 - elif status == 'unsupported': - _status = 3 - - return _status - -def get_app_ids(zapi, application_names): - ''' get application ids from names - ''' - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids - -def main(): - ''' - Ansible module for zabbix discovery rules - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=os.environ['ZABBIX_USER'], type='str'), - password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), - name=dict(default=None, type='str'), - key=dict(default=None, type='str'), - interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), - value_type=dict(default='float', type='str'), - delay=dict(default=60, type='int'), - lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - status=dict(default='enabled', type='str'), - discoveryrule_name=dict(default=None, type='str'), - applications=dict(default=[], type='list'), - ), - #supports_check_mode=True - ) - - user = module.params['user'] - passwd = module.params['password'] - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'itemprototype' - idname = "itemid" - dname = module.params['name'] - state = module.params['state'] - - # selectInterfaces doesn't appear to be working but is needed. - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': dname}, - 'selectApplications': 'applicationid', - 'selectDiscoveryRule': 'itemid', - #'selectDhosts': 'dhostid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, - 'key_': module.params['key'], - 'hostid': template['templateid'], - 'interfaceid': module.params['interfaceid'], - 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), - 'type': get_type(module.params['ztype']), - 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), - } - if params['type'] in [2, 5, 7, 8, 11, 15]: - params.pop('interfaceid') - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if key == 'ruleid': - if value != zab_results['discoveryRule']['itemid']: - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_mediatype.py b/roles/os_zabbix/library/zbx_mediatype.py deleted file mode 100644 index a49aecd0f..000000000 --- a/roles/os_zabbix/library/zbx_mediatype.py +++ /dev/null @@ -1,149 +0,0 @@ -#!/usr/bin/env python -''' - Ansible module for mediatype -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix mediatype ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True -def get_mtype(mtype): - ''' - Transport used by the media type. - Possible values: - 0 - email; - 1 - script; - 2 - SMS; - 3 - Jabber; - 100 - Ez Texting. - ''' - mtype = mtype.lower() - media_type = None - if mtype == 'script': - media_type = 1 - elif mtype == 'sms': - media_type = 2 - elif mtype == 'jabber': - media_type = 3 - elif mtype == 'script': - media_type = 100 - else: - media_type = 0 - - return media_type - -def main(): - ''' - Ansible zabbix module for mediatype - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - description=dict(default=None, type='str'), - mtype=dict(default=None, type='str'), - smtp_server=dict(default=None, type='str'), - smtp_helo=dict(default=None, type='str'), - smtp_email=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'mediatype' - idname = "mediatypeid" - description = module.params['description'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, 'get', {'search': {'description': description}}) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'description': description, - 'type': get_mtype(module.params['media_type']), - 'smtp_server': module.params['smtp_server'], - 'smtp_helo': module.params['smtp_helo'], - 'smtp_email': module.params['smtp_email'], - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if zab_results[key] != value and \ - zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_template.py b/roles/os_zabbix/library/zbx_template.py deleted file mode 100644 index 20ea48a85..000000000 --- a/roles/os_zabbix/library/zbx_template.py +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/bin/env python -''' -Ansible module for template -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix template ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def main(): - ''' Ansible module for template - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zbc = ZabbixConnection(module.params['server'], user, passwd, module.params['debug']) - zapi = ZabbixAPI(zbc) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'template' - idname = 'templateid' - tname = module.params['name'] - state = module.params['state'] - # get a template, see if it exists - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'host': tname}, - 'selectParentTemplates': 'templateid', - 'selectGroups': 'groupid', - 'selectApplications': 'applicationid', - 'selectDiscoveries': 'extend', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'groups': module.params.get('groups', [{'groupid': '1'}]), - 'host': tname, - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'templates' and zab_results.has_key('parentTemplates'): - if zab_results['parentTemplates'] != value: - differences[key] = value - elif zab_results[key] != str(value) and zab_results[key] != value: - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=content['result'], state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_trigger.py b/roles/os_zabbix/library/zbx_trigger.py deleted file mode 100644 index 7cc9356c8..000000000 --- a/roles/os_zabbix/library/zbx_trigger.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix triggers -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix trigger ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - - -def get_priority(priority): - ''' determine priority - ''' - prior = 0 - if 'info' in priority: - prior = 1 - elif 'warn' in priority: - prior = 2 - elif 'avg' == priority or 'ave' in priority: - prior = 3 - elif 'high' in priority: - prior = 4 - elif 'dis' in priority: - prior = 5 - - return prior - -def get_deps(zapi, deps): - ''' get trigger dependencies - ''' - results = [] - for desc in deps: - content = zapi.get_content('trigger', - 'get', - {'search': {'description': desc}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if content.has_key('result'): - results.append({'triggerid': content['result'][0]['triggerid']}) - - return results - -def main(): - ''' - Create a trigger in zabbix - - Example: - "params": { - "description": "Processor load is too high on {HOST.NAME}", - "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5", - "dependencies": [ - { - "triggerid": "14062" - } - ] - }, - - ''' - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - expression=dict(default=None, type='str'), - description=dict(default=None, type='str'), - dependencies=dict(default=[], type='list'), - priority=dict(default='avg', type='str'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - #Set the instance and the template for the rest of the calls - zbx_class_name = 'trigger' - idname = "triggerid" - state = module.params['state'] - description = module.params['description'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'description': description}, - 'expandExpression': True, - 'selectDependencies': 'triggerid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'description': description, - 'expression': module.params['expression'], - 'dependencies': get_deps(zapi, module.params['dependencies']), - 'priority': get_priority(module.params['priority']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - - if zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/os_zabbix/library/zbx_user.py deleted file mode 100644 index c45c9a75d..000000000 --- a/roles/os_zabbix/library/zbx_user.py +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/bin/env python -''' -ansible module for zabbix users -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix user ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_usergroups(zapi, usergroups): - ''' Get usergroups - ''' - ugroups = [] - for ugr in usergroups: - content = zapi.get_content('usergroup', - 'get', - {'search': {'name': ugr}, - #'selectUsers': 'userid', - #'getRights': 'extend' - }) - if content['result']: - ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']}) - - return ugroups or None - -def get_usertype(user_type): - ''' - Determine zabbix user account type - ''' - if not user_type: - return None - - utype = 1 - if 'super' in user_type: - utype = 3 - elif 'admin' in user_type or user_type == 'admin': - utype = 2 - - return utype - -def main(): - ''' - ansible zabbix module for users - ''' - - ##def user(self, name, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - alias=dict(default=None, type='str'), - name=dict(default=None, type='str'), - surname=dict(default=None, type='str'), - user_type=dict(default=None, type='str'), - passwd=dict(default=None, type='str'), - usergroups=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - password = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, password, module.params['debug'])) - - ## before we can create a user media and users with media types we need media - zbx_class_name = 'user' - idname = "userid" - alias = module.params['alias'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'output': 'extend', - 'search': {'alias': alias}, - "selectUsrgrps": 'usergrpid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'alias': alias, - 'passwd': module.params['passwd'], - 'usrgrps': get_usergroups(zapi, module.params['usergroups']), - 'name': module.params['name'], - 'surname': module.params['surname'], - 'type': get_usertype(module.params['user_type']), - } - - # Remove any None valued params - _ = [params.pop(key, None) for key in params.keys() if params[key] is None] - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'passwd': - differences[key] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/library/zbx_usergroup.py b/roles/os_zabbix/library/zbx_usergroup.py deleted file mode 100644 index ede4c9df1..000000000 --- a/roles/os_zabbix/library/zbx_usergroup.py +++ /dev/null @@ -1,160 +0,0 @@ -#!/usr/bin/env python -''' -zabbix ansible module for usergroups -''' -# vim: expandtab:tabstop=4:shiftwidth=4 -# -# Zabbix usergroup ansible module -# -# -# Copyright 2015 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is in place because each module looks similar to each other. -# These need duplicate code as their behavior is very similar -# but different for each zabbix class. -# pylint: disable=duplicate-code - -# pylint: disable=import-error -from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection - -def exists(content, key='result'): - ''' Check if key exists in content or the size of content[key] > 0 - ''' - if not content.has_key(key): - return False - - if not content[key]: - return False - - return True - -def get_rights(zapi, rights): - '''Get rights - ''' - perms = [] - for right in rights: - hstgrp = right.keys()[0] - perm = right.values()[0] - content = zapi.get_content('hostgroup', 'get', {'search': {'name': hstgrp}}) - if content['result']: - permission = 0 - if perm == 'ro': - permission = 2 - elif perm == 'rw': - permission = 3 - perms.append({'id': content['result'][0]['groupid'], - 'permission': permission}) - return perms - -def get_userids(zapi, users): - ''' Get userids from user aliases - ''' - userids = [] - for alias in users: - content = zapi.get_content('user', 'get', {'search': {'alias': alias}}) - if content['result']: - userids.append(content['result'][0]['userid']) - - return userids - -def main(): - ''' Ansible module for usergroup - ''' - - ##def usergroup(self, name, rights=None, users=None, state='present', params=None): - - module = AnsibleModule( - argument_spec=dict( - server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - user=dict(default=None, type='str'), - password=dict(default=None, type='str'), - name=dict(default=None, type='str'), - rights=dict(default=[], type='list'), - users=dict(default=[], type='list'), - debug=dict(default=False, type='bool'), - state=dict(default='present', type='str'), - ), - #supports_check_mode=True - ) - - user = module.params.get('user', os.environ['ZABBIX_USER']) - passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD']) - - zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])) - - zbx_class_name = 'usergroup' - idname = "usrgrpid" - uname = module.params['name'] - state = module.params['state'] - - content = zapi.get_content(zbx_class_name, - 'get', - {'search': {'name': uname}, - 'selectUsers': 'userid', - }) - if state == 'list': - module.exit_json(changed=False, results=content['result'], state="list") - - if state == 'absent': - if not exists(content): - module.exit_json(changed=False, state="absent") - - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) - module.exit_json(changed=True, results=content['result'], state="absent") - - if state == 'present': - params = {'name': uname, - 'rights': get_rights(zapi, module.params['rights']), - 'userids': get_userids(zapi, module.params['users']), - } - - if not exists(content): - # if we didn't find it, create it - content = zapi.get_content(zbx_class_name, 'create', params) - module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties - differences = {} - zab_results = content['result'][0] - for key, value in params.items(): - if key == 'rights': - differences['rights'] = value - - elif key == 'userids' and zab_results.has_key('users'): - if zab_results['users'] != value: - differences['userids'] = value - - elif zab_results[key] != value and zab_results[key] != str(value): - differences[key] = value - - if not differences: - module.exit_json(changed=False, results=zab_results, state="present") - - # We have differences and need to update - differences[idname] = zab_results[idname] - content = zapi.get_content(zbx_class_name, 'update', differences) - module.exit_json(changed=True, results=content['result'], state="present") - - module.exit_json(failed=True, - changed=False, - results='Unknown state passed. %s' % state, - state="unknown") - -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled -# import module snippets. This are required -from ansible.module_utils.basic import * - -main() diff --git a/roles/os_zabbix/meta/main.yml b/roles/os_zabbix/meta/main.yml new file mode 100644 index 000000000..360f5aad2 --- /dev/null +++ b/roles/os_zabbix/meta/main.yml @@ -0,0 +1,9 @@ +--- +galaxy_info: + author: OpenShift + description: ZabbixAPI + company: Red Hat, Inc + license: ASL 2.0 + min_ansible_version: 1.2 +dependencies: +- lib_zabbix diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml new file mode 100644 index 000000000..7111c778b --- /dev/null +++ b/roles/os_zabbix/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Main List all templates + zbx_template: + zbx_server: "{{ ozb_server }}" + zbx_user: "{{ ozb_user }}" + zbx_password: "{{ ozb_password }}" + state: list + register: templates + +- debug: var=templates + +- include_vars: template_heartbeat.yml +- include_vars: template_os_linux.yml + +- name: Include Template Heartbeat + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_heartbeat }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + +- name: Include Template os_linux + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_os_linux }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + diff --git a/roles/os_zabbix/vars/main.yml b/roles/os_zabbix/vars/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/os_zabbix/vars/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml new file mode 100644 index 000000000..8389485d3 --- /dev/null +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -0,0 +1,12 @@ +--- +g_template_heartbeat: + name: Template Heartbeat + zitems: + - name: Heartbeat Ping + applications: + - Heartbeat + key: heartbeat.ping + ztriggers: + - description: 'Heartbeat.ping has failed on {HOST.NAME}' + expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' + priority: avg diff --git a/roles/os_zabbix/vars/template_host.yml b/roles/os_zabbix/vars/template_host.yml new file mode 100644 index 000000000..e7cc667cb --- /dev/null +++ b/roles/os_zabbix/vars/template_host.yml @@ -0,0 +1,27 @@ +--- +g_template_host: + params: + name: Template Host + host: Template Host + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Host + zitems: + - name: Host Ping + hostid: + key_: host.ping + type: 2 + value_type: 0 + output: extend + search: + key_: host.ping + ztriggers: + - description: 'Host ping has failed on {HOST.NAME}' + expression: '{Template Host:host.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Host ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_master.yml b/roles/os_zabbix/vars/template_master.yml new file mode 100644 index 000000000..5f9b41a4f --- /dev/null +++ b/roles/os_zabbix/vars/template_master.yml @@ -0,0 +1,27 @@ +--- +g_template_master: + params: + name: Template Master + host: Template Master + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Master + zitems: + - name: Master Etcd Ping + hostid: + key_: master.etcd.ping + type: 2 + value_type: 0 + output: extend + search: + key_: master.etcd.ping + ztriggers: + - description: 'Master Etcd ping has failed on {HOST.NAME}' + expression: '{Template Master:master.etcd.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Master Etcd ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_node.yml b/roles/os_zabbix/vars/template_node.yml new file mode 100644 index 000000000..98c343a24 --- /dev/null +++ b/roles/os_zabbix/vars/template_node.yml @@ -0,0 +1,27 @@ +--- +g_template_node: + params: + name: Template Node + host: Template Node + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Node + zitems: + - name: Kubelet Ping + hostid: + key_: kubelet.ping + type: 2 + value_type: 0 + output: extend + search: + key_: kubelet.ping + ztriggers: + - description: 'Kubelet ping has failed on {HOST.NAME}' + expression: '{Template Node:kubelet.ping.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Kubelet ping has failed on*' + expandExpression: True diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml new file mode 100644 index 000000000..1c9d10bb0 --- /dev/null +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -0,0 +1,173 @@ +--- +g_template_os_linux: + name: Template OS Linux + zitems: + - key: kernel.uname.sysname + applications: + - Kernel + value_type: string + + - key: kernel.all.cpu.wait.total + applications: + - Kernel + value_type: int + + - key: kernel.all.cpu.irq.hard + applications: + - Kernel + value_type: int + + - key: kernel.all.cpu.idle + applications: + - Kernel + value_type: int + + - key: kernel.uname.distro + applications: + - Kernel + value_type: string + + - key: kernel.uname.nodename + applications: + - Kernel + value_type: string + + - key: kernel.all.cpu.irq.soft + applications: + - Kernel + value_type: int + + - key: kernel.all.load.15_minute + applications: + - Kernel + value_type: float + + - key: kernel.all.cpu.sys + applications: + - Kernel + value_type: int + + - key: kernel.all.load.5_minute + applications: + - Kernel + value_type: float + + - key: mem.freemem + applications: + - Memory + value_type: int + + - key: kernel.all.cpu.nice + applications: + - Kernel + value_type: int + + - key: mem.util.bufmem + applications: + - Memory + value_type: int + + - key: swap.used + applications: + - Memory + value_type: int + + - key: kernel.all.load.1_minute + applications: + - Kernel + value_type: float + + - key: kernel.uname.version + applications: + - Kernel + value_type: string + + - key: swap.length + applications: + - Memory + value_type: int + + - key: mem.physmem + applications: + - Memory + value_type: int + + - key: kernel.all.uptime + applications: + - Kernel + value_type: int + + - key: swap.free + applications: + - Memory + value_type: int + + - key: mem.util.used + applications: + - Memory + value_type: int + + - key: kernel.all.cpu.user + applications: + - Kernel + value_type: int + + - key: kernel.uname.machine + applications: + - Kernel + value_type: string + + - key: hinv.ncpu + applications: + - Kernel + value_type: int + + - key: mem.util.cached + applications: + - Memory + value_type: int + + - key: kernel.all.cpu.steal + applications: + - Kernel + value_type: int + + - key: kernel.all.pswitch + applications: + - Kernel + value_type: int + + - key: kernel.uname.release + applications: + - Kernel + value_type: string + + - key: proc.nprocs + applications: + - Kernel + value_type: int + + - key: filesys.avail + applications: + - Disk + value_type: int + + - key: filesys.capacity + applications: + - Disk + value_type: int + + - key: filesys.free + applications: + - Disk + value_type: int + + - key: filesys.full + applications: + - Disk + value_type: float + + - key: filesys.used + applications: + - Disk + value_type: float diff --git a/roles/os_zabbix/vars/template_router.yml b/roles/os_zabbix/vars/template_router.yml new file mode 100644 index 000000000..4dae7da1e --- /dev/null +++ b/roles/os_zabbix/vars/template_router.yml @@ -0,0 +1,27 @@ +--- +g_template_router: + params: + name: Template Router + host: Template Router + groups: + - groupid: 1 # FIXME (not real) + output: extend + search: + name: Template Router + zitems: + - name: Router Backends down + hostid: + key_: router.backends.down + type: 2 + value_type: 0 + output: extend + search: + key_: router.backends.down + ztriggers: + - description: 'Number of router backends down on {HOST.NAME}' + expression: '{Template Router:router.backends.down.last()}<>0' + priority: 3 + searchWildcardsEnabled: True + search: + description: 'Number of router backends down on {HOST.NAME}' + expandExpression: True -- cgit v1.2.3 From f0d03d257f2186c91e99c06e34be737468ea6ad6 Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Thu, 27 Aug 2015 10:27:46 -0500 Subject: Add a role that allows logrotate config editing. This role gets called for each type of machine, but if logrotate_scripts is not set, nothing happens. --- .../openshift-cluster/tasks/launch_instances.yml | 17 ++++++ playbooks/common/openshift-etcd/config.yml | 1 + playbooks/common/openshift-master/config.yml | 1 + playbooks/common/openshift-node/config.yml | 1 + roles/nickhammond.logrotate/.travis.yml | 14 +++++ roles/nickhammond.logrotate/README.md | 71 ++++++++++++++++++++++ .../meta/.galaxy_install_info | 1 + roles/nickhammond.logrotate/meta/main.yml | 15 +++++ roles/nickhammond.logrotate/tasks/main.yml | 10 +++ .../nickhammond.logrotate/templates/logrotate.d.j2 | 16 +++++ roles/nickhammond.logrotate/tests/inventory | 1 + roles/nickhammond.logrotate/tests/test.yml | 18 ++++++ 12 files changed, 166 insertions(+) create mode 100644 roles/nickhammond.logrotate/.travis.yml create mode 100644 roles/nickhammond.logrotate/README.md create mode 100644 roles/nickhammond.logrotate/meta/.galaxy_install_info create mode 100644 roles/nickhammond.logrotate/meta/main.yml create mode 100644 roles/nickhammond.logrotate/tasks/main.yml create mode 100644 roles/nickhammond.logrotate/templates/logrotate.d.j2 create mode 100644 roles/nickhammond.logrotate/tests/inventory create mode 100644 roles/nickhammond.logrotate/tests/test.yml diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index e9ebc3e02..b77bcdc1a 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -159,6 +159,22 @@ type: "{{host_type}}" when: host_type != "node" +- set_fact: + logrotate: + - name: syslog + path: "/var/log/cron + \n/var/log/maillog + \n/var/log/messages + \n/var/log/secure + \n/var/log/spooler \n" + options: + - daily + - rotate 7 + - compress + - sharedscripts + scripts: + postrotate: "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true" + - name: Add new instances groups and variables add_host: hostname: "{{ item.0 }}" @@ -169,6 +185,7 @@ ec2_private_ip_address: "{{ item.1.private_ip }}" ec2_ip_address: "{{ item.1.public_ip }}" openshift_node_labels: "{{ node_label }}" + logrotate_scripts: "{{ logrotate }}" with_together: - instances - ec2.instances diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 3cc561ba0..952960652 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -85,6 +85,7 @@ when: etcd_server_certs_missing roles: - etcd + - role: nickhammond.logrotate - name: Delete temporary directory on localhost hosts: localhost diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index acf85fc04..ed40d4b89 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -199,6 +199,7 @@ when: master_certs_missing and 'oo_first_master' not in group_names roles: - openshift_master + - role: nickhammond.logrotate - role: fluentd_master when: openshift.common.use_fluentd | bool post_tasks: diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 705f7f223..e0060a9a3 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -99,6 +99,7 @@ when: certs_missing roles: - openshift_node + - role: nickhammond.logrotate - role: fluentd_node when: openshift.common.use_fluentd | bool tasks: diff --git a/roles/nickhammond.logrotate/.travis.yml b/roles/nickhammond.logrotate/.travis.yml new file mode 100644 index 000000000..161023def --- /dev/null +++ b/roles/nickhammond.logrotate/.travis.yml @@ -0,0 +1,14 @@ +--- +language: python +python: "2.7" +before_install: + - sudo apt-get update -qq + - sudo apt-get install -qq python-apt python-pycurl +install: + - pip install ansible +script: + - "printf '[defaults]\nroles_path = ../' > ansible.cfg" + - ansible-playbook -i tests/inventory --syntax-check tests/test.yml + - ansible-playbook -i tests/inventory --connection=local --sudo -vvvv tests/test.yml +notifications: + email: false diff --git a/roles/nickhammond.logrotate/README.md b/roles/nickhammond.logrotate/README.md new file mode 100644 index 000000000..602b5ef6c --- /dev/null +++ b/roles/nickhammond.logrotate/README.md @@ -0,0 +1,71 @@ +[![Build Status](https://travis-ci.org/nickhammond/ansible-logrotate.svg?branch=master)](https://travis-ci.org/nickhammond/ansible-logrotate) + +Role Name +======== + +Installs logrotate and provides an easy way to setup additional logrotate scripts by specifying a list of directives. + +Requirements +------------ + +None + +Role Variables +-------------- + +**logrotate_scripts**: A list of logrotate scripts and the directives to use for the rotation. + +* name - The name of the script that goes into /etc/logrotate.d/ +* path - Path to point logrotate to for the log rotation +* options - List of directives for logrotate, view the logrotate man page for specifics +* scripts - Dict of scripts for logrotate (see Example below) + +``` +logrotate_scripts: + - name: rails + path: "/srv/current/log/*.log" + options: + - weekly + - size 25M + - missingok + - compress + - delaycompress + - copytruncate +``` + +Dependencies +------------ + +None + +Example Playbook +------------------------- + +Setting up logrotate for additional Nginx logs, with postrotate script. + +``` +logrotate_scripts: + - name: nginx + path: /var/log/nginx/*.log + options: + - weekly + - size 25M + - rotate 7 + - missingok + - compress + - delaycompress + - copytruncate + scripts: + postrotate: "[ -s /run/nginx.pid ] && kill USR1 `cat /run/nginx.pid`" + +``` + +License +------- + +BSD + +Author Information +------------------ + +Find [Nick Hammond]( http://www.nickhammond.com ) on [Twitter](http://twitter.com/nickhammond). diff --git a/roles/nickhammond.logrotate/meta/.galaxy_install_info b/roles/nickhammond.logrotate/meta/.galaxy_install_info new file mode 100644 index 000000000..0d76708c9 --- /dev/null +++ b/roles/nickhammond.logrotate/meta/.galaxy_install_info @@ -0,0 +1 @@ +{install_date: 'Thu Aug 27 15:26:31 2015', version: master} diff --git a/roles/nickhammond.logrotate/meta/main.yml b/roles/nickhammond.logrotate/meta/main.yml new file mode 100644 index 000000000..1717b6d3d --- /dev/null +++ b/roles/nickhammond.logrotate/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Nick Hammond + description: Role to configure logrotate scripts + license: BSD + min_ansible_version: 1.5 + platforms: + - name: Ubuntu + versions: + - lucid + - precise + - trusty + categories: + - system +dependencies: [] diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml new file mode 100644 index 000000000..fda23e05e --- /dev/null +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: nickhammond.logrotate | Install logrotate + action: "{{ansible_pkg_mgr}} pkg=logrotate state=present" + +- name: nickhammond.logrotate | Setup logrotate.d scripts + template: + src: logrotate.d.j2 + dest: /etc/logrotate.d/{{ item.name }} + with_items: logrotate_scripts + when: logrotate_scripts is defined diff --git a/roles/nickhammond.logrotate/templates/logrotate.d.j2 b/roles/nickhammond.logrotate/templates/logrotate.d.j2 new file mode 100644 index 000000000..6453be6b2 --- /dev/null +++ b/roles/nickhammond.logrotate/templates/logrotate.d.j2 @@ -0,0 +1,16 @@ +# {{ ansible_managed }} + +{{ item.path }} { + {% if item.options is defined -%} + {% for option in item.options -%} + {{ option }} + {% endfor -%} + {% endif %} + {%- if item.scripts is defined -%} + {%- for name, script in item.scripts.iteritems() -%} + {{ name }} + {{ script }} + endscript + {% endfor -%} + {% endif -%} +} diff --git a/roles/nickhammond.logrotate/tests/inventory b/roles/nickhammond.logrotate/tests/inventory new file mode 100644 index 000000000..2fbb50c4a --- /dev/null +++ b/roles/nickhammond.logrotate/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/roles/nickhammond.logrotate/tests/test.yml b/roles/nickhammond.logrotate/tests/test.yml new file mode 100644 index 000000000..e806b0a02 --- /dev/null +++ b/roles/nickhammond.logrotate/tests/test.yml @@ -0,0 +1,18 @@ +--- +- hosts: all + sudo: True + roles: + - ansible-logrotate + - role: ansible-logrotate + logrotate_scripts: + - name: nginx-options + path: /var/log/nginx/options.log + options: + - daily + + - role: ansible-logrotate + logrotate_scripts: + - name: nginx-scripts + path: /var/log/nginx/scripts.log + scripts: + postrotate: "echo test" -- cgit v1.2.3 From 87d786993529b2f3a790fc7a3a83a93724f778ff Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Thu, 27 Aug 2015 16:47:01 -0400 Subject: update heartbeat check --- roles/os_zabbix/vars/template_heartbeat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml index 8389485d3..3d0f3d51a 100644 --- a/roles/os_zabbix/vars/template_heartbeat.yml +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -8,5 +8,5 @@ g_template_heartbeat: key: heartbeat.ping ztriggers: - description: 'Heartbeat.ping has failed on {HOST.NAME}' - expression: '{Template Heartbeat:heartbeat.ping.last()}<>0' + expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1' priority: avg -- cgit v1.2.3 From e8d71b6ed7421644a765564c85ca3ee32182fed2 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 27 Aug 2015 17:02:34 -0400 Subject: Fixed env var defaults. --- roles/lib_zabbix/library/zbx_application.py | 4 ++-- roles/lib_zabbix/library/zbx_discoveryrule.py | 4 ++-- roles/lib_zabbix/library/zbx_host.py | 4 ++-- roles/lib_zabbix/library/zbx_hostgroup.py | 4 ++-- roles/lib_zabbix/library/zbx_item.py | 4 ++-- roles/lib_zabbix/library/zbx_itemprototype.py | 4 ++-- roles/lib_zabbix/library/zbx_mediatype.py | 4 ++-- roles/lib_zabbix/library/zbx_template.py | 4 ++-- roles/lib_zabbix/library/zbx_trigger.py | 4 ++-- roles/lib_zabbix/library/zbx_user.py | 4 ++-- roles/lib_zabbix/library/zbx_user_media.py | 4 ++-- 11 files changed, 22 insertions(+), 22 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_application.py b/roles/lib_zabbix/library/zbx_application.py index ffa00e052..d3d08c9dd 100644 --- a/roles/lib_zabbix/library/zbx_application.py +++ b/roles/lib_zabbix/library/zbx_application.py @@ -60,8 +60,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), template_name=dict(default=None, type='list'), diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py index 79ee91180..71a0580c2 100644 --- a/roles/lib_zabbix/library/zbx_discoveryrule.py +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -88,8 +88,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), key=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_host.py b/roles/lib_zabbix/library/zbx_host.py index 7be03653e..e26c9caf3 100644 --- a/roles/lib_zabbix/library/zbx_host.py +++ b/roles/lib_zabbix/library/zbx_host.py @@ -71,8 +71,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), hostgroup_names=dict(default=[], type='list'), diff --git a/roles/lib_zabbix/library/zbx_hostgroup.py b/roles/lib_zabbix/library/zbx_hostgroup.py index f161d3d9f..7f080af24 100644 --- a/roles/lib_zabbix/library/zbx_hostgroup.py +++ b/roles/lib_zabbix/library/zbx_hostgroup.py @@ -47,8 +47,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), state=dict(default='present', type='str'), diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 60da243fe..bcd389e47 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -80,8 +80,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), key=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index 47100f613..24f85710d 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -142,8 +142,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), key=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_mediatype.py b/roles/lib_zabbix/library/zbx_mediatype.py index cc72cc9a8..3be232ecf 100644 --- a/roles/lib_zabbix/library/zbx_mediatype.py +++ b/roles/lib_zabbix/library/zbx_mediatype.py @@ -74,8 +74,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), description=dict(default=None, type='str'), mtype=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_template.py b/roles/lib_zabbix/library/zbx_template.py index 1592fa268..ff5714bdc 100644 --- a/roles/lib_zabbix/library/zbx_template.py +++ b/roles/lib_zabbix/library/zbx_template.py @@ -48,8 +48,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), state=dict(default='present', type='str'), diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index ffad5b40a..43f3d2677 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -94,8 +94,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), expression=dict(default=None, type='str'), description=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py index a9906d773..c916fa96a 100644 --- a/roles/lib_zabbix/library/zbx_user.py +++ b/roles/lib_zabbix/library/zbx_user.py @@ -89,8 +89,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), login=dict(default=None, type='str'), first_name=dict(default=None, type='str'), diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py index aad3554dd..3f7760475 100644 --- a/roles/lib_zabbix/library/zbx_user_media.py +++ b/roles/lib_zabbix/library/zbx_user_media.py @@ -136,8 +136,8 @@ def main(): module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), - zbx_user=dict(default=os.environ['ZABBIX_USER'], type='str'), - zbx_password=dict(default=os.environ['ZABBIX_PASSWORD'], type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), login=dict(default=None, type='str'), active=dict(default=False, type='bool'), -- cgit v1.2.3 From d565411ae9f2080c7c575744099fe5f79de2bb55 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 27 Aug 2015 21:32:17 -0400 Subject: adhoc/tutorial_reset: Don't error out if there are no Docker images I'd like this playbook to always work. --- playbooks/adhoc/atomic_openshift_tutorial_reset.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml index 1200caa2a..3e22f8f2d 100644 --- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml +++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml @@ -61,12 +61,15 @@ - shell: docker ps -a -q | xargs docker stop changed_when: False + failed_when: False - shell: docker ps -a -q| xargs docker rm changed_when: False + failed_when: False - shell: docker images -q |xargs docker rmi changed_when: False + failed_when: False - file: path={{ item }} state=absent with_items: -- cgit v1.2.3 From 61ba47474f12fb83e9e40f2a1f0a47fd5d393457 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 27 Aug 2015 22:19:27 -0400 Subject: adhoc/tutorial_reset: Also delete etcd and data I needed this because I forgot to override openshift_hostname, and it found the wrong hostname, which then leaked into etcd certs, which caused the master to fail to start. --- playbooks/adhoc/atomic_openshift_tutorial_reset.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml index 3e22f8f2d..54d3ea278 100644 --- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml +++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml @@ -19,10 +19,12 @@ - openshift-node - atomic-enterprise-master - atomic-enterprise-node + - etcd - yum: name={{ item }} state=absent with_items: - openvswitch + - etcd - origin - origin-master - origin-node @@ -89,6 +91,8 @@ - /etc/sysconfig/openshift-node - /etc/sysconfig/atomic-enterprise-master - /etc/sysconfig/atomic-enterprise-node + - /etc/etcd + - /var/lib/etcd - user: name={{ item }} state=absent remove=yes with_items: -- cgit v1.2.3 From 8f0cd8cfa6ec5fb0cbb0065840d4b908d21ceeb4 Mon Sep 17 00:00:00 2001 From: "Diego Castro (dscastro)" Date: Fri, 28 Aug 2015 11:16:00 -0300 Subject: Make cluster_metrics disabled by default --- roles/openshift_facts/library/openshift_facts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index c1c4e1b5c..6c15ba6a8 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -337,7 +337,7 @@ def set_cluster_metrics_facts_if_unset(facts): if 'common' in facts: deployment_type = facts['common']['deployment_type'] if 'use_cluster_metrics' not in facts['common']: - use_cluster_metrics = True if deployment_type == 'origin' else False + use_cluster_metrics = False facts['common']['use_cluster_metrics'] = use_cluster_metrics return facts -- cgit v1.2.3 From b670f5dce8b983c9469dba47f18c2beaf6c1fc2f Mon Sep 17 00:00:00 2001 From: "Diego Castro (dscastro)" Date: Fri, 28 Aug 2015 11:46:35 -0300 Subject: Fix tests --- roles/openshift_facts/library/openshift_facts.py | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 6c15ba6a8..dbcfa688c 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -335,7 +335,6 @@ def set_cluster_metrics_facts_if_unset(facts): """ if 'common' in facts: - deployment_type = facts['common']['deployment_type'] if 'use_cluster_metrics' not in facts['common']: use_cluster_metrics = False facts['common']['use_cluster_metrics'] = use_cluster_metrics -- cgit v1.2.3 From 05c5d6e1a0de2e7a5f5cb509b08981ba9b1ec69b Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 27 Aug 2015 17:45:14 -0400 Subject: Add cockpit-ws with cockpit-kubernetes plugin --- inventory/byo/hosts.example | 6 ++++++ playbooks/common/openshift-master/config.yml | 9 +++++++++ roles/cockpit/defaults/main.yml | 5 +++++ roles/cockpit/meta/main.yml | 15 +++++++++++++++ roles/cockpit/tasks/main.yml | 16 ++++++++++++++++ 5 files changed, 51 insertions(+) create mode 100644 roles/cockpit/defaults/main.yml create mode 100644 roles/cockpit/meta/main.yml create mode 100644 roles/cockpit/tasks/main.yml diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 2bbc4ca1e..1685003e8 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -44,6 +44,12 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Configure Fluentd #use_fluentd=true +# Enable cockpit +#osm_use_cockpit=true +# +# Set cockpit plugins +#osm_cockpit_plugins=['cockpit-kubernetes'] + # master cluster ha variables using pacemaker or RHEL HA #openshift_master_cluster_password=openshift_cluster #openshift_master_cluster_vip=192.168.133.25 diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index ed40d4b89..e8e3dcfdc 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -219,6 +219,15 @@ - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool +- name: Enable cockpit + hosts: oo_first_master + vars: + cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}" + roles: + - role: cockpit + when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and + (osm_use_cockpit | bool or osm_use_cockpit is undefined ) + # Additional instance config for online deployments - name: Additional instance config hosts: oo_masters_deployment_type_online diff --git a/roles/cockpit/defaults/main.yml b/roles/cockpit/defaults/main.yml new file mode 100644 index 000000000..ffd55f1dd --- /dev/null +++ b/roles/cockpit/defaults/main.yml @@ -0,0 +1,5 @@ +--- +os_firewall_use_firewalld: false +os_firewall_allow: +- service: cockpit-ws + port: 9090/tcp diff --git a/roles/cockpit/meta/main.yml b/roles/cockpit/meta/main.yml new file mode 100644 index 000000000..1e3948b19 --- /dev/null +++ b/roles/cockpit/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Scott Dodson + description: Deploy and Enable cockpit-ws plus optional plugins + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.7 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: + - { role: os_firewall } diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml new file mode 100644 index 000000000..875cbad21 --- /dev/null +++ b/roles/cockpit/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: Install cockpit-ws + yum: + name: "{{ item }}" + state: present + with_items: + - cockpit-ws + - cockpit-shell + - cockpit-bridge + - "{{ cockpit_plugins }}" + +- name: Enable cockpit-ws + service: + name: cockpit.socket + enabled: true + state: started -- cgit v1.2.3 From e13d5f1217129234b0c5e6c99b4a7d5ad7b87f6b Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 28 Aug 2015 16:34:56 -0400 Subject: added filesys.full --- roles/os_zabbix/vars/template_os_linux.yml | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 1c9d10bb0..9b56d20d4 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -147,27 +147,12 @@ g_template_os_linux: - Kernel value_type: int - - key: filesys.avail - applications: - - Disk - value_type: int - - - key: filesys.capacity - applications: - - Disk - value_type: int - - - key: filesys.free - applications: - - Disk - value_type: int - - - key: filesys.full + - key: filesys.full.xvda2 applications: - Disk value_type: float - - key: filesys.used + - key: filesys.full.xvda3 applications: - Disk value_type: float -- cgit v1.2.3 From 75780dc9f99c935be19134cecaee600193418755 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Fri, 28 Aug 2015 12:09:41 -0400 Subject: Make masters schedulable in byo example ... but note why you wouldn't want them to be --- inventory/byo/hosts.example | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 300fd7ac3..c83741611 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -76,7 +76,9 @@ ose3-master[1:3]-ansible.test.example.com [etcd] ose3-etcd[1:3]-ansible.test.example.com -# host group for nodes +# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes +# However, in order to ensure that your masters are not burdened with running pods you should +# make them unschedulable by adding openshift_scheduleable=False any node that's also a master. [nodes] -ose3-master[1:3]-ansible.test.example.com openshift_scheduleable=False +ose3-master[1:3]-ansible.test.example.com ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" -- cgit v1.2.3 From 1f52ea8c4e2f8cfce51e98cb3614c61f0d78ec3e Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Fri, 28 Aug 2015 18:03:59 -0400 Subject: added docker zabbix template, removed unused / old templates so they don't confuse other people. --- playbooks/adhoc/zabbix_setup/filter_plugins | 1 + playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml | 7 +++ playbooks/adhoc/zabbix_setup/oo-config-zaio.yml | 13 ++++ playbooks/adhoc/zabbix_setup/roles | 1 + roles/lib_zabbix/library/zbx_trigger.py | 4 +- roles/lib_zabbix/tasks/create_template.yml | 36 +++++------ roles/os_zabbix/tasks/main.yml | 9 +++ roles/os_zabbix/vars/template_docker.yml | 83 +++++++++++++++++++++++++ roles/os_zabbix/vars/template_host.yml | 27 -------- roles/os_zabbix/vars/template_master.yml | 27 -------- roles/os_zabbix/vars/template_node.yml | 27 -------- roles/os_zabbix/vars/template_router.yml | 27 -------- 12 files changed, 133 insertions(+), 129 deletions(-) create mode 120000 playbooks/adhoc/zabbix_setup/filter_plugins create mode 100755 playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml create mode 100755 playbooks/adhoc/zabbix_setup/oo-config-zaio.yml create mode 120000 playbooks/adhoc/zabbix_setup/roles create mode 100644 roles/os_zabbix/vars/template_docker.yml delete mode 100644 roles/os_zabbix/vars/template_host.yml delete mode 100644 roles/os_zabbix/vars/template_master.yml delete mode 100644 roles/os_zabbix/vars/template_node.yml delete mode 100644 roles/os_zabbix/vars/template_router.yml diff --git a/playbooks/adhoc/zabbix_setup/filter_plugins b/playbooks/adhoc/zabbix_setup/filter_plugins new file mode 120000 index 000000000..b0b7a3414 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins/ \ No newline at end of file diff --git a/playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml b/playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml new file mode 100755 index 000000000..0fe65b338 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml @@ -0,0 +1,7 @@ +#!/usr/bin/env ansible-playbook +--- +- include: clean_zabbix.yml + vars: + g_server: http://localhost/zabbix/api_jsonrpc.php + g_user: Admin + g_password: zabbix diff --git a/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml b/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml new file mode 100755 index 000000000..e2b8150c6 --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml @@ -0,0 +1,13 @@ +#!/usr/bin/ansible-playbook +--- +- hosts: localhost + gather_facts: no + vars: + g_server: http://localhost/zabbix/api_jsonrpc.php + g_user: Admin + g_password: zabbix + roles: + - role: os_zabbix + ozb_server: "{{ g_server }}" + ozb_user: "{{ g_user }}" + ozb_password: "{{ g_password }}" diff --git a/playbooks/adhoc/zabbix_setup/roles b/playbooks/adhoc/zabbix_setup/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/adhoc/zabbix_setup/roles @@ -0,0 +1 @@ +../../../roles \ No newline at end of file diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index 43f3d2677..c707a2f64 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -65,7 +65,7 @@ def get_deps(zapi, deps): for desc in deps: content = zapi.get_content('trigger', 'get', - {'search': {'description': desc}, + {'filter': {'description': desc}, 'expandExpression': True, 'selectDependencies': 'triggerid', }) @@ -119,7 +119,7 @@ def main(): content = zapi.get_content(zbx_class_name, 'get', - {'search': {'description': description}, + {'filter': {'description': description}, 'expandExpression': True, 'selectDependencies': 'triggerid', }) diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 022ca52f2..444fd0a14 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -16,18 +16,21 @@ - debug: var=lzbx_applications -- name: Create Application - zbx_application: - zbx_server: "{{ server }}" - zbx_user: "{{ user }}" - zbx_password: "{{ password }}" - name: "{{ item }}" - template_name: "{{ template.name }}" - with_items: lzbx_applications - register: created_application - when: template.zitems is defined - -- debug: var=created_application +# +# twiest: This is commented out because it doesn't work correctly +# +#- name: Create Application +# zbx_application: +# zbx_server: "{{ server }}" +# zbx_user: "{{ user }}" +# zbx_password: "{{ password }}" +# name: "{{ item }}" +# template_name: "{{ template.name }}" +# with_items: lzbx_applications +# register: created_application +# when: template.zitems is defined + +#- debug: var=created_application - name: Create Items zbx_item: @@ -38,24 +41,19 @@ name: "{{ item.name | default(item.key, true) }}" value_type: "{{ item.value_type | default('int') }}" template_name: "{{ template.name }}" - applications: "{{ item.applications }}" +# applications: "{{ item.applications }}" with_items: template.zitems register: created_items when: template.zitems is defined -#- debug: var=ctp_created_items - - name: Create Triggers zbx_trigger: zbx_server: "{{ server }}" zbx_user: "{{ user }}" zbx_password: "{{ password }}" description: "{{ item.description }}" + dependencies: "{{ item.dependencies | default([], true) }}" expression: "{{ item.expression }}" priority: "{{ item.priority }}" with_items: template.ztriggers when: template.ztriggers is defined - -#- debug: var=ctp_created_triggers - - diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index 7111c778b..5d6e67606 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -11,6 +11,7 @@ - include_vars: template_heartbeat.yml - include_vars: template_os_linux.yml +- include_vars: template_docker.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -28,3 +29,11 @@ user: "{{ ozb_user }}" password: "{{ ozb_password }}" +- name: Include Template docker + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_docker }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" + diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml new file mode 100644 index 000000000..eab497269 --- /dev/null +++ b/roles/os_zabbix/vars/template_docker.yml @@ -0,0 +1,83 @@ +--- +g_template_docker: + name: Template Docker + zitems: + - key: docker.ping + applications: + - Docker Daemon + value_type: int + + - key: docker.storage.is_loopback + applications: + - Docker Storage + value_type: int + + - key: docker.storage.data.space.total + applications: + - Docker Storage + value_type: float + + - key: docker.storage.data.space.used + applications: + - Docker Storage + value_type: float + + - key: docker.storage.data.space.available + applications: + - Docker Storage + value_type: float + + - key: docker.storage.data.space.percent_available + applications: + - Docker Storage + value_type: float + + - key: docker.storage.metadata.space.total + applications: + - Docker Storage + value_type: float + + - key: docker.storage.metadata.space.used + applications: + - Docker Storage + value_type: float + + - key: docker.storage.metadata.space.available + applications: + - Docker Storage + value_type: float + + - key: docker.storage.metadata.space.percent_available + applications: + - Docker Storage + value_type: float + ztriggers: + - description: 'docker.ping failed on {HOST.NAME}' + expression: '{Template Docker:docker.ping.max(#3)}<1' + priority: high + + - description: 'Docker storage is using LOOPBACK on {HOST.NAME}' + expression: '{Template Docker:docker.storage.is_loopback.last()}<>0' + priority: high + + - description: 'Critically low docker storage data space on {HOST.NAME}' + expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.data.space.available.max(#3)}<5' # < 5% or < 5GB + priority: high + + - description: 'Critically low docker storage metadata space on {HOST.NAME}' + expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.1' # < 5% or < 100MB + priority: high + + # Put triggers that depend on other triggers here (deps must be created first) + - description: 'Low docker storage data space on {HOST.NAME}' + expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.data.space.available.max(#3)}<10' # < 10% or < 10GB + dependencies: + - 'Critically low docker storage data space on {HOST.NAME}' + priority: average + + - description: 'Low docker storage metadata space on {HOST.NAME}' + expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.2' # < 10% or < 200MB + dependencies: + - 'Critically low docker storage metadata space on {HOST.NAME}' + priority: average + diff --git a/roles/os_zabbix/vars/template_host.yml b/roles/os_zabbix/vars/template_host.yml deleted file mode 100644 index e7cc667cb..000000000 --- a/roles/os_zabbix/vars/template_host.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_host: - params: - name: Template Host - host: Template Host - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Host - zitems: - - name: Host Ping - hostid: - key_: host.ping - type: 2 - value_type: 0 - output: extend - search: - key_: host.ping - ztriggers: - - description: 'Host ping has failed on {HOST.NAME}' - expression: '{Template Host:host.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Host ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_master.yml b/roles/os_zabbix/vars/template_master.yml deleted file mode 100644 index 5f9b41a4f..000000000 --- a/roles/os_zabbix/vars/template_master.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_master: - params: - name: Template Master - host: Template Master - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Master - zitems: - - name: Master Etcd Ping - hostid: - key_: master.etcd.ping - type: 2 - value_type: 0 - output: extend - search: - key_: master.etcd.ping - ztriggers: - - description: 'Master Etcd ping has failed on {HOST.NAME}' - expression: '{Template Master:master.etcd.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Master Etcd ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_node.yml b/roles/os_zabbix/vars/template_node.yml deleted file mode 100644 index 98c343a24..000000000 --- a/roles/os_zabbix/vars/template_node.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_node: - params: - name: Template Node - host: Template Node - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Node - zitems: - - name: Kubelet Ping - hostid: - key_: kubelet.ping - type: 2 - value_type: 0 - output: extend - search: - key_: kubelet.ping - ztriggers: - - description: 'Kubelet ping has failed on {HOST.NAME}' - expression: '{Template Node:kubelet.ping.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Kubelet ping has failed on*' - expandExpression: True diff --git a/roles/os_zabbix/vars/template_router.yml b/roles/os_zabbix/vars/template_router.yml deleted file mode 100644 index 4dae7da1e..000000000 --- a/roles/os_zabbix/vars/template_router.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -g_template_router: - params: - name: Template Router - host: Template Router - groups: - - groupid: 1 # FIXME (not real) - output: extend - search: - name: Template Router - zitems: - - name: Router Backends down - hostid: - key_: router.backends.down - type: 2 - value_type: 0 - output: extend - search: - key_: router.backends.down - ztriggers: - - description: 'Number of router backends down on {HOST.NAME}' - expression: '{Template Router:router.backends.down.last()}<>0' - priority: 3 - searchWildcardsEnabled: True - search: - description: 'Number of router backends down on {HOST.NAME}' - expandExpression: True -- cgit v1.2.3 From 3acccb3e51968744cbe9119fdbf1897739f3a94e Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Mon, 31 Aug 2015 15:06:14 -0400 Subject: Adding create app --- roles/os_zabbix/tasks/main.yml | 8 ++++++++ roles/os_zabbix/vars/template_openshift_master.yml | 12 ++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 roles/os_zabbix/vars/template_openshift_master.yml diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index 5d6e67606..deb921e5a 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -12,6 +12,7 @@ - include_vars: template_heartbeat.yml - include_vars: template_os_linux.yml - include_vars: template_docker.yml +- include_vars: template_openshift_master.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -37,3 +38,10 @@ user: "{{ ozb_user }}" password: "{{ ozb_password }}" +- name: Include Template Openshift Master + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_openshift_master }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml new file mode 100644 index 000000000..c4e4d1c94 --- /dev/null +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -0,0 +1,12 @@ +--- +g_template_openshift_master: + name: Template Openshift Master + zitems: + - name: create_app + applications: + - Openshift Master + key: create_app + ztriggers: + - description: 'Application creation has failed on {HOST.NAME}' + expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' + priority: avg -- cgit v1.2.3 From 3f6b8e5ada944142644ab053f6505bd7aacf59db Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Mon, 31 Aug 2015 13:05:07 -0400 Subject: added triggers for disk space --- roles/os_zabbix/vars/template_os_linux.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 9b56d20d4..95e15c6e8 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -156,3 +156,20 @@ g_template_os_linux: applications: - Disk value_type: float + + ztriggers: + - description: 'Filesystem: / has less than 10% free on {HOST.NAME}' + expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' + priority: warn + + - description: 'Filesystem: / has less than 5% free on {HOST.NAME}' + expression: '{Template OS Linux:filesys.full.xvda2.last()}>95' + priority: high + + - description: 'Filesystem: /var has less than 10% free on {HOST.NAME}' + expression: '{Template OS Linux:filesys.full.xvda3.last()}>90' + priority: warn + + - description: 'Filesystem: /var has less than 5% free on {HOST.NAME}' + expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' + priority: high -- cgit v1.2.3 From f2a97b901b5adf6cb8a4875e0b296c5a0d509741 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Mon, 31 Aug 2015 16:07:22 -0400 Subject: added monitoring triggers --- roles/os_zabbix/vars/template_os_linux.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 95e15c6e8..7bc8ddc5d 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -173,3 +173,11 @@ g_template_os_linux: - description: 'Filesystem: /var has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' priority: high + + - description: 'Too many TOTAL processes on {HOST.NAME}' + expression: '{Template OS Linux:proc.nprocs.last()}>5000' + priority: warn + + - description: 'Lack of available memory on {HOST.NAME}' + expression: '{Template OS Linux:mem.freemem.last()}<3000' + priority: warn -- cgit v1.2.3 From d39837b2be8ce6abfa8c69d7cc83f04c6130ccd5 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 1 Sep 2015 10:22:22 -0400 Subject: Fix for zbx applications --- roles/lib_zabbix/library/zbx_application.py | 21 +++--- roles/lib_zabbix/library/zbx_item.py | 103 +++++++++++++++++++--------- roles/lib_zabbix/tasks/create_template.yml | 32 +++------ roles/os_zabbix/tasks/main.yml | 2 - 4 files changed, 93 insertions(+), 65 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_application.py b/roles/lib_zabbix/library/zbx_application.py index d3d08c9dd..21e3d91f4 100644 --- a/roles/lib_zabbix/library/zbx_application.py +++ b/roles/lib_zabbix/library/zbx_application.py @@ -41,16 +41,17 @@ def exists(content, key='result'): return True -def get_template_ids(zapi, template_names): +def get_template_ids(zapi, template_name): ''' get related templates ''' template_ids = [] # Fetch templates by name - for template_name in template_names: - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - if content.has_key('result'): - template_ids.append(content['result'][0]['templateid']) + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) return template_ids def main(): @@ -63,8 +64,8 @@ def main(): zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), - name=dict(default=None, type='str'), - template_name=dict(default=None, type='list'), + name=dict(default=None, type='str', required=True), + template_name=dict(default=None, type='str'), state=dict(default='present', type='str'), ), #supports_check_mode=True @@ -81,10 +82,11 @@ def main(): aname = module.params['name'] state = module.params['state'] # get a applicationid, see if it exists + tids = get_template_ids(zapi, module.params['template_name']) content = zapi.get_content(zbx_class_name, 'get', {'search': {'name': aname}, - 'selectHost': 'hostid', + 'templateids': tids[0], }) if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") @@ -97,9 +99,10 @@ def main(): module.exit_json(changed=True, results=content['result'], state="absent") if state == 'present': - params = {'hostid': get_template_ids(zapi, module.params['template_name'])[0], + params = {'hostid': tids[0], 'name': aname, } + if not exists(content): # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index bcd389e47..388db31b9 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -60,18 +60,36 @@ def get_value_type(value_type): return vtype -def get_app_ids(zapi, application_names): +def get_app_ids(application_names, app_name_ids): ''' get application ids from names ''' - if isinstance(application_names, str): - application_names = [application_names] - app_ids = [] - for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) - if content.has_key('result'): - app_ids.append(content['result'][0]['applicationid']) - return app_ids + applications = [] + if application_names: + for app in application_names: + applications.append(app_name_ids[app]) + return applications + +def get_template_id(zapi, template_name): + ''' + get related templates + ''' + template_ids = [] + app_ids = {} + # Fetch templates by name + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'selectApplications': ['applicationid', 'name']}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + for app in content['result'][0]['applications']: + app_ids[app['name']] = app['applicationid'] + + return template_ids, app_ids + +# The branches are needed for CRUD and error handling +# pylint: disable=too-many-branches def main(): ''' ansible zabbix module for zbx_item @@ -88,7 +106,7 @@ def main(): template_name=dict(default=None, type='str'), zabbix_type=dict(default=2, type='int'), value_type=dict(default='int', type='str'), - applications=dict(default=[], type='list'), + applications=dict(default=None, type='list'), state=dict(default='present', type='str'), ), #supports_check_mode=True @@ -101,59 +119,74 @@ def main(): #Set the instance and the template for the rest of the calls zbx_class_name = 'item' - idname = "itemid" state = module.params['state'] - key = module.params['key'] - template_name = module.params['template_name'] - - content = zapi.get_content('template', 'get', {'search': {'host': template_name}}) - templateid = None - if content['result']: - templateid = content['result'][0]['templateid'] - else: - module.exit_json(changed=False, - results='Error: Could find template with name %s for item.' % template_name, + + templateid, app_name_ids = get_template_id(zapi, module.params['template_name']) + + # Fail if a template was not found matching the name + if not templateid: + module.exit_json(failed=True, + changed=False, + results='Error: Could find template with name %s for item.' % module.params['template_name'], state="Unkown") content = zapi.get_content(zbx_class_name, 'get', - {'search': {'key_': key}, + {'search': {'key_': module.params['key']}, 'selectApplications': 'applicationid', + 'templateids': templateid, }) + # Get if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") + # Delete if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']]) module.exit_json(changed=True, results=content['result'], state="absent") + # Create and Update if state == 'present': + params = {'name': module.params.get('name', module.params['key']), - 'key_': key, - 'hostid': templateid, + 'key_': module.params['key'], + 'hostid': templateid[0], 'type': module.params['zabbix_type'], 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), + 'applications': get_app_ids(module.params['applications'], app_name_ids), } + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# if not exists(content): - # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties + + + ######## + # UPDATE + ######## + _ = params.pop('hostid', None) differences = {} zab_results = content['result'][0] for key, value in params.items(): if key == 'applications': - zab_apps = set([item['applicationid'] for item in zab_results[key]]) - if zab_apps != set(value): - differences[key] = zab_apps + app_ids = [item['applicationid'] for item in zab_results[key]] + if set(app_ids) != set(value): + differences[key] = value elif zab_results[key] != value and zab_results[key] != str(value): differences[key] = value @@ -162,8 +195,12 @@ def main(): module.exit_json(changed=False, results=zab_results, state="present") # We have differences and need to update - differences[idname] = zab_results[idname] + differences['itemid'] = zab_results['itemid'] content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state="present") module.exit_json(failed=True, diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 444fd0a14..630d5dd70 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -1,6 +1,4 @@ --- -- debug: var=template - - name: Template Create Template zbx_template: zbx_server: "{{ server }}" @@ -9,28 +7,20 @@ name: "{{ template.name }}" register: created_template -- debug: var=created_template - set_fact: lzbx_applications: "{{ template.zitems | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}" -- debug: var=lzbx_applications - -# -# twiest: This is commented out because it doesn't work correctly -# -#- name: Create Application -# zbx_application: -# zbx_server: "{{ server }}" -# zbx_user: "{{ user }}" -# zbx_password: "{{ password }}" -# name: "{{ item }}" -# template_name: "{{ template.name }}" -# with_items: lzbx_applications -# register: created_application -# when: template.zitems is defined - -#- debug: var=created_application +- name: Create Application + zbx_application: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ item }}" + template_name: "{{ template.name }}" + with_items: lzbx_applications + register: created_application + when: template.zitems is defined - name: Create Items zbx_item: @@ -41,7 +31,7 @@ name: "{{ item.name | default(item.key, true) }}" value_type: "{{ item.value_type | default('int') }}" template_name: "{{ template.name }}" -# applications: "{{ item.applications }}" + applications: "{{ item.applications }}" with_items: template.zitems register: created_items when: template.zitems is defined diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index deb921e5a..f9672b9c4 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -7,8 +7,6 @@ state: list register: templates -- debug: var=templates - - include_vars: template_heartbeat.yml - include_vars: template_os_linux.yml - include_vars: template_docker.yml -- cgit v1.2.3 From b08257928a77a501a4312daee8f3589103da8b02 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 1 Sep 2015 15:44:17 -0400 Subject: Jenkins image was renamed --- .../examples/image-streams/image-streams-centos7.json | 14 +++++++------- .../files/examples/image-streams/image-streams-rhel7.json | 4 ++-- .../quickstart-templates/jenkins-ephemeral-template.json | 7 ++++++- .../quickstart-templates/jenkins-persistent-template.json | 7 ++++++- 4 files changed, 21 insertions(+), 11 deletions(-) diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json index 03affbddf..f213d99ca 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json @@ -161,19 +161,19 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/wildfly-8-centos", + "dockerImageRepository": "openshift/wildfly-81-centos7", "tags": [ { "name": "latest" }, { - "name": "8", + "name": "8.1", "annotations": { - "description": "Build and run Java applications on Wildfly 8", + "description": "Build and run Java applications on Wildfly 8.1", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", - "supports":"wildfly:8,jee,java", - "version": "8" + "supports":"wildfly:8.1,jee,java", + "version": "8.1" }, "from": { "Kind": "ImageStreamTag", @@ -260,13 +260,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/jenkins-16-centos7", + "dockerImageRepository": "openshift/jenkins-1-centos7", "tags": [ { "name": "latest" }, { - "name": "1.6", + "name": "1", "from": { "Kind": "ImageStreamTag", "Name": "latest" diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json index 0bd885af3..8c125f76a 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json @@ -230,13 +230,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-16-rhel7", + "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7", "tags": [ { "name": "latest" }, { - "name": "1.6", + "name": "1", "from": { "Kind": "ImageStreamTag", "Name": "latest" diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json index da08ffbd5..14bd032af 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json @@ -88,7 +88,7 @@ "containers": [ { "name": "jenkins", - "image": "openshift/jenkins-16-centos7", + "image": "${JENKINS_IMAGE}", "env": [ { "name": "JENKINS_PASSWORD", @@ -132,6 +132,11 @@ "description": "Jenkins service name", "value": "jenkins" }, + { + "name": "JENKINS_IMAGE", + "description": "Jenkins Docker image to use", + "value": "openshift/jenkins-1-centos7" + }, { "name": "JENKINS_PASSWORD", "description": "Password for the Jenkins user", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json index 33df68c74..fa31de486 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json @@ -105,7 +105,7 @@ "containers": [ { "name": "jenkins", - "image": "openshift/jenkins-16-centos7", + "image": "${JENKINS_IMAGE}", "env": [ { "name": "JENKINS_PASSWORD", @@ -155,6 +155,11 @@ "generate": "expression", "value": "password" }, + { + "name": "JENKINS_IMAGE", + "description": "Jenkins Docker image to use", + "value": "openshift/jenkins-1-centos7" + }, { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", -- cgit v1.2.3 From 32578c30f370d05dd472d07d07d7b934fd9c1510 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 31 Aug 2015 16:28:23 -0400 Subject: Add serviceNetworkCIDR to network config Required by OSE 3.0.2 and Origin 1.0.6 --- roles/openshift_master/templates/master.yaml.v1.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index fff123d0d..7aa4ce9b6 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -88,6 +88,8 @@ networkConfig: clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }} hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +# serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet + serviceNetworkCIDR: {{ openshift.master.portal_net }} {% include 'v1_partials/oauthConfig.j2' %} policyConfig: bootstrapPolicyFile: {{ openshift_master_policy }} -- cgit v1.2.3 From c28aea2f19b6aea729f27b636e5318ac775addb6 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 1 Sep 2015 16:34:01 -0400 Subject: Add openshift_node_sdn_mtu configuration Sync's with Origin 1.0.6 and OSE 3.0.2 node-config.yaml networkConfig changes Fixes #534 --- roles/openshift_facts/library/openshift_facts.py | 4 ++++ roles/openshift_node/tasks/main.yml | 1 + roles/openshift_node/templates/node.yaml.v1.j2 | 7 ++++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 334929c74..d4f38a7b4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -488,6 +488,10 @@ def set_sdn_facts_if_unset(facts): if 'sdn_host_subnet_length' not in facts['master']: facts['master']['sdn_host_subnet_length'] = '8' + if 'node' in facts: + if 'sdn_mtu' not in facts['node']: + facts['node']['sdn_mtu'] = '1450' + return facts def format_url(use_ssl, hostname, port, path=''): diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index db1731d65..e56a666e9 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -28,6 +28,7 @@ debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" portal_net: "{{ openshift_master_portal_net | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" + sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" - name: Install Node package yum: pkg={{ openshift.common.service_type }}-node state=present diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index e176e7511..0f708fb55 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -13,6 +13,11 @@ kubeletArguments: {{ openshift.node.kubelet_args | to_json }} {% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +# networkConfig struct introduced in origin 1.0.6 and OSE 3.0.2 which +# deprecates networkPluginName above. The two should match. +networkConfig: + mtu: {{ openshift.node.sdn_mtu }} + networkPluginName: {{ openshift.common.sdn_network_plugin_name }} nodeName: {{ openshift.common.hostname }} podManifestConfig: servingInfo: @@ -21,4 +26,4 @@ servingInfo: clientCA: ca.crt keyFile: server.key volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes -{% include 'partials/kubeletArguments.j2' %} \ No newline at end of file +{% include 'partials/kubeletArguments.j2' %} -- cgit v1.2.3 From 21596a2dd2ef0239592f9376223a993cab5e9944 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Mon, 24 Aug 2015 13:48:13 -0700 Subject: wait for ports instead of waiting for an arbitrary period of time --- playbooks/common/openshift-master/config.yml | 1 + roles/fluentd_master/tasks/main.yml | 9 +++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index d7c4044e0..4a4a69f50 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -186,6 +186,7 @@ vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + embedded_etcd: "{{ openshift.master.embedded_etcd }}" pre_tasks: - name: Ensure certificate directory exists file: diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index d592dc306..69f8eceab 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -39,8 +39,13 @@ owner: 'td-agent' mode: 0444 -- name: "Pause before restarting td-agent and openshift-master, depending on the number of nodes." - pause: seconds={{ ( num_nodes|int < 3 ) | ternary(15, (num_nodes|int * 5)) }} +- name: wait for etcd to start up + wait_for: port=4001 delay=10 + when: embedded_etcd | bool + +- name: wait for etcd peer to start up + wait_for: port=7001 delay=10 + when: embedded_etcd | bool - name: ensure td-agent is running service: -- cgit v1.2.3 From 7d7e434421b0cd2283c95b457de9855c9eda29dc Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Wed, 2 Sep 2015 13:54:36 -0400 Subject: relaxed the docker metadata triggers to be more in line with what docker-storage-setup allocates for metadata. --- roles/os_zabbix/vars/template_docker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index eab497269..6a28f52b8 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -65,7 +65,7 @@ g_template_docker: priority: high - description: 'Critically low docker storage metadata space on {HOST.NAME}' - expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.1' # < 5% or < 100MB + expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.005' # < 5% or < 5MB priority: high # Put triggers that depend on other triggers here (deps must be created first) @@ -76,7 +76,7 @@ g_template_docker: priority: average - description: 'Low docker storage metadata space on {HOST.NAME}' - expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.2' # < 10% or < 200MB + expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.01' # < 10% or < 10MB dependencies: - 'Critically low docker storage metadata space on {HOST.NAME}' priority: average -- cgit v1.2.3 From 8e3d2689c442762cdd5df08ca31721c5b17b2ee8 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 27 Aug 2015 12:45:06 -0700 Subject: added new node fact for schedulability --- playbooks/common/openshift-node/config.yml | 10 ++-------- roles/openshift_facts/library/openshift_facts.py | 18 ++++++++++++++++++ roles/openshift_manage_node/tasks/main.yml | 12 ++++-------- roles/openshift_node/tasks/main.yml | 1 + 4 files changed, 25 insertions(+), 16 deletions(-) diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index ba2f40d55..a14ca8e11 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -20,6 +20,7 @@ local_facts: labels: "{{ openshift_node_labels | default(None) }}" annotations: "{{ openshift_node_annotations | default(None) }}" + schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" - name: Check status of node certificates stat: path: "{{ openshift.common.config_base }}/node/{{ item }}" @@ -124,21 +125,14 @@ - os_env_extras - os_env_extras_node -- name: Set scheduleability +- name: Set schedulability hosts: oo_first_master vars: openshift_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) | oo_collect('openshift.common.hostname') }}" - openshift_unscheduleable_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] | default([])) - | oo_collect('openshift.common.hostname', {'openshift_scheduleable': False}) }}" openshift_node_vars: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) }}" pre_tasks: - - set_fact: - openshift_scheduleable_nodes: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config'] | default([])) - | oo_collect('openshift.common.hostname') - | difference(openshift_unscheduleable_nodes) }}" roles: - openshift_manage_node diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index d4f38a7b4..23c74f61c 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -301,6 +301,23 @@ def set_fluentd_facts_if_unset(facts): facts['common']['use_fluentd'] = use_fluentd return facts +def set_node_schedulability(facts): + """ Set schedulable facts if not already present in facts dict + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated schedulable + facts if they were not already present + + """ + if 'node' in facts: + if 'schedulable' not in facts['node']: + if 'master' in facts: + facts['node']['schedulable'] = False + else: + facts['node']['schedulable'] = True + return facts + def set_metrics_facts_if_unset(facts): """ Set cluster metrics facts if not already present in facts dict dict: the facts dict updated with the generated cluster metrics facts if @@ -741,6 +758,7 @@ class OpenShiftFacts(object): facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) + facts = set_node_schedulability(facts) facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_sdn_facts_if_unset(facts) diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 74e702248..7c4f45ce6 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -7,15 +7,11 @@ delay: 5 with_items: openshift_nodes -- name: Handle unscheduleable node +- name: Set node schedulability command: > - {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=false - with_items: openshift_unscheduleable_nodes - -- name: Handle scheduleable node - command: > - {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=true - with_items: openshift_scheduleable_nodes + {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }} + with_items: + - "{{ openshift_node_vars }}" - name: Label nodes command: > diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e56a666e9..11190ab72 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -29,6 +29,7 @@ portal_net: "{{ openshift_master_portal_net | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" + schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" - name: Install Node package yum: pkg={{ openshift.common.service_type }}-node state=present -- cgit v1.2.3 From a24c8ac1a2d07cada1228aed27077251edecc328 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 3 Sep 2015 11:14:30 -0400 Subject: Use official centos images for Vagrantfile --- Vagrantfile | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Vagrantfile b/Vagrantfile index 4675b5d60..33532cd63 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -38,7 +38,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| end config.vm.provider "virtualbox" do |vbox, override| - override.vm.box = "chef/centos-7.1" + override.vm.box = "centos/7" vbox.memory = 1024 vbox.cpus = 2 @@ -54,8 +54,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| when "enterprise" override.vm.box = "rhel-7" when "origin" - override.vm.box = "centos-7.1" - override.vm.box_url = "https://download.gluster.org/pub/gluster/purpleidea/vagrant/centos-7.1/centos-7.1.box" + override.vm.box = "centos/7" override.vm.box_download_checksum = "b2a9f7421e04e73a5acad6fbaf4e9aba78b5aeabf4230eebacc9942e577c1e05" override.vm.box_download_checksum_type = "sha256" end @@ -66,7 +65,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.define "node#{node_index}" do |node| node.vm.hostname = "ose3-node#{node_index}.example.com" node.vm.network :private_network, ip: "192.168.100.#{200 + n}" - config.vm.provision "shell", inline: "nmcli connection reload; systemctl restart network.service" + config.vm.provision "shell", inline: "nmcli connection reload; systemctl restart NetworkManager.service" end end @@ -74,7 +73,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| master.vm.hostname = "ose3-master.example.com" master.vm.network :private_network, ip: "192.168.100.100" master.vm.network :forwarded_port, guest: 8443, host: 8443 - config.vm.provision "shell", inline: "nmcli connection reload; systemctl restart network.service" + config.vm.provision "shell", inline: "nmcli connection reload; systemctl restart NetworkManager.service" master.vm.provision "ansible" do |ansible| ansible.limit = 'all' ansible.sudo = true -- cgit v1.2.3 From b5dd6fbc6070d7bbf985b43abe7d3f8e66b74fa3 Mon Sep 17 00:00:00 2001 From: Umair Mufti Date: Thu, 3 Sep 2015 11:28:46 -0700 Subject: Fix to ensure use_openshift_sdn is a boolean value. --- roles/openshift_facts/library/openshift_facts.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 23c74f61c..679c3273a 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -16,6 +16,7 @@ EXAMPLES = ''' import ConfigParser import copy import os +from distutils.util import strtobool def hostname_valid(hostname): @@ -494,8 +495,10 @@ def set_sdn_facts_if_unset(facts): were not already present """ if 'common' in facts: + use_sdn = facts['common']['use_openshift_sdn'] + if not (use_sdn == '' or isinstance(use_sdn, bool)): + facts['common']['use_openshift_sdn'] = bool(strtobool(str(use_sdn))) if 'sdn_network_plugin_name' not in facts['common']: - use_sdn = facts['common']['use_openshift_sdn'] plugin = 'redhat/openshift-ovs-subnet' if use_sdn else '' facts['common']['sdn_network_plugin_name'] = plugin -- cgit v1.2.3 From 6760bf1eaaf8e37e4114a6da242285b601a4b125 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Thu, 3 Sep 2015 15:30:42 -0400 Subject: added url to the heartbeat check --- roles/os_zabbix/vars/template_heartbeat.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml index 3d0f3d51a..798377cd9 100644 --- a/roles/os_zabbix/vars/template_heartbeat.yml +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -10,3 +10,4 @@ g_template_heartbeat: - description: 'Heartbeat.ping has failed on {HOST.NAME}' expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1' priority: avg + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc' -- cgit v1.2.3 From 633c651285b53ee154cd497513ded4a26c88d991 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 3 Sep 2015 15:30:03 -0400 Subject: Add openshift_version to set RPM versions Mostly necessary for debugging / testing upgrade paths --- inventory/byo/hosts.example | 3 +++ roles/openshift_master/tasks/main.yml | 2 +- roles/openshift_master/vars/main.yml | 1 + roles/openshift_master_ca/tasks/main.yml | 2 +- roles/openshift_master_ca/vars/main.yml | 1 + roles/openshift_master_certificates/tasks/main.yml | 2 -- roles/openshift_node/tasks/main.yml | 6 ++++-- roles/openshift_node/vars/main.yml | 1 + 8 files changed, 12 insertions(+), 6 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index c83741611..174bff697 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -69,6 +69,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # default project node selector #osm_default_node_selector='region=primary' +# set RPM version for debugging purposes +#openshift_version=-3.0.0.0 + # host group for masters [masters] ose3-master[1:3]-ansible.test.example.com diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 4dad9b62f..b57711b58 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -56,7 +56,7 @@ controller_args: "{{ osm_controller_args | default(None) }}" - name: Install Master package - yum: pkg={{ openshift.common.service_type }}-master state=present + yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present register: install_result - name: Check for RPM generated config marker file /etc/origin/.config_managed diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index a61ba0397..cce118cf1 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -3,6 +3,7 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml" openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" +openshift_version: "{{ openshift_version | default('') }}" openshift_master_valid_grant_methods: - auto diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 303dc9c5d..5c9639ea5 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install the base package for admin tooling - yum: pkg={{ openshift.common.service_type }} state=present + yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=present register: install_result - name: Reload generated facts diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml index 1f6af808c..9e9561e02 100644 --- a/roles/openshift_master_ca/vars/main.yml +++ b/roles/openshift_master_ca/vars/main.yml @@ -3,3 +3,4 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" +openshift_version: "{{ openshift_version | default('') }}" diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index bb23cf4f4..0d75a9eb3 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -44,5 +44,3 @@ args: creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt" with_items: masters_needing_certs - - diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e56a666e9..7a862c99f 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -30,12 +30,14 @@ kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" +# We have to add tuned-profiles in the same transaction otherwise we run into depsolving +# problems because the rpms don't pin the version properly. - name: Install Node package - yum: pkg={{ openshift.common.service_type }}-node state=present + yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present register: node_install_result - name: Install sdn-ovs package - yum: pkg={{ openshift.common.service_type }}-sdn-ovs state=present + yum: pkg={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present register: sdn_install_result when: openshift.common.use_openshift_sdn diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index 77a9694de..db2c3e15a 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -1,3 +1,4 @@ --- openshift_node_config_dir: "{{ openshift.common.config_base }}/node" openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" +openshift_version: "{{ openshift_version | default('') }}" -- cgit v1.2.3 From d1542a1df3c0e08a759f659b661b65b07d1e4678 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 3 Sep 2015 15:45:13 -0400 Subject: Adding url support for triggers --- roles/lib_zabbix/library/zbx_trigger.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index c707a2f64..c384f6fa3 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -101,6 +101,7 @@ def main(): description=dict(default=None, type='str'), dependencies=dict(default=[], type='list'), priority=dict(default='avg', type='str'), + url=dict(default=None, type='str'), state=dict(default='present', type='str'), ), #supports_check_mode=True @@ -123,28 +124,41 @@ def main(): 'expandExpression': True, 'selectDependencies': 'triggerid', }) + + # Get if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") + # Delete if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) module.exit_json(changed=True, results=content['result'], state="absent") + # Create and Update if state == 'present': params = {'description': description, 'expression': module.params['expression'], 'dependencies': get_deps(zapi, module.params['dependencies']), 'priority': get_priority(module.params['priority']), + 'url': module.params['url'], } + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# if not exists(content): # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties + + ######## + # UPDATE + ######## differences = {} zab_results = content['result'][0] for key, value in params.items(): -- cgit v1.2.3 From fcae524b50878c6413fe9daadccc2dae1d1721ba Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 3 Sep 2015 16:12:52 -0400 Subject: Added trigger url --- roles/lib_zabbix/tasks/create_template.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 630d5dd70..bc9aff997 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -45,5 +45,6 @@ dependencies: "{{ item.dependencies | default([], true) }}" expression: "{{ item.expression }}" priority: "{{ item.priority }}" + url: "{{ item.url | default(None, True) }}" with_items: template.ztriggers when: template.ztriggers is defined -- cgit v1.2.3 From b75b0dd8fec0787c2240b56f94f9940c11592098 Mon Sep 17 00:00:00 2001 From: Marek Mahut Date: Fri, 4 Sep 2015 16:49:27 +0200 Subject: Adding url to triggers --- roles/os_zabbix/vars/template_docker.yml | 6 ++++++ roles/os_zabbix/vars/template_openshift_master.yml | 1 + roles/os_zabbix/vars/template_os_linux.yml | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index 6a28f52b8..a1cd3519e 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -54,29 +54,35 @@ g_template_docker: ztriggers: - description: 'docker.ping failed on {HOST.NAME}' expression: '{Template Docker:docker.ping.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_ping.asciidoc' priority: high - description: 'Docker storage is using LOOPBACK on {HOST.NAME}' expression: '{Template Docker:docker.storage.is_loopback.last()}<>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_loopback.asciidoc' priority: high - description: 'Critically low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.data.space.available.max(#3)}<5' # < 5% or < 5GB + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high - description: 'Critically low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.005' # < 5% or < 5MB + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high # Put triggers that depend on other triggers here (deps must be created first) - description: 'Low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.data.space.available.max(#3)}<10' # < 10% or < 10GB + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: - 'Critically low docker storage data space on {HOST.NAME}' priority: average - description: 'Low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.01' # < 10% or < 10MB + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: - 'Critically low docker storage metadata space on {HOST.NAME}' priority: average diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index c4e4d1c94..d2c1365b0 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -9,4 +9,5 @@ g_template_openshift_master: ztriggers: - description: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' priority: avg diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 7bc8ddc5d..885dc893b 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -160,24 +160,30 @@ g_template_os_linux: ztriggers: - description: 'Filesystem: / has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - description: 'Filesystem: / has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>95' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - description: 'Filesystem: /var has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - description: 'Filesystem: /var has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - description: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_proc.asciidoc' priority: warn - description: 'Lack of available memory on {HOST.NAME}' expression: '{Template OS Linux:mem.freemem.last()}<3000' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_memory.asciidoc' priority: warn -- cgit v1.2.3 From 48e5718f42a7cc0df2b11cecd1b9bdffd71806c6 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 4 Sep 2015 15:53:13 -0400 Subject: added mem.util.available --- roles/os_zabbix/vars/template_os_linux.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 7bc8ddc5d..91b856fcb 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -102,6 +102,11 @@ g_template_os_linux: - Memory value_type: int + - key: mem.util.available + applications: + - Memory + value_type: int + - key: mem.util.used applications: - Memory -- cgit v1.2.3 From 07c59ea91a8e87d1b7edbb88ae6012ac13643f52 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Fri, 4 Sep 2015 18:32:28 -0400 Subject: Avoid a recursive loop --- inventory/byo/hosts.example | 2 +- roles/openshift_master/vars/main.yml | 2 +- roles/openshift_master_ca/vars/main.yml | 2 +- roles/openshift_node/vars/main.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 174bff697..df1bae49f 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -70,7 +70,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_default_node_selector='region=primary' # set RPM version for debugging purposes -#openshift_version=-3.0.0.0 +#openshift_pkg_version=-3.0.0.0 # host group for masters [masters] diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index cce118cf1..ecdb4f883 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -3,7 +3,7 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml" openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" openshift_master_valid_grant_methods: - auto diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml index 9e9561e02..b35339b18 100644 --- a/roles/openshift_master_ca/vars/main.yml +++ b/roles/openshift_master_ca/vars/main.yml @@ -3,4 +3,4 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index db2c3e15a..43dc50ca8 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -1,4 +1,4 @@ --- openshift_node_config_dir: "{{ openshift.common.config_base }}/node" openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" -- cgit v1.2.3 From 6182c9cec262414a6339ad89ae7b85d9636c2e39 Mon Sep 17 00:00:00 2001 From: John T Skarbek Date: Sat, 5 Sep 2015 00:27:05 -0400 Subject: Fix a minor bug involving AWS ENV Keys * If a user forgot to set their AWS keys, we'd get a non descriptive error about a variable not being set * This patch uses the correct variable so the error message is more informative --- bin/cluster | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/cluster b/bin/cluster index 486bf2a48..a19434e21 100755 --- a/bin/cluster +++ b/bin/cluster @@ -164,7 +164,7 @@ class Cluster(object): boto_configs = [conf for conf in boto_conf_files if conf_exists(conf)] if len(key_missing) > 0 and len(boto_configs) == 0: - raise ValueError("PROVIDER aws requires {} environment variable(s). See README_AWS.md".format(missing)) + raise ValueError("PROVIDER aws requires {} environment variable(s). See README_AWS.md".format(key_missing)) elif 'libvirt' == provider: inventory = '-i inventory/libvirt/hosts' -- cgit v1.2.3 From 4824691f00c04936da74ddfbbeb6e521ddb86d98 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 8 Sep 2015 15:55:45 -0400 Subject: Adding desc, multiplier, and units to zabbix item --- roles/lib_zabbix/library/zbx_item.py | 33 ++++++++++++++++++++++++++++-- roles/lib_zabbix/tasks/create_template.yml | 3 +++ roles/os_zabbix/vars/template_os_linux.yml | 6 ++++++ 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 388db31b9..11e3c7b2b 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -88,6 +88,23 @@ def get_template_id(zapi, template_name): return template_ids, app_ids +def get_multiplier(inval): + ''' Determine the multiplier + ''' + if inval == None or inval == '': + return None, None + + rval = None + try: + rval = int(inval) + except ValueError: + pass + + if rval: + return rval, True + + return rval, False + # The branches are needed for CRUD and error handling # pylint: disable=too-many-branches def main(): @@ -106,6 +123,9 @@ def main(): template_name=dict(default=None, type='str'), zabbix_type=dict(default=2, type='int'), value_type=dict(default='int', type='str'), + multiplier=dict(default=None, type='str'), + description=dict(default=None, type='str'), + units=dict(default=None, type='str'), applications=dict(default=None, type='list'), state=dict(default='present', type='str'), ), @@ -137,11 +157,15 @@ def main(): 'templateids': templateid, }) - # Get + #******# + # GET + #******# if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") - # Delete + #******# + # DELETE + #******# if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") @@ -152,12 +176,17 @@ def main(): # Create and Update if state == 'present': + formula, use_multiplier = get_multiplier(module.params['multiplier']) params = {'name': module.params.get('name', module.params['key']), 'key_': module.params['key'], 'hostid': templateid[0], 'type': module.params['zabbix_type'], 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(module.params['applications'], app_name_ids), + 'formula': formula, + 'multiplier': use_multiplier, + 'description': module.params['description'], + 'units': module.params['units'], } # Remove any None valued params diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index bc9aff997..6307bf57a 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -30,6 +30,9 @@ key: "{{ item.key }}" name: "{{ item.name | default(item.key, true) }}" value_type: "{{ item.value_type | default('int') }}" + description: "{{ item.description | default('', True) }}" + multiplier: "{{ item.multiplier | default('', True) }}" + units: "{{ item.units | default('', True) }}" template_name: "{{ template.name }}" applications: "{{ item.applications }}" with_items: template.zitems diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 7c446cd85..fad6af807 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -111,6 +111,9 @@ g_template_os_linux: applications: - Memory value_type: int + description: used memory + multiplier: 1024 + units: B - key: kernel.all.cpu.user applications: @@ -131,6 +134,9 @@ g_template_os_linux: applications: - Memory value_type: int + description: cached memory + multiplier: 1024 + units: B - key: kernel.all.cpu.steal applications: -- cgit v1.2.3 From 12227816bd4722b7982c6dced0b43f60dc82b4e1 Mon Sep 17 00:00:00 2001 From: Wesley Hearn Date: Wed, 9 Sep 2015 09:37:28 -0400 Subject: Default masters to t2.medium instead of t2.small --- playbooks/aws/openshift-cluster/vars.online.int.yml | 2 +- playbooks/aws/openshift-cluster/vars.online.prod.yml | 2 +- playbooks/aws/openshift-cluster/vars.online.stage.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/playbooks/aws/openshift-cluster/vars.online.int.yml b/playbooks/aws/openshift-cluster/vars.online.int.yml index bb18e13b0..2e2f25ccd 100644 --- a/playbooks/aws/openshift-cluster/vars.online.int.yml +++ b/playbooks/aws/openshift-cluster/vars.online.int.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'integration', 'integration-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'integration', 'integration-infra' ] diff --git a/playbooks/aws/openshift-cluster/vars.online.prod.yml b/playbooks/aws/openshift-cluster/vars.online.prod.yml index bbef9cc56..18a53e12e 100644 --- a/playbooks/aws/openshift-cluster/vars.online.prod.yml +++ b/playbooks/aws/openshift-cluster/vars.online.prod.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'production', 'production-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'production', 'production-infra' ] diff --git a/playbooks/aws/openshift-cluster/vars.online.stage.yml b/playbooks/aws/openshift-cluster/vars.online.stage.yml index 9008a55ba..1f9ac4252 100644 --- a/playbooks/aws/openshift-cluster/vars.online.stage.yml +++ b/playbooks/aws/openshift-cluster/vars.online.stage.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'stage', 'stage-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'stage', 'stage-infra' ] -- cgit v1.2.3 From 12b56e720a8221208fbc1c5dd8a7e5732aa4f04e Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 9 Sep 2015 12:03:09 -0400 Subject: Move openshift_data_dir to a fact based on deployment_type Previously this was being set to /var/lib/origin regardless of deployment_type which isn't correct given that existing 'enterprise' and 'online' deployments would have been deployed with /var/lib/openshift --- roles/openshift_common/vars/main.yml | 2 -- roles/openshift_facts/library/openshift_facts.py | 9 +++++++++ roles/openshift_master/templates/master.yaml.v1.j2 | 2 +- roles/openshift_node/templates/node.yaml.v1.j2 | 2 +- 4 files changed, 11 insertions(+), 4 deletions(-) diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml index 817fe0a5f..50816d319 100644 --- a/roles/openshift_common/vars/main.yml +++ b/roles/openshift_common/vars/main.yml @@ -5,5 +5,3 @@ # chains with the public zone (or the zone associated with the correct # interfaces) os_firewall_use_firewalld: False - -openshift_data_dir: /var/lib/origin diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 679c3273a..60d1226d4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -454,6 +454,8 @@ def set_deployment_facts_if_unset(facts): dict: the facts dict updated with the generated deployment_type facts """ + # Perhaps re-factor this as a map? + # pylint: disable=too-many-branches if 'common' in facts: deployment_type = facts['common']['deployment_type'] if 'service_type' not in facts['common']: @@ -470,6 +472,13 @@ def set_deployment_facts_if_unset(facts): elif deployment_type == 'origin': config_base = '/etc/openshift' facts['common']['config_base'] = config_base + if 'data_dir' not in facts['common']: + data_dir = '/var/lib/origin' + if deployment_type in ['enterprise', 'online']: + data_dir = '/var/lib/openshift' + elif deployment_type == 'origin': + data_dir = '/var/lib/openshift' + facts['common']['data_dir'] = data_dir for role in ('master', 'node'): if role in facts: diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 7aa4ce9b6..500690523 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -46,7 +46,7 @@ etcdConfig: certFile: etcd.server.crt clientCA: ca.crt keyFile: etcd.server.key - storageDirectory: {{ openshift_data_dir }}/openshift.local.etcd + storageDirectory: {{ openshift.common.data_dir }}/openshift.local.etcd {% endif %} etcdStorageConfig: kubernetesStoragePrefix: kubernetes.io diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 0f708fb55..07d80f99b 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -25,5 +25,5 @@ servingInfo: certFile: server.crt clientCA: ca.crt keyFile: server.key -volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes +volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes {% include 'partials/kubeletArguments.j2' %} -- cgit v1.2.3 From 4e5ddae5018ebab6cba0ba83de2702adfabeb478 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 10 Sep 2015 11:25:08 -0400 Subject: Adding capability to have descriptions on triggers --- roles/lib_zabbix/library/zbx_trigger.py | 8 +++++--- roles/lib_zabbix/tasks/create_template.yml | 5 +++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index c384f6fa3..a05de7e68 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -98,6 +98,7 @@ def main(): zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), expression=dict(default=None, type='str'), + name=dict(default=None, type='str'), description=dict(default=None, type='str'), dependencies=dict(default=[], type='list'), priority=dict(default='avg', type='str'), @@ -116,11 +117,11 @@ def main(): zbx_class_name = 'trigger' idname = "triggerid" state = module.params['state'] - description = module.params['description'] + tname = module.params['name'] content = zapi.get_content(zbx_class_name, 'get', - {'filter': {'description': description}, + {'filter': {'description': tname}, 'expandExpression': True, 'selectDependencies': 'triggerid', }) @@ -138,7 +139,8 @@ def main(): # Create and Update if state == 'present': - params = {'description': description, + params = {'description': tname, + 'comments': module.params['description'], 'expression': module.params['expression'], 'dependencies': get_deps(zapi, module.params['dependencies']), 'priority': get_priority(module.params['priority']), diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 6307bf57a..fd0cdd46f 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -44,8 +44,9 @@ zbx_server: "{{ server }}" zbx_user: "{{ user }}" zbx_password: "{{ password }}" - description: "{{ item.description }}" - dependencies: "{{ item.dependencies | default([], true) }}" + name: "{{ item.name }}" + description: "{{ item.description | default('', True) }}" + dependencies: "{{ item.dependencies | default([], True) }}" expression: "{{ item.expression }}" priority: "{{ item.priority }}" url: "{{ item.url | default(None, True) }}" -- cgit v1.2.3 From 2f0bbb5781b270d88bccd5fcbe90723f9b3a5930 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Thu, 10 Sep 2015 11:26:22 -0400 Subject: updated triggers and items to have better descriptions and multipliers --- roles/os_zabbix/vars/template_docker.yml | 12 +- roles/os_zabbix/vars/template_heartbeat.yml | 2 +- roles/os_zabbix/vars/template_openshift_master.yml | 2 +- roles/os_zabbix/vars/template_os_linux.yml | 122 ++++++++++++--------- 4 files changed, 81 insertions(+), 57 deletions(-) diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index a1cd3519e..395e054de 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -52,35 +52,35 @@ g_template_docker: - Docker Storage value_type: float ztriggers: - - description: 'docker.ping failed on {HOST.NAME}' + - name: 'docker.ping failed on {HOST.NAME}' expression: '{Template Docker:docker.ping.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_ping.asciidoc' priority: high - - description: 'Docker storage is using LOOPBACK on {HOST.NAME}' + - name: 'Docker storage is using LOOPBACK on {HOST.NAME}' expression: '{Template Docker:docker.storage.is_loopback.last()}<>0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_loopback.asciidoc' priority: high - - description: 'Critically low docker storage data space on {HOST.NAME}' + - name: 'Critically low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.data.space.available.max(#3)}<5' # < 5% or < 5GB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high - - description: 'Critically low docker storage metadata space on {HOST.NAME}' + - name: 'Critically low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.005' # < 5% or < 5MB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high # Put triggers that depend on other triggers here (deps must be created first) - - description: 'Low docker storage data space on {HOST.NAME}' + - name: 'Low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.data.space.available.max(#3)}<10' # < 10% or < 10GB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: - 'Critically low docker storage data space on {HOST.NAME}' priority: average - - description: 'Low docker storage metadata space on {HOST.NAME}' + - name: 'Low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.01' # < 10% or < 10MB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml index 798377cd9..8dbe0d0d6 100644 --- a/roles/os_zabbix/vars/template_heartbeat.yml +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -7,7 +7,7 @@ g_template_heartbeat: - Heartbeat key: heartbeat.ping ztriggers: - - description: 'Heartbeat.ping has failed on {HOST.NAME}' + - name: 'Heartbeat.ping has failed on {HOST.NAME}' expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1' priority: avg url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc' diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index d2c1365b0..728423ac1 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -7,7 +7,7 @@ g_template_openshift_master: - Openshift Master key: create_app ztriggers: - - description: 'Application creation has failed on {HOST.NAME}' + - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' priority: avg diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index fad6af807..3173c79b2 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -52,112 +52,135 @@ g_template_os_linux: - Kernel value_type: float - - key: mem.freemem + - key: kernel.all.cpu.nice applications: - - Memory + - Kernel value_type: int - - key: kernel.all.cpu.nice + - key: kernel.all.load.1_minute applications: - Kernel - value_type: int + value_type: float - - key: mem.util.bufmem + - key: kernel.uname.version applications: - - Memory - value_type: int + - Kernel + value_type: string - - key: swap.used + - key: kernel.all.uptime applications: - - Memory + - Kernel value_type: int - - key: kernel.all.load.1_minute + - key: kernel.all.cpu.user applications: - Kernel - value_type: float + value_type: int - - key: kernel.uname.version + - key: kernel.uname.machine applications: - Kernel value_type: string - - key: swap.length + - key: hinv.ncpu applications: - - Memory + - Kernel value_type: int - - key: mem.physmem + - key: kernel.all.cpu.steal applications: - - Memory + - Kernel value_type: int - - key: kernel.all.uptime + - key: kernel.all.pswitch applications: - Kernel value_type: int - - key: swap.free + - key: kernel.uname.release applications: - - Memory - value_type: int + - Kernel + value_type: string - - key: mem.util.available + - key: proc.nprocs applications: - - Memory + - Kernel value_type: int - - key: mem.util.used + # Memory Items + - key: mem.freemem applications: - Memory value_type: int - description: used memory + description: "PCP: free system memory metric from /proc/meminfo" multiplier: 1024 units: B - - key: kernel.all.cpu.user + - key: mem.util.bufmem applications: - - Kernel + - Memory value_type: int + description: "PCP: Memory allocated for buffer_heads.; I/O buffers metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.uname.machine + - key: swap.used applications: - - Kernel - value_type: string + - Memory + value_type: int + description: "PCP: swap used metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: hinv.ncpu + - key: swap.length applications: - - Kernel + - Memory value_type: int + description: "PCP: total swap available metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: mem.util.cached + - key: mem.physmem applications: - Memory value_type: int - description: cached memory + description: "PCP: The value of this metric corresponds to the \"MemTotal\" field reported by /proc/meminfo. Note that this does not necessarily correspond to actual installed physical memory - there may be areas of the physical address space mapped as ROM in various peripheral devices and the bios may be mirroring certain ROMs in RAM." multiplier: 1024 units: B - - key: kernel.all.cpu.steal + - key: swap.free applications: - - Kernel + - Memory value_type: int + description: "PCP: swap free metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.all.pswitch + - key: mem.util.available applications: - - Kernel + - Memory value_type: int + description: "PCP: The amount of memory that is available for a new workload, without pushing the system into swap. Estimated from MemFree, Active(file), Inactive(file), and SReclaimable, as well as the \"low\" watermarks from /proc/zoneinfo.; available memory from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.uname.release + - key: mem.util.used applications: - - Kernel - value_type: string + - Memory + value_type: int + description: "PCP: Used memory is the difference between mem.physmem and mem.freemem; used memory metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: proc.nprocs + - key: mem.util.cached applications: - - Kernel + - Memory value_type: int + description: "PCP: Memory used by the page cache, including buffered file data. This is in-memory cache for files read from the disk (the pagecache) but doesn't include SwapCached.; page cache metric from /proc/meminfo" + multiplier: 1024 + units: B + # Disk items - key: filesys.full.xvda2 applications: - Disk @@ -169,32 +192,33 @@ g_template_os_linux: value_type: float ztriggers: - - description: 'Filesystem: / has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: / has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - description: 'Filesystem: / has less than 5% free on {HOST.NAME}' + - name: 'Filesystem: / has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - - description: 'Filesystem: /var has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: /var has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - description: 'Filesystem: /var has less than 5% free on {HOST.NAME}' + - name: 'Filesystem: /var has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - - description: 'Too many TOTAL processes on {HOST.NAME}' + - name: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_proc.asciidoc' priority: warn - - description: 'Lack of available memory on {HOST.NAME}' - expression: '{Template OS Linux:mem.freemem.last()}<3000' + - name: 'Lack of available memory on {HOST.NAME}' + expression: '{Template OS Linux:mem.freemem.last()}<30720000' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_memory.asciidoc' priority: warn + description: 'Alert on less than 30MegaBytes. This is 30 Million Bytes. 30000 KB x 1024' -- cgit v1.2.3 From cdfd68f642c586d5d2bba7ff3c4721dc417717c1 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Tue, 8 Sep 2015 16:31:35 -0700 Subject: Create service accounts and set up scc rules --- playbooks/common/openshift-master/config.yml | 9 ++++++++ roles/openshift_serviceaccounts/tasks/main.yml | 26 ++++++++++++++++++++++ .../templates/serviceaccount.j2 | 4 ++++ 3 files changed, 39 insertions(+) create mode 100644 roles/openshift_serviceaccounts/tasks/main.yml create mode 100644 roles/openshift_serviceaccounts/templates/serviceaccount.j2 diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 4a4a69f50..64cf7a65b 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -236,3 +236,12 @@ tasks: - file: name={{ g_master_mktemp.stdout }} state=absent changed_when: False + +- name: Configure service accounts + hosts: oo_first_master + + vars: + accounts: ["router", "registry"] + + roles: + - openshift_serviceaccounts diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml new file mode 100644 index 000000000..9665d0a72 --- /dev/null +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -0,0 +1,26 @@ +- name: Create service account configs + template: + src: serviceaccount.j2 + dest: "/tmp/{{ item }}-serviceaccount.yaml" + with_items: accounts + +- name: Create {{ item }} service account + command: > + {{ openshift.common.client_binary }} create -f "/tmp/{{ item }}-serviceaccount.yaml" + with_items: accounts + register: _sa_result + failed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc != 0" + changed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc == 0" + +- name: Get current security context constraints + shell: "{{ openshift.common.client_binary }} get scc privileged -o yaml > /tmp/scc.yaml" + +- name: Add security context constraint for {{ item }} + lineinfile: + dest: /tmp/scc.yaml + line: "- system:serviceaccount:default:{{ item }}" + insertafter: "^users:$" + with_items: accounts + +- name: Apply new scc rules for service accounts + command: "{{ openshift.common.client_binary }} replace -f /tmp/scc.yaml" diff --git a/roles/openshift_serviceaccounts/templates/serviceaccount.j2 b/roles/openshift_serviceaccounts/templates/serviceaccount.j2 new file mode 100644 index 000000000..931e249f9 --- /dev/null +++ b/roles/openshift_serviceaccounts/templates/serviceaccount.j2 @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ item }} -- cgit v1.2.3 From 5adc02254b9eb4ac2e308104711eeec7e39b2c4e Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 11 Sep 2015 13:01:20 -0400 Subject: Fixes for zbx api --- roles/lib_zabbix/library/zbx_item.py | 6 +++--- roles/lib_zabbix/library/zbx_user.py | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 11e3c7b2b..2ccc21292 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -92,7 +92,7 @@ def get_multiplier(inval): ''' Determine the multiplier ''' if inval == None or inval == '': - return None, None + return None, 0 rval = None try: @@ -101,9 +101,9 @@ def get_multiplier(inval): pass if rval: - return rval, True + return rval, 1 - return rval, False + return rval, 0 # The branches are needed for CRUD and error handling # pylint: disable=too-many-branches diff --git a/roles/lib_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py index c916fa96a..62c85c1bf 100644 --- a/roles/lib_zabbix/library/zbx_user.py +++ b/roles/lib_zabbix/library/zbx_user.py @@ -164,7 +164,7 @@ def main(): if key == 'usrgrps': # this must be done as a list of ordered dictionaries fails comparison - if not all([True for _ in zab_results[key][0] if _ in value[0]]): + if not all([_ in value for _ in zab_results[key]]): differences[key] = value elif zab_results[key] != value and zab_results[key] != str(value): -- cgit v1.2.3 From 31035f3ee85ceadb74804c406788059e92db9891 Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Thu, 17 Sep 2015 11:17:24 -0400 Subject: Added zabbix item openshift.master.process.exist and trigger to watch it. --- roles/os_zabbix/tasks/main.yml | 9 +++++++++ roles/os_zabbix/vars/template_openshift_master.yml | 17 +++++++++++++++++ roles/os_zabbix/vars/template_openshift_node.yml | 20 ++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 roles/os_zabbix/vars/template_openshift_node.yml diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index f9672b9c4..8347e9a61 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -11,6 +11,7 @@ - include_vars: template_os_linux.yml - include_vars: template_docker.yml - include_vars: template_openshift_master.yml +- include_vars: template_openshift_node.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -43,3 +44,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template Openshift Node + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_openshift_node }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 728423ac1..c71e07910 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -6,8 +6,25 @@ g_template_openshift_master: applications: - Openshift Master key: create_app + + - key: openshift.master.process.count + description: Shows number of master processes running + type: int + applications: + - Openshift Master + ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' priority: avg + + - name: 'Openshift Master process not running on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.process.count.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high + + - name: 'Too many Openshift Master processes running on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.process.count.min(#3)}>1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml new file mode 100644 index 000000000..36f9cc4a3 --- /dev/null +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -0,0 +1,20 @@ +--- +g_template_openshift_node: + name: Template Openshift Node + zitems: + - key: openshift.node.process.count + description: Shows number of OpenShift Node processes running + type: int + applications: + - Openshift Node + + ztriggers: + - name: 'Openshift Node process not running on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + priority: high + + - name: 'Too many Openshift Node processes running on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.process.count.min(#3)}>1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + priority: high -- cgit v1.2.3 From c1c8d6045e22a01e81f582bd4b80cc8fadf6e035 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 18 Sep 2015 10:54:39 -0400 Subject: added the docker loopback fixer script --- .../docker_loopback_to_lvm/docker-storage-setup | 2 + .../docker_loopback_to_direct_lvm.yml | 141 +++++++++++++++++++++ 2 files changed, 143 insertions(+) create mode 100644 playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup create mode 100644 playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup b/playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup new file mode 100644 index 000000000..059058823 --- /dev/null +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup @@ -0,0 +1,2 @@ +DEVS=/dev/xvdb +VG=docker_vg diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml new file mode 100644 index 000000000..70c6e03dc --- /dev/null +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -0,0 +1,141 @@ +--- +# This playbook coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker) +# in AWS. This adds an additional EBS volume and creates the Volume Group on this EBS volume to use. +# +# To run: +# 1. Source your AWS credentials (make sure it's the corresponding AWS account) into your environment +# export AWS_ACCESS_KEY_ID='XXXXX' +# export AWS_SECRET_ACCESS_KEY='XXXXXX' +# +# 2. run the playbook: +# ansible-playbook -e 'cli_environment=' -e "cli_volume_size=30" -e docker_loopback_to_direct_lvm.yml.yml +# +# Notes: +# * By default this will do a 30GB volume. +# * iops are calculated by Disk Size * 30. e.g ( 30GB * 30) = 900 iops +# * This will remove /var/lib/docker! +# * You may need to re-deploy docker images after this is run (like monitoring) +# + +- name: Fix docker to have a provisioned iops drive + hosts: "tag_Name_{{ cli_tag_name }}" + user: root + connection: ssh + gather_facts: no + + vars: + cli_volume_type: io1 + cli_volume_size: 30 + cli_volume_iops: {{ 30 * cli_volume_size}} + + pre_tasks: + - fail: + msg: "This playbook requires {{item}} to be set." + when: "{{ item }} is not defined or {{ item }} == ''" + with_items: + - cli_tag_name + - cli_volume_size + + - debug: + var: hosts + + - name: start docker + service: + name: docker + state: started + + - name: Determine if loopback + shell: docker info | grep 'Data file:.*loop' + register: loop_device_check + ignore_errors: yes + + - debug: + var: loop_device_check + + - name: fail if we don't detect loopback + fail: + msg: loopback not detected! Please investigate manually. + when: loop_device_check.rc == 1 + + - name: stop zagg client monitoring container + service: + name: oso-rhel7-zagg-client + state: stopped + ignore_errors: yes + + - name: stop pcp client monitoring container + service: + name: oso-f22-host-monitoring + state: stopped + ignore_errors: yes + + - name: stop docker + service: + name: docker + state: stopped + + - name: delete /var/lib/docker + command: rm -rf /var/lib/docker + + - name: remove /var/lib/docker + command: rm -rf /var/lib/docker + + - name: check to see if /dev/xvdb exists + command: test -e /dev/xvdb + register: xvdb_check + ignore_errors: yes + + - debug: var=xvdb_check + + - name: fail if /dev/xvdb already exists + fail: + msg: /dev/xvdb already exists. Please investigate + when: xvdb_check.rc == 0 + + - name: Create a volume and attach it + delegate_to: localhost + ec2_vol: + state: present + instance: "{{ ec2_id }}" + region: "{{ ec2_region }}" + volume_size: "{{ cli_volume_size | default(30, True)}}" + volume_type: "{{ cli_volume_type }}" + device_name: /dev/xvdb + iops: "{{ 30 * cli_volume_size }}" + register: vol + + - debug: var=vol + + - name: tag the vol with a name + delegate_to: localhost + ec2_tag: region={{ ec2_region }} resource={{ vol.volume_id }} + args: + tags: + Name: "{{ ec2_tag_Name }}" + env: "{{ ec2_tag_environment }}" + register: voltags + + - name: Wait for volume to attach + pause: + seconds: 30 + + - name: copy the docker-storage-setup config file + copy: + src: docker-storage-setup + dest: /etc/sysconfig/docker-storage-setup + owner: root + group: root + mode: 0664 + + - name: docker storage setup + command: docker-storage-setup + register: setup_output + + - debug: var=setup_output + + + - name: start docker + command: systemctl start docker.service + register: dockerstart + + - debug: var=dockerstart -- cgit v1.2.3 From 246fa73c71387f0c44d1689907416ca5da5bba2f Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 18 Sep 2015 11:16:52 -0400 Subject: cleaned up some errors in loopback playbook --- .../adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 70c6e03dc..74cc9f628 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -8,7 +8,10 @@ # export AWS_SECRET_ACCESS_KEY='XXXXXX' # # 2. run the playbook: -# ansible-playbook -e 'cli_environment=' -e "cli_volume_size=30" -e docker_loopback_to_direct_lvm.yml.yml +# ansible-playbook -e 'cli_tag_name=' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml +# +# Example: +# ansible-playbook -e 'cli_tag_name=ops-master-f58e0' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml # # Notes: # * By default this will do a 30GB volume. @@ -26,7 +29,7 @@ vars: cli_volume_type: io1 cli_volume_size: 30 - cli_volume_iops: {{ 30 * cli_volume_size}} + cli_volume_iops: "{{ 30 * cli_volume_size }}" pre_tasks: - fail: -- cgit v1.2.3 From 92cc48330ed171171c6a370644a4778727018fad Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 18 Sep 2015 12:14:39 -0400 Subject: added playbook for docker storage cleanup --- .../docker_loopback_to_direct_lvm.yml | 11 +++- .../docker_storage_cleanup.yml | 69 ++++++++++++++++++++++ 2 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 74cc9f628..c9ae923bb 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -11,7 +11,7 @@ # ansible-playbook -e 'cli_tag_name=' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml # # Example: -# ansible-playbook -e 'cli_tag_name=ops-master-f58e0' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml +# ansible-playbook -e 'cli_tag_name=ops-master-12345' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml # # Notes: # * By default this will do a 30GB volume. @@ -136,9 +136,16 @@ - debug: var=setup_output - - name: start docker command: systemctl start docker.service register: dockerstart - debug: var=dockerstart + + - name: Wait for docker to stabilize + pause: + seconds: 30 + + # leaving off the '-t' for docker exec. With it, it doesn't work with ansible and tty support + - name: update zabbix docker items + command: docker exec -i oso-rhel7-zagg-client /usr/local/bin/cron-send-docker-metrics.py diff --git a/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml new file mode 100644 index 000000000..1946a5f4f --- /dev/null +++ b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml @@ -0,0 +1,69 @@ +--- +# This playbook attempts to cleanup unwanted docker files to help alleviate docker disk space issues. +# +# To run: +# +# 1. run the playbook: +# +# ansible-playbook -e 'cli_tag_name=' docker_storage_cleanup.yml +# +# Example: +# +# ansible-playbook -e 'cli_tag_name=ops-node-compute-12345' docker_storage_cleanup.yml +# +# Notes: +# * This *should* not interfere with running docker images +# + +- name: Clean up Docker Storage + gather_facts: no + hosts: "tag_Name_{{ cli_tag_name }}" + user: root + connection: ssh + + pre_tasks: + + - fail: + msg: "This playbook requires {{item}} to be set." + when: "{{ item }} is not defined or {{ item }} == ''" + with_items: + - cli_tag_name + + - name: Ensure docker is running + service: + name: docker + state: started + enabled: yes + + - name: Get docker info + command: docker info + register: docker_info + + - name: Show docker info + debug: + var: docker_info.stdout_lines + + - name: Remove exited and dead containers + shell: "docker ps -a | awk '/Exited|Dead/ {print $1}' | xargs --no-run-if-empty docker rm" + ignore_errors: yes + + - name: Remove dangling docker images + shell: "docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi" + ignore_errors: yes + + - name: Remove non-running docker images + shell: "docker images -aq | xargs --no-run-if-empty docker rmi 2>/dev/null" + ignore_errors: yes + + # leaving off the '-t' for docker exec. With it, it doesn't work with ansible and tty support + - name: update zabbix docker items + command: docker exec -i oso-rhel7-zagg-client /usr/local/bin/cron-send-docker-metrics.py + + # Get and show docker info again. + - name: Get docker info + command: docker info + register: docker_info + + - name: Show docker info + debug: + var: docker_info.stdout_lines -- cgit v1.2.3 From f326278f05d030ee2b2ce2368c1386540a1bcc47 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Fri, 18 Sep 2015 13:47:44 -0400 Subject: Update origin paths for v1.0.6 Origin now uses /etc/origin and /var/lib/origin as of v1.0.6. The RPMs will create a symlinks from /etc/origin to /etc/openshift and /var/lib/origin to /var/lib/openshift if the openshift directories exist. However on clean installs /etc/openshift won't exist. --- roles/openshift_facts/library/openshift_facts.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 60d1226d4..991b8da66 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -461,7 +461,7 @@ def set_deployment_facts_if_unset(facts): if 'service_type' not in facts['common']: service_type = 'atomic-openshift' if deployment_type == 'origin': - service_type = 'openshift' + service_type = 'origin' elif deployment_type in ['enterprise', 'online']: service_type = 'openshift' facts['common']['service_type'] = service_type @@ -469,15 +469,11 @@ def set_deployment_facts_if_unset(facts): config_base = '/etc/origin' if deployment_type in ['enterprise', 'online']: config_base = '/etc/openshift' - elif deployment_type == 'origin': - config_base = '/etc/openshift' facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' if deployment_type in ['enterprise', 'online']: data_dir = '/var/lib/openshift' - elif deployment_type == 'origin': - data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir for role in ('master', 'node'): -- cgit v1.2.3 From d02e346a12c356bd87c0e233d22db03791732841 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Mon, 21 Sep 2015 10:47:52 -0400 Subject: commented out dangerous playbook option for cleanup --- playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml index 1946a5f4f..53a5c15ef 100644 --- a/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml +++ b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml @@ -51,9 +51,10 @@ shell: "docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi" ignore_errors: yes - - name: Remove non-running docker images - shell: "docker images -aq | xargs --no-run-if-empty docker rmi 2>/dev/null" - ignore_errors: yes +# mwoodson & twiest: this is dangerous, commenting out for now. +# - name: Remove non-running docker images +# shell: "docker images -aq | xargs --no-run-if-empty docker rmi 2>/dev/null" +# ignore_errors: yes # leaving off the '-t' for docker exec. With it, it doesn't work with ansible and tty support - name: update zabbix docker items -- cgit v1.2.3 From 15fef0ed1619709446d7dd0b61d198cc650f53cc Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Mon, 21 Sep 2015 12:51:56 -0400 Subject: changed the docker cleanup to exclude certain registries --- playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml index 53a5c15ef..a19291a9f 100644 --- a/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml +++ b/playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml @@ -51,10 +51,9 @@ shell: "docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi" ignore_errors: yes -# mwoodson & twiest: this is dangerous, commenting out for now. -# - name: Remove non-running docker images -# shell: "docker images -aq | xargs --no-run-if-empty docker rmi 2>/dev/null" -# ignore_errors: yes + - name: Remove non-running docker images + shell: "docker images | grep -v -e registry.access.redhat.com -e docker-registry.usersys.redhat.com -e docker-registry.ops.rhcloud.com | awk '{print $3}' | xargs --no-run-if-empty docker rmi 2>/dev/null" + ignore_errors: yes # leaving off the '-t' for docker exec. With it, it doesn't work with ansible and tty support - name: update zabbix docker items -- cgit v1.2.3 From b800a153702168419d93ca82c8fa28f009bb64be Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 22 Sep 2015 14:57:37 -0400 Subject: Fixed a few bugs and added support for prototypes and discoveryrules. --- roles/lib_zabbix/library/zbx_discoveryrule.py | 36 +++++++++++++++-- roles/lib_zabbix/library/zbx_itemprototype.py | 56 +++++++++++++++++++++------ 2 files changed, 76 insertions(+), 16 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py index 71a0580c2..71141bd54 100644 --- a/roles/lib_zabbix/library/zbx_discoveryrule.py +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -85,6 +85,7 @@ def main(): Ansible module for zabbix discovery rules ''' + module = AnsibleModule( argument_spec=dict( zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), @@ -113,18 +114,27 @@ def main(): idname = "itemid" dname = module.params['name'] state = module.params['state'] + template = get_template(zapi, module.params['template_name']) # selectInterfaces doesn't appear to be working but is needed. content = zapi.get_content(zbx_class_name, 'get', {'search': {'name': dname}, + 'templateids': template['templateid'], #'selectDServices': 'extend', #'selectDChecks': 'extend', #'selectDhosts': 'dhostid', }) + + #******# + # GET + #******# if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") + #******# + # DELETE + #******# if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") @@ -132,8 +142,9 @@ def main(): content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) module.exit_json(changed=True, results=content['result'], state="absent") + + # Create and Update if state == 'present': - template = get_template(zapi, module.params['template_name']) params = {'name': dname, 'key_': module.params['key'], 'hostid': template['templateid'], @@ -144,12 +155,23 @@ def main(): if params['type'] in [2, 5, 7, 11]: params.pop('interfaceid') + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# if not exists(content): - # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties + + ######## + # UPDATE + ######## differences = {} zab_results = content['result'][0] for key, value in params.items(): @@ -161,8 +183,14 @@ def main(): module.exit_json(changed=False, results=zab_results, state="present") # We have differences and need to update + module.exit_json(failed=True, changed=False, results=differences, state="present") + differences[idname] = zab_results[idname] content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state="present") module.exit_json(failed=True, diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index 24f85710d..b93b7729e 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -38,13 +38,14 @@ def exists(content, key='result'): return True -def get_rule_id(zapi, discoveryrule_name): +def get_rule_id(zapi, discoveryrule_name, templateid): '''get a discoveryrule by name ''' content = zapi.get_content('discoveryrule', 'get', {'search': {'name': discoveryrule_name}, 'output': 'extend', + 'templateids': templateid, }) if not content['result']: return None @@ -53,6 +54,9 @@ def get_rule_id(zapi, discoveryrule_name): def get_template(zapi, template_name): '''get a template by name ''' + if not template_name: + return None + content = zapi.get_content('template', 'get', {'search': {'host': template_name}, @@ -134,6 +138,7 @@ def get_app_ids(zapi, application_names): app_ids.append(content['result'][0]['applicationid']) return app_ids +# pylint: disable=too-many-branches def main(): ''' Ansible module for zabbix discovery rules @@ -152,10 +157,10 @@ def main(): value_type=dict(default='float', type='str'), delay=dict(default=60, type='int'), lifetime=dict(default=30, type='int'), - template_name=dict(default=[], type='list'), + template_name=dict(default=None, required=True, type='str'), state=dict(default='present', type='str'), status=dict(default='enabled', type='str'), - discoveryrule_name=dict(default=None, type='str'), + discoveryrule_name=dict(default=None, required=True, type='str'), applications=dict(default=[], type='list'), ), #supports_check_mode=True @@ -169,20 +174,26 @@ def main(): #Set the instance and the template for the rest of the calls zbx_class_name = 'itemprototype' idname = "itemid" - dname = module.params['name'] state = module.params['state'] + template = get_template(zapi, module.params['template_name']) # selectInterfaces doesn't appear to be working but is needed. content = zapi.get_content(zbx_class_name, 'get', - {'search': {'name': dname}, + {'search': {'name': module.params['name']}, 'selectApplications': 'applicationid', 'selectDiscoveryRule': 'itemid', - #'selectDhosts': 'dhostid', }) + + #******# + # GET + #******# if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") + #******# + # DELETE + #******# if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") @@ -190,26 +201,38 @@ def main(): content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) module.exit_json(changed=True, results=content['result'], state="absent") + # Create and Update if state == 'present': - template = get_template(zapi, module.params['template_name']) - params = {'name': dname, + params = {'name': module.params['name'], 'key_': module.params['key'], 'hostid': template['templateid'], 'interfaceid': module.params['interfaceid'], - 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name']), + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name'], template['templateid']), 'type': get_type(module.params['ztype']), 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(zapi, module.params['applications']), } + if params['type'] in [2, 5, 7, 8, 11, 15]: params.pop('interfaceid') + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# if not exists(content): - # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state='present') - # already exists, we need to update it - # let's compare properties + + #******# + # UPDATE + #******# differences = {} zab_results = content['result'][0] for key, value in params.items(): @@ -218,6 +241,11 @@ def main(): if value != zab_results['discoveryRule']['itemid']: differences[key] = value + elif key == 'applications': + app_ids = [app['applicationid'] for app in zab_results[key]] + if set(app_ids) - set(value): + differences[key] = value + elif zab_results[key] != value and zab_results[key] != str(value): differences[key] = value @@ -227,6 +255,10 @@ def main(): # We have differences and need to update differences[idname] = zab_results[idname] content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state="present") module.exit_json(failed=True, -- cgit v1.2.3 From 176258e9c9e9254fed8ba997a80a0262b5e2ede5 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 22 Sep 2015 15:33:39 -0400 Subject: Fixed a bug and removed the need for template and discoveryrule --- roles/lib_zabbix/library/zbx_discoveryrule.py | 2 -- roles/lib_zabbix/library/zbx_itemprototype.py | 12 +++++------- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py index 71141bd54..f32267818 100644 --- a/roles/lib_zabbix/library/zbx_discoveryrule.py +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -183,8 +183,6 @@ def main(): module.exit_json(changed=False, results=zab_results, state="present") # We have differences and need to update - module.exit_json(failed=True, changed=False, results=differences, state="present") - differences[idname] = zab_results[idname] content = zapi.get_content(zbx_class_name, 'update', differences) diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index b93b7729e..75b9e25b7 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -157,10 +157,8 @@ def main(): value_type=dict(default='float', type='str'), delay=dict(default=60, type='int'), lifetime=dict(default=30, type='int'), - template_name=dict(default=None, required=True, type='str'), state=dict(default='present', type='str'), status=dict(default='enabled', type='str'), - discoveryrule_name=dict(default=None, required=True, type='str'), applications=dict(default=[], type='list'), ), #supports_check_mode=True @@ -175,14 +173,14 @@ def main(): zbx_class_name = 'itemprototype' idname = "itemid" state = module.params['state'] - template = get_template(zapi, module.params['template_name']) # selectInterfaces doesn't appear to be working but is needed. content = zapi.get_content(zbx_class_name, 'get', - {'search': {'name': module.params['name']}, + {'search': {'key_': module.params['key']}, 'selectApplications': 'applicationid', 'selectDiscoveryRule': 'itemid', + 'templated': True, }) #******# @@ -205,9 +203,9 @@ def main(): if state == 'present': params = {'name': module.params['name'], 'key_': module.params['key'], - 'hostid': template['templateid'], + 'hostid': content['result'][0]['hostid'], 'interfaceid': module.params['interfaceid'], - 'ruleid': get_rule_id(zapi, module.params['discoveryrule_name'], template['templateid']), + 'ruleid': content['result'][0]['discoveryRule']['itemid'], 'type': get_type(module.params['ztype']), 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(zapi, module.params['applications']), @@ -226,7 +224,7 @@ def main(): content = zapi.get_content(zbx_class_name, 'create', params) if content.has_key('error'): - module.exit_json(failed=True, changed=True, results=content['error'], state="present") + module.exit_json(failed=True, changed=False, results=content['error'], state="present") module.exit_json(changed=True, results=content['result'], state='present') -- cgit v1.2.3 From 984c3f7e47039be37b700536367d26ca02b61522 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 22 Sep 2015 15:56:46 -0400 Subject: Added descriptions and parameters required for associating prototypes to discovery rules. --- roles/lib_zabbix/library/zbx_discoveryrule.py | 2 ++ roles/lib_zabbix/library/zbx_itemprototype.py | 13 +++++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py index f32267818..f52f350a5 100644 --- a/roles/lib_zabbix/library/zbx_discoveryrule.py +++ b/roles/lib_zabbix/library/zbx_discoveryrule.py @@ -94,6 +94,7 @@ def main(): zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), key=dict(default=None, type='str'), + description=dict(default=None, type='str'), interfaceid=dict(default=None, type='int'), ztype=dict(default='trapper', type='str'), delay=dict(default=60, type='int'), @@ -151,6 +152,7 @@ def main(): 'interfaceid': module.params['interfaceid'], 'lifetime': module.params['lifetime'], 'type': get_type(module.params['ztype']), + 'description': module.params['description'], } if params['type'] in [2, 5, 7, 11]: params.pop('interfaceid') diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index 75b9e25b7..4ec1b8e02 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -38,12 +38,12 @@ def exists(content, key='result'): return True -def get_rule_id(zapi, discoveryrule_name, templateid): +def get_rule_id(zapi, discoveryrule_key, templateid): '''get a discoveryrule by name ''' content = zapi.get_content('discoveryrule', 'get', - {'search': {'name': discoveryrule_name}, + {'search': {'key_': discoveryrule_key}, 'output': 'extend', 'templateids': templateid, }) @@ -152,6 +152,7 @@ def main(): zbx_debug=dict(default=False, type='bool'), name=dict(default=None, type='str'), key=dict(default=None, type='str'), + description=dict(default=None, type='str'), interfaceid=dict(default=None, type='int'), ztype=dict(default='trapper', type='str'), value_type=dict(default='float', type='str'), @@ -160,6 +161,8 @@ def main(): state=dict(default='present', type='str'), status=dict(default='enabled', type='str'), applications=dict(default=[], type='list'), + template_name=dict(default=None, type='str'), + discoveryrule_key=dict(default=None, type='str'), ), #supports_check_mode=True ) @@ -173,6 +176,7 @@ def main(): zbx_class_name = 'itemprototype' idname = "itemid" state = module.params['state'] + template = get_template(zapi, module.params['template_name']) # selectInterfaces doesn't appear to be working but is needed. content = zapi.get_content(zbx_class_name, @@ -203,12 +207,13 @@ def main(): if state == 'present': params = {'name': module.params['name'], 'key_': module.params['key'], - 'hostid': content['result'][0]['hostid'], + 'hostid': template['templateid'], 'interfaceid': module.params['interfaceid'], - 'ruleid': content['result'][0]['discoveryRule']['itemid'], + 'ruleid': get_rule_id(zapi, module.params['discoveryrule_key'], template['templateid']), 'type': get_type(module.params['ztype']), 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(zapi, module.params['applications']), + 'description': module.params['description'], } if params['type'] in [2, 5, 7, 8, 11, 15]: -- cgit v1.2.3 From 44f2904159c5a3e0045eb413287a9c1778f91adb Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 10 Sep 2015 10:27:35 -0400 Subject: Upgrades --- playbooks/adhoc/upgrades/README.md | 21 +++++ playbooks/adhoc/upgrades/filter_plugins | 1 + playbooks/adhoc/upgrades/lookup_plugins | 1 + playbooks/adhoc/upgrades/roles | 1 + playbooks/adhoc/upgrades/upgrade.yml | 115 +++++++++++++++++++++++++ roles/etcd/tasks/main.yml | 1 + roles/etcd_ca/tasks/main.yml | 1 + roles/fluentd_master/tasks/main.yml | 1 - roles/openshift_examples/defaults/main.yml | 2 + roles/openshift_examples/tasks/main.yml | 12 +-- roles/openshift_master/tasks/main.yml | 2 + roles/openshift_node/tasks/main.yml | 1 + roles/openshift_serviceaccounts/tasks/main.yml | 2 +- 13 files changed, 153 insertions(+), 8 deletions(-) create mode 100644 playbooks/adhoc/upgrades/README.md create mode 120000 playbooks/adhoc/upgrades/filter_plugins create mode 120000 playbooks/adhoc/upgrades/lookup_plugins create mode 120000 playbooks/adhoc/upgrades/roles create mode 100644 playbooks/adhoc/upgrades/upgrade.yml diff --git a/playbooks/adhoc/upgrades/README.md b/playbooks/adhoc/upgrades/README.md new file mode 100644 index 000000000..6de8a970f --- /dev/null +++ b/playbooks/adhoc/upgrades/README.md @@ -0,0 +1,21 @@ +# [NOTE] +This playbook will re-run installation steps overwriting any local +modifications. You should ensure that your inventory has been updated with any +modifications you've made after your initial installation. If you find any items +that cannot be configured via ansible please open an issue at +https://github.com/openshift/openshift-ansible + +# Overview +This playbook is available as a technical preview. It currently performs the +following steps. + + * Upgrade and restart master services + * Upgrade and restart node services + * Applies latest configuration by re-running the installation playbook + * Applies the latest cluster policies + * Updates the default router if one exists + * Updates the default registry if one exists + * Updates image streams and quickstarts + +# Usage +ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/adhoc/upgrades/upgrade.yml diff --git a/playbooks/adhoc/upgrades/filter_plugins b/playbooks/adhoc/upgrades/filter_plugins new file mode 120000 index 000000000..b0b7a3414 --- /dev/null +++ b/playbooks/adhoc/upgrades/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/lookup_plugins b/playbooks/adhoc/upgrades/lookup_plugins new file mode 120000 index 000000000..73cafffe5 --- /dev/null +++ b/playbooks/adhoc/upgrades/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/roles b/playbooks/adhoc/upgrades/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/adhoc/upgrades/roles @@ -0,0 +1 @@ +../../../roles/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml new file mode 100644 index 000000000..e666f0472 --- /dev/null +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -0,0 +1,115 @@ +--- +- name: Re-Run cluster configuration to apply latest configuration changes + include: ../../common/openshift-cluster/config.yml + vars: + g_etcd_group: "{{ 'etcd' }}" + g_masters_group: "{{ 'masters' }}" + g_nodes_group: "{{ 'nodes' }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_deployment_type: "{{ deployment_type }}" + +- name: Upgrade masters + hosts: masters + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade master packages + yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + +- name: Upgrade nodes + hosts: nodes + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade node packages + yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }} state=latest + - name: Restart node services + service: name="{{ openshift.common.service_type }}-node" state=restarted + +- name: Determine new master version + hosts: oo_first_master + tasks: + - name: Determine new version + command: > + rpm -q --queryformat '%{version}' {{ openshift.common.service_type }}-master + register: _new_version + +- name: Ensure AOS 3.0.2 or Origin 1.0.6 + hosts: oo_first_master + tasks: + fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later + when: _new_version.stdout < 1.0.6 or (_new_version.stdout >= 3.0 and _new_version.stdout < 3.0.2) + +- name: Update cluster policy + hosts: oo_first_master + tasks: + - name: oadm policy reconcile-cluster-roles --confirm + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-roles --confirm + +- name: Upgrade default router + hosts: oo_first_master + vars: + - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" + - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + tasks: + - name: Check for default router + command: > + {{ oc_cmd }} get -n default dc/router + register: _default_router + failed_when: false + changed_when: false + - name: Check for allowHostNetwork and allowHostPorts + when: _default_router.rc == 0 + shell: > + {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork + register: _scc + - name: Grant allowHostNetwork and allowHostPorts + when: + - _default_router.rc == 0 + - "'false' in _scc.stdout" + command: > + {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 + - name: Update deployment config to 1.0.4/3.0.1 spec + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' + - name: Switch to hostNetwork=true + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' + - name: Update router image to current version + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + +- name: Upgrade default + hosts: oo_first_master + vars: + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" + - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + tasks: + - name: Check for default registry + command: > + {{ oc_cmd }} get -n default dc/docker-registry + register: _default_registry + failed_when: false + changed_when: false + - name: Update registry image to current version + when: _default_registry.rc == 0 + command: > + {{ oc_cmd }} patch dc/docker-registry -p + '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' + +- name: Update image streams and templates + hosts: oo_first_master + vars: + openshift_examples_import_command: "update" + openshift_deployment_type: "{{ deployment_type }}" + roles: + - openshift_examples diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 27bfb7de9..656901409 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -38,6 +38,7 @@ template: src: etcd.conf.j2 dest: /etc/etcd/etcd.conf + backup: true notify: - restart etcd diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml index 8a266f732..625756867 100644 --- a/roles/etcd_ca/tasks/main.yml +++ b/roles/etcd_ca/tasks/main.yml @@ -18,6 +18,7 @@ - template: dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf" src: openssl_append.j2 + backup: true - assemble: src: "{{ etcd_ca_dir }}/fragments" diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index 69f8eceab..55cd94460 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -52,4 +52,3 @@ name: 'td-agent' state: started enabled: yes - diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 3246790aa..7d4f100e3 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -14,3 +14,5 @@ db_templates_base: "{{ examples_base }}/db-templates" xpaas_image_streams: "{{ examples_base }}/xpaas-streams/jboss-image-streams.json" xpaas_templates_base: "{{ examples_base }}/xpaas-templates" quickstarts_base: "{{ examples_base }}/quickstart-templates" + +openshift_examples_import_command: "create" diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index bfc6dfb0a..3a829a4c6 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -7,7 +7,7 @@ # RHEL and Centos image streams are mutually exclusive - name: Import RHEL streams command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ rhel_image_streams }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ rhel_image_streams }} when: openshift_examples_load_rhel register: oex_import_rhel_streams failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0" @@ -15,7 +15,7 @@ - name: Import Centos Image streams command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ centos_image_streams }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ centos_image_streams }} when: openshift_examples_load_centos | bool register: oex_import_centos_streams failed_when: "'already exists' not in oex_import_centos_streams.stderr and oex_import_centos_streams.rc != 0" @@ -23,7 +23,7 @@ - name: Import db templates command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ db_templates_base }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ db_templates_base }} when: openshift_examples_load_db_templates | bool register: oex_import_db_templates failed_when: "'already exists' not in oex_import_db_templates.stderr and oex_import_db_templates.rc != 0" @@ -31,7 +31,7 @@ - name: Import quickstart-templates command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ quickstarts_base }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ quickstarts_base }} when: openshift_examples_load_quickstarts register: oex_import_quickstarts failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" @@ -40,7 +40,7 @@ - name: Import xPaas image streams command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ xpaas_image_streams }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_image_streams }} when: openshift_examples_load_xpaas | bool register: oex_import_xpaas_streams failed_when: "'already exists' not in oex_import_xpaas_streams.stderr and oex_import_xpaas_streams.rc != 0" @@ -48,7 +48,7 @@ - name: Import xPaas templates command: > - {{ openshift.common.client_binary }} create -n openshift -f {{ xpaas_templates_base }} + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_templates_base }} when: openshift_examples_load_xpaas | bool register: oex_import_xpaas_templates failed_when: "'already exists' not in oex_import_xpaas_templates.stderr and oex_import_xpaas_templates.rc != 0" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b57711b58..fa12005ab 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -100,6 +100,7 @@ template: dest: "{{ openshift_master_scheduler_conf }}" src: scheduler.json.j2 + backup: true notify: - restart master @@ -129,6 +130,7 @@ template: dest: "{{ openshift_master_config_file }}" src: master.yaml.v1.j2 + backup: true notify: - restart master diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 1986b631e..e8cc499c0 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -47,6 +47,7 @@ template: dest: "{{ openshift_node_config_file }}" src: node.yaml.v1.j2 + backup: true notify: - restart node diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index 9665d0a72..d93a25a21 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -23,4 +23,4 @@ with_items: accounts - name: Apply new scc rules for service accounts - command: "{{ openshift.common.client_binary }} replace -f /tmp/scc.yaml" + command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml" -- cgit v1.2.3 From 6c6635df9d2fb57b1e70bfc63b7301b7e7c28d72 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 17 Sep 2015 15:01:51 -0700 Subject: Added S3 docker-registry config script --- playbooks/adhoc/s3_registry/s3_registry.j2 | 20 +++++++++++ playbooks/adhoc/s3_registry/s3_registry.yml | 55 +++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 playbooks/adhoc/s3_registry/s3_registry.j2 create mode 100644 playbooks/adhoc/s3_registry/s3_registry.yml diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2 new file mode 100644 index 000000000..eb8660f6c --- /dev/null +++ b/playbooks/adhoc/s3_registry/s3_registry.j2 @@ -0,0 +1,20 @@ +version: 0.1 +log: + level: debug +http: + addr: :5000 +storage: + cache: + layerinfo: inmemory + s3: + accesskey: {{ accesskey }} + secretkey: {{ secretkey }} + region: us-east-1 + bucket: {{ bucketname }} + encrypt: true + secure: true + v4auth: true + rootdirectory: /registry +middleware: + repository: + - name: openshift diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml new file mode 100644 index 000000000..61280df0b --- /dev/null +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -0,0 +1,55 @@ +--- +# This playbook creates an S3 bucket, if it doesn't already exist, and configures the docker registry service to use the bucket as its backend storage. +# Usage: +# ansible-playbook s3_registry.yml -e bucketname="mybucket" -e accesskey="S3 aws access key" -e secretkey="S3 aws secret key" -e master="master fqdn or IP" -i "master," +# +# Example: +# ansible-playbook s3_registry.yml -e accesskey="asdf" -e secretkey="hjkl" -e bucketname="testbucket" -e master="54.173.148.238" -i "54.173.148.238," +# +# The bucket name can be anything, but generally should correspond with your cluster name. +# The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. +# The 'master' param is the fqdn or public IP of your cluster's master. +# The -i param allows this playbook to be run on your master, even if it's not yet in your main inventory file. (The comma is mandatory). + +- hosts: "{{ master }}" + remote_user: root + gather_facts: False + + tasks: + + - name: Create S3 bucket + local_action: + module: s3 bucket={{ bucketname|quote }} mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }} + + - name: Generate docker registry config + template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 + + - name: Determine if new secrets are needed + command: oc get secrets + register: secrets + + - name: Create registry secrets + command: oc secrets new dockerregistry /root/config.yml + when: "'dockerregistry' not in secrets.stdout" + + - name: Determine if service account contains secrets + command: oc describe serviceaccount/registry + register: serviceaccount + + - name: Add secrets to registry service account + command: oc secrets add serviceaccount/registry secrets/dockerregistry + when: "'dockerregistry' not in serviceaccount.stdout" + + - name: Determine if deployment config contains secrets + command: oc volume dc/docker-registry --list + register: dc + + - name: Add secrets to registry deployment config + command: oc volume dc/docker-registry --add --name=dockersecrets -m /etc/registryconfig --type=secret --secret-name=dockerregistry + when: "'dockersecrets' not in dc.stdout" + + - name: Scale up registry + command: oc scale --replicas=1 dc/docker-registry + + - name: Delete temporary config file + file: path=/root/config.yml state=absent -- cgit v1.2.3 From 7b92ed264b5b33f498cea020d343f19ed80461ad Mon Sep 17 00:00:00 2001 From: Wesley Hearn Date: Thu, 24 Sep 2015 12:18:54 -0400 Subject: Add missing , --- bin/cluster | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/cluster b/bin/cluster index a19434e21..582327415 100755 --- a/bin/cluster +++ b/bin/cluster @@ -260,7 +260,7 @@ if __name__ == '__main__': choices=['origin', 'online', 'enterprise'], help='Deployment type. (default: origin)') meta_parser.add_argument('-T', '--product-type', - choices=['openshift' 'atomic-enterprise'], + choices=['openshift', 'atomic-enterprise'], help='Product type. (default: openshift)') meta_parser.add_argument('-o', '--option', action='append', help='options') -- cgit v1.2.3 From 9deff4bd696168111316dc366c1b193e02e08c8b Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 24 Sep 2015 11:56:30 -0700 Subject: added dynamic inventory support for single-master clusters --- playbooks/adhoc/s3_registry/s3_registry.j2 | 2 +- playbooks/adhoc/s3_registry/s3_registry.yml | 15 +++++---------- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2 index eb8660f6c..026b24456 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.j2 +++ b/playbooks/adhoc/s3_registry/s3_registry.j2 @@ -10,7 +10,7 @@ storage: accesskey: {{ accesskey }} secretkey: {{ secretkey }} region: us-east-1 - bucket: {{ bucketname }} + bucket: {{ clusterid }}-docker encrypt: true secure: true v4auth: true diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 61280df0b..30b873db3 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -1,17 +1,12 @@ --- -# This playbook creates an S3 bucket, if it doesn't already exist, and configures the docker registry service to use the bucket as its backend storage. +# This playbook creates an S3 bucket named after your cluster and configures the docker-registry service to use the bucket as its backend storage. # Usage: -# ansible-playbook s3_registry.yml -e bucketname="mybucket" -e accesskey="S3 aws access key" -e secretkey="S3 aws secret key" -e master="master fqdn or IP" -i "master," +# ansible-playbook s3_registry.yml -e accesskey="S3 aws access key" -e secretkey="S3 aws secret key" -e clusterid="mycluster" # -# Example: -# ansible-playbook s3_registry.yml -e accesskey="asdf" -e secretkey="hjkl" -e bucketname="testbucket" -e master="54.173.148.238" -i "54.173.148.238," -# -# The bucket name can be anything, but generally should correspond with your cluster name. # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. -# The 'master' param is the fqdn or public IP of your cluster's master. -# The -i param allows this playbook to be run on your master, even if it's not yet in your main inventory file. (The comma is mandatory). +# The 'clusterid' is the short name of your cluster. -- hosts: "{{ master }}" +- hosts: security_group_{{ clusterid }}_master remote_user: root gather_facts: False @@ -19,7 +14,7 @@ - name: Create S3 bucket local_action: - module: s3 bucket={{ bucketname|quote }} mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }} + module: s3 bucket="{{ clusterid }}-docker" mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }} - name: Generate docker registry config template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 -- cgit v1.2.3 From 71b3ea3b3c62781c8306a0e88d21139994fde3fa Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Fri, 25 Sep 2015 13:16:03 +0200 Subject: Fix bullets in libvirt readme --- README_libvirt.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README_libvirt.md b/README_libvirt.md index 60af0ac88..1a710ff3b 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -68,7 +68,12 @@ If your `$HOME` is world readable, everything is fine. If your `$HOME` is privat error: Cannot access storage file '$HOME/libvirt-storage-pool-openshift/lenaic-master-216d8.qcow2' (as uid:99, gid:78): Permission denied ``` -In order to fix that issue, you have several possibilities:* set `libvirt_storage_pool_path` inside `playbooks/libvirt/openshift-cluster/launch.yml` and `playbooks/libvirt/openshift-cluster/terminate.yml` to a directory: * backed by a filesystem with a lot of free disk space * writable by your user; * accessible by the qemu user.* Grant the qemu user access to the storage pool. +In order to fix that issue, you have several possibilities: + * set `libvirt_storage_pool_path` inside `playbooks/libvirt/openshift-cluster/launch.yml` and `playbooks/libvirt/openshift-cluster/terminate.yml` to a directory: + * backed by a filesystem with a lot of free disk space + * writable by your user; + * accessible by the qemu user. + * Grant the qemu user access to the storage pool. On Arch: -- cgit v1.2.3 From 19f91f7b7844ec3c89d8ee0e6a6c08655e897266 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 25 Sep 2015 12:05:03 -0400 Subject: added support for dynaic keys and items. added dynamic filesystems to zabbix --- roles/lib_zabbix/tasks/create_template.yml | 28 ++++++++++++++++++++++++++++ roles/os_zabbix/vars/template_os_linux.yml | 18 ++++++++++++++++++ 2 files changed, 46 insertions(+) diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index fd0cdd46f..b4821bdc7 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -52,3 +52,31 @@ url: "{{ item.url | default(None, True) }}" with_items: template.ztriggers when: template.ztriggers is defined + +- name: Create Discoveryrules + zbx_discoveryrule: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ item.name }}" + key: "{{ item.key }}" + lifetime: "{{ item.lifetime }}" + template_name: "{{ template.name }}" + description: "{{ item.description | default('', True) }}" + with_items: template.zdiscoveryrules + when: template.zdiscoveryrules is defined + +- name: Create Item Prototype + zbx_itemprototype: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ item.name }}" + key: "{{ item.key }}" + discoveryrule_key: "{{ item.discoveryrule_key }}" + value_type: "{{ item.value_type }}" + template_name: "{{ template.name }}" + applications: "{{ item.applications }}" + description: "{{ item.description | default('', True) }}" + with_items: template.zitemprototypes + when: template.zitemprototypes is defined diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 3173c79b2..84a7740b0 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -191,6 +191,24 @@ g_template_os_linux: - Disk value_type: float + + zdiscoveryrules: + - name: disc.filesys + key: disc.filesys + lifetime: 1 + template_name: Template OS Linux + description: "Dynamically register the filesystems" + + zitemprototypes: + - discoveryrule_key: disc.filesys + template_name: Template OS Linux + name: "disc.filesys.full.{#OSO_FILESYS}" + key: "disc.filesys.full[{#OSO_FILESYS}]" + value_type: float + description: "PCP filesys.full option. This is the percent full returned from pcp filesys.full" + applications: + - Disk + ztriggers: - name: 'Filesystem: / has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' -- cgit v1.2.3 From 10c85e1e5f283f7e0fa788b43b022314284dc776 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 23 Sep 2015 17:31:05 -0400 Subject: Initial stab at zabbix actions --- roles/lib_zabbix/library/zbx_action.py | 538 +++++++++++++++++++++++++++++++++ 1 file changed, 538 insertions(+) create mode 100644 roles/lib_zabbix/library/zbx_action.py diff --git a/roles/lib_zabbix/library/zbx_action.py b/roles/lib_zabbix/library/zbx_action.py new file mode 100644 index 000000000..d64cebae1 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_action.py @@ -0,0 +1,538 @@ +#!/usr/bin/env python +''' + Ansible module for zabbix actions +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix action ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection, ZabbixAPIError + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def conditions_equal(zab_conditions, user_conditions): + '''Compare two lists of conditions''' + c_type = 'conditiontype' + _op = 'operator' + val = 'value' + if len(user_conditions) != len(zab_conditions): + return False + + for zab_cond, user_cond in zip(zab_conditions, user_conditions): + if zab_cond[c_type] != str(user_cond[c_type]) or zab_cond[_op] != str(user_cond[_op]) or \ + zab_cond[val] != str(user_cond[val]): + return False + + return True + +def filter_differences(zabbix_filters, user_filters): + '''Determine the differences from user and zabbix for operations''' + rval = {} + for key, val in user_filters.items(): + + if key == 'conditions': + if not conditions_equal(zabbix_filters[key], val): + rval[key] = val + + elif zabbix_filters[key] != str(val): + rval[key] = val + + return rval + +# This logic is quite complex. We are comparing two lists of dictionaries. +# The outer for-loops allow us to descend down into both lists at the same time +# and then walk over the key,val pairs of the incoming user dict's changes +# or updates. The if-statements are looking at different sub-object types and +# comparing them. The other suggestion on how to write this is to write a recursive +# compare function but for the time constraints and for complexity I decided to go +# this route. +# pylint: disable=too-many-branches +def operation_differences(zabbix_ops, user_ops): + '''Determine the differences from user and zabbix for operations''' + + # if they don't match, take the user options + if len(zabbix_ops) != len(user_ops): + return user_ops + + rval = {} + for zab, user in zip(zabbix_ops, user_ops): + for key, val in user.items(): + if key == 'opconditions': + for z_cond, u_cond in zip(zab[key], user[key]): + if not all([str(u_cond[op_key]) == z_cond[op_key] for op_key in \ + ['conditiontype', 'operator', 'value']]): + rval[key] = val + break + elif key == 'opmessage': + # Verify each passed param matches + for op_msg_key, op_msg_val in val.items(): + if zab[key][op_msg_key] != str(op_msg_val): + rval[key] = val + break + + elif key == 'opmessage_grp': + zab_grp_ids = set([ugrp['usrgrpid'] for ugrp in zab[key]]) + usr_grp_ids = set([ugrp['usrgrpid'] for ugrp in val]) + if usr_grp_ids != zab_grp_ids: + rval[key] = val + + elif key == 'opmessage_usr': + zab_usr_ids = set([usr['userid'] for usr in zab[key]]) + usr_ids = set([usr['userid'] for usr in val]) + if usr_ids != zab_usr_ids: + rval[key] = val + + elif zab[key] != str(val): + rval[key] = val + return rval + +def get_users(zapi, users): + '''get the mediatype id from the mediatype name''' + rval_users = [] + + for user in users: + content = zapi.get_content('user', + 'get', + {'filter': {'alias': user}}) + rval_users.append({'userid': content['result'][0]['userid']}) + + return rval_users + +def get_user_groups(zapi, groups): + '''get the mediatype id from the mediatype name''' + user_groups = [] + + content = zapi.get_content('usergroup', + 'get', + {'search': {'name': groups}}) + + for usr_grp in content['result']: + user_groups.append({'usrgrpid': usr_grp['usrgrpid']}) + + return user_groups + +def get_mediatype_id_by_name(zapi, m_name): + '''get the mediatype id from the mediatype name''' + content = zapi.get_content('mediatype', + 'get', + {'filter': {'description': m_name}}) + + return content['result'][0]['mediatypeid'] + +def get_priority(priority): + ''' determine priority + ''' + prior = 0 + if 'info' in priority: + prior = 1 + elif 'warn' in priority: + prior = 2 + elif 'avg' == priority or 'ave' in priority: + prior = 3 + elif 'high' in priority: + prior = 4 + elif 'dis' in priority: + prior = 5 + + return prior + +def get_event_source(from_src): + '''Translate even str into value''' + choices = ['trigger', 'discovery', 'auto', 'internal'] + rval = 0 + try: + rval = choices.index(from_src) + except ValueError as _: + ZabbixAPIError('Value not found for event source [%s]' % from_src) + + return rval + +def get_status(inc_status): + '''determine status for action''' + rval = 1 + if inc_status == 'enabled': + rval = 0 + + return rval + +def get_condition_operator(inc_operator): + ''' determine the condition operator''' + vals = {'=': 0, + '<>': 1, + 'like': 2, + 'not like': 3, + 'in': 4, + '>=': 5, + '<=': 6, + 'not in': 7, + } + + return vals[inc_operator] + +def get_host_id_by_name(zapi, host_name): + '''Get host id by name''' + content = zapi.get_content('host', + 'get', + {'filter': {'name': host_name}}) + + return content['result'][0]['hostid'] + +def get_trigger_value(inc_trigger): + '''determine the proper trigger value''' + rval = 1 + if inc_trigger == 'PROBLEM': + rval = 1 + else: + rval = 0 + + return rval + +def get_template_id_by_name(zapi, t_name): + '''get the template id by name''' + content = zapi.get_content('template', + 'get', + {'filter': {'host': t_name}}) + + return content['result'][0]['templateid'] + + +def get_host_group_id_by_name(zapi, hg_name): + '''Get hostgroup id by name''' + content = zapi.get_content('hostgroup', + 'get', + {'filter': {'name': hg_name}}) + + return content['result'][0]['groupid'] + +def get_condition_type(event_source, inc_condition): + '''determine the condition type''' + c_types = {} + if event_source == 'trigger': + c_types = {'host group': 0, + 'host': 1, + 'trigger': 2, + 'trigger name': 3, + 'trigger severity': 4, + 'trigger value': 5, + 'time period': 6, + 'host template': 13, + 'application': 15, + 'maintenance status': 16, + } + + elif event_source == 'discovery': + c_types = {'host IP': 7, + 'discovered service type': 8, + 'discovered service port': 9, + 'discovery status': 10, + 'uptime or downtime duration': 11, + 'received value': 12, + 'discovery rule': 18, + 'discovery check': 19, + 'proxy': 20, + 'discovery object': 21, + } + + elif event_source == 'auto': + c_types = {'proxy': 20, + 'host name': 22, + 'host metadata': 24, + } + + elif event_source == 'internal': + c_types = {'host group': 0, + 'host': 1, + 'host template': 13, + 'application': 15, + 'event type': 23, + } + else: + raise ZabbixAPIError('Unkown event source %s' % event_source) + + return c_types[inc_condition] + +def get_operation_type(inc_operation): + ''' determine the correct operation type''' + o_types = {'send message': 0, + 'remote command': 1, + 'add host': 2, + 'remove host': 3, + 'add to host group': 4, + 'remove from host group': 5, + 'link to template': 6, + 'unlink from template': 7, + 'enable host': 8, + 'disable host': 9, + } + + return o_types[inc_operation] + +def get_action_operations(zapi, inc_operations): + '''Convert the operations into syntax for api''' + for operation in inc_operations: + operation['operationtype'] = get_operation_type(operation['operationtype']) + if operation['operationtype'] == 0: # send message. Need to fix the + operation['opmessage']['mediatypeid'] = \ + get_mediatype_id_by_name(zapi, operation['opmessage']['mediatypeid']) + operation['opmessage_grp'] = get_user_groups(zapi, operation.get('opmessage_grp', [])) + operation['opmessage_usr'] = get_users(zapi, operation.get('opmessage_usr', [])) + if operation['opmessage']['default_msg']: + operation['opmessage']['default_msg'] = 1 + else: + operation['opmessage']['default_msg'] = 0 + + # NOT supported for remote commands + elif operation['operationtype'] == 1: + continue + + # Handle Operation conditions: + # Currently there is only 1 available which + # is 'event acknowledged'. In the future + # if there are any added we will need to pass this + # option to a function and return the correct conditiontype + if operation.has_key('opconditions'): + for condition in operation['opconditions']: + if condition['conditiontype'] == 'event acknowledged': + condition['conditiontype'] = 14 + + if condition['operator'] == '=': + condition['operator'] = 0 + + if condition['value'] == 'acknowledged': + condition['operator'] = 1 + else: + condition['operator'] = 0 + + + return inc_operations + +def get_operation_evaltype(inc_type): + '''get the operation evaltype''' + rval = 0 + if inc_type == 'and/or': + rval = 0 + elif inc_type == 'and': + rval = 1 + elif inc_type == 'or': + rval = 2 + elif inc_type == 'custom': + rval = 3 + + return rval + +def get_action_conditions(zapi, event_source, inc_conditions): + '''Convert the conditions into syntax for api''' + + calc_type = inc_conditions.pop('calculation_type') + inc_conditions['evaltype'] = get_operation_evaltype(calc_type) + for cond in inc_conditions['conditions']: + + cond['operator'] = get_condition_operator(cond['operator']) + # Based on conditiontype we need to set the proper value + # e.g. conditiontype = hostgroup then the value needs to be a hostgroup id + # e.g. conditiontype = host the value needs to be a host id + cond['conditiontype'] = get_condition_type(event_source, cond['conditiontype']) + if cond['conditiontype'] == 0: + cond['value'] = get_host_group_id_by_name(zapi, cond['value']) + elif cond['conditiontype'] == 1: + cond['value'] = get_host_id_by_name(zapi, cond['value']) + elif cond['conditiontype'] == 4: + cond['value'] = get_priority(cond['value']) + + elif cond['conditiontype'] == 5: + cond['value'] = get_trigger_value(cond['value']) + elif cond['conditiontype'] == 13: + cond['value'] = get_template_id_by_name(zapi, cond['value']) + elif cond['conditiontype'] == 16: + cond['value'] = '' + + return inc_conditions + + +def get_send_recovery(send_recovery): + '''Get the integer value''' + rval = 0 + if send_recovery: + rval = 1 + + return rval + +# The branches are needed for CRUD and error handling +# pylint: disable=too-many-branches +def main(): + ''' + ansible zabbix module for zbx_item + ''' + + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), + zbx_debug=dict(default=False, type='bool'), + + name=dict(default=None, type='str'), + event_source=dict(default='trigger', choices=['trigger', 'discovery', 'auto', 'internal'], type='str'), + action_subject=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}", type='str'), + action_message=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}\r\n" + + "Last value: {ITEM.LASTVALUE}\r\n\r\n{TRIGGER.URL}", type='str'), + reply_subject=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}", type='str'), + reply_message=dict(default="Trigger: {TRIGGER.NAME}\r\nTrigger status: {TRIGGER.STATUS}\r\n" + + "Trigger severity: {TRIGGER.SEVERITY}\r\nTrigger URL: {TRIGGER.URL}\r\n\r\n" + + "Item values:\r\n\r\n1. {ITEM.NAME1} ({HOST.NAME1}:{ITEM.KEY1}): " + + "{ITEM.VALUE1}\r\n2. {ITEM.NAME2} ({HOST.NAME2}:{ITEM.KEY2}): " + + "{ITEM.VALUE2}\r\n3. {ITEM.NAME3} ({HOST.NAME3}:{ITEM.KEY3}): " + + "{ITEM.VALUE3}", type='str'), + send_recovery=dict(default=False, type='bool'), + status=dict(default=None, type='str'), + escalation_time=dict(default=60, type='int'), + conditions_filter=dict(default=None, type='dict'), + operations=dict(default=None, type='list'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'action' + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'search': {'name': module.params['name']}, + 'selectFilter': 'extend', + 'selectOperations': 'extend', + }) + + #******# + # GET + #******# + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + #******# + # DELETE + #******# + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']]) + module.exit_json(changed=True, results=content['result'], state="absent") + + # Create and Update + if state == 'present': + + conditions = get_action_conditions(zapi, module.params['event_source'], module.params['conditions_filter']) + operations = get_action_operations(zapi, module.params['operations']) + params = {'name': module.params['name'], + 'esc_period': module.params['escalation_time'], + 'eventsource': get_event_source(module.params['event_source']), + 'status': get_status(module.params['status']), + 'def_shortdata': module.params['action_subject'], + 'def_longdata': module.params['action_message'], + 'r_shortdata': module.params['reply_subject'], + 'r_longdata': module.params['reply_message'], + 'recovery_msg': get_send_recovery(module.params['send_recovery']), + 'filter': conditions, + 'operations': operations, + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# + if not exists(content): + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + + + ######## + # UPDATE + ######## + _ = params.pop('hostid', None) + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'operations': + ops = operation_differences(zab_results[key], value) + if ops: + differences[key] = ops + + elif key == 'filter': + filters = filter_differences(zab_results[key], value) + if filters: + differences[key] = filters + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update. + # action update requires an id, filters, and operations + differences['actionid'] = zab_results['actionid'] + differences['operations'] = params['operations'] + differences['filter'] = params['filter'] + content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() -- cgit v1.2.3 From 920fd5c2f6c6f9e588375f644d526e095194a479 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 25 Sep 2015 15:11:22 -0400 Subject: Updates to zbx_user_media --- roles/lib_zabbix/library/zbx_user_media.py | 53 +++++++++++++++++++++++++----- 1 file changed, 44 insertions(+), 9 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py index 3f7760475..9ed838f81 100644 --- a/roles/lib_zabbix/library/zbx_user_media.py +++ b/roles/lib_zabbix/library/zbx_user_media.py @@ -54,8 +54,8 @@ def get_mtype(zapi, mtype): except ValueError: pass - content = zapi.get_content('mediatype', 'get', {'search': {'description': mtype}}) - if content.has_key['result'] and content['result']: + content = zapi.get_content('mediatype', 'get', {'filter': {'description': mtype}}) + if content.has_key('result') and content['result']: return content['result'][0]['mediatypeid'] return None @@ -63,7 +63,7 @@ def get_mtype(zapi, mtype): def get_user(zapi, user): ''' Get userids from user aliases ''' - content = zapi.get_content('user', 'get', {'search': {'alias': user}}) + content = zapi.get_content('user', 'get', {'filter': {'alias': user}}) if content['result']: return content['result'][0] @@ -104,15 +104,17 @@ def find_media(medias, user_media): ''' Find the user media in the list of medias ''' for media in medias: - if all([media[key] == user_media[key] for key in user_media.keys()]): + if all([media[key] == str(user_media[key]) for key in user_media.keys()]): return media return None -def get_active(in_active): +def get_active(is_active): '''Determine active value + 0 - enabled + 1 - disabled ''' active = 1 - if in_active: + if is_active: active = 0 return active @@ -128,6 +130,21 @@ def get_mediatype(zapi, mediatype, mediatype_desc): return mtypeid +def preprocess_medias(zapi, medias): + ''' Insert the correct information when processing medias ''' + for media in medias: + # Fetch the mediatypeid from the media desc (name) + if media.has_key('mediatype'): + media['mediatypeid'] = get_mediatype(zapi, mediatype=None, mediatype_desc=media.pop('mediatype')) + + media['active'] = get_active(media.get('active')) + media['severity'] = int(get_severity(media['severity'])) + + return medias + +# Disabling branching as the logic requires branches. +# I've also added a few safeguards which required more branches. +# pylint: disable=too-many-branches def main(): ''' Ansible zabbix module for mediatype @@ -166,11 +183,17 @@ def main(): # User media is fetched through the usermedia.get zbx_user_query = get_zbx_user_query_data(zapi, module.params['login']) - content = zapi.get_content('usermedia', 'get', zbx_user_query) - + content = zapi.get_content('usermedia', 'get', + {'userids': [uid for user, uid in zbx_user_query.items()]}) + ##### + # Get + ##### if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") + ######## + # Delete + ######## if state == 'absent': if not exists(content) or len(content['result']) == 0: module.exit_json(changed=False, state="absent") @@ -178,13 +201,14 @@ def main(): if not module.params['login']: module.exit_json(failed=True, changed=False, results='Must specifiy a user login.', state="absent") - content = zapi.get_content(zbx_class_name, 'deletemedia', [content['result'][0][idname]]) + content = zapi.get_content(zbx_class_name, 'deletemedia', [res[idname] for res in content['result']]) if content.has_key('error'): module.exit_json(changed=False, results=content['error'], state="absent") module.exit_json(changed=True, results=content['result'], state="absent") + # Create and Update if state == 'present': active = get_active(module.params['active']) mtypeid = get_mediatype(zapi, module.params['mediatype'], module.params['mediatype_desc']) @@ -197,13 +221,21 @@ def main(): 'severity': int(get_severity(module.params['severity'])), 'period': module.params['period'], }] + else: + medias = preprocess_medias(zapi, medias) params = {'users': [zbx_user_query], 'medias': medias, 'output': 'extend', } + ######## + # Create + ######## if not exists(content): + if not params['medias']: + module.exit_json(changed=False, results=content['result'], state='present') + # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'addmedia', params) @@ -216,6 +248,9 @@ def main(): # If user params exists, check to see if they already exist in zabbix # if they exist, then return as no update # elif they do not exist, then take user params only + ######## + # Update + ######## diff = {'medias': [], 'users': {}} _ = [diff['medias'].append(media) for media in params['medias'] if not find_media(content['result'], media)] -- cgit v1.2.3 From 9646ab206e5984ede420500343ccba5b81dd6187 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Mon, 28 Sep 2015 10:40:23 -0400 Subject: Only continue to merge facts if both old and new values are type dict. --- roles/openshift_facts/library/openshift_facts.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 991b8da66..f708f9bac 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -644,7 +644,7 @@ def merge_facts(orig, new): facts = dict() for key, value in orig.iteritems(): if key in new: - if isinstance(value, dict): + if isinstance(value, dict) and isinstance(new[key], dict): facts[key] = merge_facts(value, new[key]) else: facts[key] = copy.copy(new[key]) -- cgit v1.2.3 From 3a15b711e8d47e7365e361534533c28e234e87d3 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Mon, 28 Sep 2015 12:03:43 -0400 Subject: Trigger prototype support --- roles/lib_zabbix/library/zbx_trigger.py | 14 ++ roles/lib_zabbix/library/zbx_triggerprototype.py | 177 +++++++++++++++++++++++ roles/lib_zabbix/tasks/create_template.yml | 15 +- roles/os_zabbix/vars/template_os_linux.yml | 11 ++ 4 files changed, 216 insertions(+), 1 deletion(-) create mode 100644 roles/lib_zabbix/library/zbx_triggerprototype.py diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index a05de7e68..8a7b29d07 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -74,6 +74,18 @@ def get_deps(zapi, deps): return results + +def get_trigger_status(inc_status): + ''' Determine the trigger's status + 0 is enabled + 1 is disabled + ''' + r_status = 0 + if inc_status == 'disabled': + r_status = 1 + + return r_status + def main(): ''' Create a trigger in zabbix @@ -103,6 +115,7 @@ def main(): dependencies=dict(default=[], type='list'), priority=dict(default='avg', type='str'), url=dict(default=None, type='str'), + status=dict(default=None, type='str'), state=dict(default='present', type='str'), ), #supports_check_mode=True @@ -145,6 +158,7 @@ def main(): 'dependencies': get_deps(zapi, module.params['dependencies']), 'priority': get_priority(module.params['priority']), 'url': module.params['url'], + 'status': get_trigger_status(module.params['status']), } # Remove any None valued params diff --git a/roles/lib_zabbix/library/zbx_triggerprototype.py b/roles/lib_zabbix/library/zbx_triggerprototype.py new file mode 100644 index 000000000..c1224b268 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_triggerprototype.py @@ -0,0 +1,177 @@ +#!/usr/bin/env python +''' +ansible module for zabbix triggerprototypes +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix triggerprototypes ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_priority(priority): + ''' determine priority + ''' + prior = 0 + if 'info' in priority: + prior = 1 + elif 'warn' in priority: + prior = 2 + elif 'avg' == priority or 'ave' in priority: + prior = 3 + elif 'high' in priority: + prior = 4 + elif 'dis' in priority: + prior = 5 + + return prior + +def get_trigger_status(inc_status): + ''' Determine the trigger's status + 0 is enabled + 1 is disabled + ''' + r_status = 0 + if inc_status == 'disabled': + r_status = 1 + + return r_status + + +def main(): + ''' + Create a triggerprototype in zabbix + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + expression=dict(default=None, type='str'), + description=dict(default=None, type='str'), + priority=dict(default='avg', type='str'), + url=dict(default=None, type='str'), + status=dict(default=None, type='str'), + state=dict(default='present', type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'triggerprototype' + idname = "triggerid" + state = module.params['state'] + tname = module.params['name'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'filter': {'description': tname}, + 'expandExpression': True, + 'selectDependencies': 'triggerid', + }) + + # Get + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + # Delete + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]]) + module.exit_json(changed=True, results=content['result'], state="absent") + + # Create and Update + if state == 'present': + params = {'description': tname, + 'comments': module.params['description'], + 'expression': module.params['expression'], + 'priority': get_priority(module.params['priority']), + 'url': module.params['url'], + 'status': get_trigger_status(module.params['status']), + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# + if not exists(content): + # if we didn't find it, create it + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + + ######## + # UPDATE + ######## + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + # We have differences and need to update + differences[idname] = zab_results[idname] + content = zapi.get_content(zbx_class_name, 'update', differences) + module.exit_json(changed=True, results=content['result'], state="present") + + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index b4821bdc7..62259b680 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -66,7 +66,7 @@ with_items: template.zdiscoveryrules when: template.zdiscoveryrules is defined -- name: Create Item Prototype +- name: Create Item Prototypes zbx_itemprototype: zbx_server: "{{ server }}" zbx_user: "{{ user }}" @@ -80,3 +80,16 @@ description: "{{ item.description | default('', True) }}" with_items: template.zitemprototypes when: template.zitemprototypes is defined + +- name: Create Trigger Prototypes + zbx_triggerprototype: + zbx_server: "{{ server }}" + zbx_user: "{{ user }}" + zbx_password: "{{ password }}" + name: "{{ item.name }}" + expression: "{{ item.expression }}" + url: "{{ item.url | default('', True) }}" + priority: "{{ item.priority | default('average', True) }}" + description: "{{ item.description | default('', True) }}" + with_items: template.ztriggerprototypes + when: template.ztriggerprototypes is defined diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 84a7740b0..3c29c5d16 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -209,6 +209,17 @@ g_template_os_linux: applications: - Disk + ztriggerprototypes: + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: warn + + - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>95' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: high + ztriggers: - name: 'Filesystem: / has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' -- cgit v1.2.3 From 1cca69d33920681b1040987a4b9681216703d99d Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Mon, 28 Sep 2015 14:43:22 -0400 Subject: Added some debug when zbxapi has an issue --- roles/lib_zabbix/library/zbx_trigger.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index 8a7b29d07..21d0fcfd2 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -170,6 +170,10 @@ def main(): if not exists(content): # if we didn't find it, create it content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + module.exit_json(changed=True, results=content['result'], state='present') ######## -- cgit v1.2.3 From 2a4b5b7322c8b0c8e84aae43d1ff411259bf9b61 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 29 Sep 2015 11:16:25 -0400 Subject: added the grow_docker_vg adhoc playbook --- .../grow_docker_vg/filter_plugins/oo_filters.py | 41 +++++ playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml | 204 +++++++++++++++++++++ 2 files changed, 245 insertions(+) create mode 100644 playbooks/adhoc/grow_docker_vg/filter_plugins/oo_filters.py create mode 100644 playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml diff --git a/playbooks/adhoc/grow_docker_vg/filter_plugins/oo_filters.py b/playbooks/adhoc/grow_docker_vg/filter_plugins/oo_filters.py new file mode 100644 index 000000000..d0264cde9 --- /dev/null +++ b/playbooks/adhoc/grow_docker_vg/filter_plugins/oo_filters.py @@ -0,0 +1,41 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# vim: expandtab:tabstop=4:shiftwidth=4 +''' +Custom filters for use in openshift-ansible +''' + +import pdb + + +class FilterModule(object): + ''' Custom ansible filters ''' + + @staticmethod + def oo_pdb(arg): + ''' This pops you into a pdb instance where arg is the data passed in + from the filter. + Ex: "{{ hostvars | oo_pdb }}" + ''' + pdb.set_trace() + return arg + + @staticmethod + def translate_volume_name(volumes, target_volume): + ''' + This filter matches a device string /dev/sdX to /dev/xvdX + It will then return the AWS volume ID + ''' + for vol in volumes: + translated_name = vol["attachment_set"]["device"].replace("/dev/sd", "/dev/xvd") + if target_volume.startswith(translated_name): + return vol["id"] + + return None + + + def filters(self): + ''' returns a mapping of filters to methods ''' + return { + "translate_volume_name": self.translate_volume_name, + } diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml new file mode 100644 index 000000000..a88553ac0 --- /dev/null +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -0,0 +1,204 @@ +--- +# This playbook grows the docker VG on a node by: +# * add a new volume +# * add volume to the existing VG. +# * pv move to the new volume. +# * remove old volume +# * detach volume +# * mark old volume in AWS with "REMOVE ME" tag +# * grow docker LVM to 90% of the VG +# +# To run: +# 1. Source your AWS credentials (make sure it's the corresponding AWS account) into your environment +# export AWS_ACCESS_KEY_ID='XXXXX' +# export AWS_SECRET_ACCESS_KEY='XXXXXX' +# +# 2. run the playbook: +# ansible-playbook -e 'cli_tag_name=' grow_docker_vg.yml +# +# Example: +# ansible-playbook -e 'cli_tag_name=ops-compute-12345' grow_docker_vg.yml +# +# Notes: +# * By default this will do a 55GB GP2 volume. The can be overidden with the "-e 'cli_volume_size=100'" variable +# * This does a GP2 by default. Support for Provisioned IOPS has not been added +# * This will assign the new volume to /dev/xvdc. This is not variablized, yet. +# * This can be done with NO downtime on the host +# + +- name: Grow the docker volume group + hosts: "tag_Name_{{ cli_tag_name }}" + user: root + connection: ssh + gather_facts: no + + vars: + cli_volume_type: gp2 + cli_volume_size: 55 +# cli_volume_iops: "{{ 30 * cli_volume_size }}" + + pre_tasks: + - fail: + msg: "This playbook requires {{item}} to be set." + when: "{{ item }} is not defined or {{ item }} == ''" + with_items: + - cli_tag_name + - cli_volume_size + + - debug: + var: hosts + + - name: start docker + service: + name: docker + state: started + + - name: Determine if Storage Driver (docker info) is devicemapper + shell: docker info | grep 'Storage Driver:.*devicemapper' + register: device_mapper_check + ignore_errors: yes + + - debug: + var: device_mapper_check + + - name: fail if we don't detect devicemapper + fail: + msg: The "Storage Driver" in "docker info" is not set to "devicemapper"! Please investigate manually. + when: device_mapper_check.rc == 1 + + # docker-storage-setup creates a docker-pool as the lvm. I am using docker-pool lvm to test + # and find the volume group. + - name: Attempt to find the Volume Group that docker is using + shell: lvs | grep docker-pool | awk '{print $2}' + register: docker_vg_name + ignore_errors: yes + + - debug: + var: docker_vg_name + + - name: fail if we don't find a docker volume group + fail: + msg: Unable to find docker volume group. Please investigate manually. + when: docker_vg_name.stdout_lines|length != 1 + + # docker-storage-setup creates a docker-pool as the lvm. I am using docker-pool lvm to test + # and find the physical volume. + - name: Attempt to find the Phyisical Volume that docker is using + shell: "pvs | grep {{ docker_vg_name.stdout }} | awk '{print $1}'" + register: docker_pv_name + ignore_errors: yes + + - debug: + var: docker_pv_name + + - name: fail if we don't find a docker physical volume + fail: + msg: Unable to find docker physical volume. Please investigate manually. + when: docker_pv_name.stdout_lines|length != 1 + + + - name: get list of volumes from AWS + delegate_to: localhost + ec2_vol: + state: list + instance: "{{ ec2_id }}" + region: "{{ ec2_region }}" + register: attached_volumes + + - debug: var=attached_volumes + + - name: get volume id of current docker volume + set_fact: + old_docker_volume_id: "{{ attached_volumes.volumes | translate_volume_name(docker_pv_name.stdout) }}" + + - debug: var=old_docker_volume_id + + - name: check to see if /dev/xvdc exists + command: test -e /dev/xvdc + register: xvdc_check + ignore_errors: yes + + - debug: var=xvdc_check + + - name: fail if /dev/xvdc already exists + fail: + msg: /dev/xvdc already exists. Please investigate + when: xvdc_check.rc == 0 + + - name: Create a volume and attach it + delegate_to: localhost + ec2_vol: + state: present + instance: "{{ ec2_id }}" + region: "{{ ec2_region }}" + volume_size: "{{ cli_volume_size | default(30, True)}}" + volume_type: "{{ cli_volume_type }}" + device_name: /dev/xvdc + register: create_volume + + - debug: var=create_volume + + - name: Fail when problems creating volumes and attaching + fail: + msg: "Failed to create or attach volume msg: {{ create_volume.msg }}" + when: create_volume.msg is defined + + - name: tag the vol with a name + delegate_to: localhost + ec2_tag: region={{ ec2_region }} resource={{ create_volume.volume_id }} + args: + tags: + Name: "{{ ec2_tag_Name }}" + env: "{{ ec2_tag_environment }}" + register: voltags + + - name: check for attached drive + command: test -b /dev/xvdc + register: attachment_check + until: attachment_check.rc == 0 + retries: 30 + delay: 2 + + - name: partition the new drive and make it lvm + command: parted /dev/xvdc --script -- mklabel msdos mkpart primary 0% 100% set 1 lvm + + - name: pvcreate /dev/xvdc + command: pvcreate /dev/xvdc1 + + - name: Extend the docker volume group + command: vgextend "{{ docker_vg_name.stdout }}" /dev/xvdc1 + + - name: pvmove onto new volume + command: "pvmove {{ docker_pv_name.stdout }} /dev/xvdc1" + async: 3600 + poll: 10 + + - name: Remove the old docker drive from the volume group + command: "vgreduce {{ docker_vg_name.stdout }} {{ docker_pv_name.stdout }}" + + - name: Remove the pv from the old drive + command: "pvremove {{ docker_pv_name.stdout }}" + + - name: Extend the docker lvm + command: "lvextend -l '90%VG' /dev/{{ docker_vg_name.stdout }}/docker-pool" + + - name: detach old docker volume + delegate_to: localhost + ec2_vol: + region: "{{ ec2_region }}" + id: "{{ old_docker_volume_id }}" + instance: None + + - name: tag the old vol valid label + delegate_to: localhost + ec2_tag: region={{ ec2_region }} resource={{old_docker_volume_id}} + args: + tags: + Name: "{{ ec2_tag_Name }} REMOVE ME" + register: voltags + + - name: Update the /etc/sysconfig/docker-storage-setup with new device + lineinfile: + dest: /etc/sysconfig/docker-storage-setup + regexp: ^DEVS= + line: DEVS=/dev/xvdc -- cgit v1.2.3 From 11f0f570243d39bb2e96bfd64ef9d180163c5c38 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 29 Sep 2015 11:40:42 -0400 Subject: added comment to the grow_docker_vg playbook --- playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml index a88553ac0..ef9b45abd 100644 --- a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -24,6 +24,8 @@ # * This does a GP2 by default. Support for Provisioned IOPS has not been added # * This will assign the new volume to /dev/xvdc. This is not variablized, yet. # * This can be done with NO downtime on the host +# * This playbook assumes that there is a Logical Volume that is installed and called "docker-pool". This is +# the LV that gets created via the "docker-storage-setup" command # - name: Grow the docker volume group -- cgit v1.2.3 From c51e19ce03e92f1a56a2044a61ef3f1cc00bfac9 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Tue, 29 Sep 2015 11:45:06 -0400 Subject: added pylint as a package to ansible-tower --- roles/ansible_tower/tasks/main.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml index c110a3b70..b7757214d 100644 --- a/roles/ansible_tower/tasks/main.yaml +++ b/roles/ansible_tower/tasks/main.yaml @@ -9,6 +9,7 @@ - ansible - telnet - ack + - pylint - name: download Tower setup get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no @@ -38,5 +39,3 @@ regexp: "^({{ item.option }})( *)=" line: '\1\2= {{ item.value }}' with_items: config_changes | default([], true) - - -- cgit v1.2.3 From e97fb3cb60863dc2733df71cdea3c2f3fb8ba76d Mon Sep 17 00:00:00 2001 From: Max Whittingham Date: Wed, 30 Sep 2015 08:39:15 -0500 Subject: Zabbix check and trigger for user count --- roles/os_zabbix/vars/template_openshift_master.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index c71e07910..f82771d59 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -13,6 +13,12 @@ g_template_openshift_master: applications: - Openshift Master + - key: openshift.master.user.count + description: Shows number of users in a cluster + type: int + applications: + - Openshift Master + ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' @@ -28,3 +34,9 @@ g_template_openshift_master: expression: '{Template Openshift Master:openshift.master.process.count.min(#3)}>1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: high + + - name: 'Number of users for Openshift Master on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.user.count.last(,3)}>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: info + -- cgit v1.2.3 From 902b9c5c77b4031fb9ebcdcd02fbbe6e07f59e72 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 30 Sep 2015 10:15:01 -0400 Subject: Point to advanced installation guide in READMEs --- README_AWS.md | 22 +++++++--------------- README_OSE.md | 17 ++--------------- README_origin.md | 18 ++---------------- 3 files changed, 11 insertions(+), 46 deletions(-) diff --git a/README_AWS.md b/README_AWS.md index c511741b9..3a5790eb3 100644 --- a/README_AWS.md +++ b/README_AWS.md @@ -154,18 +154,10 @@ Note: If no deployment type is specified, then the default is origin. ## Post-ansible steps -Create the default router -------------------------- -On the master host: -```sh -oadm router --create=true \ - --credentials=/etc/openshift/master/openshift-router.kubeconfig -``` - -Create the default docker-registry ----------------------------------- -On the master host: -```sh -oadm registry --create=true \ - --credentials=/etc/openshift/master/openshift-registry.kubeconfig -``` \ No newline at end of file + +You should now be ready to follow the **What's Next?** section of the advanced installation guide to deploy your router, registry, and other components. + +Refer to the advanced installation guide for your deployment type: + +* [OpenShift Enterprise](https://docs.openshift.com/enterprise/3.0/install_config/install/advanced_install.html#what-s-next) +* [OpenShift Origin](https://docs.openshift.org/latest/install_config/install/advanced_install.html#what-s-next) diff --git a/README_OSE.md b/README_OSE.md index cce1ec030..79ad07044 100644 --- a/README_OSE.md +++ b/README_OSE.md @@ -101,6 +101,7 @@ ose3-master.example.com # host group for nodes [nodes] +ose3-master.example.com ose3-node[1:2].example.com ``` @@ -116,22 +117,8 @@ ansible-playbook playbooks/byo/config.yml inventory file use the -i option for ansible-playbook. ## Post-ansible steps -#### Create the default router -On the master host: -```sh -oadm router --create=true \ - --credentials=/etc/openshift/master/openshift-router.kubeconfig \ - --images='rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version}' -``` -#### Create the default docker-registry -On the master host: -```sh -oadm registry --create=true \ - --credentials=/etc/openshift/master/openshift-registry.kubeconfig \ - --images='rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version}' \ - --mount-host=/var/lib/openshift/docker-registry -``` +You should now be ready to follow the [What's Next?](https://docs.openshift.com/enterprise/3.0/install_config/install/advanced_install.html#what-s-next) section of the advanced installation guide to deploy your router, registry, and other components. ## Overriding detected ip addresses and hostnames Some deployments will require that the user override the detected hostnames diff --git a/README_origin.md b/README_origin.md index f13fe660a..cb213a93a 100644 --- a/README_origin.md +++ b/README_origin.md @@ -73,6 +73,7 @@ osv3-master.example.com # host group for nodes [nodes] +osv3-master.example.com osv3-node[1:2].example.com ``` @@ -88,23 +89,8 @@ ansible-playbook playbooks/byo/config.yml inventory file use the -i option for ansible-playbook. ## Post-ansible steps -#### Create the default router -On the master host: -```sh -oadm router --create=true \ - --credentials=/etc/openshift/master/openshift-router.kubeconfig -``` - -#### Create the default docker-registry -On the master host: -```sh -oadm registry --create=true \ - --credentials=/etc/openshift/master/openshift-registry.kubeconfig -``` -If you would like persistent storage, refer to the -[OpenShift documentation](https://docs.openshift.org/latest/admin_guide/install/docker_registry.html) -for more information on deployment options for the built in docker-registry. +You should now be ready to follow the [What's Next?](https://docs.openshift.org/latest/install_config/install/advanced_install.html#what-s-next) section of the advanced installation guide to deploy your router, registry, and other components. ## Overriding detected ip addresses and hostnames Some deployments will require that the user override the detected hostnames -- cgit v1.2.3 From 0c24b639653d01ce4a0a730f9c579cfc30ec853b Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 30 Sep 2015 14:28:52 -0400 Subject: Updating these to the correct type --- roles/os_zabbix/vars/template_os_linux.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 3c29c5d16..fe72f003b 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -10,17 +10,17 @@ g_template_os_linux: - key: kernel.all.cpu.wait.total applications: - Kernel - value_type: int + value_type: float - key: kernel.all.cpu.irq.hard applications: - Kernel - value_type: int + value_type: float - key: kernel.all.cpu.idle applications: - Kernel - value_type: int + value_type: float - key: kernel.uname.distro applications: @@ -35,7 +35,7 @@ g_template_os_linux: - key: kernel.all.cpu.irq.soft applications: - Kernel - value_type: int + value_type: float - key: kernel.all.load.15_minute applications: @@ -45,7 +45,7 @@ g_template_os_linux: - key: kernel.all.cpu.sys applications: - Kernel - value_type: int + value_type: float - key: kernel.all.load.5_minute applications: @@ -55,7 +55,7 @@ g_template_os_linux: - key: kernel.all.cpu.nice applications: - Kernel - value_type: int + value_type: float - key: kernel.all.load.1_minute applications: @@ -75,7 +75,7 @@ g_template_os_linux: - key: kernel.all.cpu.user applications: - Kernel - value_type: int + value_type: float - key: kernel.uname.machine applications: @@ -90,7 +90,7 @@ g_template_os_linux: - key: kernel.all.cpu.steal applications: - Kernel - value_type: int + value_type: float - key: kernel.all.pswitch applications: -- cgit v1.2.3 From 832bc1f47fce1b61f23259502c08f9253656cb38 Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Wed, 30 Sep 2015 20:51:35 +0200 Subject: Prevent dns resolution recursion (loop). The dnsmasq should not be resolving the example.com recursively, because in case that we have /etc/NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf: server=/example.com/192.168.55.1 the dnsmasq will be asking itself, therefore a dns resolution loop is created, which causes Maximum number of concurrent DNS queries reached (max: 150) and performance degradation of dns resolution on the whole hypervizor and guests. This patch will fix that in the domain.xml, which will cause adding local=/example.com/ to the /var/lib/libvirt/dnsmasq/openshift-ansible.conf, effectively fixing the problem. --- playbooks/libvirt/openshift-cluster/templates/network.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/libvirt/openshift-cluster/templates/network.xml b/playbooks/libvirt/openshift-cluster/templates/network.xml index 86dcd62bb..050bc7ab9 100644 --- a/playbooks/libvirt/openshift-cluster/templates/network.xml +++ b/playbooks/libvirt/openshift-cluster/templates/network.xml @@ -8,7 +8,7 @@ - + -- cgit v1.2.3 From 3fd0d61de2c55bbd3c98b62d103fdb540a9aef3d Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Wed, 30 Sep 2015 21:38:38 +0200 Subject: Fix newline --- README_libvirt.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README_libvirt.md b/README_libvirt.md index 1a710ff3b..3f8bbb5f0 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -94,7 +94,8 @@ dns=dnsmasq - Configure dnsmasq to use the Virtual Network router for example.com: ```sh -sudo vi /etc/NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf server=/example.com/192.168.55.1 +sudo vi /etc/NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf +server=/example.com/192.168.55.1 ``` Test The Setup -- cgit v1.2.3 From 608fea584b40346374f28858dc10f53f55e0adf6 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 30 Sep 2015 17:07:36 -0400 Subject: Adding % to units --- roles/os_zabbix/vars/template_os_linux.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index fe72f003b..36c890da9 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -11,16 +11,19 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.all.cpu.irq.hard applications: - Kernel value_type: float + units: '%' - key: kernel.all.cpu.idle applications: - Kernel value_type: float + units: '%' - key: kernel.uname.distro applications: @@ -36,6 +39,7 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.all.load.15_minute applications: @@ -46,6 +50,7 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.all.load.5_minute applications: @@ -56,6 +61,7 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.all.load.1_minute applications: @@ -76,6 +82,7 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.uname.machine applications: @@ -91,6 +98,7 @@ g_template_os_linux: applications: - Kernel value_type: float + units: '%' - key: kernel.all.pswitch applications: -- cgit v1.2.3 From d0b167bd075eda5ffa104229103dfad772e9f403 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Tue, 18 Aug 2015 10:46:23 +0200 Subject: fixed some issues to boot VM on GCE corrected openshift master config, commented infra correct list and terminate, it was bugged in case where no instance were terminated Using openshift-sdn for gce new join_node playbook for gce openstack/hosts/nova.py is now taking the nova/ini of its directory and not the directory of execution of bin/cluster add fix of ICMP reject rules Avoid a recursive loop Jenkins image was renamed Default masters to t2.medium instead of t2.small Fix a minor bug involving AWS ENV Keys * If a user forgot to set their AWS keys, we'd get a non descriptive error about a variable not being set * This patch uses the correct variable so the error message is more informative delete some fix that are needed anymore (selinux, iptables rules for sdn) GCE : all variables needed are in gce.ini, it will be used by bin/cluster (now check better the presence of gce.init in the default place or use GCE_INI_PATH to locate it ), also by gce.ini openshift_node_labels : get from oo_option fix syntax error in bin/cluster fix lookup for openshift_node_labels Adding desc, multiplier, and units to zabbix item Adding capability to have descriptions on triggers updated triggers and items to have better descriptions and multipliers Move openshift_data_dir to a fact based on deployment_type Previously this was being set to /var/lib/origin regardless of deployment_type which isn't correct given that existing 'enterprise' and 'online' deployments would have been deployed with /var/lib/openshift Verify again that ansible version is different than 1.9.0 and 1.9.0.1 bin/cluste does not take -a and -s anymore fix master_public_api_url : using by default a correct url Really fixed master public api url this time Really fixed master public api url this time uncommented infra deployment like before fixed again masterpublicurl in a template README_GCE.md : use GCE_INI_PATH in order to locate gce.ini, update description of gce.ini --- README_GCE.md | 17 ++- bin/cluster | 14 ++- inventory/byo/hosts.example | 2 +- inventory/gce/hosts/gce.py | 14 ++- inventory/openstack/hosts/nova.py | 2 +- .../aws/openshift-cluster/vars.online.int.yml | 2 +- .../aws/openshift-cluster/vars.online.prod.yml | 2 +- .../aws/openshift-cluster/vars.online.stage.yml | 2 +- .../set_infra_launch_facts_tasks.yml | 15 +++ playbooks/gce/openshift-cluster/config.yml | 4 + playbooks/gce/openshift-cluster/join_node.yml | 64 +++++++++++ playbooks/gce/openshift-cluster/launch.yml | 2 +- playbooks/gce/openshift-cluster/list.yml | 4 +- .../openshift-cluster/tasks/launch_instances.yml | 14 ++- playbooks/gce/openshift-cluster/terminate.yml | 55 +++++---- playbooks/gce/openshift-cluster/vars.yml | 8 +- .../openshift-cluster/files/heat_stack.yaml | 20 +++- playbooks/openstack/openshift-cluster/launch.yml | 35 +++++- roles/lib_zabbix/library/zbx_item.py | 33 +++++- roles/lib_zabbix/library/zbx_trigger.py | 8 +- roles/lib_zabbix/tasks/create_template.yml | 8 +- roles/openshift_common/vars/main.yml | 2 - .../image-streams/image-streams-centos7.json | 14 +-- .../image-streams/image-streams-rhel7.json | 4 +- .../jenkins-ephemeral-template.json | 7 +- .../jenkins-persistent-template.json | 7 +- roles/openshift_facts/library/openshift_facts.py | 9 ++ roles/openshift_facts/tasks/main.yml | 2 +- roles/openshift_manage_node/tasks/main.yml | 2 +- roles/openshift_master/tasks/main.yml | 11 +- roles/openshift_master/templates/master.yaml.v1.j2 | 2 +- roles/openshift_master/vars/main.yml | 2 +- roles/openshift_master_ca/vars/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 8 +- roles/openshift_node/templates/node.yaml.v1.j2 | 2 +- roles/openshift_node/vars/main.yml | 2 +- roles/os_zabbix/vars/template_docker.yml | 12 +- roles/os_zabbix/vars/template_heartbeat.yml | 2 +- roles/os_zabbix/vars/template_openshift_master.yml | 2 +- roles/os_zabbix/vars/template_os_linux.yml | 124 +++++++++++++-------- 40 files changed, 401 insertions(+), 140 deletions(-) create mode 100644 playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml create mode 100644 playbooks/gce/openshift-cluster/join_node.yml diff --git a/README_GCE.md b/README_GCE.md index f6c5138c1..50f8ade70 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -39,6 +39,13 @@ Create a gce.ini file for GCE * gce_service_account_pem_file_path - Full path from previous steps * gce_project_id - Found in "Projects", it list all the gce projects you are associated with. The page lists their "Project Name" and "Project ID". You want the "Project ID" +Mandatory customization variables (check the values according to your tenant): +* zone = europe-west1-d +* network = default +* gce_machine_type = n1-standard-2 +* gce_machine_image = preinstalled-slave-50g-v5 + + 1. vi ~/.gce/gce.ini 1. make the contents look like this: ``` @@ -46,11 +53,15 @@ Create a gce.ini file for GCE gce_service_account_email_address = long...@developer.gserviceaccount.com gce_service_account_pem_file_path = /full/path/to/project_id-gce_key_hash.pem gce_project_id = project_id +zone = europe-west1-d +network = default +gce_machine_type = n1-standard-2 +gce_machine_image = preinstalled-slave-50g-v5 + ``` -1. Setup a sym link so that gce.py will pick it up (link must be in same dir as gce.py) +1. Define the environment variable GCE_INI_PATH so gce.py can pick it up and bin/cluster can also read it ``` - cd openshift-ansible/inventory/gce - ln -s ~/.gce/gce.ini gce.ini +export GCE_INI_PATH=~/.gce/gce.ini ``` diff --git a/bin/cluster b/bin/cluster index 486bf2a48..15c99791c 100755 --- a/bin/cluster +++ b/bin/cluster @@ -142,10 +142,14 @@ class Cluster(object): """ config = ConfigParser.ConfigParser() if 'gce' == provider: - config.readfp(open('inventory/gce/hosts/gce.ini')) + gce_ini_default_path = os.path.join( + 'inventory/gce/hosts/gce.ini') + gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + if os.path.exists(gce_ini_path): + config.readfp(open(gce_ini_path)) - for key in config.options('gce'): - os.environ[key] = config.get('gce', key) + for key in config.options('gce'): + os.environ[key] = config.get('gce', key) inventory = '-i inventory/gce/hosts' elif 'aws' == provider: @@ -164,7 +168,7 @@ class Cluster(object): boto_configs = [conf for conf in boto_conf_files if conf_exists(conf)] if len(key_missing) > 0 and len(boto_configs) == 0: - raise ValueError("PROVIDER aws requires {} environment variable(s). See README_AWS.md".format(missing)) + raise ValueError("PROVIDER aws requires {} environment variable(s). See README_AWS.md".format(key_missing)) elif 'libvirt' == provider: inventory = '-i inventory/libvirt/hosts' @@ -193,7 +197,7 @@ class Cluster(object): if args.option: for opt in args.option: k, v = opt.split('=', 1) - env['cli_' + k] = v + env[k] = v ansible_env = '-e \'{}\''.format( ' '.join(['%s=%s' % (key, value) for (key, value) in env.items()]) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 174bff697..df1bae49f 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -70,7 +70,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #osm_default_node_selector='region=primary' # set RPM version for debugging purposes -#openshift_version=-3.0.0.0 +#openshift_pkg_version=-3.0.0.0 # host group for masters [masters] diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index 3403f735e..bf018f1fe 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,6 +120,8 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + print "GCE INI PATH :: "+gce_ini_path + # Create a ConfigParser. # This provides empty defaults to each key, so that environment # variable configuration (as opposed to INI configuration) is able @@ -173,6 +175,10 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) + sys.stderr.write("GCE_EMAIL : "+args[0]+"\n") + sys.stderr.write("GCE_PEM_FILE_PATH : "+args[1]+"\n") + sys.stderr.write("GCE_PROJECT : "+kwargs['project']+"\n") + # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -211,7 +217,8 @@ class GceInventory(object): 'gce_image': inst.image, 'gce_machine_type': inst.size, 'gce_private_ip': inst.private_ips[0], - 'gce_public_ip': inst.public_ips[0], + # Hosts don't always have a public IP name + #'gce_public_ip': inst.public_ips[0], 'gce_name': inst.name, 'gce_description': inst.extra['description'], 'gce_status': inst.extra['status'], @@ -219,8 +226,8 @@ class GceInventory(object): 'gce_tags': inst.extra['tags'], 'gce_metadata': md, 'gce_network': net, - # Hosts don't have a public name, so we add an IP - 'ansible_ssh_host': inst.public_ips[0] + # Hosts don't always have a public IP name + #'ansible_ssh_host': inst.public_ips[0] } def get_instance(self, instance_name): @@ -284,4 +291,5 @@ class GceInventory(object): # Run the script +print "Hello world" GceInventory() diff --git a/inventory/openstack/hosts/nova.py b/inventory/openstack/hosts/nova.py index d5bd8d1ee..3197a57bc 100755 --- a/inventory/openstack/hosts/nova.py +++ b/inventory/openstack/hosts/nova.py @@ -34,7 +34,7 @@ except ImportError: # executed with no parameters, return the list of # all groups and hosts -NOVA_CONFIG_FILES = [os.getcwd() + "/nova.ini", +NOVA_CONFIG_FILES = [os.path.join(os.path.dirname(os.path.realpath(__file__)), "nova.ini"), os.path.expanduser(os.environ.get('ANSIBLE_CONFIG', "~/nova.ini")), "/etc/ansible/nova.ini"] diff --git a/playbooks/aws/openshift-cluster/vars.online.int.yml b/playbooks/aws/openshift-cluster/vars.online.int.yml index bb18e13b0..2e2f25ccd 100644 --- a/playbooks/aws/openshift-cluster/vars.online.int.yml +++ b/playbooks/aws/openshift-cluster/vars.online.int.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'integration', 'integration-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'integration', 'integration-infra' ] diff --git a/playbooks/aws/openshift-cluster/vars.online.prod.yml b/playbooks/aws/openshift-cluster/vars.online.prod.yml index bbef9cc56..18a53e12e 100644 --- a/playbooks/aws/openshift-cluster/vars.online.prod.yml +++ b/playbooks/aws/openshift-cluster/vars.online.prod.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'production', 'production-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'production', 'production-infra' ] diff --git a/playbooks/aws/openshift-cluster/vars.online.stage.yml b/playbooks/aws/openshift-cluster/vars.online.stage.yml index 9008a55ba..1f9ac4252 100644 --- a/playbooks/aws/openshift-cluster/vars.online.stage.yml +++ b/playbooks/aws/openshift-cluster/vars.online.stage.yml @@ -3,7 +3,7 @@ ec2_image: ami-9101c8fa ec2_image_name: libra-ops-rhel7* ec2_region: us-east-1 ec2_keypair: mmcgrath_libra -ec2_master_instance_type: t2.small +ec2_master_instance_type: t2.medium ec2_master_security_groups: [ 'stage', 'stage-master' ] ec2_infra_instance_type: c4.large ec2_infra_security_groups: [ 'stage', 'stage-infra' ] diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml new file mode 100644 index 000000000..0fd53eb7d --- /dev/null +++ b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml @@ -0,0 +1,15 @@ +--- +- set_fact: k8s_type=infra +- set_fact: sub_host_type="{{ type }}" +- set_fact: number_infra="{{ count }}" + +- name: Generate infra instance names(s) + set_fact: + scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}" + register: infra_names_output + with_sequence: count={{ number_infra }} + +- set_fact: + infra_names: "{{ infra_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index fd5dfcc72..7bd3f1a56 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -10,6 +10,8 @@ - set_fact: g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" + use_sdn: "{{ do_we_use_openshift_sdn }}" + sdn_plugin: "{{ sdn_network_plugin }}" - include: ../../common/openshift-cluster/config.yml vars: @@ -22,3 +24,5 @@ openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" + openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" + os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml new file mode 100644 index 000000000..613bbb34f --- /dev/null +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -0,0 +1,64 @@ +--- +- name: Populate oo_hosts_to_update group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_hosts_to_update + add_host: + name: "{{ node_ip }}" + groups: oo_hosts_to_update + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + +- include: ../../common/openshift-cluster/update_repos_and_packages.yml + +- name: Populate oo_masters_to_config host group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_nodes_to_config + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_nodes_to_config + + - name: Add to preemptible group if needed + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_preemptible_nodes + when: preemptible is defined and preemptible == "true" + + - name: Add to not preemptible group if needed + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_non_preemptible_nodes + when: preemptible is defined and preemptible == "false" + + - name: Evaluate oo_first_master + add_host: + name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_first_master + when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" + +#- include: config.yml +- include: ../../common/openshift-node/config.yml + vars: + openshift_cluster_id: "{{ cluster_id }}" + openshift_debug_level: 4 + openshift_deployment_type: "{{ deployment_type }}" + openshift_hostname: "{{ ansible_default_ipv4.address }}" + openshift_use_openshift_sdn: true + os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" + osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 7a3b80da0..762fa9e8d 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,7 +28,7 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" - - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml + - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml vars: type: "infra" count: "{{ num_infra }}" diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index 5ba0f5a48..f5f89baf0 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -14,11 +14,11 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: List instance(s) hosts: oo_list_hosts gather_facts: no tasks: - debug: - msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" + msg: "private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 6307ecc27..f569b2a37 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -10,18 +10,22 @@ service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + network: "{{ lookup('env', 'network') }}" +# unsupported in 1.9.+ + #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - env-{{ cluster }} - host-type-{{ type }} - - sub-host-type-{{ sub_host_type }} + - sub-host-type-{{ g_sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} register: gce - name: Add new instances to groups and set variables needed add_host: hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.public_ip }}" + ansible_ssh_host: "{{ item.name }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" @@ -30,13 +34,13 @@ with_items: gce.instance_data - name: Wait for ssh - wait_for: port=22 host={{ item.public_ip }} + wait_for: port=22 host={{ item.name }} with_items: gce.instance_data - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" register: result until: result.rc == 0 - retries: 20 - delay: 10 + retries: 30 + delay: 5 with_items: gce.instance_data diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index 098b0df73..f705745d9 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -1,25 +1,18 @@ --- - name: Terminate instance(s) hosts: localhost + connection: local gather_facts: no vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-node + - set_fact: scratch_group=tag_env-{{ cluster_id }} - add_host: name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_nodes_to_terminate + groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) - - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-master - - add_host: - name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_masters_to_terminate - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -32,14 +25,34 @@ lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] -- include: ../openshift-node/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +- name: Terminate instances(s) + hosts: localhost + connection: local + gather_facts: no + vars_files: + - vars.yml + tasks: + + - name: Terminate instances that were previously launched + local_action: + module: gce + state: 'absent' + name: "{{ item }}" + service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" + pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" + project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + with_items: groups['oo_hosts_to_terminate'] | default([]) + when: item is defined -- include: ../openshift-master/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +#- include: ../openshift-node/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +# +#- include: ../openshift-master/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index ae33083b9..6de007807 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,8 +1,11 @@ --- +do_we_use_openshift_sdn: true +sdn_network_plugin: redhat/openshift-ovs-subnet +# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation deployment_vars: origin: - image: centos-7 - ssh_user: + image: preinstalled-slave-50g-v5 + ssh_user: root sudo: yes online: image: libra-rhel7 @@ -12,4 +15,3 @@ deployment_vars: image: rhel-7 ssh_user: sudo: yes - diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 40e4ab22c..e3e2b6872 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -88,6 +88,12 @@ parameters: label: Infra flavor description: Flavor of the infra node servers + key_pair: + type: string + label: Key name + description: Name of the key + + outputs: master_names: @@ -250,6 +256,14 @@ resources: port_range_max: 10250 remote_mode: remote_group_id remote_group_id: { get_resource: master-secgrp } + - direction: ingress + protocol: tcp + port_range_min: 30001 + port_range_max: 30001 + - direction: ingress + protocol: tcp + port_range_min: 30850 + port_range_max: 30850 infra-secgrp: type: OS::Neutron::SecurityGroup @@ -291,7 +305,7 @@ resources: type: master image: { get_param: master_image } flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -323,7 +337,7 @@ resources: subtype: compute image: { get_param: node_image } flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -355,7 +369,7 @@ resources: subtype: infra image: { get_param: infra_image } flavor: { get_param: infra_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 651aef40b..5f1780476 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,15 +19,32 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - set_fact: - heat_stack_action: 'stack-create' + - name: Create OpenStack Stack + command: 'heat stack-create -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} + -P cluster_id={{ cluster_id }} + -P dns_nameservers={{ openstack_network_dns | join(",") }} + -P cidr={{ openstack_network_cidr }} + -P ssh_incoming={{ openstack_ssh_access_from }} + -P num_masters={{ num_masters }} + -P num_nodes={{ num_nodes }} + -P num_infra={{ num_infra }} + -P master_image={{ deployment_vars[deployment_type].image }} + -P node_image={{ deployment_vars[deployment_type].image }} + -P infra_image={{ deployment_vars[deployment_type].image }} + -P master_flavor={{ openstack_flavor["master"] }} + -P node_flavor={{ openstack_flavor["node"] }} + -P infra_flavor={{ openstack_flavor["infra"] }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" + openshift-ansible-{{ cluster_id }}-stack' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Create or Update OpenStack Stack - command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + - name: Update OpenStack Stack + command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -50,7 +67,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 + retries: 300 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -119,4 +136,12 @@ - include: update.yml +# Fix icmp reject iptables rules +# It should be solved in openshift-sdn but unfortunately it's not the case +# Mysterious +- name: Configuring Nodes for RBox + hosts: oo_nodes_to_config + roles: + - rbox-node + - include: list.yml diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 388db31b9..11e3c7b2b 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -88,6 +88,23 @@ def get_template_id(zapi, template_name): return template_ids, app_ids +def get_multiplier(inval): + ''' Determine the multiplier + ''' + if inval == None or inval == '': + return None, None + + rval = None + try: + rval = int(inval) + except ValueError: + pass + + if rval: + return rval, True + + return rval, False + # The branches are needed for CRUD and error handling # pylint: disable=too-many-branches def main(): @@ -106,6 +123,9 @@ def main(): template_name=dict(default=None, type='str'), zabbix_type=dict(default=2, type='int'), value_type=dict(default='int', type='str'), + multiplier=dict(default=None, type='str'), + description=dict(default=None, type='str'), + units=dict(default=None, type='str'), applications=dict(default=None, type='list'), state=dict(default='present', type='str'), ), @@ -137,11 +157,15 @@ def main(): 'templateids': templateid, }) - # Get + #******# + # GET + #******# if state == 'list': module.exit_json(changed=False, results=content['result'], state="list") - # Delete + #******# + # DELETE + #******# if state == 'absent': if not exists(content): module.exit_json(changed=False, state="absent") @@ -152,12 +176,17 @@ def main(): # Create and Update if state == 'present': + formula, use_multiplier = get_multiplier(module.params['multiplier']) params = {'name': module.params.get('name', module.params['key']), 'key_': module.params['key'], 'hostid': templateid[0], 'type': module.params['zabbix_type'], 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(module.params['applications'], app_name_ids), + 'formula': formula, + 'multiplier': use_multiplier, + 'description': module.params['description'], + 'units': module.params['units'], } # Remove any None valued params diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index c384f6fa3..a05de7e68 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -98,6 +98,7 @@ def main(): zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), zbx_debug=dict(default=False, type='bool'), expression=dict(default=None, type='str'), + name=dict(default=None, type='str'), description=dict(default=None, type='str'), dependencies=dict(default=[], type='list'), priority=dict(default='avg', type='str'), @@ -116,11 +117,11 @@ def main(): zbx_class_name = 'trigger' idname = "triggerid" state = module.params['state'] - description = module.params['description'] + tname = module.params['name'] content = zapi.get_content(zbx_class_name, 'get', - {'filter': {'description': description}, + {'filter': {'description': tname}, 'expandExpression': True, 'selectDependencies': 'triggerid', }) @@ -138,7 +139,8 @@ def main(): # Create and Update if state == 'present': - params = {'description': description, + params = {'description': tname, + 'comments': module.params['description'], 'expression': module.params['expression'], 'dependencies': get_deps(zapi, module.params['dependencies']), 'priority': get_priority(module.params['priority']), diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index bc9aff997..fd0cdd46f 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -30,6 +30,9 @@ key: "{{ item.key }}" name: "{{ item.name | default(item.key, true) }}" value_type: "{{ item.value_type | default('int') }}" + description: "{{ item.description | default('', True) }}" + multiplier: "{{ item.multiplier | default('', True) }}" + units: "{{ item.units | default('', True) }}" template_name: "{{ template.name }}" applications: "{{ item.applications }}" with_items: template.zitems @@ -41,8 +44,9 @@ zbx_server: "{{ server }}" zbx_user: "{{ user }}" zbx_password: "{{ password }}" - description: "{{ item.description }}" - dependencies: "{{ item.dependencies | default([], true) }}" + name: "{{ item.name }}" + description: "{{ item.description | default('', True) }}" + dependencies: "{{ item.dependencies | default([], True) }}" expression: "{{ item.expression }}" priority: "{{ item.priority }}" url: "{{ item.url | default(None, True) }}" diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml index 817fe0a5f..50816d319 100644 --- a/roles/openshift_common/vars/main.yml +++ b/roles/openshift_common/vars/main.yml @@ -5,5 +5,3 @@ # chains with the public zone (or the zone associated with the correct # interfaces) os_firewall_use_firewalld: False - -openshift_data_dir: /var/lib/origin diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json index 03affbddf..f213d99ca 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json @@ -161,19 +161,19 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/wildfly-8-centos", + "dockerImageRepository": "openshift/wildfly-81-centos7", "tags": [ { "name": "latest" }, { - "name": "8", + "name": "8.1", "annotations": { - "description": "Build and run Java applications on Wildfly 8", + "description": "Build and run Java applications on Wildfly 8.1", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", - "supports":"wildfly:8,jee,java", - "version": "8" + "supports":"wildfly:8.1,jee,java", + "version": "8.1" }, "from": { "Kind": "ImageStreamTag", @@ -260,13 +260,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/jenkins-16-centos7", + "dockerImageRepository": "openshift/jenkins-1-centos7", "tags": [ { "name": "latest" }, { - "name": "1.6", + "name": "1", "from": { "Kind": "ImageStreamTag", "Name": "latest" diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json index 0bd885af3..8c125f76a 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json @@ -230,13 +230,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-16-rhel7", + "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7", "tags": [ { "name": "latest" }, { - "name": "1.6", + "name": "1", "from": { "Kind": "ImageStreamTag", "Name": "latest" diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json index da08ffbd5..14bd032af 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json @@ -88,7 +88,7 @@ "containers": [ { "name": "jenkins", - "image": "openshift/jenkins-16-centos7", + "image": "${JENKINS_IMAGE}", "env": [ { "name": "JENKINS_PASSWORD", @@ -132,6 +132,11 @@ "description": "Jenkins service name", "value": "jenkins" }, + { + "name": "JENKINS_IMAGE", + "description": "Jenkins Docker image to use", + "value": "openshift/jenkins-1-centos7" + }, { "name": "JENKINS_PASSWORD", "description": "Password for the Jenkins user", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json index 33df68c74..fa31de486 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json @@ -105,7 +105,7 @@ "containers": [ { "name": "jenkins", - "image": "openshift/jenkins-16-centos7", + "image": "${JENKINS_IMAGE}", "env": [ { "name": "JENKINS_PASSWORD", @@ -155,6 +155,11 @@ "generate": "expression", "value": "password" }, + { + "name": "JENKINS_IMAGE", + "description": "Jenkins Docker image to use", + "value": "openshift/jenkins-1-centos7" + }, { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 679c3273a..60d1226d4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -454,6 +454,8 @@ def set_deployment_facts_if_unset(facts): dict: the facts dict updated with the generated deployment_type facts """ + # Perhaps re-factor this as a map? + # pylint: disable=too-many-branches if 'common' in facts: deployment_type = facts['common']['deployment_type'] if 'service_type' not in facts['common']: @@ -470,6 +472,13 @@ def set_deployment_facts_if_unset(facts): elif deployment_type == 'origin': config_base = '/etc/openshift' facts['common']['config_base'] = config_base + if 'data_dir' not in facts['common']: + data_dir = '/var/lib/origin' + if deployment_type in ['enterprise', 'online']: + data_dir = '/var/lib/openshift' + elif deployment_type == 'origin': + data_dir = '/var/lib/openshift' + facts['common']['data_dir'] = data_dir for role in ('master', 'node'): if role in facts: diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index fd3d20800..6301d4fc0 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 +- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1 assert: that: - ansible_version | version_compare('1.8.0', 'ge') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 7c4f45ce6..94d7879b2 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,7 +3,7 @@ {{ openshift.common.client_binary }} get node {{ item }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 10 + retries: 20 delay: 5 with_items: openshift_nodes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b57711b58..3394d13e5 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,6 +8,15 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined +- name: Displaying openshift_master_ha + debug: var=openshift_master_ha + +- name: openshift_master_cluster_password + debug: var=openshift_master_cluster_password + +- name: openshift.master.cluster_defer_ha + debug: var=openshift.master.cluster_defer_ha + - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined @@ -23,7 +32,7 @@ api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" - public_api_url: "{{ openshift_master_public_api_url | default(None) }}" + public_api_url: "{{ openshift_master_public_api_url | default('https://' ~ openshift.common.public_ip ~ ':8443') }}" console_path: "{{ openshift_master_console_path | default(None) }}" console_port: "{{ openshift_master_console_port | default(None) }}" console_url: "{{ openshift_master_console_url | default(None) }}" diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 7aa4ce9b6..500690523 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -46,7 +46,7 @@ etcdConfig: certFile: etcd.server.crt clientCA: ca.crt keyFile: etcd.server.key - storageDirectory: {{ openshift_data_dir }}/openshift.local.etcd + storageDirectory: {{ openshift.common.data_dir }}/openshift.local.etcd {% endif %} etcdStorageConfig: kubernetesStoragePrefix: kubernetes.io diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index cce118cf1..ecdb4f883 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -3,7 +3,7 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml" openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" openshift_master_valid_grant_methods: - auto diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml index 9e9561e02..b35339b18 100644 --- a/roles/openshift_master_ca/vars/main.yml +++ b/roles/openshift_master_ca/vars/main.yml @@ -3,4 +3,4 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt" openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key" openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 1986b631e..b32c3a4b3 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ openshift_node_labels | default(none) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default() ) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" @@ -72,6 +72,12 @@ dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ +--insecure-registry=dockerhub.rnd.amadeus.net:5000 \ +--insecure-registry=dockerhub.rnd.amadeus.net:5001 \ +--insecure-registry=dockerhub.rnd.amadeus.net:5002 \ +--add-registry=dockerhub.rnd.amadeus.net:5000 \ +--add-registry=dockerhub.rnd.amadeus.net:5001 \ +--add-registry=dockerhub.rnd.amadeus.net:5002 \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg notify: diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 0f708fb55..07d80f99b 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -25,5 +25,5 @@ servingInfo: certFile: server.crt clientCA: ca.crt keyFile: server.key -volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes +volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes {% include 'partials/kubeletArguments.j2' %} diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index db2c3e15a..43dc50ca8 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -1,4 +1,4 @@ --- openshift_node_config_dir: "{{ openshift.common.config_base }}/node" openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" -openshift_version: "{{ openshift_version | default('') }}" +openshift_version: "{{ openshift_pkg_version | default('') }}" diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index a1cd3519e..395e054de 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -52,35 +52,35 @@ g_template_docker: - Docker Storage value_type: float ztriggers: - - description: 'docker.ping failed on {HOST.NAME}' + - name: 'docker.ping failed on {HOST.NAME}' expression: '{Template Docker:docker.ping.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_ping.asciidoc' priority: high - - description: 'Docker storage is using LOOPBACK on {HOST.NAME}' + - name: 'Docker storage is using LOOPBACK on {HOST.NAME}' expression: '{Template Docker:docker.storage.is_loopback.last()}<>0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_loopback.asciidoc' priority: high - - description: 'Critically low docker storage data space on {HOST.NAME}' + - name: 'Critically low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.data.space.available.max(#3)}<5' # < 5% or < 5GB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high - - description: 'Critically low docker storage metadata space on {HOST.NAME}' + - name: 'Critically low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.005' # < 5% or < 5MB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' priority: high # Put triggers that depend on other triggers here (deps must be created first) - - description: 'Low docker storage data space on {HOST.NAME}' + - name: 'Low docker storage data space on {HOST.NAME}' expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.data.space.available.max(#3)}<10' # < 10% or < 10GB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: - 'Critically low docker storage data space on {HOST.NAME}' priority: average - - description: 'Low docker storage metadata space on {HOST.NAME}' + - name: 'Low docker storage metadata space on {HOST.NAME}' expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.01' # < 10% or < 10MB url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc' dependencies: diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml index 798377cd9..8dbe0d0d6 100644 --- a/roles/os_zabbix/vars/template_heartbeat.yml +++ b/roles/os_zabbix/vars/template_heartbeat.yml @@ -7,7 +7,7 @@ g_template_heartbeat: - Heartbeat key: heartbeat.ping ztriggers: - - description: 'Heartbeat.ping has failed on {HOST.NAME}' + - name: 'Heartbeat.ping has failed on {HOST.NAME}' expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1' priority: avg url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc' diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index d2c1365b0..728423ac1 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -7,7 +7,7 @@ g_template_openshift_master: - Openshift Master key: create_app ztriggers: - - description: 'Application creation has failed on {HOST.NAME}' + - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' priority: avg diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 7c446cd85..3173c79b2 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -52,106 +52,135 @@ g_template_os_linux: - Kernel value_type: float - - key: mem.freemem + - key: kernel.all.cpu.nice applications: - - Memory + - Kernel value_type: int - - key: kernel.all.cpu.nice + - key: kernel.all.load.1_minute applications: - Kernel - value_type: int + value_type: float - - key: mem.util.bufmem + - key: kernel.uname.version applications: - - Memory - value_type: int + - Kernel + value_type: string - - key: swap.used + - key: kernel.all.uptime applications: - - Memory + - Kernel value_type: int - - key: kernel.all.load.1_minute + - key: kernel.all.cpu.user applications: - Kernel - value_type: float + value_type: int - - key: kernel.uname.version + - key: kernel.uname.machine applications: - Kernel value_type: string - - key: swap.length + - key: hinv.ncpu applications: - - Memory + - Kernel value_type: int - - key: mem.physmem + - key: kernel.all.cpu.steal applications: - - Memory + - Kernel value_type: int - - key: kernel.all.uptime + - key: kernel.all.pswitch applications: - Kernel value_type: int - - key: swap.free + - key: kernel.uname.release applications: - - Memory - value_type: int + - Kernel + value_type: string - - key: mem.util.available + - key: proc.nprocs applications: - - Memory + - Kernel value_type: int - - key: mem.util.used + # Memory Items + - key: mem.freemem applications: - Memory value_type: int + description: "PCP: free system memory metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.all.cpu.user + - key: mem.util.bufmem applications: - - Kernel + - Memory value_type: int + description: "PCP: Memory allocated for buffer_heads.; I/O buffers metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.uname.machine + - key: swap.used applications: - - Kernel - value_type: string + - Memory + value_type: int + description: "PCP: swap used metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: hinv.ncpu + - key: swap.length applications: - - Kernel + - Memory value_type: int + description: "PCP: total swap available metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: mem.util.cached + - key: mem.physmem applications: - Memory value_type: int + description: "PCP: The value of this metric corresponds to the \"MemTotal\" field reported by /proc/meminfo. Note that this does not necessarily correspond to actual installed physical memory - there may be areas of the physical address space mapped as ROM in various peripheral devices and the bios may be mirroring certain ROMs in RAM." + multiplier: 1024 + units: B - - key: kernel.all.cpu.steal + - key: swap.free applications: - - Kernel + - Memory value_type: int + description: "PCP: swap free metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.all.pswitch + - key: mem.util.available applications: - - Kernel + - Memory value_type: int + description: "PCP: The amount of memory that is available for a new workload, without pushing the system into swap. Estimated from MemFree, Active(file), Inactive(file), and SReclaimable, as well as the \"low\" watermarks from /proc/zoneinfo.; available memory from /proc/meminfo" + multiplier: 1024 + units: B - - key: kernel.uname.release + - key: mem.util.used applications: - - Kernel - value_type: string + - Memory + value_type: int + description: "PCP: Used memory is the difference between mem.physmem and mem.freemem; used memory metric from /proc/meminfo" + multiplier: 1024 + units: B - - key: proc.nprocs + - key: mem.util.cached applications: - - Kernel + - Memory value_type: int + description: "PCP: Memory used by the page cache, including buffered file data. This is in-memory cache for files read from the disk (the pagecache) but doesn't include SwapCached.; page cache metric from /proc/meminfo" + multiplier: 1024 + units: B + # Disk items - key: filesys.full.xvda2 applications: - Disk @@ -163,32 +192,33 @@ g_template_os_linux: value_type: float ztriggers: - - description: 'Filesystem: / has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: / has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - description: 'Filesystem: / has less than 5% free on {HOST.NAME}' + - name: 'Filesystem: / has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda2.last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - - description: 'Filesystem: /var has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: /var has less than 10% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - description: 'Filesystem: /var has less than 5% free on {HOST.NAME}' + - name: 'Filesystem: /var has less than 5% free on {HOST.NAME}' expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high - - description: 'Too many TOTAL processes on {HOST.NAME}' + - name: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_proc.asciidoc' priority: warn - - description: 'Lack of available memory on {HOST.NAME}' - expression: '{Template OS Linux:mem.freemem.last()}<3000' + - name: 'Lack of available memory on {HOST.NAME}' + expression: '{Template OS Linux:mem.freemem.last()}<30720000' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_memory.asciidoc' priority: warn + description: 'Alert on less than 30MegaBytes. This is 30 Million Bytes. 30000 KB x 1024' -- cgit v1.2.3 From a22fbd327ab9decda9543d47c1ba375b9faecffd Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Tue, 18 Aug 2015 10:46:23 +0200 Subject: GCE-support (more information in PR, README_GCE.md) --- README_GCE.md | 17 +++++- bin/cluster | 12 ++-- inventory/gce/hosts/gce.py | 14 ++++- inventory/openstack/hosts/nova.py | 2 +- .../set_infra_launch_facts_tasks.yml | 15 +++++ playbooks/gce/openshift-cluster/config.yml | 4 ++ playbooks/gce/openshift-cluster/join_node.yml | 64 ++++++++++++++++++++++ playbooks/gce/openshift-cluster/launch.yml | 2 +- playbooks/gce/openshift-cluster/list.yml | 4 +- .../openshift-cluster/tasks/launch_instances.yml | 14 +++-- playbooks/gce/openshift-cluster/terminate.yml | 55 ++++++++++++------- playbooks/gce/openshift-cluster/vars.yml | 8 ++- .../openshift-cluster/files/heat_stack.yaml | 20 ++++++- playbooks/openstack/openshift-cluster/launch.yml | 35 ++++++++++-- roles/openshift_facts/tasks/main.yml | 2 +- roles/openshift_manage_node/tasks/main.yml | 2 +- roles/openshift_master/tasks/main.yml | 11 +++- roles/openshift_node/tasks/main.yml | 8 ++- 18 files changed, 234 insertions(+), 55 deletions(-) create mode 100644 playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml create mode 100644 playbooks/gce/openshift-cluster/join_node.yml diff --git a/README_GCE.md b/README_GCE.md index f6c5138c1..50f8ade70 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -39,6 +39,13 @@ Create a gce.ini file for GCE * gce_service_account_pem_file_path - Full path from previous steps * gce_project_id - Found in "Projects", it list all the gce projects you are associated with. The page lists their "Project Name" and "Project ID". You want the "Project ID" +Mandatory customization variables (check the values according to your tenant): +* zone = europe-west1-d +* network = default +* gce_machine_type = n1-standard-2 +* gce_machine_image = preinstalled-slave-50g-v5 + + 1. vi ~/.gce/gce.ini 1. make the contents look like this: ``` @@ -46,11 +53,15 @@ Create a gce.ini file for GCE gce_service_account_email_address = long...@developer.gserviceaccount.com gce_service_account_pem_file_path = /full/path/to/project_id-gce_key_hash.pem gce_project_id = project_id +zone = europe-west1-d +network = default +gce_machine_type = n1-standard-2 +gce_machine_image = preinstalled-slave-50g-v5 + ``` -1. Setup a sym link so that gce.py will pick it up (link must be in same dir as gce.py) +1. Define the environment variable GCE_INI_PATH so gce.py can pick it up and bin/cluster can also read it ``` - cd openshift-ansible/inventory/gce - ln -s ~/.gce/gce.ini gce.ini +export GCE_INI_PATH=~/.gce/gce.ini ``` diff --git a/bin/cluster b/bin/cluster index 582327415..e72ce547c 100755 --- a/bin/cluster +++ b/bin/cluster @@ -142,10 +142,14 @@ class Cluster(object): """ config = ConfigParser.ConfigParser() if 'gce' == provider: - config.readfp(open('inventory/gce/hosts/gce.ini')) + gce_ini_default_path = os.path.join( + 'inventory/gce/hosts/gce.ini') + gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + if os.path.exists(gce_ini_path): + config.readfp(open(gce_ini_path)) - for key in config.options('gce'): - os.environ[key] = config.get('gce', key) + for key in config.options('gce'): + os.environ[key] = config.get('gce', key) inventory = '-i inventory/gce/hosts' elif 'aws' == provider: @@ -193,7 +197,7 @@ class Cluster(object): if args.option: for opt in args.option: k, v = opt.split('=', 1) - env['cli_' + k] = v + env[k] = v ansible_env = '-e \'{}\''.format( ' '.join(['%s=%s' % (key, value) for (key, value) in env.items()]) diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index 3403f735e..bf018f1fe 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,6 +120,8 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + print "GCE INI PATH :: "+gce_ini_path + # Create a ConfigParser. # This provides empty defaults to each key, so that environment # variable configuration (as opposed to INI configuration) is able @@ -173,6 +175,10 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) + sys.stderr.write("GCE_EMAIL : "+args[0]+"\n") + sys.stderr.write("GCE_PEM_FILE_PATH : "+args[1]+"\n") + sys.stderr.write("GCE_PROJECT : "+kwargs['project']+"\n") + # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -211,7 +217,8 @@ class GceInventory(object): 'gce_image': inst.image, 'gce_machine_type': inst.size, 'gce_private_ip': inst.private_ips[0], - 'gce_public_ip': inst.public_ips[0], + # Hosts don't always have a public IP name + #'gce_public_ip': inst.public_ips[0], 'gce_name': inst.name, 'gce_description': inst.extra['description'], 'gce_status': inst.extra['status'], @@ -219,8 +226,8 @@ class GceInventory(object): 'gce_tags': inst.extra['tags'], 'gce_metadata': md, 'gce_network': net, - # Hosts don't have a public name, so we add an IP - 'ansible_ssh_host': inst.public_ips[0] + # Hosts don't always have a public IP name + #'ansible_ssh_host': inst.public_ips[0] } def get_instance(self, instance_name): @@ -284,4 +291,5 @@ class GceInventory(object): # Run the script +print "Hello world" GceInventory() diff --git a/inventory/openstack/hosts/nova.py b/inventory/openstack/hosts/nova.py index d5bd8d1ee..3197a57bc 100755 --- a/inventory/openstack/hosts/nova.py +++ b/inventory/openstack/hosts/nova.py @@ -34,7 +34,7 @@ except ImportError: # executed with no parameters, return the list of # all groups and hosts -NOVA_CONFIG_FILES = [os.getcwd() + "/nova.ini", +NOVA_CONFIG_FILES = [os.path.join(os.path.dirname(os.path.realpath(__file__)), "nova.ini"), os.path.expanduser(os.environ.get('ANSIBLE_CONFIG', "~/nova.ini")), "/etc/ansible/nova.ini"] diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml new file mode 100644 index 000000000..0fd53eb7d --- /dev/null +++ b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml @@ -0,0 +1,15 @@ +--- +- set_fact: k8s_type=infra +- set_fact: sub_host_type="{{ type }}" +- set_fact: number_infra="{{ count }}" + +- name: Generate infra instance names(s) + set_fact: + scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}" + register: infra_names_output + with_sequence: count={{ number_infra }} + +- set_fact: + infra_names: "{{ infra_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index fd5dfcc72..7bd3f1a56 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -10,6 +10,8 @@ - set_fact: g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" + use_sdn: "{{ do_we_use_openshift_sdn }}" + sdn_plugin: "{{ sdn_network_plugin }}" - include: ../../common/openshift-cluster/config.yml vars: @@ -22,3 +24,5 @@ openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" + openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" + os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml new file mode 100644 index 000000000..613bbb34f --- /dev/null +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -0,0 +1,64 @@ +--- +- name: Populate oo_hosts_to_update group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_hosts_to_update + add_host: + name: "{{ node_ip }}" + groups: oo_hosts_to_update + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + +- include: ../../common/openshift-cluster/update_repos_and_packages.yml + +- name: Populate oo_masters_to_config host group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_nodes_to_config + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_nodes_to_config + + - name: Add to preemptible group if needed + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_preemptible_nodes + when: preemptible is defined and preemptible == "true" + + - name: Add to not preemptible group if needed + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_non_preemptible_nodes + when: preemptible is defined and preemptible == "false" + + - name: Evaluate oo_first_master + add_host: + name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_first_master + when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" + +#- include: config.yml +- include: ../../common/openshift-node/config.yml + vars: + openshift_cluster_id: "{{ cluster_id }}" + openshift_debug_level: 4 + openshift_deployment_type: "{{ deployment_type }}" + openshift_hostname: "{{ ansible_default_ipv4.address }}" + openshift_use_openshift_sdn: true + os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" + osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 7a3b80da0..762fa9e8d 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,7 +28,7 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" - - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml + - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml vars: type: "infra" count: "{{ num_infra }}" diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index 5ba0f5a48..f5f89baf0 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -14,11 +14,11 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: List instance(s) hosts: oo_list_hosts gather_facts: no tasks: - debug: - msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" + msg: "private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 6307ecc27..f569b2a37 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -10,18 +10,22 @@ service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + network: "{{ lookup('env', 'network') }}" +# unsupported in 1.9.+ + #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - env-{{ cluster }} - host-type-{{ type }} - - sub-host-type-{{ sub_host_type }} + - sub-host-type-{{ g_sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} register: gce - name: Add new instances to groups and set variables needed add_host: hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.public_ip }}" + ansible_ssh_host: "{{ item.name }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" @@ -30,13 +34,13 @@ with_items: gce.instance_data - name: Wait for ssh - wait_for: port=22 host={{ item.public_ip }} + wait_for: port=22 host={{ item.name }} with_items: gce.instance_data - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" register: result until: result.rc == 0 - retries: 20 - delay: 10 + retries: 30 + delay: 5 with_items: gce.instance_data diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index 098b0df73..f705745d9 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -1,25 +1,18 @@ --- - name: Terminate instance(s) hosts: localhost + connection: local gather_facts: no vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-node + - set_fact: scratch_group=tag_env-{{ cluster_id }} - add_host: name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_nodes_to_terminate + groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) - - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-master - - add_host: - name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_masters_to_terminate - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -32,14 +25,34 @@ lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] -- include: ../openshift-node/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +- name: Terminate instances(s) + hosts: localhost + connection: local + gather_facts: no + vars_files: + - vars.yml + tasks: + + - name: Terminate instances that were previously launched + local_action: + module: gce + state: 'absent' + name: "{{ item }}" + service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" + pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" + project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + with_items: groups['oo_hosts_to_terminate'] | default([]) + when: item is defined -- include: ../openshift-master/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +#- include: ../openshift-node/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +# +#- include: ../openshift-master/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index ae33083b9..6de007807 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,8 +1,11 @@ --- +do_we_use_openshift_sdn: true +sdn_network_plugin: redhat/openshift-ovs-subnet +# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation deployment_vars: origin: - image: centos-7 - ssh_user: + image: preinstalled-slave-50g-v5 + ssh_user: root sudo: yes online: image: libra-rhel7 @@ -12,4 +15,3 @@ deployment_vars: image: rhel-7 ssh_user: sudo: yes - diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 40e4ab22c..e3e2b6872 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -88,6 +88,12 @@ parameters: label: Infra flavor description: Flavor of the infra node servers + key_pair: + type: string + label: Key name + description: Name of the key + + outputs: master_names: @@ -250,6 +256,14 @@ resources: port_range_max: 10250 remote_mode: remote_group_id remote_group_id: { get_resource: master-secgrp } + - direction: ingress + protocol: tcp + port_range_min: 30001 + port_range_max: 30001 + - direction: ingress + protocol: tcp + port_range_min: 30850 + port_range_max: 30850 infra-secgrp: type: OS::Neutron::SecurityGroup @@ -291,7 +305,7 @@ resources: type: master image: { get_param: master_image } flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -323,7 +337,7 @@ resources: subtype: compute image: { get_param: node_image } flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -355,7 +369,7 @@ resources: subtype: infra image: { get_param: infra_image } flavor: { get_param: infra_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 651aef40b..5f1780476 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,15 +19,32 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - set_fact: - heat_stack_action: 'stack-create' + - name: Create OpenStack Stack + command: 'heat stack-create -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} + -P cluster_id={{ cluster_id }} + -P dns_nameservers={{ openstack_network_dns | join(",") }} + -P cidr={{ openstack_network_cidr }} + -P ssh_incoming={{ openstack_ssh_access_from }} + -P num_masters={{ num_masters }} + -P num_nodes={{ num_nodes }} + -P num_infra={{ num_infra }} + -P master_image={{ deployment_vars[deployment_type].image }} + -P node_image={{ deployment_vars[deployment_type].image }} + -P infra_image={{ deployment_vars[deployment_type].image }} + -P master_flavor={{ openstack_flavor["master"] }} + -P node_flavor={{ openstack_flavor["node"] }} + -P infra_flavor={{ openstack_flavor["infra"] }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" + openshift-ansible-{{ cluster_id }}-stack' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Create or Update OpenStack Stack - command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + - name: Update OpenStack Stack + command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -50,7 +67,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 + retries: 300 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -119,4 +136,12 @@ - include: update.yml +# Fix icmp reject iptables rules +# It should be solved in openshift-sdn but unfortunately it's not the case +# Mysterious +- name: Configuring Nodes for RBox + hosts: oo_nodes_to_config + roles: + - rbox-node + - include: list.yml diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index fd3d20800..6301d4fc0 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 +- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1 assert: that: - ansible_version | version_compare('1.8.0', 'ge') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 7c4f45ce6..94d7879b2 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,7 +3,7 @@ {{ openshift.common.client_binary }} get node {{ item }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 10 + retries: 20 delay: 5 with_items: openshift_nodes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index fa12005ab..96cc4d9af 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,6 +8,15 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined +- name: Displaying openshift_master_ha + debug: var=openshift_master_ha + +- name: openshift_master_cluster_password + debug: var=openshift_master_cluster_password + +- name: openshift.master.cluster_defer_ha + debug: var=openshift.master.cluster_defer_ha + - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined @@ -23,7 +32,7 @@ api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" - public_api_url: "{{ openshift_master_public_api_url | default(None) }}" + public_api_url: "{{ openshift_master_public_api_url | default('https://' ~ openshift.common.public_ip ~ ':8443') }}" console_path: "{{ openshift_master_console_path | default(None) }}" console_port: "{{ openshift_master_console_port | default(None) }}" console_url: "{{ openshift_master_console_url | default(None) }}" diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e8cc499c0..7e5ac2b5b 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ openshift_node_labels | default(none) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default() ) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" @@ -73,6 +73,12 @@ dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ +--insecure-registry=dockerhub.rnd.amadeus.net:5000 \ +--insecure-registry=dockerhub.rnd.amadeus.net:5001 \ +--insecure-registry=dockerhub.rnd.amadeus.net:5002 \ +--add-registry=dockerhub.rnd.amadeus.net:5000 \ +--add-registry=dockerhub.rnd.amadeus.net:5001 \ +--add-registry=dockerhub.rnd.amadeus.net:5002 \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg notify: -- cgit v1.2.3 From 9229927a98389f0dae2abb51e1df971f9457afb3 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Thu, 1 Oct 2015 15:33:32 +0200 Subject: oo_option fixed, some clean up --- bin/cluster | 2 +- inventory/gce/hosts/gce.py | 7 +------ playbooks/gce/openshift-cluster/join_node.yml | 17 +---------------- .../openstack/openshift-cluster/files/heat_stack.yaml | 8 -------- 4 files changed, 3 insertions(+), 31 deletions(-) diff --git a/bin/cluster b/bin/cluster index e72ce547c..0e305141f 100755 --- a/bin/cluster +++ b/bin/cluster @@ -197,7 +197,7 @@ class Cluster(object): if args.option: for opt in args.option: k, v = opt.split('=', 1) - env[k] = v + env['cli_' + k] = v ansible_env = '-e \'{}\''.format( ' '.join(['%s=%s' % (key, value) for (key, value) in env.items()]) diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index bf018f1fe..6ed12e011 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,7 +120,6 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) - print "GCE INI PATH :: "+gce_ini_path # Create a ConfigParser. # This provides empty defaults to each key, so that environment @@ -175,10 +174,7 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) - sys.stderr.write("GCE_EMAIL : "+args[0]+"\n") - sys.stderr.write("GCE_PEM_FILE_PATH : "+args[1]+"\n") - sys.stderr.write("GCE_PROJECT : "+kwargs['project']+"\n") - + # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -291,5 +287,4 @@ class GceInventory(object): # Run the script -print "Hello world" GceInventory() diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index 613bbb34f..0dfa3e9d7 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -27,22 +27,6 @@ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: oo_nodes_to_config - - name: Add to preemptible group if needed - add_host: - name: "{{ node_ip }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_preemptible_nodes - when: preemptible is defined and preemptible == "true" - - - name: Add to not preemptible group if needed - add_host: - name: "{{ node_ip }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_non_preemptible_nodes - when: preemptible is defined and preemptible == "false" - - name: Evaluate oo_first_master add_host: name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" @@ -59,6 +43,7 @@ openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" openshift_use_openshift_sdn: true + openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index e3e2b6872..cd2636c9c 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -256,14 +256,6 @@ resources: port_range_max: 10250 remote_mode: remote_group_id remote_group_id: { get_resource: master-secgrp } - - direction: ingress - protocol: tcp - port_range_min: 30001 - port_range_max: 30001 - - direction: ingress - protocol: tcp - port_range_min: 30850 - port_range_max: 30850 infra-secgrp: type: OS::Neutron::SecurityGroup -- cgit v1.2.3 From b8dcab08624bfdc4e89a144b82caa68883d1f861 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Thu, 1 Oct 2015 15:45:45 +0200 Subject: Removed some application specific code like insecure registries, heat template --- playbooks/openstack/openshift-cluster/files/heat_stack.yaml | 12 +++--------- roles/openshift_master/tasks/main.yml | 9 --------- roles/openshift_node/tasks/main.yml | 6 ------ 3 files changed, 3 insertions(+), 24 deletions(-) diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index cd2636c9c..40e4ab22c 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -88,12 +88,6 @@ parameters: label: Infra flavor description: Flavor of the infra node servers - key_pair: - type: string - label: Key name - description: Name of the key - - outputs: master_names: @@ -297,7 +291,7 @@ resources: type: master image: { get_param: master_image } flavor: { get_param: master_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -329,7 +323,7 @@ resources: subtype: compute image: { get_param: node_image } flavor: { get_param: node_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -361,7 +355,7 @@ resources: subtype: infra image: { get_param: infra_image } flavor: { get_param: infra_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 96cc4d9af..88940ec8c 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,15 +8,6 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined -- name: Displaying openshift_master_ha - debug: var=openshift_master_ha - -- name: openshift_master_cluster_password - debug: var=openshift_master_cluster_password - -- name: openshift.master.cluster_defer_ha - debug: var=openshift.master.cluster_defer_ha - - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 7e5ac2b5b..96cd96315 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -73,12 +73,6 @@ dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ ---insecure-registry=dockerhub.rnd.amadeus.net:5000 \ ---insecure-registry=dockerhub.rnd.amadeus.net:5001 \ ---insecure-registry=dockerhub.rnd.amadeus.net:5002 \ ---add-registry=dockerhub.rnd.amadeus.net:5000 \ ---add-registry=dockerhub.rnd.amadeus.net:5001 \ ---add-registry=dockerhub.rnd.amadeus.net:5002 \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg notify: -- cgit v1.2.3 From 2c37e6282bcd260119b654b23acdad3e6ca4340c Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 1 Oct 2015 12:14:23 -0400 Subject: Adding trggers for cpu idle --- roles/os_zabbix/vars/template_os_linux.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 36c890da9..c81f39c58 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -259,3 +259,18 @@ g_template_os_linux: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_memory.asciidoc' priority: warn description: 'Alert on less than 30MegaBytes. This is 30 Million Bytes. 30000 KB x 1024' + + # CPU Utilization # + - name: 'CPU idle less than 5% on {HOST.NAME}' + expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<5 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<5' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc' + priority: high + description: 'CPU is less than 5% idle' + + - name: 'CPU idle less than 10% on {HOST.NAME}' + expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<10 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<10' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc' + priority: warn + description: 'CPU is less than 10% idle' + dependencies: + - 'CPU idle less than 5% on {HOST.NAME}' -- cgit v1.2.3 From 7748ce4463ca6d2e31b55c81ffc1418f8a999b55 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 1 Oct 2015 10:56:36 -0700 Subject: added 'missingok' to logrotate and disabled fluentd in online --- playbooks/aws/openshift-cluster/tasks/launch_instances.yml | 1 + roles/openshift_facts/library/openshift_facts.py | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index b77bcdc1a..9c699120b 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -172,6 +172,7 @@ - rotate 7 - compress - sharedscripts + - missingok scripts: postrotate: "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index f708f9bac..3ab3663de 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -296,9 +296,8 @@ def set_fluentd_facts_if_unset(facts): """ if 'common' in facts: - deployment_type = facts['common']['deployment_type'] if 'use_fluentd' not in facts['common']: - use_fluentd = True if deployment_type == 'online' else False + use_fluentd = False facts['common']['use_fluentd'] = use_fluentd return facts -- cgit v1.2.3 From ff3fb0b84b3177b813df91cbed3d96d084bcd72c Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Thu, 1 Oct 2015 09:08:07 -0400 Subject: openshift_facts.py: Ansible fact for openshift version This added some logic to add a new the version of openshift rpm-based installations. This fact is intentionally not cached to account for users potenially updating versions outside of ansible playbooks. --- roles/openshift_facts/library/openshift_facts.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 3ab3663de..aeab7152c 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -474,6 +474,7 @@ def set_deployment_facts_if_unset(facts): if deployment_type in ['enterprise', 'online']: data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir + facts['common']['version'] = get_openshift_version() for role in ('master', 'node'): if role in facts: @@ -598,6 +599,19 @@ def get_current_config(facts): return current_config +def get_openshift_version(): + """ Get current version of openshift on the host + + Returns: + version: the current openshift version + """ + if os.path.isfile('/usr/bin/openshift'): + _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) + versions = dict(e.split(' v') for e in output.splitlines()) + version = versions.get('openshift', '') + + #TODO: acknowledge the possility of a containerized install + return version def apply_provider_facts(facts, provider_facts): """ Apply provider facts to supplied facts dict -- cgit v1.2.3 From 59fb7879501d702bb78a1d79326408b115a63c90 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Fri, 2 Oct 2015 12:04:57 +0000 Subject: openshift master public api url defaults to None, it will get its default value in openshift_facts commented infra-node code until it's solved --- playbooks/gce/openshift-cluster/launch.yml | 54 +++++++++++----------- .../openshift-cluster/tasks/launch_instances.yml | 7 +-- roles/openshift_master/tasks/main.yml | 2 +- 3 files changed, 32 insertions(+), 31 deletions(-) diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 762fa9e8d..94e57fe4e 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,33 +28,33 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" - - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml - vars: - type: "infra" - count: "{{ num_infra }}" - - include: tasks/launch_instances.yml - vars: - instances: "{{ infra_names }}" - cluster: "{{ cluster_id }}" - type: "{{ k8s_type }}" - g_sub_host_type: "{{ sub_host_type }}" - - - set_fact: - a_infra: "{{ infra_names[0] }}" - - add_host: name={{ a_infra }} groups=service_master - +# - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml +# vars: +# type: "infra" +# count: "{{ num_infra }}" +# - include: tasks/launch_instances.yml +# vars: +# instances: "{{ infra_names }}" +# cluster: "{{ cluster_id }}" +# type: "{{ k8s_type }}" +# g_sub_host_type: "{{ sub_host_type }}" +# +# - set_fact: +# a_infra: "{{ infra_names[0] }}" +# - add_host: name={{ a_infra }} groups=service_master +# - include: update.yml - -- name: Deploy OpenShift Services - hosts: service_master - connection: ssh - gather_facts: yes - roles: - - openshift_registry - - openshift_router - -- include: ../../common/openshift-cluster/create_services.yml - vars: - g_svc_master: "{{ service_master }}" +# +#- name: Deploy OpenShift Services +# hosts: service_master +# connection: ssh +# gather_facts: yes +# roles: +# - openshift_registry +# - openshift_router +# +#- include: ../../common/openshift-cluster/create_services.yml +# vars: +# g_svc_master: "{{ service_master }}" - include: list.yml diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index f569b2a37..b07982305 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -20,6 +20,7 @@ - host-type-{{ type }} - sub-host-type-{{ g_sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} + when: instances |length > 0 register: gce - name: Add new instances to groups and set variables needed @@ -31,11 +32,11 @@ groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" gce_public_ip: "{{ item.public_ip }}" gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data + with_items: gce.instance_data | default([]) - name: Wait for ssh wait_for: port=22 host={{ item.name }} - with_items: gce.instance_data + with_items: gce.instance_data | default([]) - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" @@ -43,4 +44,4 @@ until: result.rc == 0 retries: 30 delay: 5 - with_items: gce.instance_data + with_items: gce.instance_data | default([]) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 88940ec8c..fa12005ab 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -23,7 +23,7 @@ api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" - public_api_url: "{{ openshift_master_public_api_url | default('https://' ~ openshift.common.public_ip ~ ':8443') }}" + public_api_url: "{{ openshift_master_public_api_url | default(None) }}" console_path: "{{ openshift_master_console_path | default(None) }}" console_port: "{{ openshift_master_console_port | default(None) }}" console_url: "{{ openshift_master_console_url | default(None) }}" -- cgit v1.2.3 From fe3ed63a6f7103a91888df3807121ac6b43cde7c Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Fri, 2 Oct 2015 08:54:09 -0400 Subject: openshift_facts.py: Correct error case for uninstalled systems This adds a default value to the version to cover the case where the user doesn't have /usr/bin/openshift on the system, correcting the bug found in PR #646. --- roles/openshift_facts/library/openshift_facts.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index aeab7152c..987f7f7da 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -605,6 +605,8 @@ def get_openshift_version(): Returns: version: the current openshift version """ + version = '' + if os.path.isfile('/usr/bin/openshift'): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) versions = dict(e.split(' v') for e in output.splitlines()) -- cgit v1.2.3 From e40b829103db88072c0e5fc759bff239cb214a43 Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Wed, 30 Sep 2015 15:22:36 -0400 Subject: added Template Ops Tools --- roles/lib_zabbix/tasks/create_template.yml | 9 ++++++--- roles/os_zabbix/tasks/main.yml | 9 +++++++++ roles/os_zabbix/vars/template_ops_tools.yml | 23 +++++++++++++++++++++++ roles/os_zabbix/vars/template_os_linux.yml | 2 -- 4 files changed, 38 insertions(+), 5 deletions(-) create mode 100644 roles/os_zabbix/vars/template_ops_tools.yml diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 62259b680..41381e76c 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -9,7 +9,8 @@ - set_fact: - lzbx_applications: "{{ template.zitems | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}" + lzbx_item_applications: "{{ template.zitems | default([], True) | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}" + lzbx_itemprototype_applications: "{{ template.zitemprototypes | default([], True) | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}" - name: Create Application zbx_application: @@ -18,9 +19,11 @@ zbx_password: "{{ password }}" name: "{{ item }}" template_name: "{{ template.name }}" - with_items: lzbx_applications + with_items: + - "{{ lzbx_item_applications }}" + - "{{ lzbx_itemprototype_applications }}" register: created_application - when: template.zitems is defined + when: template.zitems is defined or template.zitemprototypes is defined - name: Create Items zbx_item: diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index 8347e9a61..28e900255 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -12,6 +12,7 @@ - include_vars: template_docker.yml - include_vars: template_openshift_master.yml - include_vars: template_openshift_node.yml +- include_vars: template_ops_tools.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -52,3 +53,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template Ops Tools + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_ops_tools }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_ops_tools.yml b/roles/os_zabbix/vars/template_ops_tools.yml new file mode 100644 index 000000000..d1b8a2514 --- /dev/null +++ b/roles/os_zabbix/vars/template_ops_tools.yml @@ -0,0 +1,23 @@ +--- +g_template_ops_tools: + name: Template Operations Tools + zdiscoveryrules: + - name: disc.ops.runner + key: disc.ops.runner + lifetime: 1 + description: "Dynamically register operations runner items" + + zitemprototypes: + - discoveryrule_key: disc.ops.runner + name: "Exit code of ops-runner[{#OSO_COMMAND}]" + key: "disc.ops.runner.command.exitcode[{#OSO_COMMAND}]" + value_type: int + description: "The exit code of the command run from ops-runner" + applications: + - Ops Runner + + ztriggerprototypes: + - name: 'ops-runner[{#OSO_COMMAND}]: non-zero exit code on {HOST.NAME}' + expression: '{Template Operations Tools:disc.ops.runner.command.exitcode[{#OSO_COMMAND}].last()}<>0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_ops_runner_command.asciidoc' + priority: average diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index c81f39c58..70c3809bd 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -204,12 +204,10 @@ g_template_os_linux: - name: disc.filesys key: disc.filesys lifetime: 1 - template_name: Template OS Linux description: "Dynamically register the filesystems" zitemprototypes: - discoveryrule_key: disc.filesys - template_name: Template OS Linux name: "disc.filesys.full.{#OSO_FILESYS}" key: "disc.filesys.full[{#OSO_FILESYS}]" value_type: float -- cgit v1.2.3 From f0b52c736130e8f155786a0df4da7408a96a9d70 Mon Sep 17 00:00:00 2001 From: Ali Sogukpinar Date: Mon, 5 Oct 2015 18:20:08 +0200 Subject: Fix for name conflict Template name is conflicting with the template name from 'eap6-basic-sti.json' . --- .../files/examples/xpaas-templates/eap6-https-sti.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json index 0497e6824..5df36ccc2 100644 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json @@ -6,10 +6,10 @@ "iconClass" : "icon-jboss", "description": "Application template for EAP 6 applications built using STI." }, - "name": "eap6-basic-sti" + "name": "eap6-https-sti" }, "labels": { - "template": "eap6-basic-sti" + "template": "eap6-https-sti" }, "parameters": [ { -- cgit v1.2.3 From b03679b3ce1a52cfcc1c356690165eafe9b7c313 Mon Sep 17 00:00:00 2001 From: Max Whittingham Date: Mon, 5 Oct 2015 11:41:25 -0500 Subject: Changed trigger to only info alert if users is at 0 --- roles/os_zabbix/vars/template_openshift_master.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index f82771d59..68f810fe0 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -36,7 +36,7 @@ g_template_openshift_master: priority: high - name: 'Number of users for Openshift Master on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.user.count.last(,3)}>0' + expression: '{Template Openshift Master:openshift.master.user.count.last()}=0' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info -- cgit v1.2.3 From 3073d1f729f9dcd202088f6b318b465567c6344b Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Mon, 5 Oct 2015 13:48:41 -0400 Subject: Revert "GCE support" --- README_GCE.md | 17 ++----- bin/cluster | 12 ++--- inventory/gce/hosts/gce.py | 9 ++-- inventory/openstack/hosts/nova.py | 2 +- .../set_infra_launch_facts_tasks.yml | 15 ------ playbooks/gce/openshift-cluster/config.yml | 4 -- playbooks/gce/openshift-cluster/join_node.yml | 49 ------------------- playbooks/gce/openshift-cluster/launch.yml | 54 ++++++++++----------- playbooks/gce/openshift-cluster/list.yml | 4 +- .../openshift-cluster/tasks/launch_instances.yml | 21 ++++----- playbooks/gce/openshift-cluster/terminate.yml | 55 +++++++++------------- playbooks/gce/openshift-cluster/vars.yml | 8 ++-- playbooks/openstack/openshift-cluster/launch.yml | 35 ++------------ roles/openshift_facts/tasks/main.yml | 2 +- roles/openshift_manage_node/tasks/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 2 +- 16 files changed, 80 insertions(+), 211 deletions(-) delete mode 100644 playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml delete mode 100644 playbooks/gce/openshift-cluster/join_node.yml diff --git a/README_GCE.md b/README_GCE.md index 50f8ade70..f6c5138c1 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -39,13 +39,6 @@ Create a gce.ini file for GCE * gce_service_account_pem_file_path - Full path from previous steps * gce_project_id - Found in "Projects", it list all the gce projects you are associated with. The page lists their "Project Name" and "Project ID". You want the "Project ID" -Mandatory customization variables (check the values according to your tenant): -* zone = europe-west1-d -* network = default -* gce_machine_type = n1-standard-2 -* gce_machine_image = preinstalled-slave-50g-v5 - - 1. vi ~/.gce/gce.ini 1. make the contents look like this: ``` @@ -53,15 +46,11 @@ Mandatory customization variables (check the values according to your tenant): gce_service_account_email_address = long...@developer.gserviceaccount.com gce_service_account_pem_file_path = /full/path/to/project_id-gce_key_hash.pem gce_project_id = project_id -zone = europe-west1-d -network = default -gce_machine_type = n1-standard-2 -gce_machine_image = preinstalled-slave-50g-v5 - ``` -1. Define the environment variable GCE_INI_PATH so gce.py can pick it up and bin/cluster can also read it +1. Setup a sym link so that gce.py will pick it up (link must be in same dir as gce.py) ``` -export GCE_INI_PATH=~/.gce/gce.ini + cd openshift-ansible/inventory/gce + ln -s ~/.gce/gce.ini gce.ini ``` diff --git a/bin/cluster b/bin/cluster index 0e305141f..582327415 100755 --- a/bin/cluster +++ b/bin/cluster @@ -142,14 +142,10 @@ class Cluster(object): """ config = ConfigParser.ConfigParser() if 'gce' == provider: - gce_ini_default_path = os.path.join( - 'inventory/gce/hosts/gce.ini') - gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) - if os.path.exists(gce_ini_path): - config.readfp(open(gce_ini_path)) - - for key in config.options('gce'): - os.environ[key] = config.get('gce', key) + config.readfp(open('inventory/gce/hosts/gce.ini')) + + for key in config.options('gce'): + os.environ[key] = config.get('gce', key) inventory = '-i inventory/gce/hosts' elif 'aws' == provider: diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index 6ed12e011..3403f735e 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,7 +120,6 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) - # Create a ConfigParser. # This provides empty defaults to each key, so that environment # variable configuration (as opposed to INI configuration) is able @@ -174,7 +173,6 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) - # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -213,8 +211,7 @@ class GceInventory(object): 'gce_image': inst.image, 'gce_machine_type': inst.size, 'gce_private_ip': inst.private_ips[0], - # Hosts don't always have a public IP name - #'gce_public_ip': inst.public_ips[0], + 'gce_public_ip': inst.public_ips[0], 'gce_name': inst.name, 'gce_description': inst.extra['description'], 'gce_status': inst.extra['status'], @@ -222,8 +219,8 @@ class GceInventory(object): 'gce_tags': inst.extra['tags'], 'gce_metadata': md, 'gce_network': net, - # Hosts don't always have a public IP name - #'ansible_ssh_host': inst.public_ips[0] + # Hosts don't have a public name, so we add an IP + 'ansible_ssh_host': inst.public_ips[0] } def get_instance(self, instance_name): diff --git a/inventory/openstack/hosts/nova.py b/inventory/openstack/hosts/nova.py index 3197a57bc..d5bd8d1ee 100755 --- a/inventory/openstack/hosts/nova.py +++ b/inventory/openstack/hosts/nova.py @@ -34,7 +34,7 @@ except ImportError: # executed with no parameters, return the list of # all groups and hosts -NOVA_CONFIG_FILES = [os.path.join(os.path.dirname(os.path.realpath(__file__)), "nova.ini"), +NOVA_CONFIG_FILES = [os.getcwd() + "/nova.ini", os.path.expanduser(os.environ.get('ANSIBLE_CONFIG', "~/nova.ini")), "/etc/ansible/nova.ini"] diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml deleted file mode 100644 index 0fd53eb7d..000000000 --- a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- set_fact: k8s_type=infra -- set_fact: sub_host_type="{{ type }}" -- set_fact: number_infra="{{ count }}" - -- name: Generate infra instance names(s) - set_fact: - scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}" - register: infra_names_output - with_sequence: count={{ number_infra }} - -- set_fact: - infra_names: "{{ infra_names_output.results | default([]) - | oo_collect('ansible_facts') - | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 7bd3f1a56..fd5dfcc72 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -10,8 +10,6 @@ - set_fact: g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - use_sdn: "{{ do_we_use_openshift_sdn }}" - sdn_plugin: "{{ sdn_network_plugin }}" - include: ../../common/openshift-cluster/config.yml vars: @@ -24,5 +22,3 @@ openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" - openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" - os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml deleted file mode 100644 index 0dfa3e9d7..000000000 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -- name: Populate oo_hosts_to_update group - hosts: localhost - gather_facts: no - vars_files: - - vars.yml - tasks: - - name: Evaluate oo_hosts_to_update - add_host: - name: "{{ node_ip }}" - groups: oo_hosts_to_update - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - -- include: ../../common/openshift-cluster/update_repos_and_packages.yml - -- name: Populate oo_masters_to_config host group - hosts: localhost - gather_facts: no - vars_files: - - vars.yml - tasks: - - name: Evaluate oo_nodes_to_config - add_host: - name: "{{ node_ip }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_nodes_to_config - - - name: Evaluate oo_first_master - add_host: - name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_first_master - when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" - -#- include: config.yml -- include: ../../common/openshift-node/config.yml - vars: - openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 - openshift_deployment_type: "{{ deployment_type }}" - openshift_hostname: "{{ ansible_default_ipv4.address }}" - openshift_use_openshift_sdn: true - openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " - os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" - osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" - osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 94e57fe4e..7a3b80da0 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,33 +28,33 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" -# - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml -# vars: -# type: "infra" -# count: "{{ num_infra }}" -# - include: tasks/launch_instances.yml -# vars: -# instances: "{{ infra_names }}" -# cluster: "{{ cluster_id }}" -# type: "{{ k8s_type }}" -# g_sub_host_type: "{{ sub_host_type }}" -# -# - set_fact: -# a_infra: "{{ infra_names[0] }}" -# - add_host: name={{ a_infra }} groups=service_master -# + - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml + vars: + type: "infra" + count: "{{ num_infra }}" + - include: tasks/launch_instances.yml + vars: + instances: "{{ infra_names }}" + cluster: "{{ cluster_id }}" + type: "{{ k8s_type }}" + g_sub_host_type: "{{ sub_host_type }}" + + - set_fact: + a_infra: "{{ infra_names[0] }}" + - add_host: name={{ a_infra }} groups=service_master + - include: update.yml -# -#- name: Deploy OpenShift Services -# hosts: service_master -# connection: ssh -# gather_facts: yes -# roles: -# - openshift_registry -# - openshift_router -# -#- include: ../../common/openshift-cluster/create_services.yml -# vars: -# g_svc_master: "{{ service_master }}" + +- name: Deploy OpenShift Services + hosts: service_master + connection: ssh + gather_facts: yes + roles: + - openshift_registry + - openshift_router + +- include: ../../common/openshift-cluster/create_services.yml + vars: + g_svc_master: "{{ service_master }}" - include: list.yml diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index f5f89baf0..5ba0f5a48 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -14,11 +14,11 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) - name: List instance(s) hosts: oo_list_hosts gather_facts: no tasks: - debug: - msg: "private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" + msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index b07982305..6307ecc27 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -10,38 +10,33 @@ service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" project_id: "{{ lookup('env', 'gce_project_id') }}" - zone: "{{ lookup('env', 'zone') }}" - network: "{{ lookup('env', 'network') }}" -# unsupported in 1.9.+ - #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - env-{{ cluster }} - host-type-{{ type }} - - sub-host-type-{{ g_sub_host_type }} + - sub-host-type-{{ sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} - when: instances |length > 0 register: gce - name: Add new instances to groups and set variables needed add_host: hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.name }}" + ansible_ssh_host: "{{ item.public_ip }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" gce_public_ip: "{{ item.public_ip }}" gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data | default([]) + with_items: gce.instance_data - name: Wait for ssh - wait_for: port=22 host={{ item.name }} - with_items: gce.instance_data | default([]) + wait_for: port=22 host={{ item.public_ip }} + with_items: gce.instance_data - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" register: result until: result.rc == 0 - retries: 30 - delay: 5 - with_items: gce.instance_data | default([]) + retries: 20 + delay: 10 + with_items: gce.instance_data diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index f705745d9..098b0df73 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -1,18 +1,25 @@ --- - name: Terminate instance(s) hosts: localhost - connection: local gather_facts: no vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} + - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-node - add_host: name: "{{ item }}" - groups: oo_hosts_to_terminate + groups: oo_hosts_to_terminate, oo_nodes_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + + - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-master + - add_host: + name: "{{ item }}" + groups: oo_hosts_to_terminate, oo_masters_to_terminate + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -25,34 +32,14 @@ lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] -- name: Terminate instances(s) - hosts: localhost - connection: local - gather_facts: no - vars_files: - - vars.yml - tasks: - - - name: Terminate instances that were previously launched - local_action: - module: gce - state: 'absent' - name: "{{ item }}" - service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - project_id: "{{ lookup('env', 'gce_project_id') }}" - zone: "{{ lookup('env', 'zone') }}" - with_items: groups['oo_hosts_to_terminate'] | default([]) - when: item is defined +- include: ../openshift-node/terminate.yml + vars: + gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" + gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" + gce_project_id: "{{ lookup('env', 'gce_project_id') }}" -#- include: ../openshift-node/terminate.yml -# vars: -# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" -# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" -# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" -# -#- include: ../openshift-master/terminate.yml -# vars: -# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" -# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" -# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +- include: ../openshift-master/terminate.yml + vars: + gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" + gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" + gce_project_id: "{{ lookup('env', 'gce_project_id') }}" diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index 6de007807..ae33083b9 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,11 +1,8 @@ --- -do_we_use_openshift_sdn: true -sdn_network_plugin: redhat/openshift-ovs-subnet -# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation deployment_vars: origin: - image: preinstalled-slave-50g-v5 - ssh_user: root + image: centos-7 + ssh_user: sudo: yes online: image: libra-rhel7 @@ -15,3 +12,4 @@ deployment_vars: image: rhel-7 ssh_user: sudo: yes + diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 5f1780476..651aef40b 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,32 +19,15 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - name: Create OpenStack Stack - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} - -P key_pair={{ openstack_ssh_keypair }} - -P cluster_id={{ cluster_id }} - -P dns_nameservers={{ openstack_network_dns | join(",") }} - -P cidr={{ openstack_network_cidr }} - -P ssh_incoming={{ openstack_ssh_access_from }} - -P num_masters={{ num_masters }} - -P num_nodes={{ num_nodes }} - -P num_infra={{ num_infra }} - -P master_image={{ deployment_vars[deployment_type].image }} - -P node_image={{ deployment_vars[deployment_type].image }} - -P infra_image={{ deployment_vars[deployment_type].image }} - -P master_flavor={{ openstack_flavor["master"] }} - -P node_flavor={{ openstack_flavor["node"] }} - -P infra_flavor={{ openstack_flavor["infra"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" - openshift-ansible-{{ cluster_id }}-stack' + - set_fact: + heat_stack_action: 'stack-create' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Update OpenStack Stack - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} - -P key_pair={{ openstack_ssh_keypair }} + - name: Create or Update OpenStack Stack + command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -67,7 +50,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 300 + retries: 30 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -136,12 +119,4 @@ - include: update.yml -# Fix icmp reject iptables rules -# It should be solved in openshift-sdn but unfortunately it's not the case -# Mysterious -- name: Configuring Nodes for RBox - hosts: oo_nodes_to_config - roles: - - rbox-node - - include: list.yml diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index 6301d4fc0..fd3d20800 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1 +- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 assert: that: - ansible_version | version_compare('1.8.0', 'ge') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 94d7879b2..7c4f45ce6 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,7 +3,7 @@ {{ openshift.common.client_binary }} get node {{ item }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 20 + retries: 10 delay: 5 with_items: openshift_nodes diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 96cd96315..e8cc499c0 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default() ) }}" + labels: "{{ openshift_node_labels | default(none) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" -- cgit v1.2.3 From 6f211046e6f344756eb10b0103b92d08d40ea178 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Mon, 5 Oct 2015 22:59:56 -0400 Subject: Add kind/apiVersion to scheduler.json template --- roles/openshift_master/templates/scheduler.json.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/openshift_master/templates/scheduler.json.j2 b/roles/openshift_master/templates/scheduler.json.j2 index 835f2383e..cb5f43bb2 100644 --- a/roles/openshift_master/templates/scheduler.json.j2 +++ b/roles/openshift_master/templates/scheduler.json.j2 @@ -1,4 +1,6 @@ { + "kind": "Policy", + "apiVersion": "v1", "predicates": [ {"name": "MatchNodeSelector"}, {"name": "PodFitsResources"}, -- cgit v1.2.3 From 6e80868ad12cde826fbd919a365335935fb75c84 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Tue, 6 Oct 2015 10:13:27 +0200 Subject: playbooks/openstack/openshift-cluster/launch.yml back to its correct version --- playbooks/openstack/openshift-cluster/launch.yml | 35 ++++-------------------- 1 file changed, 5 insertions(+), 30 deletions(-) diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 5f1780476..651aef40b 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,32 +19,15 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - name: Create OpenStack Stack - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} - -P key_pair={{ openstack_ssh_keypair }} - -P cluster_id={{ cluster_id }} - -P dns_nameservers={{ openstack_network_dns | join(",") }} - -P cidr={{ openstack_network_cidr }} - -P ssh_incoming={{ openstack_ssh_access_from }} - -P num_masters={{ num_masters }} - -P num_nodes={{ num_nodes }} - -P num_infra={{ num_infra }} - -P master_image={{ deployment_vars[deployment_type].image }} - -P node_image={{ deployment_vars[deployment_type].image }} - -P infra_image={{ deployment_vars[deployment_type].image }} - -P master_flavor={{ openstack_flavor["master"] }} - -P node_flavor={{ openstack_flavor["node"] }} - -P infra_flavor={{ openstack_flavor["infra"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" - openshift-ansible-{{ cluster_id }}-stack' + - set_fact: + heat_stack_action: 'stack-create' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Update OpenStack Stack - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} - -P key_pair={{ openstack_ssh_keypair }} + - name: Create or Update OpenStack Stack + command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -67,7 +50,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 300 + retries: 30 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -136,12 +119,4 @@ - include: update.yml -# Fix icmp reject iptables rules -# It should be solved in openshift-sdn but unfortunately it's not the case -# Mysterious -- name: Configuring Nodes for RBox - hosts: oo_nodes_to_config - roles: - - rbox-node - - include: list.yml -- cgit v1.2.3 From a8666531f6130f4b14c145ddece441328c2e60d4 Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Mon, 5 Oct 2015 21:36:14 +0200 Subject: Fix exception handling. The subcommand of the action was called using os.system. The exit value of os.system is a 16-bit value. This value was propagated and used as exit value of the whole `cluster {ACTION}` command without any modification, resulting in `exit()` being called with value > 255. In the CPython 2.7 exit(v) with v > 255 behaves like exit(0), which hides that we had an error during the execution. This commit removes the error propagation by return value and introduces using exceptions instead. --- bin/cluster | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/bin/cluster b/bin/cluster index 582327415..96dcf01e8 100755 --- a/bin/cluster +++ b/bin/cluster @@ -5,6 +5,7 @@ import argparse import ConfigParser import os import sys +import subprocess import traceback @@ -53,7 +54,6 @@ class Cluster(object): """ Create an OpenShift cluster for given provider :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args)} @@ -65,65 +65,60 @@ class Cluster(object): env['num_infra'] = args.infra env['num_etcd'] = args.etcd - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def terminate(self, args): """ Destroy OpenShift cluster :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args)} playbook = "playbooks/{}/openshift-cluster/terminate.yml".format(args.provider) inventory = self.setup_provider(args.provider) - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def list(self, args): """ List VMs in cluster :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args)} playbook = "playbooks/{}/openshift-cluster/list.yml".format(args.provider) inventory = self.setup_provider(args.provider) - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def config(self, args): """ Configure or reconfigure OpenShift across clustered VMs :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args)} playbook = "playbooks/{}/openshift-cluster/config.yml".format(args.provider) inventory = self.setup_provider(args.provider) - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def update(self, args): """ Update to latest OpenShift across clustered VMs :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args)} playbook = "playbooks/{}/openshift-cluster/update.yml".format(args.provider) inventory = self.setup_provider(args.provider) - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def service(self, args): """ Make the same service call across all nodes in the cluster :param args: command line arguments provided by user - :return: exit status from run command """ env = {'cluster_id': args.cluster_id, 'deployment_type': self.get_deployment_type(args), @@ -132,7 +127,7 @@ class Cluster(object): playbook = "playbooks/{}/openshift-cluster/service.yml".format(args.provider) inventory = self.setup_provider(args.provider) - return self.action(args, inventory, env, playbook) + self.action(args, inventory, env, playbook) def setup_provider(self, provider): """ @@ -183,7 +178,6 @@ class Cluster(object): :param inventory: derived provider library :param env: environment variables for kubernetes :param playbook: ansible playbook to execute - :return: exit status from ansible-playbook command """ verbose = '' @@ -213,7 +207,18 @@ class Cluster(object): sys.stderr.write('RUN [{}]\n'.format(command)) sys.stderr.flush() - return os.system(command) + try: + subprocess.check_call(command, shell=True) + except subprocess.CalledProcessError as exc: + raise ActionFailed("ACTION [{}] failed: {}" + .format(args.action, exc)) + + +class ActionFailed(Exception): + """ + Raised when action failed. + """ + pass if __name__ == '__main__': @@ -328,14 +333,11 @@ if __name__ == '__main__': sys.stderr.write('\nACTION [update] aborted by user!\n') exit(1) - status = 1 try: - status = args.func(args) - if status != 0: - sys.stderr.write("ACTION [{}] failed with exit status {}\n".format(args.action, status)) - except Exception, e: + args.func(args) + except Exception as exc: if args.verbose: traceback.print_exc(file=sys.stderr) else: - sys.stderr.write("{}\n".format(e)) - exit(status) + print >>sys.stderr, exc + exit(1) -- cgit v1.2.3 From 3782c361b896cc382a0f5585b2ee9e9295536486 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 6 Oct 2015 09:37:37 -0400 Subject: Updated registry fact with latest deployment_type mappings --- roles/openshift_facts/library/openshift_facts.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 987f7f7da..69bb49c9b 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -480,11 +480,11 @@ def set_deployment_facts_if_unset(facts): if role in facts: deployment_type = facts['common']['deployment_type'] if 'registry_url' not in facts[role]: - registry_url = 'aos3/aos-${component}:${version}' - if deployment_type in ['enterprise', 'online']: + registry_url = 'openshift/origin-${component}:${version}' + if deployment_type in ['enterprise', 'online', 'openshift-enterprise']: registry_url = 'openshift3/ose-${component}:${version}' - elif deployment_type == 'origin': - registry_url = 'openshift/origin-${component}:${version}' + elif deployment_type == 'atomic-enterprise': + registry_url = 'aep3/aep-${component}:${version}' facts[role]['registry_url'] = registry_url return facts -- cgit v1.2.3 From a3ba0278879075e14373a6872acc5f0c3cc3d9a2 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Tue, 6 Oct 2015 16:59:00 +0200 Subject: Revert "Revert "GCE support"" This reverts commit 3073d1f729f9dcd202088f6b318b465567c6344b. --- README_GCE.md | 17 +++++-- bin/cluster | 12 +++-- inventory/gce/hosts/gce.py | 9 ++-- inventory/openstack/hosts/nova.py | 2 +- .../set_infra_launch_facts_tasks.yml | 15 ++++++ playbooks/gce/openshift-cluster/config.yml | 4 ++ playbooks/gce/openshift-cluster/join_node.yml | 49 +++++++++++++++++++ playbooks/gce/openshift-cluster/launch.yml | 54 ++++++++++----------- playbooks/gce/openshift-cluster/list.yml | 4 +- .../openshift-cluster/tasks/launch_instances.yml | 21 +++++---- playbooks/gce/openshift-cluster/terminate.yml | 55 +++++++++++++--------- playbooks/gce/openshift-cluster/vars.yml | 8 ++-- playbooks/openstack/openshift-cluster/launch.yml | 35 ++++++++++++-- roles/openshift_facts/tasks/main.yml | 2 +- roles/openshift_manage_node/tasks/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 2 +- 16 files changed, 211 insertions(+), 80 deletions(-) create mode 100644 playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml create mode 100644 playbooks/gce/openshift-cluster/join_node.yml diff --git a/README_GCE.md b/README_GCE.md index f6c5138c1..50f8ade70 100644 --- a/README_GCE.md +++ b/README_GCE.md @@ -39,6 +39,13 @@ Create a gce.ini file for GCE * gce_service_account_pem_file_path - Full path from previous steps * gce_project_id - Found in "Projects", it list all the gce projects you are associated with. The page lists their "Project Name" and "Project ID". You want the "Project ID" +Mandatory customization variables (check the values according to your tenant): +* zone = europe-west1-d +* network = default +* gce_machine_type = n1-standard-2 +* gce_machine_image = preinstalled-slave-50g-v5 + + 1. vi ~/.gce/gce.ini 1. make the contents look like this: ``` @@ -46,11 +53,15 @@ Create a gce.ini file for GCE gce_service_account_email_address = long...@developer.gserviceaccount.com gce_service_account_pem_file_path = /full/path/to/project_id-gce_key_hash.pem gce_project_id = project_id +zone = europe-west1-d +network = default +gce_machine_type = n1-standard-2 +gce_machine_image = preinstalled-slave-50g-v5 + ``` -1. Setup a sym link so that gce.py will pick it up (link must be in same dir as gce.py) +1. Define the environment variable GCE_INI_PATH so gce.py can pick it up and bin/cluster can also read it ``` - cd openshift-ansible/inventory/gce - ln -s ~/.gce/gce.ini gce.ini +export GCE_INI_PATH=~/.gce/gce.ini ``` diff --git a/bin/cluster b/bin/cluster index 582327415..0e305141f 100755 --- a/bin/cluster +++ b/bin/cluster @@ -142,10 +142,14 @@ class Cluster(object): """ config = ConfigParser.ConfigParser() if 'gce' == provider: - config.readfp(open('inventory/gce/hosts/gce.ini')) - - for key in config.options('gce'): - os.environ[key] = config.get('gce', key) + gce_ini_default_path = os.path.join( + 'inventory/gce/hosts/gce.ini') + gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + if os.path.exists(gce_ini_path): + config.readfp(open(gce_ini_path)) + + for key in config.options('gce'): + os.environ[key] = config.get('gce', key) inventory = '-i inventory/gce/hosts' elif 'aws' == provider: diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index 3403f735e..6ed12e011 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,6 +120,7 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) + # Create a ConfigParser. # This provides empty defaults to each key, so that environment # variable configuration (as opposed to INI configuration) is able @@ -173,6 +174,7 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) + # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -211,7 +213,8 @@ class GceInventory(object): 'gce_image': inst.image, 'gce_machine_type': inst.size, 'gce_private_ip': inst.private_ips[0], - 'gce_public_ip': inst.public_ips[0], + # Hosts don't always have a public IP name + #'gce_public_ip': inst.public_ips[0], 'gce_name': inst.name, 'gce_description': inst.extra['description'], 'gce_status': inst.extra['status'], @@ -219,8 +222,8 @@ class GceInventory(object): 'gce_tags': inst.extra['tags'], 'gce_metadata': md, 'gce_network': net, - # Hosts don't have a public name, so we add an IP - 'ansible_ssh_host': inst.public_ips[0] + # Hosts don't always have a public IP name + #'ansible_ssh_host': inst.public_ips[0] } def get_instance(self, instance_name): diff --git a/inventory/openstack/hosts/nova.py b/inventory/openstack/hosts/nova.py index d5bd8d1ee..3197a57bc 100755 --- a/inventory/openstack/hosts/nova.py +++ b/inventory/openstack/hosts/nova.py @@ -34,7 +34,7 @@ except ImportError: # executed with no parameters, return the list of # all groups and hosts -NOVA_CONFIG_FILES = [os.getcwd() + "/nova.ini", +NOVA_CONFIG_FILES = [os.path.join(os.path.dirname(os.path.realpath(__file__)), "nova.ini"), os.path.expanduser(os.environ.get('ANSIBLE_CONFIG', "~/nova.ini")), "/etc/ansible/nova.ini"] diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml new file mode 100644 index 000000000..0fd53eb7d --- /dev/null +++ b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml @@ -0,0 +1,15 @@ +--- +- set_fact: k8s_type=infra +- set_fact: sub_host_type="{{ type }}" +- set_fact: number_infra="{{ count }}" + +- name: Generate infra instance names(s) + set_fact: + scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}" + register: infra_names_output + with_sequence: count={{ number_infra }} + +- set_fact: + infra_names: "{{ infra_names_output.results | default([]) + | oo_collect('ansible_facts') + | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index fd5dfcc72..7bd3f1a56 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -10,6 +10,8 @@ - set_fact: g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" + use_sdn: "{{ do_we_use_openshift_sdn }}" + sdn_plugin: "{{ sdn_network_plugin }}" - include: ../../common/openshift-cluster/config.yml vars: @@ -22,3 +24,5 @@ openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" + openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" + os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml new file mode 100644 index 000000000..0dfa3e9d7 --- /dev/null +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -0,0 +1,49 @@ +--- +- name: Populate oo_hosts_to_update group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_hosts_to_update + add_host: + name: "{{ node_ip }}" + groups: oo_hosts_to_update + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + +- include: ../../common/openshift-cluster/update_repos_and_packages.yml + +- name: Populate oo_masters_to_config host group + hosts: localhost + gather_facts: no + vars_files: + - vars.yml + tasks: + - name: Evaluate oo_nodes_to_config + add_host: + name: "{{ node_ip }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_nodes_to_config + + - name: Evaluate oo_first_master + add_host: + name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" + groups: oo_first_master + when: "'tag_env-host-type-{{ cluster_id }}-openshift-master' in groups" + +#- include: config.yml +- include: ../../common/openshift-node/config.yml + vars: + openshift_cluster_id: "{{ cluster_id }}" + openshift_debug_level: 4 + openshift_deployment_type: "{{ deployment_type }}" + openshift_hostname: "{{ ansible_default_ipv4.address }}" + openshift_use_openshift_sdn: true + openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " + os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" + osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 7a3b80da0..94e57fe4e 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,33 +28,33 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" - - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml - vars: - type: "infra" - count: "{{ num_infra }}" - - include: tasks/launch_instances.yml - vars: - instances: "{{ infra_names }}" - cluster: "{{ cluster_id }}" - type: "{{ k8s_type }}" - g_sub_host_type: "{{ sub_host_type }}" - - - set_fact: - a_infra: "{{ infra_names[0] }}" - - add_host: name={{ a_infra }} groups=service_master - +# - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml +# vars: +# type: "infra" +# count: "{{ num_infra }}" +# - include: tasks/launch_instances.yml +# vars: +# instances: "{{ infra_names }}" +# cluster: "{{ cluster_id }}" +# type: "{{ k8s_type }}" +# g_sub_host_type: "{{ sub_host_type }}" +# +# - set_fact: +# a_infra: "{{ infra_names[0] }}" +# - add_host: name={{ a_infra }} groups=service_master +# - include: update.yml - -- name: Deploy OpenShift Services - hosts: service_master - connection: ssh - gather_facts: yes - roles: - - openshift_registry - - openshift_router - -- include: ../../common/openshift-cluster/create_services.yml - vars: - g_svc_master: "{{ service_master }}" +# +#- name: Deploy OpenShift Services +# hosts: service_master +# connection: ssh +# gather_facts: yes +# roles: +# - openshift_registry +# - openshift_router +# +#- include: ../../common/openshift-cluster/create_services.yml +# vars: +# g_svc_master: "{{ service_master }}" - include: list.yml diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index 5ba0f5a48..f5f89baf0 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -14,11 +14,11 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: List instance(s) hosts: oo_list_hosts gather_facts: no tasks: - debug: - msg: "public ip:{{ hostvars[inventory_hostname].gce_public_ip }} private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" + msg: "private ip:{{ hostvars[inventory_hostname].gce_private_ip }}" diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 6307ecc27..b07982305 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -10,33 +10,38 @@ service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + network: "{{ lookup('env', 'network') }}" +# unsupported in 1.9.+ + #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - env-{{ cluster }} - host-type-{{ type }} - - sub-host-type-{{ sub_host_type }} + - sub-host-type-{{ g_sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} + when: instances |length > 0 register: gce - name: Add new instances to groups and set variables needed add_host: hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.public_ip }}" + ansible_ssh_host: "{{ item.name }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" gce_public_ip: "{{ item.public_ip }}" gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data + with_items: gce.instance_data | default([]) - name: Wait for ssh - wait_for: port=22 host={{ item.public_ip }} - with_items: gce.instance_data + wait_for: port=22 host={{ item.name }} + with_items: gce.instance_data | default([]) - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" register: result until: result.rc == 0 - retries: 20 - delay: 10 - with_items: gce.instance_data + retries: 30 + delay: 5 + with_items: gce.instance_data | default([]) diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index 098b0df73..f705745d9 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -1,25 +1,18 @@ --- - name: Terminate instance(s) hosts: localhost + connection: local gather_facts: no vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-node + - set_fact: scratch_group=tag_env-{{ cluster_id }} - add_host: name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_nodes_to_terminate + groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) - - - set_fact: scratch_group=tag_env-host-type-{{ cluster_id }}-openshift-master - - add_host: - name: "{{ item }}" - groups: oo_hosts_to_terminate, oo_masters_to_terminate - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated) + with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -32,14 +25,34 @@ lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] -- include: ../openshift-node/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +- name: Terminate instances(s) + hosts: localhost + connection: local + gather_facts: no + vars_files: + - vars.yml + tasks: + + - name: Terminate instances that were previously launched + local_action: + module: gce + state: 'absent' + name: "{{ item }}" + service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" + pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" + project_id: "{{ lookup('env', 'gce_project_id') }}" + zone: "{{ lookup('env', 'zone') }}" + with_items: groups['oo_hosts_to_terminate'] | default([]) + when: item is defined -- include: ../openshift-master/terminate.yml - vars: - gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" - gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" - gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +#- include: ../openshift-node/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" +# +#- include: ../openshift-master/terminate.yml +# vars: +# gce_service_account_email: "{{ lookup('env', 'gce_service_account_email_address') }}" +# gce_pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" +# gce_project_id: "{{ lookup('env', 'gce_project_id') }}" diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index ae33083b9..6de007807 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,8 +1,11 @@ --- +do_we_use_openshift_sdn: true +sdn_network_plugin: redhat/openshift-ovs-subnet +# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation deployment_vars: origin: - image: centos-7 - ssh_user: + image: preinstalled-slave-50g-v5 + ssh_user: root sudo: yes online: image: libra-rhel7 @@ -12,4 +15,3 @@ deployment_vars: image: rhel-7 ssh_user: sudo: yes - diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 651aef40b..5f1780476 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,15 +19,32 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - set_fact: - heat_stack_action: 'stack-create' + - name: Create OpenStack Stack + command: 'heat stack-create -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} + -P cluster_id={{ cluster_id }} + -P dns_nameservers={{ openstack_network_dns | join(",") }} + -P cidr={{ openstack_network_cidr }} + -P ssh_incoming={{ openstack_ssh_access_from }} + -P num_masters={{ num_masters }} + -P num_nodes={{ num_nodes }} + -P num_infra={{ num_infra }} + -P master_image={{ deployment_vars[deployment_type].image }} + -P node_image={{ deployment_vars[deployment_type].image }} + -P infra_image={{ deployment_vars[deployment_type].image }} + -P master_flavor={{ openstack_flavor["master"] }} + -P node_flavor={{ openstack_flavor["node"] }} + -P infra_flavor={{ openstack_flavor["infra"] }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" + openshift-ansible-{{ cluster_id }}-stack' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Create or Update OpenStack Stack - command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + - name: Update OpenStack Stack + command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -50,7 +67,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 + retries: 300 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -119,4 +136,12 @@ - include: update.yml +# Fix icmp reject iptables rules +# It should be solved in openshift-sdn but unfortunately it's not the case +# Mysterious +- name: Configuring Nodes for RBox + hosts: oo_nodes_to_config + roles: + - rbox-node + - include: list.yml diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index fd3d20800..6301d4fc0 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 +- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1 assert: that: - ansible_version | version_compare('1.8.0', 'ge') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 7c4f45ce6..94d7879b2 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,7 +3,7 @@ {{ openshift.common.client_binary }} get node {{ item }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 10 + retries: 20 delay: 5 with_items: openshift_nodes diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e8cc499c0..96cd96315 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ openshift_node_labels | default(none) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default() ) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" -- cgit v1.2.3 From f1ee60e1781735486c57a15c83104c7228a158cc Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 7 Oct 2015 14:25:02 -0400 Subject: Removed io1 type for gp2 --- .../adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index c9ae923bb..82870664c 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -27,9 +27,8 @@ gather_facts: no vars: - cli_volume_type: io1 + cli_volume_type: gp2 cli_volume_size: 30 - cli_volume_iops: "{{ 30 * cli_volume_size }}" pre_tasks: - fail: @@ -104,7 +103,6 @@ volume_size: "{{ cli_volume_size | default(30, True)}}" volume_type: "{{ cli_volume_type }}" device_name: /dev/xvdb - iops: "{{ 30 * cli_volume_size }}" register: vol - debug: var=vol -- cgit v1.2.3 From b6fe5ba80bb131543bd09374df88821c8754da64 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 7 Oct 2015 14:55:43 -0400 Subject: Removing the last step as it will fail. --- .../adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 82870664c..b6a2d2f26 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -140,10 +140,3 @@ - debug: var=dockerstart - - name: Wait for docker to stabilize - pause: - seconds: 30 - - # leaving off the '-t' for docker exec. With it, it doesn't work with ansible and tty support - - name: update zabbix docker items - command: docker exec -i oso-rhel7-zagg-client /usr/local/bin/cron-send-docker-metrics.py -- cgit v1.2.3 From aacf1839073ebd40ea0e379abeac5754b0656987 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 7 Oct 2015 16:56:46 -0400 Subject: Zabbix server template added --- roles/lib_zabbix/library/zbx_trigger.py | 24 ++ roles/os_zabbix/tasks/main.yml | 9 + .../os_zabbix/vars/template_app_zabbix_server.yml | 408 +++++++++++++++++++++ 3 files changed, 441 insertions(+) create mode 100644 roles/os_zabbix/vars/template_app_zabbix_server.yml diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index 21d0fcfd2..ab7731faa 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -86,6 +86,24 @@ def get_trigger_status(inc_status): return r_status +def get_template_id(zapi, template_name): + ''' + get related templates + ''' + template_ids = [] + app_ids = {} + # Fetch templates by name + content = zapi.get_content('template', + 'get', + {'search': {'host': template_name}, + 'selectApplications': ['applicationid', 'name']}) + if content.has_key('result'): + template_ids.append(content['result'][0]['templateid']) + for app in content['result'][0]['applications']: + app_ids[app['name']] = app['applicationid'] + + return template_ids, app_ids + def main(): ''' Create a trigger in zabbix @@ -117,6 +135,7 @@ def main(): url=dict(default=None, type='str'), status=dict(default=None, type='str'), state=dict(default='present', type='str'), + template_name=dict(default=None, type='str'), ), #supports_check_mode=True ) @@ -132,11 +151,16 @@ def main(): state = module.params['state'] tname = module.params['name'] + templateid = None + if module.params['template_name']: + templateid, _ = get_template_id(zapi, module.params['template_name']) + content = zapi.get_content(zbx_class_name, 'get', {'filter': {'description': tname}, 'expandExpression': True, 'selectDependencies': 'triggerid', + 'templateids': templateid, }) # Get diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index 28e900255..e083296c0 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -13,6 +13,7 @@ - include_vars: template_openshift_master.yml - include_vars: template_openshift_node.yml - include_vars: template_ops_tools.yml +- include_vars: template_app_zabbix_server.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -61,3 +62,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template App Zabbix Server + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_app_zabbix_server }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_app_zabbix_server.yml b/roles/os_zabbix/vars/template_app_zabbix_server.yml new file mode 100644 index 000000000..dace2aa29 --- /dev/null +++ b/roles/os_zabbix/vars/template_app_zabbix_server.yml @@ -0,0 +1,408 @@ +--- +g_template_app_zabbix_server: + name: Template App Zabbix Server + zitems: + - key: housekeeper_creates + applications: + - Zabbix server + description: A simple count of the number of partition creates output by the housekeeper script. + units: '' + value_type: int + zabbix_type: '2' + + - key: housekeeper_drops + applications: + - Zabbix server + description: A simple count of the number of partition drops output by the housekeeper script. + units: '' + value_type: int + zabbix_type: '2' + + - key: housekeeper_errors + applications: + - Zabbix server + description: A simple count of the number of errors output by the housekeeper script. + units: '' + value_type: int + zabbix_type: '2' + + - key: housekeeper_total + applications: + - Zabbix server + description: A simple count of the total number of lines output by the housekeeper + script. + units: '' + value_type: int + zabbix_type: '2' + + - key: zabbix[process,alerter,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,configuration syncer,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,db watchdog,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,discoverer,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,escalator,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,history syncer,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,housekeeper,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,http poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,icmp pinger,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,ipmi poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,java poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,node watcher,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,proxy poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,self-monitoring,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,snmp trapper,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,timer,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,trapper,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[process,unreachable poller,avg,busy] + applications: + - Zabbix server + description: '' + units: '%' + value_type: float + zabbix_type: '5' + + - key: zabbix[queue,10m] + applications: + - Zabbix server + description: '' + units: '' + value_type: int + zabbix_type: '5' + + - key: zabbix[queue] + applications: + - Zabbix server + description: '' + units: '' + value_type: int + zabbix_type: '5' + + - key: zabbix[rcache,buffer,pfree] + applications: + - Zabbix server + description: '' + units: '' + value_type: float + zabbix_type: '5' + + - key: zabbix[wcache,history,pfree] + applications: + - Zabbix server + description: '' + units: '' + value_type: float + zabbix_type: '5' + + - key: zabbix[wcache,text,pfree] + applications: + - Zabbix server + description: '' + units: '' + value_type: float + zabbix_type: '5' + + - key: zabbix[wcache,trend,pfree] + applications: + - Zabbix server + description: '' + units: '' + value_type: float + zabbix_type: '5' + + - key: zabbix[wcache,values] + applications: + - Zabbix server + description: '' + units: '' + value_type: float + zabbix_type: '5' + ztriggers: + - description: "There has been unexpected output while running the housekeeping script\ + \ on the Zabbix. There are only three kinds of lines we expect to see in the output,\ + \ and we've gotten something enw.\r\n\r\nCheck the script's output in /var/lib/zabbix/state\ + \ for more details." + expression: '{Template App Zabbix Server:housekeeper_errors.last(0)}+{Template App Zabbix Server:housekeeper_creates.last(0)}+{Template App Zabbix Server:housekeeper_drops.last(0)}<>{Template App Zabbix Server:housekeeper_total.last(0)}' + name: Unexpected output in Zabbix DB Housekeeping + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_DB_Housekeeping.asciidoc + + - description: An error has occurred during running the housekeeping script on the Zabbix. Check the script's output in /var/lib/zabbix/state for more details. + expression: '{Template App Zabbix Server:housekeeper_errors.last(0)}>0' + name: Errors during Zabbix DB Housekeeping + priority: high + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,alerter,avg,busy].min(600)}>75' + name: Zabbix alerter processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,configuration syncer,avg,busy].min(600)}>75' + name: Zabbix configuration syncer processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,db watchdog,avg,busy].min(600)}>75' + name: Zabbix db watchdog processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,discoverer,avg,busy].min(600)}>75' + name: Zabbix discoverer processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,escalator,avg,busy].min(600)}>75' + name: Zabbix escalator processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,history syncer,avg,busy].min(600)}>75' + name: Zabbix history syncer processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,housekeeper,avg,busy].min(1800)}>75' + name: Zabbix housekeeper processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,http poller,avg,busy].min(600)}>75' + name: Zabbix http poller processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,icmp pinger,avg,busy].min(600)}>75' + name: Zabbix icmp pinger processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,ipmi poller,avg,busy].min(600)}>75' + name: Zabbix ipmi poller processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,java poller,avg,busy].min(600)}>75' + name: Zabbix java poller processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,node watcher,avg,busy].min(600)}>75' + name: Zabbix node watcher processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,poller,avg,busy].min(600)}>75' + name: Zabbix poller processes more than 75% busy + priority: high + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,proxy poller,avg,busy].min(600)}>75' + name: Zabbix proxy poller processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,self-monitoring,avg,busy].min(600)}>75' + name: Zabbix self-monitoring processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,snmp trapper,avg,busy].min(600)}>75' + name: Zabbix snmp trapper processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: Timer processes usually are busy because they have to process time + based trigger functions + expression: '{Template App Zabbix Server:zabbix[process,timer,avg,busy].min(600)}>75' + name: Zabbix timer processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,trapper,avg,busy].min(600)}>75' + name: Zabbix trapper processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[process,unreachable poller,avg,busy].min(600)}>75' + name: Zabbix unreachable poller processes more than 75% busy + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc + + - description: "This alert generally indicates a performance problem or a problem\ + \ with the zabbix-server or proxy.\r\n\r\nThe first place to check for issues\ + \ is Administration > Queue. Be sure to check the general view and the per-proxy\ + \ view." + expression: '{Template App Zabbix Server:zabbix[queue,10m].min(600)}>1000' + name: More than 1000 items having missing data for more than 10 minutes + priority: high + url: https://github.com/openshift/ops-sop/blob/master/Alerts/data_lost_overview_plugin.asciidoc + + - description: Consider increasing CacheSize in the zabbix_server.conf configuration + file + expression: '{Template App Zabbix Server:zabbix[rcache,buffer,pfree].min(600)}<5' + name: Less than 5% free in the configuration cache + priority: info + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[wcache,history,pfree].min(600)}<25' + name: Less than 25% free in the history cache + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[wcache,text,pfree].min(600)}<25' + name: Less than 25% free in the text history cache + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc + + - description: '' + expression: '{Template App Zabbix Server:zabbix[wcache,trend,pfree].min(600)}<25' + name: Less than 25% free in the trends cache + priority: avg + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc -- cgit v1.2.3 From 6b3d70aec80f1cc9b4f9bd14aab062410e3d77ac Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 7 Oct 2015 17:26:26 -0400 Subject: Fixed a bug where applicationids were not being filtered properly --- roles/lib_zabbix/library/zbx_itemprototype.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index 4ec1b8e02..e7fd6fa21 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -128,12 +128,12 @@ def get_status(status): return _status -def get_app_ids(zapi, application_names): +def get_app_ids(zapi, application_names, templateid): ''' get application ids from names ''' app_ids = [] for app_name in application_names: - content = zapi.get_content('application', 'get', {'search': {'name': app_name}}) + content = zapi.get_content('application', 'get', {'filter': {'name': app_name}, 'templateids': templateid}) if content.has_key('result'): app_ids.append(content['result'][0]['applicationid']) return app_ids @@ -212,7 +212,7 @@ def main(): 'ruleid': get_rule_id(zapi, module.params['discoveryrule_key'], template['templateid']), 'type': get_type(module.params['ztype']), 'value_type': get_value_type(module.params['value_type']), - 'applications': get_app_ids(zapi, module.params['applications']), + 'applications': get_app_ids(zapi, module.params['applications'], template['templateid']), 'description': module.params['description'], } -- cgit v1.2.3 From 2ff94367be1e8239e13fb8b2ab17eac6d931a283 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Thu, 8 Oct 2015 13:39:44 -0400 Subject: removed static xvda checks --- roles/os_zabbix/vars/template_os_linux.yml | 32 ------------------------------ 1 file changed, 32 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 70c3809bd..232139df9 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -188,18 +188,6 @@ g_template_os_linux: multiplier: 1024 units: B - # Disk items - - key: filesys.full.xvda2 - applications: - - Disk - value_type: float - - - key: filesys.full.xvda3 - applications: - - Disk - value_type: float - - zdiscoveryrules: - name: disc.filesys key: disc.filesys @@ -227,26 +215,6 @@ g_template_os_linux: priority: high ztriggers: - - name: 'Filesystem: / has less than 10% free on {HOST.NAME}' - expression: '{Template OS Linux:filesys.full.xvda2.last()}>90' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' - priority: warn - - - name: 'Filesystem: / has less than 5% free on {HOST.NAME}' - expression: '{Template OS Linux:filesys.full.xvda2.last()}>95' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' - priority: high - - - name: 'Filesystem: /var has less than 10% free on {HOST.NAME}' - expression: '{Template OS Linux:filesys.full.xvda3.last()}>90' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' - priority: warn - - - name: 'Filesystem: /var has less than 5% free on {HOST.NAME}' - expression: '{Template OS Linux:filesys.full.xvda3.last()}>95' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' - priority: high - - name: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_proc.asciidoc' -- cgit v1.2.3 From 365f9c5503f1a9f8d685b91eb1175b7029058e3b Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 8 Oct 2015 14:34:16 -0400 Subject: Fixed user media bug where we would update media when we really wanted to create. --- roles/lib_zabbix/library/zbx_user_media.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py index 9ed838f81..8895c78c3 100644 --- a/roles/lib_zabbix/library/zbx_user_media.py +++ b/roles/lib_zabbix/library/zbx_user_media.py @@ -260,6 +260,9 @@ def main(): for user in params['users']: diff['users']['userid'] = user['userid'] + # Medias have no real unique key so therefore we need to make it like the incoming user's request + diff['medias'] = medias + # We have differences and need to update content = zapi.get_content(zbx_class_name, 'updatemedia', diff) -- cgit v1.2.3 From 14e5118471d0d51acb5b12b304b25dad1edf0c87 Mon Sep 17 00:00:00 2001 From: Sten Turpin Date: Thu, 1 Oct 2015 08:48:04 -0500 Subject: added running pods --- roles/os_zabbix/vars/template_openshift_master.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 68f810fe0..234ea12ce 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -19,6 +19,12 @@ g_template_openshift_master: applications: - Openshift Master + - key: openshift.master.pod.running.count + description: Shows number of pods running + type: int + applications: + - Openshift Master + ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' -- cgit v1.2.3 From 3d45adca50cd903cfdba02e21a7a034dab209518 Mon Sep 17 00:00:00 2001 From: Sten Turpin Date: Fri, 2 Oct 2015 16:04:41 -0500 Subject: fixed spacing --- roles/os_zabbix/vars/template_openshift_master.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 234ea12ce..4ae918ec6 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -19,11 +19,11 @@ g_template_openshift_master: applications: - Openshift Master - - key: openshift.master.pod.running.count - description: Shows number of pods running - type: int - applications: - - Openshift Master + - key: openshift.master.pod.running.count + description: Shows number of pods running + type: int + applications: + - Openshift Master ztriggers: - name: 'Application creation has failed on {HOST.NAME}' -- cgit v1.2.3 From e5f0b4944a434a51ae9b460d60a0e00a626158e6 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Thu, 8 Oct 2015 15:18:05 -0400 Subject: Adding zabbix agent template --- roles/lib_zabbix/library/zbx_item.py | 2 ++ roles/os_zabbix/tasks/main.yml | 9 +++++++++ roles/os_zabbix/vars/template_app_zabbix_agent.yml | 23 ++++++++++++++++++++++ 3 files changed, 34 insertions(+) create mode 100644 roles/os_zabbix/vars/template_app_zabbix_agent.yml diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 2ccc21292..6faa82dfc 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -53,6 +53,8 @@ def get_value_type(value_type): vtype = 0 if 'int' in value_type: vtype = 3 + elif 'log' in value_type: + vtype = 2 elif 'char' in value_type: vtype = 1 elif 'str' in value_type: diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index e083296c0..a503b24d7 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -14,6 +14,7 @@ - include_vars: template_openshift_node.yml - include_vars: template_ops_tools.yml - include_vars: template_app_zabbix_server.yml +- include_vars: template_app_zabbix_agent.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -70,3 +71,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template App Zabbix Agent + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_app_zabbix_agent }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_app_zabbix_agent.yml b/roles/os_zabbix/vars/template_app_zabbix_agent.yml new file mode 100644 index 000000000..06c4eda8b --- /dev/null +++ b/roles/os_zabbix/vars/template_app_zabbix_agent.yml @@ -0,0 +1,23 @@ +--- +g_template_app_zabbix_agent: + name: Template App Zabbix Agent + zitems: + - key: agent.hostname + applications: + - Zabbix agent + value_type: character + zabbix_type: '0' + + - key: agent.ping + applications: + - Zabbix agent + description: The agent always returns 1 for this item. It could be used in combination with nodata() for availability check. + value_type: int + zabbix_type: '0' + + ztriggers: + - name: '[Reboot] Zabbix agent on {HOST.NAME} is unreachable for 15 minutes' + description: Zabbix agent is unreachable for 15 minutes. + expression: '{Template App Zabbix Agent:agent.ping.nodata(15m)}=1' + priority: high + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_ping.asciidoc -- cgit v1.2.3 From 3766356b8d4349b187af5ca6b945c3f1efd0fc25 Mon Sep 17 00:00:00 2001 From: Sten Turpin Date: Thu, 8 Oct 2015 14:20:37 -0500 Subject: added items + triggers for ovs tests --- roles/os_zabbix/vars/template_openshift_master.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 4ae918ec6..a49c7581a 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -25,6 +25,18 @@ g_template_openshift_master: applications: - Openshift Master + - key: openshift.master.ovs.ports.count + description: Shows number of OVS ports defined + type: int + applications: + - Openshift Master + + - key: openshift.master.ovs.pids.count + description: Shows number of ovs process ids running + type: int + applications: + - Openshift Master + ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' @@ -46,3 +58,13 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info + - name: 'OVS may not be running on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.ovs.pids.count.last()}!=4' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high + + - name: 'Number of OVS ports is 0 on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.ovs.ports.count.last()}=0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: high + -- cgit v1.2.3 From 1cc663daa7bc81d9fe54422711d43ad3a704f654 Mon Sep 17 00:00:00 2001 From: Sten Turpin Date: Thu, 8 Oct 2015 15:24:05 -0500 Subject: fixed not equals syntax --- roles/os_zabbix/vars/template_openshift_master.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index a49c7581a..cbbc79075 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -59,7 +59,7 @@ g_template_openshift_master: priority: info - name: 'OVS may not be running on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.ovs.pids.count.last()}!=4' + expression: '{Template Openshift Master:openshift.master.ovs.pids.count.last()}<>4' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: high -- cgit v1.2.3 From 62af1cd5770d954a5811c1153ba2d5851a8d7cec Mon Sep 17 00:00:00 2001 From: Sten Turpin Date: Thu, 8 Oct 2015 15:38:24 -0500 Subject: moved vswitch from master to node --- roles/os_zabbix/vars/template_openshift_master.yml | 22 ----------------- roles/os_zabbix/vars/template_openshift_node.yml | 28 ++++++++++++++++++++-- 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index cbbc79075..4ae918ec6 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -25,18 +25,6 @@ g_template_openshift_master: applications: - Openshift Master - - key: openshift.master.ovs.ports.count - description: Shows number of OVS ports defined - type: int - applications: - - Openshift Master - - - key: openshift.master.ovs.pids.count - description: Shows number of ovs process ids running - type: int - applications: - - Openshift Master - ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' @@ -58,13 +46,3 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info - - name: 'OVS may not be running on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.ovs.pids.count.last()}<>4' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' - priority: high - - - name: 'Number of OVS ports is 0 on {HOST.NAME}' - expression: '{Template Openshift Master:openshift.master.ovs.ports.count.last()}=0' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' - priority: high - diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml index 36f9cc4a3..ce28b1048 100644 --- a/roles/os_zabbix/vars/template_openshift_node.yml +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -8,13 +8,37 @@ g_template_openshift_node: applications: - Openshift Node + - key: openshift.node.ovs.pids.count + description: Shows number of ovs process ids running + type: int + applications: + - Openshift Node + + - key: openshift.node.ovs.ports.count + description: Shows number of OVS ports defined + type: int + applications: + - Openshift Node + ztriggers: - name: 'Openshift Node process not running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high - name: 'Too many Openshift Node processes running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.process.count.min(#3)}>1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' + priority: high + + - name: 'OVS may not be running on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.ovs.pids.count.last()}<>4' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high + + - name: 'Number of OVS ports is 0 on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.ovs.ports.count.last()}=0' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' + priority: high + + -- cgit v1.2.3 From ffc4ce40316acfccf1e36a9bca27c52819853e2a Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 30 Sep 2015 13:22:45 -0400 Subject: Use lower() filter for node hostname --- roles/openshift_manage_node/tasks/main.yml | 6 +++--- roles/openshift_node/templates/node.yaml.v1.j2 | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 7c4f45ce6..c6c7cd49e 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -1,6 +1,6 @@ - name: Wait for Node Registration command: > - {{ openshift.common.client_binary }} get node {{ item }} + {{ openshift.common.client_binary }} get node {{ item | lower }} register: omd_get_node until: omd_get_node.rc == 0 retries: 10 @@ -9,13 +9,13 @@ - name: Set node schedulability command: > - {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }} + {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname | lower }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }} with_items: - "{{ openshift_node_vars }}" - name: Label nodes command: > - {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname }} {{ item.openshift.node.labels | oo_combine_dict }} + {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname | lower }} {{ item.openshift.node.labels | oo_combine_dict }} with_items: - "{{ openshift_node_vars }}" when: "'labels' in item.openshift.node and item.openshift.node.labels != {}" diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 07d80f99b..946c0b655 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -18,7 +18,7 @@ networkPluginName: {{ openshift.common.sdn_network_plugin_name }} networkConfig: mtu: {{ openshift.node.sdn_mtu }} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} -nodeName: {{ openshift.common.hostname }} +nodeName: {{ openshift.common.hostname | lower }} podManifestConfig: servingInfo: bindAddress: 0.0.0.0:10250 -- cgit v1.2.3 From 46f10c87930747d7e10cfc2c3b71ea68da647135 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Fri, 9 Oct 2015 09:35:40 +0200 Subject: fix : (node) labels defaults correctly to the variable openshift_node_labels when oo_option returns an empty list --- roles/openshift_node/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 96cd96315..d45dd8073 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default() ) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" -- cgit v1.2.3 From a8171a639bd4500f30e72233587e9f6335202438 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Fri, 9 Oct 2015 16:27:25 +0200 Subject: Adding second param. true to many default filters --- playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml | 2 +- playbooks/gce/openshift-cluster/list.yml | 2 +- playbooks/gce/openshift-cluster/tasks/launch_instances.yml | 6 +++--- playbooks/gce/openshift-cluster/terminate.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml index 0fd53eb7d..01d70a1a6 100644 --- a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml +++ b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml @@ -10,6 +10,6 @@ with_sequence: count={{ number_infra }} - set_fact: - infra_names: "{{ infra_names_output.results | default([]) + infra_names: "{{ infra_names_output.results | default([], true) | oo_collect('ansible_facts') | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index f5f89baf0..53b2b9a5e 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -14,7 +14,7 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) + with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) - name: List instance(s) hosts: oo_list_hosts diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index b07982305..e300b5b5a 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -32,11 +32,11 @@ groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" gce_public_ip: "{{ item.public_ip }}" gce_private_ip: "{{ item.private_ip }}" - with_items: gce.instance_data | default([]) + with_items: gce.instance_data | default([], true) - name: Wait for ssh wait_for: port=22 host={{ item.name }} - with_items: gce.instance_data | default([]) + with_items: gce.instance_data | default([], true) - name: Wait for user setup command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.name].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.name].ansible_ssh_user }} user is setup" @@ -44,4 +44,4 @@ until: result.rc == 0 retries: 30 delay: 5 - with_items: gce.instance_data | default([]) + with_items: gce.instance_data | default([], true) diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index f705745d9..e20e0a8bc 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -12,7 +12,7 @@ groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) | difference(groups.status_terminated | default([])) + with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -42,7 +42,7 @@ pem_file: "{{ lookup('env', 'gce_service_account_pem_file_path') }}" project_id: "{{ lookup('env', 'gce_project_id') }}" zone: "{{ lookup('env', 'zone') }}" - with_items: groups['oo_hosts_to_terminate'] | default([]) + with_items: groups['oo_hosts_to_terminate'] | default([], true) when: item is defined #- include: ../openshift-node/terminate.yml -- cgit v1.2.3 From ef6435fefc08730be4ceacc3b3048a7c8602aabd Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Fri, 9 Oct 2015 11:56:39 -0400 Subject: Raising limits to 90 and 85 for disk usage --- roles/os_zabbix/vars/template_os_linux.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 232139df9..cd9649773 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -204,13 +204,13 @@ g_template_os_linux: - Disk ztriggerprototypes: - - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free on {HOST.NAME}' - expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' + - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free on {HOST.NAME}' - expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>95' + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high -- cgit v1.2.3 From 8c21fffe2e97154d4938bd823098b0814f989001 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Fri, 9 Oct 2015 21:14:08 -0400 Subject: Add masterCA to oauth template --- roles/openshift_master/templates/v1_partials/oauthConfig.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 index 72889bc29..8a4f5a746 100644 --- a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 +++ b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 @@ -80,6 +80,7 @@ oauthConfig: provider: {{ identity_provider_config(identity_provider) }} {%- endfor %} + masterCA: ca.crt masterPublicURL: {{ openshift.master.public_api_url }} masterURL: {{ openshift.master.api_url }} sessionConfig: -- cgit v1.2.3 From fee978537bbaea5aaee3bb7719ead8544f2d768a Mon Sep 17 00:00:00 2001 From: Gabor Burges Date: Sun, 11 Oct 2015 19:39:50 +0200 Subject: Update template_openshift_master.yml --- roles/os_zabbix/vars/template_openshift_master.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 4ae918ec6..1de4fefbb 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -24,6 +24,12 @@ g_template_openshift_master: type: int applications: - Openshift Master + + - key: openshift.project.counter + description: Shows number of projects on a cluster + type: int + applications: + - Openshift Master ztriggers: - name: 'Application creation has failed on {HOST.NAME}' @@ -46,3 +52,7 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info + - name: 'There are no projects running on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.project.counter.last()}=0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: info -- cgit v1.2.3 From dc9e087205b7ce4b843a40f5d0046b5ad6634a70 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 7 Oct 2015 10:52:15 -0400 Subject: Add `oadm reconcile-cluster-role-bindings` to upgrade playbook. Switch to version_compare filter for conditionals. --- playbooks/adhoc/upgrades/upgrade.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e666f0472..b43ab7607 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -40,7 +40,7 @@ hosts: oo_first_master tasks: fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later - when: _new_version.stdout < 1.0.6 or (_new_version.stdout >= 3.0 and _new_version.stdout < 3.0.2) + when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) - name: Update cluster policy hosts: oo_first_master @@ -50,6 +50,19 @@ {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-roles --confirm +- name: Update cluster policy bindings + hosts: oo_first_master + tasks: + - name: oadm policy reconcile-cluster-role-bindings --confirm + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-role-bindings + --exclude-groups=system:authenticated + --exclude-groups=system:unauthenticated + --exclude-users=system:anonymous + --additive-only=true --confirm + when: ( _new_version.stdout | version_compare('1.0.6', '>') and _new_version.stdout | version_compare('3.0','<') ) or _new_version.stdout | version_compare('3.0.2','>') + - name: Upgrade default router hosts: oo_first_master vars: -- cgit v1.2.3 From ed4f46169befecbbcbd646b5333d77add80e133f Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 17 Sep 2015 15:56:44 -0400 Subject: Lookup ansible_ssh_user group for kubeconfig perms Fixes #585 --- roles/openshift_master/tasks/main.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b57711b58..29b56656f 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -167,13 +167,17 @@ shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster when: install_result | changed +- name: Lookup default group for ansible_ssh_user + command: "/usr/bin/id -g {{ ansible_ssh_user }}" + register: _ansible_ssh_user_gid + - name: Create the client config dir(s) file: path: "~{{ item }}/.kube" state: directory mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" @@ -194,7 +198,7 @@ state: file mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" -- cgit v1.2.3 From bdda05ca0d4f62ffbc4f8e3691081d38266ca38b Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Mon, 12 Oct 2015 16:01:45 -0400 Subject: added the dynamic items to track free inodes --- roles/os_zabbix/vars/template_os_linux.yml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index cd9649773..69432273f 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -203,17 +203,35 @@ g_template_os_linux: applications: - Disk + - discoveryrule_key: disc.filesys + name: "Percentage of used inodes on {#OSO_FILESYS}" + key: "disc.filesys.inodes.pused[{#OSO_FILESYS}]" + value_type: float + description: "PCP derived value of percentage of used inodes on a filesystem." + applications: + - Disk + ztriggerprototypes: - - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free on {HOST.NAME}' + - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free disk space on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free inodes on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: warn + + - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free inodes on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>95' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: high + ztriggers: - name: 'Too many TOTAL processes on {HOST.NAME}' expression: '{Template OS Linux:proc.nprocs.last()}>5000' -- cgit v1.2.3 From 9ac39d275252d07655f982b2c12722e02a077a94 Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Tue, 13 Oct 2015 16:15:39 +0200 Subject: Add dependencies missing on RHEL 7.1 Add deps missing when using RHEL 7.1 to run openshift-ansible with libvirt --- README_libvirt.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/README_libvirt.md b/README_libvirt.md index 3f8bbb5f0..3a29eefcb 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -8,16 +8,18 @@ This makes `libvirt` useful to develop, test and debug OpenShift and openshift-a Install dependencies -------------------- -1. Install [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) -2. Install [ebtables](http://ebtables.netfilter.org/) -3. Install [qemu](http://wiki.qemu.org/Main_Page) -4. Install [libvirt](http://libvirt.org/) -5. Enable and start the libvirt daemon, e.g: +1. Install [ansible](http://www.ansible.com/) +2. Install [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) +3. Install [ebtables](http://ebtables.netfilter.org/) +4. Install [qemu and qemu-system-x86](http://wiki.qemu.org/Main_Page) +5. Install [libvirt-python and libvirt](http://libvirt.org/) +6. Install [genisoimage](http://cdrkit.org/) +7. Enable and start the libvirt daemon, e.g: - `systemctl enable libvirtd` - `systemctl start libvirtd` -6. [Grant libvirt access to your user¹](https://libvirt.org/aclpolkit.html) -7. Check that your `$HOME` is accessible to the qemu user² -8. Configure dns resolution on the host³ +8. [Grant libvirt access to your user¹](https://libvirt.org/aclpolkit.html) +9. Check that your `$HOME` is accessible to the qemu user² +10. Configure dns resolution on the host³ #### ¹ Depending on your distribution, libvirt access may be denied by default or may require a password at each access. -- cgit v1.2.3 From dda7f2fd52302a9c0f4b6b0120184c16823ac989 Mon Sep 17 00:00:00 2001 From: Ryan Leaf Date: Tue, 13 Oct 2015 15:25:19 -0400 Subject: 'setfacl ...' works on Fedora 22 and solves a permissions issue Issue with the lenaic master qcow image (docs mention Arch currently). --- README_libvirt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README_libvirt.md b/README_libvirt.md index 3f8bbb5f0..18ec66f2a 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -75,7 +75,7 @@ In order to fix that issue, you have several possibilities: * accessible by the qemu user. * Grant the qemu user access to the storage pool. -On Arch: +On Arch or Fedora 22+: ``` setfacl -m g:kvm:--x ~ -- cgit v1.2.3 From 17d55a94ed60e7e89fc704a80e61783d74c6af2f Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Wed, 14 Oct 2015 09:52:31 -0400 Subject: moved the timeout to 12 hours in the docker vg move --- playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml index ef9b45abd..63d473146 100644 --- a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -172,7 +172,7 @@ - name: pvmove onto new volume command: "pvmove {{ docker_pv_name.stdout }} /dev/xvdc1" - async: 3600 + async: 43200 poll: 10 - name: Remove the old docker drive from the volume group -- cgit v1.2.3 From ccf9acd9dad5c9dc2e1640f417a9109c9042a689 Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Mon, 12 Oct 2015 15:29:35 -0400 Subject: Fixed GCE playbooks so that they're more like the AWS playbooks. Namely the GCE playbooks now: - Create infra nodes - Correctly label nodes in OpenShift - Setup masters as nodes as well (needed for sdn) - Removed set_infra_launch_facts_tasks.yml as it's not used anymore. --- .../set_infra_launch_facts_tasks.yml | 15 ----------- playbooks/gce/openshift-cluster/config.yml | 1 + playbooks/gce/openshift-cluster/launch.yml | 31 +++++++++++----------- .../openshift-cluster/tasks/launch_instances.yml | 21 ++++++++++++--- 4 files changed, 35 insertions(+), 33 deletions(-) delete mode 100644 playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml diff --git a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml b/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml deleted file mode 100644 index 01d70a1a6..000000000 --- a/playbooks/common/openshift-cluster/set_infra_launch_facts_tasks.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- set_fact: k8s_type=infra -- set_fact: sub_host_type="{{ type }}" -- set_fact: number_infra="{{ count }}" - -- name: Generate infra instance names(s) - set_fact: - scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}" - register: infra_names_output - with_sequence: count={{ number_infra }} - -- set_fact: - infra_names: "{{ infra_names_output.results | default([], true) - | oo_collect('ansible_facts') - | oo_collect('scratch_name') }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 7bd3f1a56..6ca4f7395 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -20,6 +20,7 @@ g_nodes_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-node' }}" g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/gce/openshift-cluster/launch.yml b/playbooks/gce/openshift-cluster/launch.yml index 94e57fe4e..c22b897d5 100644 --- a/playbooks/gce/openshift-cluster/launch.yml +++ b/playbooks/gce/openshift-cluster/launch.yml @@ -28,21 +28,22 @@ type: "{{ k8s_type }}" g_sub_host_type: "{{ sub_host_type }}" -# - include: ../../common/openshift-cluster/set_infra_launch_facts_tasks.yml -# vars: -# type: "infra" -# count: "{{ num_infra }}" -# - include: tasks/launch_instances.yml -# vars: -# instances: "{{ infra_names }}" -# cluster: "{{ cluster_id }}" -# type: "{{ k8s_type }}" -# g_sub_host_type: "{{ sub_host_type }}" -# -# - set_fact: -# a_infra: "{{ infra_names[0] }}" -# - add_host: name={{ a_infra }} groups=service_master -# + - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml + vars: + type: "infra" + count: "{{ num_infra }}" + - include: tasks/launch_instances.yml + vars: + instances: "{{ node_names }}" + cluster: "{{ cluster_id }}" + type: "{{ k8s_type }}" + g_sub_host_type: "{{ sub_host_type }}" + + - add_host: + name: "{{ master_names.0 }}" + groups: service_master + when: master_names is defined and master_names.0 is defined + - include: update.yml # #- name: Deploy OpenShift Services diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index e300b5b5a..c428cb465 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -20,22 +20,37 @@ - host-type-{{ type }} - sub-host-type-{{ g_sub_host_type }} - env-host-type-{{ cluster }}-openshift-{{ type }} - when: instances |length > 0 + when: instances |length > 0 register: gce +- set_fact: + node_label: + # There doesn't seem to be a way to get the region directly, so parse it out of the zone. + region: "{{ gce.zone | regex_replace('^(.*)-.*$', '\\\\1') }}" + type: "{{ g_sub_host_type }}" + when: instances |length > 0 and type == "node" + +- set_fact: + node_label: + # There doesn't seem to be a way to get the region directly, so parse it out of the zone. + region: "{{ gce.zone | regex_replace('^(.*)-.*$', '\\\\1') }}" + type: "{{ type }}" + when: instances |length > 0 and type != "node" + - name: Add new instances to groups and set variables needed add_host: hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.name }}" + ansible_ssh_host: "{{ item.public_ip }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}" gce_public_ip: "{{ item.public_ip }}" gce_private_ip: "{{ item.private_ip }}" + openshift_node_labels: "{{ node_label }}" with_items: gce.instance_data | default([], true) - name: Wait for ssh - wait_for: port=22 host={{ item.name }} + wait_for: port=22 host={{ item.public_ip }} with_items: gce.instance_data | default([], true) - name: Wait for user setup -- cgit v1.2.3 From ef1fef97dee3ae291344478d987108836e9a664d Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Thu, 15 Oct 2015 14:16:38 -0400 Subject: Removed AWS keys from command line, and substituted with environment variable lookup. --- playbooks/adhoc/s3_registry/s3_registry.j2 | 4 ++-- playbooks/adhoc/s3_registry/s3_registry.yml | 13 ++++++++++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2 index 026b24456..acfa89515 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.j2 +++ b/playbooks/adhoc/s3_registry/s3_registry.j2 @@ -7,8 +7,8 @@ storage: cache: layerinfo: inmemory s3: - accesskey: {{ accesskey }} - secretkey: {{ secretkey }} + accesskey: {{ aws_access_key }} + secretkey: {{ aws_secret_key }} region: us-east-1 bucket: {{ clusterid }}-docker encrypt: true diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 30b873db3..92be64e17 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -10,11 +10,22 @@ remote_user: root gather_facts: False + vars: + aws_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}" + aws_secret_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" tasks: + - name: Check for AWS creds + fail: + msg: "Couldn't find {{ item }} creds in ENV" + when: "{{ item }} == ''" + with_items: + - aws_access_key + - aws_secret_key + - name: Create S3 bucket local_action: - module: s3 bucket="{{ clusterid }}-docker" mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }} + module: s3 bucket="{{ clusterid }}-docker" mode=create - name: Generate docker registry config template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 -- cgit v1.2.3 From 14ae81a5c18a6cdf5bf00ada9eeec21a82cd982e Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Thu, 15 Oct 2015 14:33:58 -0400 Subject: Update example to remove passing in aws creds on command line. --- playbooks/adhoc/s3_registry/s3_registry.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 92be64e17..d1546b6fa 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -1,7 +1,7 @@ --- # This playbook creates an S3 bucket named after your cluster and configures the docker-registry service to use the bucket as its backend storage. # Usage: -# ansible-playbook s3_registry.yml -e accesskey="S3 aws access key" -e secretkey="S3 aws secret key" -e clusterid="mycluster" +# ansible-playbook s3_registry.yml -e clusterid="mycluster" # # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. # The 'clusterid' is the short name of your cluster. -- cgit v1.2.3 From 972ce1f574673eea333a0cc412e37a0902cc83e7 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 19 Oct 2015 13:21:15 -0400 Subject: Open 4789/udp when using the SDN --- roles/openshift_node/defaults/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index c4abf9d7c..fffbf2994 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -10,3 +10,6 @@ os_firewall_allow: port: 10255/tcp - service: Openshift kubelet ReadOnlyPort udp port: 10255/udp +- service: OpenShift OVS sdn + port: 4789/udp + when: openshift.node.use_openshift_sdn | bool -- cgit v1.2.3 From ba7bf4f22ac6a7756a6a8ce6c28276667a968742 Mon Sep 17 00:00:00 2001 From: Thomas Wiest Date: Mon, 19 Oct 2015 16:10:00 -0400 Subject: added a generic playbook (ops-docker-loopback-to-direct-lvm.yml) to convert a host from loop back to direct-lvm docker storage. --- .../ops-docker-loopback-to-direct-lvm.yml | 104 +++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100755 playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml diff --git a/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml new file mode 100755 index 000000000..614b2537a --- /dev/null +++ b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml @@ -0,0 +1,104 @@ +#!/usr/bin/ansible-playbook +--- +# This playbook coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker). +# +# It requires the block device to be already provisioned and attached to the host. This is a generic playbook, +# meant to be used for manual conversion. For AWS specific conversions, use the other playbook in this directory. +# +# To run: +# ./ops-docker-loopback-to-direct-lvm.yml -e cli_host= -e cli_docker_device= +# +# Example: +# ./ops-docker-loopback-to-direct-lvm.yml -e cli_host=twiesttest-master-fd32 -e cli_docker_device=/dev/sdb +# +# Notes: +# * This will remove /var/lib/docker! +# * You may need to re-deploy docker images after this is run (like monitoring) + +- name: Fix docker to have a provisioned iops drive + hosts: "{{ cli_name }}" + user: root + connection: ssh + gather_facts: no + + pre_tasks: + - fail: + msg: "This playbook requires {{item}} to be set." + when: "{{ item }} is not defined or {{ item }} == ''" + with_items: + - cli_docker_device + + - name: start docker + service: + name: docker + state: started + + - name: Determine if loopback + shell: docker info | grep 'Data file:.*loop' + register: loop_device_check + ignore_errors: yes + + - debug: + var: loop_device_check + + - name: fail if we don't detect loopback + fail: + msg: loopback not detected! Please investigate manually. + when: loop_device_check.rc == 1 + + - name: stop zagg client monitoring container + service: + name: oso-rhel7-zagg-client + state: stopped + ignore_errors: yes + + - name: stop pcp client monitoring container + service: + name: oso-f22-host-monitoring + state: stopped + ignore_errors: yes + + - name: "check to see if {{ cli_docker_device }} exists" + command: "test -e {{ cli_docker_device }}" + register: docker_dev_check + ignore_errors: yes + + - debug: var=docker_dev_check + + - name: "fail if {{ cli_docker_device }} doesn't exist" + fail: + msg: "{{ cli_docker_device }} doesn't exist. Please investigate" + when: docker_dev_check.rc != 0 + + - name: stop docker + service: + name: docker + state: stopped + + - name: delete /var/lib/docker + command: rm -rf /var/lib/docker + + - name: remove /var/lib/docker + command: rm -rf /var/lib/docker + + - name: copy the docker-storage-setup config file + copy: + content: > + DEVS={{ cli_docker_device }} + VG=docker_vg + dest: /etc/sysconfig/docker-storage-setup + owner: root + group: root + mode: 0664 + + - name: docker storage setup + command: docker-storage-setup + register: setup_output + + - debug: var=setup_output + + - name: start docker + command: systemctl start docker.service + register: dockerstart + + - debug: var=dockerstart -- cgit v1.2.3 From 538950fd7650ad09523553eff634b4d5a672edec Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Mon, 19 Oct 2015 17:36:58 -0400 Subject: Fix typos on env vars. --- playbooks/adhoc/s3_registry/s3_registry.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index d1546b6fa..5dc1abf17 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -11,8 +11,8 @@ gather_facts: False vars: - aws_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}" - aws_secret_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" + aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" + aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}" tasks: - name: Check for AWS creds -- cgit v1.2.3 From 14598f3a9cd7998a35a127832349f3ec57f4684b Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Mon, 19 Oct 2015 18:04:54 +0200 Subject: Use runcmd to restart network. Using bootcmd in cloud-config lead to restarts prior to starting the systemd-hostnamed, which was probable cause of the failure when DHCP client was failing to send the hostname, and subsequently, the ansible-opnshift was not able to identify the VM among the others when checking DHCP leases. The failure looked like: following 10:17:31 failed: [localhost] => {"attempts": 60, "changed": true, "cmd": "virsh -c qemu:///system net-dhcp-leases openshift-ansible | egrep -c 'experiment-node-compute-453d0|experiment-node-compute-61e16'", "delta": "0:00:00.033061", "end": "2015-10-19 10:17:31.409434", "failed": true, "rc": 0, "start": "2015-10-19 10:17:31.376373", "warnings": []} 10:17:31 stdout: 1 10:17:31 msg: Task failed as maximum retries was encountered --- playbooks/libvirt/openshift-cluster/templates/user-data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/libvirt/openshift-cluster/templates/user-data b/playbooks/libvirt/openshift-cluster/templates/user-data index 77b788109..eacae7c7e 100644 --- a/playbooks/libvirt/openshift-cluster/templates/user-data +++ b/playbooks/libvirt/openshift-cluster/templates/user-data @@ -19,5 +19,5 @@ system_info: ssh_authorized_keys: - {{ lookup('file', '~/.ssh/id_rsa.pub') }} -bootcmd: +runcmd: - NETWORK_CONFIG=/etc/sysconfig/network-scripts/ifcfg-eth0; if ! grep DHCP_HOSTNAME ${NETWORK_CONFIG}; then echo 'DHCP_HOSTNAME="{{ item[0] }}.example.com"' >> ${NETWORK_CONFIG}; fi; pkill -9 dhclient; service network restart -- cgit v1.2.3 From 2b465af8ecc2ab2da13d60707e3383f809ea9924 Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Tue, 6 Oct 2015 11:10:55 +0200 Subject: Allow disabling the network plugin configuration This is useful when we want to use a different networking solution without having any networking plugin code run when the services start up. --- roles/openshift_master/templates/master.yaml.v1.j2 | 2 ++ roles/openshift_node/templates/node.yaml.v1.j2 | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 500690523..cc1dee13d 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -87,7 +87,9 @@ masterPublicURL: {{ openshift.master.public_api_url }} networkConfig: clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }} hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }} + {% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} + {% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.master.portal_net }} {% include 'v1_partials/oauthConfig.j2' %} diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 946c0b655..4931d127e 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -12,12 +12,16 @@ kind: NodeConfig kubeletArguments: {{ openshift.node.kubelet_args | to_json }} {% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +{% endif %} # networkConfig struct introduced in origin 1.0.6 and OSE 3.0.2 which # deprecates networkPluginName above. The two should match. networkConfig: mtu: {{ openshift.node.sdn_mtu }} +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +{% endif %} nodeName: {{ openshift.common.hostname | lower }} podManifestConfig: servingInfo: -- cgit v1.2.3 From 2679d760c8abbb1140f82582329dfdc8be835a76 Mon Sep 17 00:00:00 2001 From: Jaroslav Henner Date: Sat, 17 Oct 2015 22:40:40 +0200 Subject: Increase sleep when waiting for IP. It was timeouting on slower hardware. --- playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index 2a0c90b46..4b91c6da8 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -64,7 +64,7 @@ register: nb_allocated_ips until: nb_allocated_ips.stdout == '{{ instances | length }}' retries: 60 - delay: 1 + delay: 3 when: instances | length != 0 - name: Collect IP addresses of the VMs -- cgit v1.2.3 From 94c2ba099a87c3dc6b87f9bf916c1282a7266e45 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 8 Oct 2015 17:52:01 -0400 Subject: Adjust the logic as to when examples are deployed --- playbooks/common/openshift-master/config.yml | 3 +-- roles/openshift_examples/defaults/main.yml | 6 +++--- roles/openshift_examples/tasks/main.yml | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 64cf7a65b..769bb2c6d 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -216,8 +216,7 @@ roles: - role: openshift_master_cluster when: openshift_master_ha | bool - - role: openshift_examples - when: deployment_type in ['enterprise','openshift-enterprise','origin'] + - openshift_examples - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 7d4f100e3..caab9b8d6 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -1,9 +1,9 @@ --- # By default install rhel and xpaas streams on enterprise installs -openshift_examples_load_centos: "{{ openshift_deployment_type != 'enterprise' }}" -openshift_examples_load_rhel: "{{ openshift_deployment_type == 'enterprise' }}" +openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" +openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: "{{ openshift_deployment_type == 'enterprise' }}" +openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" openshift_examples_load_quickstarts: true examples_base: /usr/share/openshift/examples diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index 3a829a4c6..ef98237cd 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -9,7 +9,7 @@ command: > {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ rhel_image_streams }} when: openshift_examples_load_rhel - register: oex_import_rhel_streams + register: oex_import_rhel_streams | bool failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0" changed_when: false @@ -32,7 +32,7 @@ - name: Import quickstart-templates command: > {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ quickstarts_base }} - when: openshift_examples_load_quickstarts + when: openshift_examples_load_quickstarts | bool register: oex_import_quickstarts failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" changed_when: false -- cgit v1.2.3 From bced0615a4edf4f2a42073a365dc756009ccc250 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 20 Oct 2015 12:34:51 -0400 Subject: Fix yaml indentation from use_openshift_sdn conditional --- roles/openshift_master/templates/master.yaml.v1.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index cc1dee13d..6e45eaad7 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -87,9 +87,9 @@ masterPublicURL: {{ openshift.master.public_api_url }} networkConfig: clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }} hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }} - {% if openshift.common.use_openshift_sdn %} +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} - {% endif %} +{% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.master.portal_net }} {% include 'v1_partials/oauthConfig.j2' %} -- cgit v1.2.3 From cc43b2ee85ed3f55529ac12107780aec414affee Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 20 Oct 2015 12:57:18 -0400 Subject: Add match online imagestream/template loading to enterprise --- roles/openshift_examples/defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index caab9b8d6..2043985ec 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -1,9 +1,9 @@ --- # By default install rhel and xpaas streams on enterprise installs -openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" -openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" +openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise'] }}" +openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" openshift_examples_load_quickstarts: true examples_base: /usr/share/openshift/examples -- cgit v1.2.3 From ba80a2c5b19614c87d2ce0568ed8830c62d40f95 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 20 Oct 2015 17:00:14 -0400 Subject: Zabbix server stat fixes. enable the proper item types. --- roles/lib_zabbix/library/zbx_item.py | 2 + roles/lib_zabbix/tasks/create_template.yml | 2 + roles/os_zabbix/vars/template_app_zabbix_agent.yml | 4 +- .../os_zabbix/vars/template_app_zabbix_server.yml | 62 +++++++++++----------- 4 files changed, 38 insertions(+), 32 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 6faa82dfc..caca2df52 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -125,6 +125,7 @@ def main(): template_name=dict(default=None, type='str'), zabbix_type=dict(default=2, type='int'), value_type=dict(default='int', type='str'), + interval=dict(default=60, type='int'), multiplier=dict(default=None, type='str'), description=dict(default=None, type='str'), units=dict(default=None, type='str'), @@ -189,6 +190,7 @@ def main(): 'multiplier': use_multiplier, 'description': module.params['description'], 'units': module.params['units'], + 'delay': module.params['interval'], } # Remove any None valued params diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 41381e76c..df7888a95 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -38,6 +38,8 @@ units: "{{ item.units | default('', True) }}" template_name: "{{ template.name }}" applications: "{{ item.applications }}" + zabbix_type: "{{ item.zabbix_type | default(2, True) }}" + interval: "{{ item.interval | default(60, True) }}" with_items: template.zitems register: created_items when: template.zitems is defined diff --git a/roles/os_zabbix/vars/template_app_zabbix_agent.yml b/roles/os_zabbix/vars/template_app_zabbix_agent.yml index 06c4eda8b..6349b6384 100644 --- a/roles/os_zabbix/vars/template_app_zabbix_agent.yml +++ b/roles/os_zabbix/vars/template_app_zabbix_agent.yml @@ -6,14 +6,14 @@ g_template_app_zabbix_agent: applications: - Zabbix agent value_type: character - zabbix_type: '0' + zabbix_type: 0 - key: agent.ping applications: - Zabbix agent description: The agent always returns 1 for this item. It could be used in combination with nodata() for availability check. value_type: int - zabbix_type: '0' + zabbix_type: 0 ztriggers: - name: '[Reboot] Zabbix agent on {HOST.NAME} is unreachable for 15 minutes' diff --git a/roles/os_zabbix/vars/template_app_zabbix_server.yml b/roles/os_zabbix/vars/template_app_zabbix_server.yml index dace2aa29..185ed7ecd 100644 --- a/roles/os_zabbix/vars/template_app_zabbix_server.yml +++ b/roles/os_zabbix/vars/template_app_zabbix_server.yml @@ -8,7 +8,7 @@ g_template_app_zabbix_server: description: A simple count of the number of partition creates output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: 5 - key: housekeeper_drops applications: @@ -16,7 +16,7 @@ g_template_app_zabbix_server: description: A simple count of the number of partition drops output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: 5 - key: housekeeper_errors applications: @@ -24,7 +24,7 @@ g_template_app_zabbix_server: description: A simple count of the number of errors output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: 5 - key: housekeeper_total applications: @@ -33,7 +33,7 @@ g_template_app_zabbix_server: script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: 5 - key: zabbix[process,alerter,avg,busy] applications: @@ -41,7 +41,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,configuration syncer,avg,busy] applications: @@ -49,7 +49,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,db watchdog,avg,busy] applications: @@ -57,7 +57,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,discoverer,avg,busy] applications: @@ -65,7 +65,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,escalator,avg,busy] applications: @@ -73,7 +73,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,history syncer,avg,busy] applications: @@ -81,7 +81,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,housekeeper,avg,busy] applications: @@ -89,7 +89,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,http poller,avg,busy] applications: @@ -97,7 +97,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,icmp pinger,avg,busy] applications: @@ -105,7 +105,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,ipmi poller,avg,busy] applications: @@ -113,7 +113,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,java poller,avg,busy] applications: @@ -121,7 +121,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,node watcher,avg,busy] applications: @@ -129,7 +129,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,poller,avg,busy] applications: @@ -137,7 +137,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,proxy poller,avg,busy] applications: @@ -145,7 +145,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,self-monitoring,avg,busy] applications: @@ -153,7 +153,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,snmp trapper,avg,busy] applications: @@ -161,7 +161,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,timer,avg,busy] applications: @@ -169,7 +169,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,trapper,avg,busy] applications: @@ -177,7 +177,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[process,unreachable poller,avg,busy] applications: @@ -185,7 +185,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[queue,10m] applications: @@ -193,7 +193,8 @@ g_template_app_zabbix_server: description: '' units: '' value_type: int - zabbix_type: '5' + zabbix_type: 5 + interval: 600 - key: zabbix[queue] applications: @@ -201,7 +202,8 @@ g_template_app_zabbix_server: description: '' units: '' value_type: int - zabbix_type: '5' + zabbix_type: 5 + interval: 600 - key: zabbix[rcache,buffer,pfree] applications: @@ -209,7 +211,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[wcache,history,pfree] applications: @@ -217,7 +219,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[wcache,text,pfree] applications: @@ -225,7 +227,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[wcache,trend,pfree] applications: @@ -233,7 +235,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: 5 - key: zabbix[wcache,values] applications: @@ -241,7 +243,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: 5 ztriggers: - description: "There has been unexpected output while running the housekeeping script\ \ on the Zabbix. There are only three kinds of lines we expect to see in the output,\ -- cgit v1.2.3 From c16cc8398b4313cdee12a1332a268c8979481ac7 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Tue, 20 Oct 2015 17:31:09 -0400 Subject: Adding delta feature to zbx_item --- roles/lib_zabbix/library/zbx_item.py | 2 ++ roles/lib_zabbix/tasks/create_template.yml | 1 + roles/os_zabbix/vars/template_app_zabbix_server.yml | 2 ++ 3 files changed, 5 insertions(+) diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index caca2df52..2cd00dd27 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -126,6 +126,7 @@ def main(): zabbix_type=dict(default=2, type='int'), value_type=dict(default='int', type='str'), interval=dict(default=60, type='int'), + delta=dict(default=0, type='int'), multiplier=dict(default=None, type='str'), description=dict(default=None, type='str'), units=dict(default=None, type='str'), @@ -191,6 +192,7 @@ def main(): 'description': module.params['description'], 'units': module.params['units'], 'delay': module.params['interval'], + 'delta': module.params['delta'], } # Remove any None valued params diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index df7888a95..d5168a9f4 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -40,6 +40,7 @@ applications: "{{ item.applications }}" zabbix_type: "{{ item.zabbix_type | default(2, True) }}" interval: "{{ item.interval | default(60, True) }}" + delta: "{{ item.delta | default(0, True) }}" with_items: template.zitems register: created_items when: template.zitems is defined diff --git a/roles/os_zabbix/vars/template_app_zabbix_server.yml b/roles/os_zabbix/vars/template_app_zabbix_server.yml index 185ed7ecd..aeec16254 100644 --- a/roles/os_zabbix/vars/template_app_zabbix_server.yml +++ b/roles/os_zabbix/vars/template_app_zabbix_server.yml @@ -244,6 +244,8 @@ g_template_app_zabbix_server: units: '' value_type: float zabbix_type: 5 + delta: 1 # speed per second + ztriggers: - description: "There has been unexpected output while running the housekeeping script\ \ on the Zabbix. There are only three kinds of lines we expect to see in the output,\ -- cgit v1.2.3 From 8691cd2947146a24237fadc443eb02acf805a606 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Fri, 11 Sep 2015 13:13:17 -0700 Subject: Support HA or single router, and start work on registry --- inventory/byo/hosts.example | 4 +++ playbooks/adhoc/s3_registry/s3_registry.yml | 16 +++++++++--- playbooks/aws/openshift-cluster/launch.yml | 5 ---- .../common/openshift-cluster/create_services.yml | 8 ------ playbooks/common/openshift-master/config.yml | 7 ++++++ roles/openshift_facts/library/openshift_facts.py | 29 +++++++++++++++++++++- roles/openshift_master/tasks/main.yml | 3 +++ roles/openshift_registry/tasks/main.yml | 11 +++++--- roles/openshift_router/tasks/main.yml | 11 +++++--- 9 files changed, 69 insertions(+), 25 deletions(-) delete mode 100644 playbooks/common/openshift-cluster/create_services.yml diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index f554cc660..6b366cf87 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -75,6 +75,10 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # default project node selector #osm_default_node_selector='region=primary' +# default selectors for router and registry services +# openshift_router_selector='region=infra' +# openshift_registry_selector='region=infra' + # set RPM version for debugging purposes #openshift_pkg_version=-3.0.0.0 diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 5dc1abf17..4dcef1a42 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -6,13 +6,14 @@ # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. # The 'clusterid' is the short name of your cluster. -- hosts: security_group_{{ clusterid }}_master +- hosts: tag_env-host-type_{{ clusterid }}-openshift-master remote_user: root gather_facts: False vars: - aws_access_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" - aws_secret_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}" + aws_access_key: "{{ lookup('env', 'S3_ACCESS_KEY_ID') }}" + aws_secret_key: "{{ lookup('env', 'S3_SECRET_ACCESS_KEY') }}" + tasks: - name: Check for AWS creds @@ -23,10 +24,16 @@ - aws_access_key - aws_secret_key + - name: Scale down registry + command: oc scale --replicas=0 dc/docker-registry + - name: Create S3 bucket local_action: module: s3 bucket="{{ clusterid }}-docker" mode=create + - name: Set up registry environment variable + command: oc env dc/docker-registry REGISTRY_CONFIGURATION_PATH=/etc/registryconfig/config.yml + - name: Generate docker registry config template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 @@ -54,6 +61,9 @@ command: oc volume dc/docker-registry --add --name=dockersecrets -m /etc/registryconfig --type=secret --secret-name=dockerregistry when: "'dockersecrets' not in dc.stdout" + - name: Wait for deployment config to take effect before scaling up + pause: seconds=30 + - name: Scale up registry command: oc scale --replicas=1 dc/docker-registry diff --git a/playbooks/aws/openshift-cluster/launch.yml b/playbooks/aws/openshift-cluster/launch.yml index a89275597..786918929 100644 --- a/playbooks/aws/openshift-cluster/launch.yml +++ b/playbooks/aws/openshift-cluster/launch.yml @@ -55,9 +55,4 @@ when: master_names is defined and master_names.0 is defined - include: update.yml - -- include: ../../common/openshift-cluster/create_services.yml - vars: - g_svc_master: "{{ service_master }}" - - include: list.yml diff --git a/playbooks/common/openshift-cluster/create_services.yml b/playbooks/common/openshift-cluster/create_services.yml deleted file mode 100644 index e70709d19..000000000 --- a/playbooks/common/openshift-cluster/create_services.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Deploy OpenShift Services - hosts: "{{ g_svc_master }}" - connection: ssh - gather_facts: yes - roles: - - openshift_registry - - openshift_router diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 14ec82e85..678e1c2d5 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -254,3 +254,10 @@ roles: - openshift_serviceaccounts + +- name: Create services + hosts: oo_first_master + + roles: + - openshift_router +# - openshift_registry diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 69bb49c9b..6a32b24aa 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1,6 +1,9 @@ -#!/usr/bin/python +#!/usr/bin/python # pylint: disable=too-many-lines # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 +# Reason: Disable pylint too-many-lines because we don't want to split up this file. +# Status: Permanently disabled to keep this module as self-contained as possible. + """Ansible module for retrieving and setting openshift related facts""" DOCUMENTATION = ''' @@ -318,6 +321,29 @@ def set_node_schedulability(facts): facts['node']['schedulable'] = True return facts +def set_master_selectors(facts): + """ Set selectors facts if not already present in facts dict + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated selectors + facts if they were not already present + + """ + if 'master' in facts: + if 'infra_nodes' in facts['master']: + deployment_type = facts['common']['deployment_type'] + if deployment_type == 'online': + selector = "type=infra" + else: + selector = "region=infra" + + if 'router_selector' not in facts['master']: + facts['master']['router_selector'] = selector + if 'registry_selector' not in facts['master']: + facts['master']['registry_selector'] = selector + return facts + def set_metrics_facts_if_unset(facts): """ Set cluster metrics facts if not already present in facts dict dict: the facts dict updated with the generated cluster metrics facts if @@ -782,6 +808,7 @@ class OpenShiftFacts(object): facts = set_url_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) facts = set_node_schedulability(facts) + facts = set_master_selectors(facts) facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_sdn_facts_if_unset(facts) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 73c04cb08..4dcab31d1 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -52,8 +52,11 @@ default_subdomain: "{{ osm_default_subdomain | default(None) }}" custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" default_node_selector: "{{ osm_default_node_selector | default(None) }}" + router_selector: "{{ openshift_router_selector | default(None) }}" + registry_selector: "{{ openshift_registry_selector | default(None) }}" api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" + infra_nodes: "{{ num_infra | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present diff --git a/roles/openshift_registry/tasks/main.yml b/roles/openshift_registry/tasks/main.yml index 29387d7d5..749eea5c0 100644 --- a/roles/openshift_registry/tasks/main.yml +++ b/roles/openshift_registry/tasks/main.yml @@ -1,11 +1,14 @@ --- -- set_fact: _oreg_images="--images={{ oreg_url|quote }}" - when: oreg_url is defined +# This role is unused until we add options for configuring the backend storage + +- set_fact: _oreg_images="--images='{{ openshift.master.registry_url }}'" + +- set_fact: _oreg_selector="--selector='{{ openshift.master.registry_selector }}'" - name: Deploy OpenShift Registry command: > {{ openshift.common.admin_binary }} registry - --create - --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images|default() }} + --create --service-account=registry {{ _oreg_selector }} + --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images }} register: _oreg_results changed_when: "'service exists' not in _oreg_results.stdout" diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml index 929177262..b88b020fe 100644 --- a/roles/openshift_router/tasks/main.yml +++ b/roles/openshift_router/tasks/main.yml @@ -1,11 +1,14 @@ --- -- set_fact: _ortr_images="--images={{ oreg_url|quote }}" - when: oreg_url is defined + +- set_fact: _ortr_images="--images='{{ openshift.master.registry_url }}'" + +- set_fact: _ortr_selector="--selector='{{ openshift.master.router_selector }}'" - name: Deploy OpenShift Router command: > {{ openshift.common.admin_binary }} router - --create - --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images|default() }} + --create --replicas={{ num_infra }} + --service-account=router {{ _ortr_selector }} + --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images }} register: _ortr_results changed_when: "'service exists' not in _ortr_results.stdout" -- cgit v1.2.3 From a921f8c296467cf72b0d273d8891dcd2f2570bea Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 21 Oct 2015 17:25:51 -0400 Subject: Fix yaml tabbing --- playbooks/adhoc/upgrades/upgrade.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index b43ab7607..56a1df860 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -61,7 +61,7 @@ --exclude-groups=system:unauthenticated --exclude-users=system:anonymous --additive-only=true --confirm - when: ( _new_version.stdout | version_compare('1.0.6', '>') and _new_version.stdout | version_compare('3.0','<') ) or _new_version.stdout | version_compare('3.0.2','>') + when: ( _new_version.stdout | version_compare('1.0.6', '>') and _new_version.stdout | version_compare('3.0','<') ) or _new_version.stdout | version_compare('3.0.2','>') - name: Upgrade default router hosts: oo_first_master -- cgit v1.2.3 From 3fb04f44a1abdde346f9e82ba9fb8df851691be2 Mon Sep 17 00:00:00 2001 From: Francisco Gimeno Date: Wed, 21 Oct 2015 23:26:29 +0000 Subject: Remove pylint comment from Sha-Bang. SSH process get hung when calling python # pylint: disable=too-many-lines --- roles/openshift_facts/library/openshift_facts.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 6a32b24aa..bd8d96657 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1,4 +1,5 @@ -#!/usr/bin/python # pylint: disable=too-many-lines +#!/usr/bin/python +# pylint: disable=too-many-lines # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 # Reason: Disable pylint too-many-lines because we don't want to split up this file. -- cgit v1.2.3 From d121d8c208d4b5ea974f2f9d1ecf529f8fca7f44 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 22 Oct 2015 01:11:25 -0400 Subject: Conditionally include openshift_router role. --- playbooks/common/openshift-master/config.yml | 6 +++--- roles/openshift_router/tasks/main.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 678e1c2d5..f4bf0e62c 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -257,7 +257,7 @@ - name: Create services hosts: oo_first_master - roles: - - openshift_router -# - openshift_registry + - role: openshift_router + when: openshift.master.infra_nodes is defined + #- role: openshift_registry diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml index b88b020fe..498a65127 100644 --- a/roles/openshift_router/tasks/main.yml +++ b/roles/openshift_router/tasks/main.yml @@ -7,7 +7,7 @@ - name: Deploy OpenShift Router command: > {{ openshift.common.admin_binary }} router - --create --replicas={{ num_infra }} + --create --replicas={{ openshift.master.infra_nodes }} --service-account=router {{ _ortr_selector }} --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images }} register: _ortr_results -- cgit v1.2.3 From 6af8c35b6f7e07631ecc33a92230876b55be0123 Mon Sep 17 00:00:00 2001 From: Michal Fojtik Date: Thu, 22 Oct 2015 13:32:58 +0200 Subject: Update examples-sync.sh Fixes: https://github.com/openshift/openshift-ansible/issues/722 --- roles/openshift_examples/examples-sync.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 3047a3add..ba3bf9cba 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -15,7 +15,7 @@ wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master wget https://github.com/openshift/nodejs-ex/archive/master.zip -O nodejs-ex-master.zip wget https://github.com/openshift/dancer-ex/archive/master.zip -O dancer-ex-master.zip wget https://github.com/openshift/cakephp-ex/archive/master.zip -O cakephp-ex-master.zip -wget https://github.com/jboss-openshift/application-templates/archive/master.zip -O application-templates-master.zip +wget https://github.com/jboss-openshift/application-templates/archive//ose-v1.0.2.zip -O application-templates-master.zip unzip origin-master.zip unzip django-ex-master.zip unzip rails-ex-master.zip -- cgit v1.2.3 From 17a6e2c6f0ae55c875adb0ccf8b5c239e587da7b Mon Sep 17 00:00:00 2001 From: Michal Fojtik Date: Thu, 22 Oct 2015 13:40:00 +0200 Subject: Update examples-sync.sh --- roles/openshift_examples/examples-sync.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index ba3bf9cba..21137e31b 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -15,7 +15,7 @@ wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master wget https://github.com/openshift/nodejs-ex/archive/master.zip -O nodejs-ex-master.zip wget https://github.com/openshift/dancer-ex/archive/master.zip -O dancer-ex-master.zip wget https://github.com/openshift/cakephp-ex/archive/master.zip -O cakephp-ex-master.zip -wget https://github.com/jboss-openshift/application-templates/archive//ose-v1.0.2.zip -O application-templates-master.zip +wget https://github.com/jboss-openshift/application-templates/archive/ose-v1.0.2.zip -O application-templates-master.zip unzip origin-master.zip unzip django-ex-master.zip unzip rails-ex-master.zip -- cgit v1.2.3 From 0c5e2522e44aee9309336049633eb82531f997b6 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Tue, 20 Oct 2015 14:38:22 -0400 Subject: Improvements to uninstallation playbook This is related to https://trello.com/c/314nwSvt/58-3-uninstall-playbook The original atomic_openshift_tutorial_reset.yml now calls the uninstall playbook for most parts. All the originally functionally is still intact. The main differences between the two playbooks is that the uninstall playbook is careful only to delete content that ansible originally installed. --- .../adhoc/atomic_openshift_tutorial_reset.yml | 77 +------------- playbooks/adhoc/uninstall.yml | 111 +++++++++++++++++++++ 2 files changed, 114 insertions(+), 74 deletions(-) create mode 100644 playbooks/adhoc/uninstall.yml diff --git a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml index 54d3ea278..c14d08e87 100644 --- a/playbooks/adhoc/atomic_openshift_tutorial_reset.yml +++ b/playbooks/adhoc/atomic_openshift_tutorial_reset.yml @@ -1,6 +1,9 @@ # This deletes *ALL* Docker images, and uninstalls OpenShift and # Atomic Enterprise RPMs. It is primarily intended for use # with the tutorial as well as for developers to reset state. +# +--- +- include: uninstall.yml - hosts: - OSEv3:children @@ -8,59 +11,6 @@ sudo: yes tasks: - - service: name={{ item }} state=stopped - with_items: - - openvswitch - - origin-master - - origin-node - - atomic-openshift-master - - atomic-openshift-node - - openshift-master - - openshift-node - - atomic-enterprise-master - - atomic-enterprise-node - - etcd - - - yum: name={{ item }} state=absent - with_items: - - openvswitch - - etcd - - origin - - origin-master - - origin-node - - origin-sdn-ovs - - tuned-profiles-origin-node - - atomic-openshift - - atomic-openshift-master - - atomic-openshift-node - - atomic-openshift-sdn-ovs - - tuned-profiles-atomic-openshift-node - - atomic-enterprise - - atomic-enterprise-master - - atomic-enterprise-node - - atomic-enterprise-sdn-ovs - - tuned-profiles-atomic-enterprise-node - - openshift - - openshift-master - - openshift-node - - openshift-sdn-ovs - - tuned-profiles-openshift-node - - - shell: systemctl reset-failed - changed_when: False - - - shell: systemctl daemon-reload - changed_when: False - - - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true - changed_when: False - - - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true - changed_when: False - - - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true - changed_when: False - - shell: docker ps -a -q | xargs docker stop changed_when: False failed_when: False @@ -73,27 +23,6 @@ changed_when: False failed_when: False - - file: path={{ item }} state=absent - with_items: - - /etc/openshift-sdn - - /root/.kube - - /etc/origin - - /etc/atomic-enterprise - - /etc/openshift - - /var/lib/origin - - /var/lib/openshift - - /var/lib/atomic-enterprise - - /etc/sysconfig/origin-master - - /etc/sysconfig/origin-node - - /etc/sysconfig/atomic-openshift-master - - /etc/sysconfig/atomic-openshift-node - - /etc/sysconfig/openshift-master - - /etc/sysconfig/openshift-node - - /etc/sysconfig/atomic-enterprise-master - - /etc/sysconfig/atomic-enterprise-node - - /etc/etcd - - /var/lib/etcd - - user: name={{ item }} state=absent remove=yes with_items: - alice diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml new file mode 100644 index 000000000..1a3c56d95 --- /dev/null +++ b/playbooks/adhoc/uninstall.yml @@ -0,0 +1,111 @@ +# This deletes *ALL* Origin, Atomic Enterprise Platform and OpenShift +# Enterprise content installed by ansible. This includes: +# +# configuration +# containers +# example templates and imagestreams +# images +# RPMs +--- +- hosts: + - OSEv3:children + + sudo: yes + + tasks: + - service: name={{ item }} state=stopped + with_items: + - openvswitch + - origin-master + - origin-node + - atomic-openshift-master + - atomic-openshift-node + - openshift-master + - openshift-node + - atomic-enterprise-master + - atomic-enterprise-node + - etcd + + - yum: name={{ item }} state=absent + with_items: + - openvswitch + - etcd + - origin + - origin-master + - origin-node + - origin-sdn-ovs + - tuned-profiles-origin-node + - atomic-openshift + - atomic-openshift-master + - atomic-openshift-node + - atomic-openshift-sdn-ovs + - tuned-profiles-atomic-openshift-node + - atomic-enterprise + - atomic-enterprise-master + - atomic-enterprise-node + - atomic-enterprise-sdn-ovs + - tuned-profiles-atomic-enterprise-node + - openshift + - openshift-master + - openshift-node + - openshift-sdn-ovs + - tuned-profiles-openshift-node + + - shell: systemctl reset-failed + changed_when: False + + - shell: systemctl daemon-reload + changed_when: False + + - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true + changed_when: False + + - shell: docker rm -f "{{ item }}"-master "{{ item }}"-node + changed_when: False + failed_when: False + with_items: + - openshift-enterprise + - atomic-enterprise + - origin + + - shell: docker images | grep {{ item }} | awk '{ print $3 }' + changed_when: False + failed_when: False + register: images_to_delete + with_items: + - registry.access.redhat.com/openshift3 + - registry.access.redhat.com/aep3 + - docker.io/openshift + + - shell: "docker rmi {{ item.stdout_lines | join(' ') }}" + changed_when: False + failed_when: False + with_items: "{{ images_to_delete.results }}" + + - file: path={{ item }} state=absent + with_items: + - /etc/atomic-enterprise + - /etc/etcd + - /etc/openshift + - /etc/openshift-sdn + - /etc/origin + - /etc/sysconfig/atomic-enterprise-master + - /etc/sysconfig/atomic-enterprise-node + - /etc/sysconfig/atomic-openshift-master + - /etc/sysconfig/atomic-openshift-node + - /etc/sysconfig/openshift-master + - /etc/sysconfig/openshift-node + - /etc/sysconfig/origin-master + - /etc/sysconfig/origin-node + - /root/.kube + - /usr/share/openshift/examples + - /var/lib/atomic-enterprise + - /var/lib/etcd + - /var/lib/openshift + - /var/lib/origin -- cgit v1.2.3 From 1bf7844f61785e717f8563d03994841d0a71ac28 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 21 Oct 2015 10:26:45 -0400 Subject: Adding *master-api and *master-controllers to the list of units to stop (also sorted the various lists alphabetically) --- playbooks/adhoc/uninstall.yml | 44 ++++++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 1a3c56d95..ecd858e68 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -15,41 +15,47 @@ tasks: - service: name={{ item }} state=stopped with_items: - - openvswitch - - origin-master - - origin-node + - atomic-enterprise-master + - atomic-enterprise-node - atomic-openshift-master + - atomic-openshift-master-api + - atomic-openshift-master-controllers - atomic-openshift-node + - etcd - openshift-master + - openshift-master-api + - openshift-master-controllers - openshift-node - - atomic-enterprise-master - - atomic-enterprise-node - - etcd - - - yum: name={{ item }} state=absent - with_items: - openvswitch - - etcd - - origin - origin-master + - origin-master-api + - origin-master-controllers - origin-node - - origin-sdn-ovs - - tuned-profiles-origin-node - - atomic-openshift - - atomic-openshift-master - - atomic-openshift-node - - atomic-openshift-sdn-ovs - - tuned-profiles-atomic-openshift-node + + - yum: name={{ item }} state=absent + with_items: - atomic-enterprise - atomic-enterprise-master - atomic-enterprise-node - atomic-enterprise-sdn-ovs - - tuned-profiles-atomic-enterprise-node + - atomic-openshift + - atomic-openshift-master + - atomic-openshift-node + - atomic-openshift-sdn-ovs + - etcd - openshift - openshift-master - openshift-node - openshift-sdn-ovs + - openvswitch + - origin + - origin-master + - origin-node + - origin-sdn-ovs + - tuned-profiles-atomic-enterprise-node + - tuned-profiles-atomic-openshift-node - tuned-profiles-openshift-node + - tuned-profiles-origin-node - shell: systemctl reset-failed changed_when: False -- cgit v1.2.3 From 1b0c615d3c1c7dfd6484ba399763282586475599 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 21 Oct 2015 11:31:18 -0400 Subject: Removing the openshift facts --- playbooks/adhoc/uninstall.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index ecd858e68..3e865706d 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -96,6 +96,7 @@ - file: path={{ item }} state=absent with_items: + - /etc/ansible/facts.d/openshift.fact - /etc/atomic-enterprise - /etc/etcd - /etc/openshift -- cgit v1.2.3 From 6ada8b8eb4ebe60ba18226caa5b4812b26161379 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 21 Oct 2015 15:56:24 -0400 Subject: Deleting exited openshift containers and some other minor touch ups --- playbooks/adhoc/uninstall.yml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 3e865706d..40db668da 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -39,6 +39,7 @@ - atomic-enterprise-node - atomic-enterprise-sdn-ovs - atomic-openshift + - atomic-openshift-clients - atomic-openshift-master - atomic-openshift-node - atomic-openshift-sdn-ovs @@ -46,6 +47,7 @@ - openshift - openshift-master - openshift-node + - openshift-sdn - openshift-sdn-ovs - openvswitch - origin @@ -80,6 +82,20 @@ - atomic-enterprise - origin + - shell: docker ps -a | grep Exited | grep "{{ item }}" | awk '{print $1}' + changed_when: False + failed_when: False + register: exited_containers_to_delete + with_items: + - aep3/aep + - openshift3/ose + - openshift/origin + + - shell: "docker rm {{ item.stdout_lines | join(' ') }}" + changed_when: False + failed_when: False + with_items: "{{ exited_containers_to_delete.results }}" + - shell: docker images | grep {{ item }} | awk '{ print $3 }' changed_when: False failed_when: False @@ -89,7 +105,7 @@ - registry.access.redhat.com/aep3 - docker.io/openshift - - shell: "docker rmi {{ item.stdout_lines | join(' ') }}" + - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}" changed_when: False failed_when: False with_items: "{{ images_to_delete.results }}" -- cgit v1.2.3 From 46879ab6e7425804471a3902fda85a5085b88655 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 22 Oct 2015 10:57:05 -0400 Subject: Fix openshift_examples --- roles/openshift_examples/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index ef98237cd..40b7a5d6e 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -9,7 +9,7 @@ command: > {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ rhel_image_streams }} when: openshift_examples_load_rhel - register: oex_import_rhel_streams | bool + register: oex_import_rhel_streams failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0" changed_when: false -- cgit v1.2.3 From 1192791e4689c0d80c74c25c2ae7765aa0a52a67 Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Thu, 22 Oct 2015 14:19:28 -0400 Subject: Lower priority to stop the paging action. --- roles/os_zabbix/vars/template_os_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 69432273f..3ae1500bc 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -248,7 +248,7 @@ g_template_os_linux: - name: 'CPU idle less than 5% on {HOST.NAME}' expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<5 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<5' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc' - priority: high + priority: average description: 'CPU is less than 5% idle' - name: 'CPU idle less than 10% on {HOST.NAME}' -- cgit v1.2.3