From a1228a7c4acdb088fbf43c9a67b7eccf7ee67d07 Mon Sep 17 00:00:00 2001 From: Luke Meyer Date: Thu, 27 Apr 2017 13:09:08 -0400 Subject: health check playbooks: relocate and expand We are moving toward having adhoc post-install checks and so the "preflight" designation needs to be widened. Updated location to playbooks/byo/openshift-checks, added health check playbook, and updated README. Also included the certificate_expiry playbooks. Left behind symlinks and wrappers for existing checks. To conform with the direction of the rest of the repo, the openshift-checks playbooks are split into two directories, one under playbooks/common with the actual invocation and one under playbooks/byo for entrypoints that are just wrappers for the ones in common. Because the certificate_expiry playbooks are intended not just to be functional but to be examples that users modify, I did not split them similarly. That could happen later after discussion but for now I just left them whole under byo/openshift-checks/certificate_expiry. --- .../certificate_expiry/easy-mode-upload.yaml | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml (limited to 'playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml') diff --git a/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml b/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml new file mode 100644 index 000000000..378d1f154 --- /dev/null +++ b/playbooks/byo/openshift-checks/certificate_expiry/easy-mode-upload.yaml @@ -0,0 +1,40 @@ +# This example generates HTML and JSON reports and +# +# Copies of the generated HTML and JSON reports are uploaded to the masters, +# which is particularly useful when this playbook is run from a container. +# +# All certificates (healthy or not) are included in the results +# +# Optional environment variables to alter the behaviour of the playbook: +# CERT_EXPIRY_WARN_DAYS: Length of the warning window in days (45) +# COPY_TO_PATH: path to copy reports to in the masters (/etc/origin/certificate_expiration_report) +--- +- name: Generate certificate expiration reports + hosts: nodes:masters:etcd + gather_facts: no + vars: + openshift_certificate_expiry_save_json_results: yes + openshift_certificate_expiry_generate_html_report: yes + openshift_certificate_expiry_show_all: yes + openshift_certificate_expiry_warning_days: "{{ lookup('env', 'CERT_EXPIRY_WARN_DAYS') | default('45', true) }}" + roles: + - role: openshift_certificate_expiry + +- name: Upload reports to master + hosts: masters + gather_facts: no + vars: + destination_path: "{{ lookup('env', 'COPY_TO_PATH') | default('/etc/origin/certificate_expiration_report', true) }}" + timestamp: "{{ lookup('pipe', 'date +%Y%m%d') }}" + tasks: + - name: Ensure that the target directory exists + file: + path: "{{ destination_path }}" + state: directory + - name: Copy the reports + copy: + dest: "{{ destination_path }}/{{ timestamp }}-{{ item }}" + src: "/tmp/{{ item }}" + with_items: + - "cert-expiry-report.html" + - "cert-expiry-report.json" -- cgit v1.2.3