From a22fbd327ab9decda9543d47c1ba375b9faecffd Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Tue, 18 Aug 2015 10:46:23 +0200 Subject: GCE-support (more information in PR, README_GCE.md) --- .../openshift-cluster/files/heat_stack.yaml | 20 +++++++++++-- playbooks/openstack/openshift-cluster/launch.yml | 35 ++++++++++++++++++---- 2 files changed, 47 insertions(+), 8 deletions(-) (limited to 'playbooks/openstack/openshift-cluster') diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 40e4ab22c..e3e2b6872 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -88,6 +88,12 @@ parameters: label: Infra flavor description: Flavor of the infra node servers + key_pair: + type: string + label: Key name + description: Name of the key + + outputs: master_names: @@ -250,6 +256,14 @@ resources: port_range_max: 10250 remote_mode: remote_group_id remote_group_id: { get_resource: master-secgrp } + - direction: ingress + protocol: tcp + port_range_min: 30001 + port_range_max: 30001 + - direction: ingress + protocol: tcp + port_range_min: 30850 + port_range_max: 30850 infra-secgrp: type: OS::Neutron::SecurityGroup @@ -291,7 +305,7 @@ resources: type: master image: { get_param: master_image } flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -323,7 +337,7 @@ resources: subtype: compute image: { get_param: node_image } flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -355,7 +369,7 @@ resources: subtype: infra image: { get_param: infra_image } flavor: { get_param: infra_flavor } - key_name: { get_resource: keypair } + key_name: { get_param: key_pair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 651aef40b..5f1780476 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -19,15 +19,32 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - set_fact: - heat_stack_action: 'stack-create' + - name: Create OpenStack Stack + command: 'heat stack-create -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} + -P cluster_id={{ cluster_id }} + -P dns_nameservers={{ openstack_network_dns | join(",") }} + -P cidr={{ openstack_network_cidr }} + -P ssh_incoming={{ openstack_ssh_access_from }} + -P num_masters={{ num_masters }} + -P num_nodes={{ num_nodes }} + -P num_infra={{ num_infra }} + -P master_image={{ deployment_vars[deployment_type].image }} + -P node_image={{ deployment_vars[deployment_type].image }} + -P infra_image={{ deployment_vars[deployment_type].image }} + -P master_flavor={{ openstack_flavor["master"] }} + -P node_flavor={{ openstack_flavor["node"] }} + -P infra_flavor={{ openstack_flavor["infra"] }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" + openshift-ansible-{{ cluster_id }}-stack' when: stack_show_result.rc == 1 - set_fact: heat_stack_action: 'stack-update' when: stack_show_result.rc == 0 - - name: Create or Update OpenStack Stack - command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + - name: Update OpenStack Stack + command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + -P key_pair={{ openstack_ssh_keypair }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -50,7 +67,7 @@ shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 + retries: 300 delay: 1 failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] @@ -119,4 +136,12 @@ - include: update.yml +# Fix icmp reject iptables rules +# It should be solved in openshift-sdn but unfortunately it's not the case +# Mysterious +- name: Configuring Nodes for RBox + hosts: oo_nodes_to_config + roles: + - rbox-node + - include: list.yml -- cgit v1.2.3 From 9229927a98389f0dae2abb51e1df971f9457afb3 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Thu, 1 Oct 2015 15:33:32 +0200 Subject: oo_option fixed, some clean up --- bin/cluster | 2 +- inventory/gce/hosts/gce.py | 7 +------ playbooks/gce/openshift-cluster/join_node.yml | 17 +---------------- .../openstack/openshift-cluster/files/heat_stack.yaml | 8 -------- 4 files changed, 3 insertions(+), 31 deletions(-) (limited to 'playbooks/openstack/openshift-cluster') diff --git a/bin/cluster b/bin/cluster index e72ce547c..0e305141f 100755 --- a/bin/cluster +++ b/bin/cluster @@ -197,7 +197,7 @@ class Cluster(object): if args.option: for opt in args.option: k, v = opt.split('=', 1) - env[k] = v + env['cli_' + k] = v ansible_env = '-e \'{}\''.format( ' '.join(['%s=%s' % (key, value) for (key, value) in env.items()]) diff --git a/inventory/gce/hosts/gce.py b/inventory/gce/hosts/gce.py index bf018f1fe..6ed12e011 100755 --- a/inventory/gce/hosts/gce.py +++ b/inventory/gce/hosts/gce.py @@ -120,7 +120,6 @@ class GceInventory(object): os.path.dirname(os.path.realpath(__file__)), "gce.ini") gce_ini_path = os.environ.get('GCE_INI_PATH', gce_ini_default_path) - print "GCE INI PATH :: "+gce_ini_path # Create a ConfigParser. # This provides empty defaults to each key, so that environment @@ -175,10 +174,7 @@ class GceInventory(object): args[1] = os.environ.get('GCE_PEM_FILE_PATH', args[1]) kwargs['project'] = os.environ.get('GCE_PROJECT', kwargs['project']) - sys.stderr.write("GCE_EMAIL : "+args[0]+"\n") - sys.stderr.write("GCE_PEM_FILE_PATH : "+args[1]+"\n") - sys.stderr.write("GCE_PROJECT : "+kwargs['project']+"\n") - + # Retrieve and return the GCE driver. gce = get_driver(Provider.GCE)(*args, **kwargs) gce.connection.user_agent_append( @@ -291,5 +287,4 @@ class GceInventory(object): # Run the script -print "Hello world" GceInventory() diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index 613bbb34f..0dfa3e9d7 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -27,22 +27,6 @@ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: oo_nodes_to_config - - name: Add to preemptible group if needed - add_host: - name: "{{ node_ip }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_preemptible_nodes - when: preemptible is defined and preemptible == "true" - - - name: Add to not preemptible group if needed - add_host: - name: "{{ node_ip }}" - ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: oo_non_preemptible_nodes - when: preemptible is defined and preemptible == "false" - - name: Evaluate oo_first_master add_host: name: "{{ groups['tag_env-host-type-' ~ cluster_id ~ '-openshift-master'][0] }}" @@ -59,6 +43,7 @@ openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" openshift_use_openshift_sdn: true + openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index e3e2b6872..cd2636c9c 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -256,14 +256,6 @@ resources: port_range_max: 10250 remote_mode: remote_group_id remote_group_id: { get_resource: master-secgrp } - - direction: ingress - protocol: tcp - port_range_min: 30001 - port_range_max: 30001 - - direction: ingress - protocol: tcp - port_range_min: 30850 - port_range_max: 30850 infra-secgrp: type: OS::Neutron::SecurityGroup -- cgit v1.2.3 From b8dcab08624bfdc4e89a144b82caa68883d1f861 Mon Sep 17 00:00:00 2001 From: Chengcheng Mu Date: Thu, 1 Oct 2015 15:45:45 +0200 Subject: Removed some application specific code like insecure registries, heat template --- playbooks/openstack/openshift-cluster/files/heat_stack.yaml | 12 +++--------- roles/openshift_master/tasks/main.yml | 9 --------- roles/openshift_node/tasks/main.yml | 6 ------ 3 files changed, 3 insertions(+), 24 deletions(-) (limited to 'playbooks/openstack/openshift-cluster') diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index cd2636c9c..40e4ab22c 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -88,12 +88,6 @@ parameters: label: Infra flavor description: Flavor of the infra node servers - key_pair: - type: string - label: Key name - description: Name of the key - - outputs: master_names: @@ -297,7 +291,7 @@ resources: type: master image: { get_param: master_image } flavor: { get_param: master_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -329,7 +323,7 @@ resources: subtype: compute image: { get_param: node_image } flavor: { get_param: node_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: @@ -361,7 +355,7 @@ resources: subtype: infra image: { get_param: infra_image } flavor: { get_param: infra_flavor } - key_name: { get_param: key_pair } + key_name: { get_resource: keypair } net: { get_resource: net } subnet: { get_resource: subnet } secgrp: diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 96cc4d9af..88940ec8c 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,15 +8,6 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined -- name: Displaying openshift_master_ha - debug: var=openshift_master_ha - -- name: openshift_master_cluster_password - debug: var=openshift_master_cluster_password - -- name: openshift.master.cluster_defer_ha - debug: var=openshift.master.cluster_defer_ha - - fail: msg: "openshift_master_cluster_password must be set for multi-master installations" when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 7e5ac2b5b..96cd96315 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -73,12 +73,6 @@ dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ ---insecure-registry=dockerhub.rnd.amadeus.net:5000 \ ---insecure-registry=dockerhub.rnd.amadeus.net:5001 \ ---insecure-registry=dockerhub.rnd.amadeus.net:5002 \ ---add-registry=dockerhub.rnd.amadeus.net:5000 \ ---add-registry=dockerhub.rnd.amadeus.net:5001 \ ---add-registry=dockerhub.rnd.amadeus.net:5002 \ {% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg notify: -- cgit v1.2.3