From 901f0ee491efb34f9788e11dd6d572928146da91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= <lhuard@amadeus.com>
Date: Mon, 20 Apr 2015 14:11:48 +0200
Subject: Implement OpenStack provider
---
playbooks/openstack/openshift-cluster/config.yml | 34 +++++
.../openshift-cluster/files/heat_stack.yml | 149 +++++++++++++++++++++
.../openstack/openshift-cluster/files/user-data | 7 +
.../openstack/openshift-cluster/filter_plugins | 1 +
playbooks/openstack/openshift-cluster/launch.yml | 31 +++++
playbooks/openstack/openshift-cluster/list.yml | 24 ++++
playbooks/openstack/openshift-cluster/roles | 1 +
.../tasks/configure_openstack.yml | 27 ++++
.../openshift-cluster/tasks/launch_instances.yml | 48 +++++++
.../openstack/openshift-cluster/terminate.yml | 43 ++++++
playbooks/openstack/openshift-cluster/update.yml | 18 +++
playbooks/openstack/openshift-cluster/vars.yml | 39 ++++++
12 files changed, 422 insertions(+)
create mode 100644 playbooks/openstack/openshift-cluster/config.yml
create mode 100644 playbooks/openstack/openshift-cluster/files/heat_stack.yml
create mode 100644 playbooks/openstack/openshift-cluster/files/user-data
create mode 120000 playbooks/openstack/openshift-cluster/filter_plugins
create mode 100644 playbooks/openstack/openshift-cluster/launch.yml
create mode 100644 playbooks/openstack/openshift-cluster/list.yml
create mode 120000 playbooks/openstack/openshift-cluster/roles
create mode 100644 playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml
create mode 100644 playbooks/openstack/openshift-cluster/tasks/launch_instances.yml
create mode 100644 playbooks/openstack/openshift-cluster/terminate.yml
create mode 100644 playbooks/openstack/openshift-cluster/update.yml
create mode 100644 playbooks/openstack/openshift-cluster/vars.yml
(limited to 'playbooks/openstack/openshift-cluster')
diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml
new file mode 100644
index 000000000..1c0644e04
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/config.yml
@@ -0,0 +1,34 @@
+- name: Populate oo_masters_to_config host group
+ hosts: localhost
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - name: Evaluate oo_masters_to_config
+ add_host:
+ name: "{{ item }}"
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ groups: oo_masters_to_config
+ with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([])
+ - name: Evaluate oo_nodes_to_config
+ add_host:
+ name: "{{ item }}"
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ groups: oo_nodes_to_config
+ with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([])
+ - name: Evaluate oo_first_master
+ add_host:
+ name: "{{ groups['tag_env-host-type_' ~ cluster_id ~ '-openshift-master'][0] }}"
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ groups: oo_first_master
+ when: "'tag_env-host-type_{{ cluster_id }}-openshift-master' in groups"
+
+- include: ../../common/openshift-cluster/config.yml
+ vars:
+ openshift_cluster_id: "{{ cluster_id }}"
+ openshift_debug_level: 4
+ openshift_deployment_type: "{{ deployment_type }}"
+ openshift_hostname: "{{ ansible_default_ipv4.address }}"
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yml b/playbooks/openstack/openshift-cluster/files/heat_stack.yml
new file mode 100644
index 000000000..c5f95d87d
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yml
@@ -0,0 +1,149 @@
+heat_template_version: 2014-10-16
+
+description: OpenShift cluster
+
+parameters:
+ cluster-id:
+ type: string
+ label: Cluster ID
+ description: Identifier of the cluster
+
+ network-prefix:
+ type: string
+ label: Network prefix
+ description: Prefix of the network objects
+
+ cidr:
+ type: string
+ label: CIDR
+ description: CIDR of the network of the cluster
+
+ dns-nameservers:
+ type: comma_delimited_list
+ label: DNS nameservers list
+ description: List of DNS nameservers
+
+ external-net:
+ type: string
+ label: External network
+ description: Name of the external network
+ default: external
+
+ ssh-incoming:
+ type: string
+ label: Source of ssh connections
+ description: Source of legitimate ssh connections
+
+resources:
+ net:
+ type: OS::Neutron::Net
+ properties:
+ name:
+ str_replace:
+ template: network-prefix-net
+ params:
+ network-prefix: { get_param: network-prefix }
+
+ subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ name:
+ str_replace:
+ template: network-prefix-subnet
+ params:
+ network-prefix: { get_param: network-prefix }
+ network: { get_resource: net }
+ cidr: { get_param: cidr }
+ dns_nameservers: { get_param: dns-nameservers }
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ name:
+ str_replace:
+ template: network-prefix-router
+ params:
+ network-prefix: { get_param: network-prefix }
+ external_gateway_info:
+ network: { get_param: external-net }
+
+ interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: subnet }
+
+ node-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: network-prefix-node-secgrp
+ params:
+ network-prefix: { get_param: network-prefix }
+ description:
+ str_replace:
+ template: Security group for cluster-id OpenShift cluster nodes
+ params:
+ cluster-id: { get_param: cluster-id }
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: { get_param: ssh-incoming }
+ - direction: ingress
+ protocol: udp
+ port_range_min: 4789
+ port_range_max: 4789
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 10250
+ port_range_max: 10250
+ remote_mode: remote_group_id
+ remote_group_id: { get_resource: master-secgrp }
+
+ master-secgrp:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: network-prefix-master-secgrp
+ params:
+ network-prefix: { get_param: network-prefix }
+ description:
+ str_replace:
+ template: Security group for cluster-id OpenShift cluster master
+ params:
+ cluster-id: { get_param: cluster-id }
+ rules:
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: { get_param: ssh-incoming }
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 4001
+ port_range_max: 4001
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 8443
+ port_range_max: 8443
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 53
+ port_range_max: 53
+ - direction: ingress
+ protocol: udp
+ port_range_min: 53
+ port_range_max: 53
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 24224
+ port_range_max: 24224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 24224
+ port_range_max: 24224
diff --git a/playbooks/openstack/openshift-cluster/files/user-data b/playbooks/openstack/openshift-cluster/files/user-data
new file mode 100644
index 000000000..e789a5b69
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/files/user-data
@@ -0,0 +1,7 @@
+#cloud-config
+disable_root: true
+
+system_info:
+ default_user:
+ name: openshift
+ sudo: ["ALL=(ALL) NOPASSWD: ALL"]
diff --git a/playbooks/openstack/openshift-cluster/filter_plugins b/playbooks/openstack/openshift-cluster/filter_plugins
new file mode 120000
index 000000000..99a95e4ca
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/filter_plugins
@@ -0,0 +1 @@
+../../../filter_plugins
\ No newline at end of file
diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml
new file mode 100644
index 000000000..5c86ade3f
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/launch.yml
@@ -0,0 +1,31 @@
+---
+- name: Launch instance(s)
+ hosts: localhost
+ connection: local
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - fail:
+ msg: "Deployment type not supported for OpenStack provider yet"
+ when: deployment_type in ['online', 'enterprise']
+
+ - include: tasks/configure_openstack.yml
+
+ - include: ../../common/openshift-cluster/set_master_launch_facts_tasks.yml
+ - include: tasks/launch_instances.yml
+ vars:
+ instances: "{{ master_names }}"
+ cluster: "{{ cluster_id }}"
+ type: "{{ k8s_type }}"
+
+ - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml
+ - include: tasks/launch_instances.yml
+ vars:
+ instances: "{{ node_names }}"
+ cluster: "{{ cluster_id }}"
+ type: "{{ k8s_type }}"
+
+- include: update.yml
+
+- include: list.yml
diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml
new file mode 100644
index 000000000..a75e350c7
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/list.yml
@@ -0,0 +1,24 @@
+---
+- name: Generate oo_list_hosts group
+ hosts: localhost
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - set_fact: scratch_group=tag_env_{{ cluster_id }}
+ when: cluster_id != ''
+ - set_fact: scratch_group=all
+ when: cluster_id == ''
+ - add_host:
+ name: "{{ item }}"
+ groups: oo_list_hosts
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_ssh_host: "{{ hostvars[item].ansible_ssh_host | default(item) }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ with_items: groups[scratch_group] | default([]) | difference(['localhost'])
+
+- name: List Hosts
+ hosts: oo_list_hosts
+ tasks:
+ - debug:
+ msg: 'public:{{ansible_ssh_host}} private:{{ansible_default_ipv4.address}}'
diff --git a/playbooks/openstack/openshift-cluster/roles b/playbooks/openstack/openshift-cluster/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/roles
@@ -0,0 +1 @@
+../../../roles
\ No newline at end of file
diff --git a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml b/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml
new file mode 100644
index 000000000..2cbdb4805
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml
@@ -0,0 +1,27 @@
+---
+- name: Check infra
+ command: 'heat stack-show {{ openstack_network_prefix }}-stack'
+ register: stack_show_result
+ changed_when: false
+ failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr
+
+- name: Create infra
+ command: 'heat stack-create -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack'
+ when: stack_show_result.rc == 1
+
+- name: Update infra
+ command: 'heat stack-update -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack'
+ when: stack_show_result.rc == 0
+
+- name: Wait for infra readiness
+ shell: 'heat stack-show {{ openstack_network_prefix }}-stack | awk ''$2 == "stack_status" {print $4}'''
+ register: stack_show_status_result
+ until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS']
+ retries: 30
+ delay: 1
+ failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE']
+
+- name: Create ssh keypair
+ nova_keypair:
+ name: "{{ openstack_ssh_keypair }}"
+ public_key: "{{ openstack_ssh_public_key }}"
diff --git a/playbooks/openstack/openshift-cluster/tasks/launch_instances.yml b/playbooks/openstack/openshift-cluster/tasks/launch_instances.yml
new file mode 100644
index 000000000..1b9696aac
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/tasks/launch_instances.yml
@@ -0,0 +1,48 @@
+---
+- name: Get net id
+ shell: 'neutron net-show {{ openstack_network_prefix }}-net | awk "/\\<id\\>/ {print \$4}"'
+ register: net_id_result
+
+- name: Launch instance(s)
+ nova_compute:
+ name: '{{ item }}'
+ image_name: '{{ deployment_vars[deployment_type].image.name | default(omit, true) }}'
+ image_id: '{{ deployment_vars[deployment_type].image.id | default(omit, true) }}'
+ flavor_ram: '{{ openstack_flavor[k8s_type].ram | default(omit, true) }}'
+ flavor_id: '{{ openstack_flavor[k8s_type].id | default(omit, true) }}'
+ flavor_include: '{{ openstack_flavor[k8s_type].include | default(omit, true) }}'
+ key_name: '{{ openstack_ssh_keypair }}'
+ security_groups: '{{ openstack_network_prefix }}-{{ k8s_type }}-secgrp'
+ nics:
+ - net-id: '{{ net_id_result.stdout }}'
+ user_data: "{{ lookup('file','files/user-data') }}"
+ meta:
+ env: '{{ cluster }}'
+ host-type: '{{ type }}'
+ env-host-type: '{{ cluster }}-openshift-{{ type }}'
+ floating_ip_pools: '{{ openstack_floating_ip_pools }}'
+ with_items: instances
+ register: nova_compute_result
+
+- name: Add new instances groups and variables
+ add_host:
+ hostname: '{{ item.item }}'
+ ansible_ssh_host: '{{ item.public_ip }}'
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ groups: 'tag_env_{{ cluster }}, tag_host-type_{{ type }}, tag_env-host-type_{{ cluster }}-openshift-{{ type }}'
+ with_items: nova_compute_result.results
+
+- name: Wait for ssh
+ wait_for:
+ host: '{{ item.public_ip }}'
+ port: 22
+ with_items: nova_compute_result.results
+
+- name: Wait for user setup
+ command: 'ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.item].ansible_ssh_user }}@{{ item.public_ip }} echo {{ hostvars[item.item].ansible_ssh_user }} user is setup'
+ register: result
+ until: result.rc == 0
+ retries: 30
+ delay: 1
+ with_items: nova_compute_result.results
diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml
new file mode 100644
index 000000000..2f05f0992
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/terminate.yml
@@ -0,0 +1,43 @@
+- name: Terminate instance(s)
+ hosts: localhost
+ connection: local
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - set_fact: cluster_group=tag_env_{{ cluster_id }}
+ - add_host:
+ name: "{{ item }}"
+ groups: oo_hosts_to_terminate
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ with_items: groups[cluster_group] | default([])
+
+- hosts: oo_hosts_to_terminate
+
+- hosts: localhost
+ connection: local
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - name: Retrieve the floating IPs
+ shell: "neutron floatingip-list | awk '/{{ hostvars[item].ansible_default_ipv4.address }}/ {print $2}'"
+ with_items: groups['oo_hosts_to_terminate'] | default([])
+ register: floating_ips_to_delete
+
+ - name: Terminate instance(s)
+ nova_compute:
+ name: "{{ hostvars[item].os_name }}"
+ state: absent
+ with_items: groups['oo_hosts_to_terminate'] | default([])
+
+ - name: Delete floating IPs
+ command: "neutron floatingip-delete {{ item.stdout }}"
+ with_items: floating_ips_to_delete.results | default([])
+
+ - name: Destroy the network
+ command: "heat stack-delete {{ openstack_network_prefix }}-stack"
+ register: stack_delete_result
+ changed_when: stack_delete_result.rc == 0
+ failed_when: stack_delete_result.rc != 0 and 'could not be found' not in stack_delete_result.stdout
diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml
new file mode 100644
index 000000000..5e7ab4e58
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/update.yml
@@ -0,0 +1,18 @@
+---
+- name: Populate oo_hosts_to_update group
+ hosts: localhost
+ gather_facts: no
+ vars_files:
+ - vars.yml
+ tasks:
+ - name: Evaluate oo_hosts_to_update
+ add_host:
+ name: "{{ item }}"
+ groups: oo_hosts_to_update
+ ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+ ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+ with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"]) | default([])
+
+- include: ../../common/openshift-cluster/update_repos_and_packages.yml
+
+- include: config.yml
diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml
new file mode 100644
index 000000000..c754f19fc
--- /dev/null
+++ b/playbooks/openstack/openshift-cluster/vars.yml
@@ -0,0 +1,39 @@
+---
+openstack_infra_heat_stack: "{{ opt_infra_heat_stack | default('files/heat_stack.yml') }}"
+openstack_network_prefix: "{{ opt_network_prefix | default('openshift-ansible-'+cluster_id) }}"
+openstack_network_cidr: "{{ opt_net_cidr | default('192.168.' + ( ( 1048576 | random % 256 ) | string() ) + '.0/24') }}"
+openstack_network_external_net: "{{ opt_external_net | default('external') }}"
+openstack_floating_ip_pools: "{{ opt_floating_ip_pools | default('external') | oo_split() }}"
+openstack_network_dns: "{{ opt_dns | default('8.8.8.8,8.8.4.4') | oo_split() }}"
+openstack_ssh_keypair: "{{ opt_keypair | default(lookup('env', 'LOGNAME')+'_key') }}"
+openstack_ssh_public_key: "{{ lookup('file', opt_public_key | default('~/.ssh/id_rsa.pub')) }}"
+openstack_ssh_access_from: "{{ opt_ssh_from | default('0.0.0.0/0') }}"
+openstack_flavor:
+ master:
+ ram: "{{ opt_master_flavor_ram | default(2048) }}"
+ id: "{{ opt_master_flavor_id | default() }}"
+ include: "{{ opt_master_flavor_include | default() }}"
+ node:
+ ram: "{{ opt_node_flavor_ram | default(4096) }}"
+ id: "{{ opt_node_flavor_id | default() }}"
+ include: "{{ opt_node_flavor_include | default() }}"
+
+deployment_vars:
+ origin:
+ image:
+ name: "{{ opt_image_name | default('centos-70-raw') }}"
+ id:
+ ssh_user: openshift
+ sudo: yes
+ online:
+ image:
+ name:
+ id:
+ ssh_user: root
+ sudo: no
+ enterprise:
+ image:
+ name: "{{ opt_image_name | default('centos-70-raw') }}"
+ id:
+ ssh_user: openshift
+ sudo: yes
--
cgit v1.2.3
From 94a77cb1d81b6e4e316ae679890df4994816532f Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Fri, 22 May 2015 13:13:17 -0400
Subject: Templatize configs and 0.5.2 changes
- Templatize node config
- Templatize master config
- Integrated sdn changes
- Updates for openshift_facts
- Added support for node, master and sdn related changes
- registry_url
- added identity provider facts
- Removed openshift_sdn_* roles
- Install httpd-tools if configuring htpasswd auth
- Remove references to external_id
- Setting external_id interferes with nodes associating with the generated
node object when pre-registering nodes.
- osc/oc and osadm/oadm binary detection in openshift_facts
Misc Changes:
- make non-errata puddle default for byo example
- comment out master in list of nodes in inventory/byo/hosts
- remove non-error errors from fluentd_* roles
- Use admin kubeconfig instead of openshift-client
---
playbooks/openstack/openshift-cluster/config.yml | 1 +
1 file changed, 1 insertion(+)
(limited to 'playbooks/openstack/openshift-cluster')
diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml
index 1c0644e04..abadaf5ca 100644
--- a/playbooks/openstack/openshift-cluster/config.yml
+++ b/playbooks/openstack/openshift-cluster/config.yml
@@ -31,4 +31,5 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ ansible_default_ipv4.address }}"
--
cgit v1.2.3