From 11b48fe4e237950f9d9e9a0e66d8b15f48be1ea0 Mon Sep 17 00:00:00 2001
From: Eric Sauer <etsauer@gmail.com>
Date: Wed, 21 Dec 2016 10:37:40 -0500
Subject: Openstack heat (#2)

* Adding a role to invoke openstack heat

* Adding readme

* Pulling parameters out to inventory file

* start of end-to-end playbook

* More enhancements and refactoring to make dynamic inventory the driver for an openshift install

* Switching to variable substituted path to config.yaml playbook

* Changes to allow defining of number of nodes/infranodes.

* Added labels to inventory

* Start of end-to-end functionality

* Enhancements to support openstack heat provisioning

* Updating inventory sample to remove some deprecation warnings

* Working towards making the secure-registry role 'become' aware

* Fixing node labels and removing secure-registry as it's no longer needed

* No longer need insecure registry line, as installer will secure our registry

* Adjusted dynamic inventory to filter by clusterid

* Minor updates to dynamic inventory bug

* Adding a refactored sample inventory directory

* Refactoring playbooks for better directory structure, and to narrow down host groups

* Adding volume mounts to heat template

* Moving dns playbooks back to original location

* Fixing incorrect file path

* Cleaning up inventory samples

* One more hostname to clean up

* Changing var name

* changed openshift-provision to openshift-prep

* Adjusting current provision script to avoid breakage by new openstack-heat code
---
 roles/openshift-prep/tasks/main.yml          |  4 ++++
 roles/openshift-prep/tasks/prerequisites.yml | 36 ++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 roles/openshift-prep/tasks/main.yml
 create mode 100644 roles/openshift-prep/tasks/prerequisites.yml

(limited to 'roles/openshift-prep')

diff --git a/roles/openshift-prep/tasks/main.yml b/roles/openshift-prep/tasks/main.yml
new file mode 100644
index 000000000..5e484e75f
--- /dev/null
+++ b/roles/openshift-prep/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+# Starting Point for OpenShift Installation and Configuration
+- include: prerequisites.yml
+  tags: [prerequisites]
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
new file mode 100644
index 000000000..1286905f4
--- /dev/null
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -0,0 +1,36 @@
+---
+- name: "Cleaning yum repositories"
+  command: "yum clean all"
+  
+- name: "Install required packages"
+  yum:
+    name: "{{ item }}"
+    state: latest
+  with_items:
+    - wget
+    - git
+    - net-tools
+    - bind-utils
+    - bridge-utils
+    - bash-completion
+    - atomic-openshift-utils
+    - vim-enhanced
+
+- name: "Update all packages (this can take a very long time)"
+  yum:
+    name: "*"
+    state: latest
+
+- name: "Verify hostname"
+  shell: hostnamectl status | awk "/Static hostname/"'{ print $3 }'
+  register: hostname_fqdn
+
+- name: "Set hostname if required"
+  hostname:
+    name: "{{ ansible_fqdn }}"
+  when: hostname_fqdn.stdout != ansible_fqdn
+
+- name: "Verify SELinux is enforcing"
+  fail:
+    msg: "SELinux is required for OpenShift and has been detected as '{{ ansible_selinux.config_mode }}'"
+  when: ansible_selinux.config_mode != "enforcing"
-- 
cgit v1.2.3


From b884e6a9c77ae2d86b2de3c4ae6e8de558444610 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobreli@redhat.com>
Date: Mon, 12 Jun 2017 12:02:41 +0200
Subject: Drop atomic-openshift-utils, update docs for origin

TODO use with
when: ansible_distribution == 'CentOS'
Also update docs for origin

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
---
 playbooks/provisioning/openstack/README.md   | 11 ++++++++++-
 roles/openshift-prep/tasks/prerequisites.yml |  3 +--
 2 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'roles/openshift-prep')

diff --git a/playbooks/provisioning/openstack/README.md b/playbooks/provisioning/openstack/README.md
index fb2053c25..c319791c9 100644
--- a/playbooks/provisioning/openstack/README.md
+++ b/playbooks/provisioning/openstack/README.md
@@ -96,6 +96,12 @@ The full list of options is available in this sample inventory:
 
 https://github.com/openshift/openshift-ansible/blob/master/inventory/byo/hosts.ose.example
 
+Note, that in order to deploy OpenShift origin, you should update the following
+variables for the `inventory/group_vars/OSEv3.yml`, `all.yml`:
+
+    deployment_type: origin
+    origin_release: 1.5.1
+    openshift_deployment_type: "{{ deployment_type }}"
 
 ## Deployment
 
@@ -111,8 +117,11 @@ file, this is how you stat the provisioning process:
 
 Once it succeeds, you can install openshift by running:
 
-    ansible-playbook --timeout 30 --become --user openshift --private-key ~/.ssh/openshift -i inventory/ openshift-ansible/playbooks/byo/config.yml
+    ansible-playbook --become --user openshift --private-key ~/.ssh/openshift -i inventory/ openshift-ansible/playbooks/byo/openshift-node/network_manager.yml
+    ansible-playbook --become --user openshift --private-key ~/.ssh/openshift -i inventory/ openshift-ansible/playbooks/byo/config.yml
 
+Note, the `network_manager.yml` is only required if you're deploying OpenShift
+origin.
 
 ## License
 
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
index 1286905f4..60507636f 100644
--- a/roles/openshift-prep/tasks/prerequisites.yml
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -1,7 +1,7 @@
 ---
 - name: "Cleaning yum repositories"
   command: "yum clean all"
-  
+
 - name: "Install required packages"
   yum:
     name: "{{ item }}"
@@ -13,7 +13,6 @@
     - bind-utils
     - bridge-utils
     - bash-completion
-    - atomic-openshift-utils
     - vim-enhanced
 
 - name: "Update all packages (this can take a very long time)"
-- 
cgit v1.2.3


From b28d6d787fbdc6f242aff77830a85693c148faa7 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobreli@redhat.com>
Date: Thu, 29 Jun 2017 17:59:22 +0200
Subject: Manage packages to install/update for openstack provider

Allow required packages and yum update all steps to be optionally
disabled.

Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
---
 playbooks/provisioning/openstack/README.md   | 10 ++++++++++
 roles/openshift-prep/defaults/main.yml       | 11 +++++++++++
 roles/openshift-prep/tasks/prerequisites.yml | 13 ++++---------
 3 files changed, 25 insertions(+), 9 deletions(-)
 create mode 100644 roles/openshift-prep/defaults/main.yml

(limited to 'roles/openshift-prep')

diff --git a/playbooks/provisioning/openstack/README.md b/playbooks/provisioning/openstack/README.md
index 57b72c7f3..43e5e4878 100644
--- a/playbooks/provisioning/openstack/README.md
+++ b/playbooks/provisioning/openstack/README.md
@@ -76,6 +76,10 @@ stacks. Set it to true, if you experience issues with sec group rules
 quotas. It trades security for number of rules, by sharing the same set
 of firewall rules for master, node, etcd and infra nodes.
 
+The `required_packages` variable also provides a list of the additional
+prerequisite packages to be installed before to deploy an OpenShift cluster.
+Those are ignored though, if the `manage_packages: False`.
+
 #### Security notes
 
 Configure required `*_ingress_cidr` variables to restrict public access
@@ -87,6 +91,12 @@ nodes' ephemeral ports range.
 Note, the command ``curl https://api.ipify.org`` helps fiding an external
 IP address of your box (the ansible admin node).
 
+There is also the `manage_packages` variable (defaults to True) you
+may want to turn off in order to speed up the provisioning tasks. This may
+be the case for development environments. When turned off, the servers will
+be provisioned omitting the ``yum update`` command. This brings security
+implications though, and is not recommended for production deployments.
+
 ### Update the DNS names in `inventory/hosts`
 
 The different server groups are currently grouped by the domain name,
diff --git a/roles/openshift-prep/defaults/main.yml b/roles/openshift-prep/defaults/main.yml
new file mode 100644
index 000000000..fac25dcc1
--- /dev/null
+++ b/roles/openshift-prep/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+# Defines either to install required packages and update all
+manage_packages: true
+required_packages:
+  - wget
+  - git
+  - net-tools
+  - bind-utils
+  - bridge-utils
+  - bash-completion
+  - vim-enhanced
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
index 60507636f..433c1c4e3 100644
--- a/roles/openshift-prep/tasks/prerequisites.yml
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -6,19 +6,14 @@
   yum:
     name: "{{ item }}"
     state: latest
-  with_items:
-    - wget
-    - git
-    - net-tools
-    - bind-utils
-    - bridge-utils
-    - bash-completion
-    - vim-enhanced
+  with_items: "{{ required_packages }}"
+  when: manage_packages|bool
 
 - name: "Update all packages (this can take a very long time)"
   yum:
-    name: "*"
+    name: '*'
     state: latest
+  when: manage_packages|bool
 
 - name: "Verify hostname"
   shell: hostnamectl status | awk "/Static hostname/"'{ print $3 }'
-- 
cgit v1.2.3


From 244d4f2347526e6e7428e81f882793aaca75a770 Mon Sep 17 00:00:00 2001
From: Tlacenka <tlacencin@gmail.com>
Date: Wed, 19 Jul 2017 17:40:53 +0200
Subject: During provisioning, make unnecessary packages optional under a
 switch (#561)

* openshift-prep: bash-completion and vim-enhanced packages are now optional under install_debug_packages switch

* openshift-prep: new line removal
---
 roles/openshift-prep/defaults/main.yml       | 2 ++
 roles/openshift-prep/tasks/prerequisites.yml | 7 +++++++
 2 files changed, 9 insertions(+)

(limited to 'roles/openshift-prep')

diff --git a/roles/openshift-prep/defaults/main.yml b/roles/openshift-prep/defaults/main.yml
index fac25dcc1..c8c9a00c0 100644
--- a/roles/openshift-prep/defaults/main.yml
+++ b/roles/openshift-prep/defaults/main.yml
@@ -1,11 +1,13 @@
 ---
 # Defines either to install required packages and update all
 manage_packages: true
+install_debug_packages: false
 required_packages:
   - wget
   - git
   - net-tools
   - bind-utils
   - bridge-utils
+debug_packages:
   - bash-completion
   - vim-enhanced
diff --git a/roles/openshift-prep/tasks/prerequisites.yml b/roles/openshift-prep/tasks/prerequisites.yml
index 433c1c4e3..b7601aa48 100644
--- a/roles/openshift-prep/tasks/prerequisites.yml
+++ b/roles/openshift-prep/tasks/prerequisites.yml
@@ -9,6 +9,13 @@
   with_items: "{{ required_packages }}"
   when: manage_packages|bool
 
+- name: "Install debug packages (optional)"
+  yum:
+    name: "{{ item }}"
+    state: latest
+  with_items: "{{ debug_packages }}"
+  when: install_debug_packages|bool
+
 - name: "Update all packages (this can take a very long time)"
   yum:
     name: '*'
-- 
cgit v1.2.3