From 42d330a1cf2990fee39dab36250524ebfb303428 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Wed, 6 Sep 2017 15:11:55 -0400 Subject: CFME 4.6 work begins. CFME 4.5 references added to the release-3.6 branch --- roles/openshift_cfme/tasks/accounts.yml | 65 ++++++++ roles/openshift_cfme/tasks/create_pvs.yml | 36 ----- roles/openshift_cfme/tasks/main.yml | 176 ++++++++++------------ roles/openshift_cfme/tasks/nfs.yml | 51 ------- roles/openshift_cfme/tasks/storage/create_pvs.yml | 36 +++++ roles/openshift_cfme/tasks/storage/nfs.yml | 103 +++++++++++++ roles/openshift_cfme/tasks/storage/storage.yml | 3 + roles/openshift_cfme/tasks/template.yml | 72 +++++++++ roles/openshift_cfme/tasks/tune_masters.yml | 12 -- roles/openshift_cfme/tasks/validate.yml | 34 +++++ 10 files changed, 392 insertions(+), 196 deletions(-) create mode 100644 roles/openshift_cfme/tasks/accounts.yml delete mode 100644 roles/openshift_cfme/tasks/create_pvs.yml delete mode 100644 roles/openshift_cfme/tasks/nfs.yml create mode 100644 roles/openshift_cfme/tasks/storage/create_pvs.yml create mode 100644 roles/openshift_cfme/tasks/storage/nfs.yml create mode 100644 roles/openshift_cfme/tasks/storage/storage.yml create mode 100644 roles/openshift_cfme/tasks/template.yml delete mode 100644 roles/openshift_cfme/tasks/tune_masters.yml create mode 100644 roles/openshift_cfme/tasks/validate.yml (limited to 'roles/openshift_cfme/tasks') diff --git a/roles/openshift_cfme/tasks/accounts.yml b/roles/openshift_cfme/tasks/accounts.yml new file mode 100644 index 000000000..261e7858b --- /dev/null +++ b/roles/openshift_cfme/tasks/accounts.yml @@ -0,0 +1,65 @@ +--- +# This role task file is responsible for user/system account creation, +# and ensuring correct access is provided as required. + +# TODO: This is currently not idempotent, bug report will be filed +# after this. Currently this task will return 'changed' if it just +# created a user, updated a user, or doesn't modify a user at +# all. Seems to be failing some kind of 'does it need updating' test +# condition and running the replace command regardless. +- name: Check if the miq-httpd scc exists + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: scc + name: miq-httpd + register: miq_httpd_scc_exists + +# TODO: Cleanup when conditions +- name: Copy the miq-httpd SCC to the cluster + copy: + src: miq-scc-httpd.yaml + dest: "{{ template_dir }}" + when: + - miq_httpd_scc_exists.results.results | length == 1 + - miq_httpd_scc_exists.results.results[0] == {} + +- name: Ensure the CFME miq-httpd SCC exists + oc_obj: + state: present + name: miq-httpd + namespace: "{{ openshift_cfme_project }}" + kind: scc + files: + - "{{ template_dir }}/miq-scc-httpd.yaml" + delete_after: True + run_once: True + when: + - miq_httpd_scc_exists.results.results | length == 1 + - miq_httpd_scc_exists.results.results[0] == {} + +- name: Ensure the CFME system users exist + oc_serviceaccount: + namespace: "{{ openshift_cfme_project }}" + state: present + name: "{{ item.name }}" + with_items: + - "{{ openshift_system_account_sccs }}" + +- name: Ensure the CFME system accounts have all the required SCCs + oc_adm_policy_user: + namespace: "{{ openshift_cfme_project }}" + user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ item.name }}" + resource_kind: scc + resource_name: "{{ item.resource_name }}" + with_items: + - "{{ openshift_system_account_sccs }}" + +- name: Ensure the CFME system accounts have the required roles + oc_adm_policy_user: + namespace: "{{ openshift_cfme_project }}" + user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ item.name }}" + resource_kind: role + resource_name: "{{ item.resource_name }}" + with_items: + - "{{ openshift_cfme_system_account_roles }}" diff --git a/roles/openshift_cfme/tasks/create_pvs.yml b/roles/openshift_cfme/tasks/create_pvs.yml deleted file mode 100644 index 7fa7d3997..000000000 --- a/roles/openshift_cfme/tasks/create_pvs.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Check for existance and then conditionally: -# - evaluate templates -# - PVs -# -# These tasks idempotently create required CFME PV objects. Do not -# call this file directly. This file is intended to be ran as an -# include that has a 'with_items' attached to it. Hence the use below -# of variables like "{{ item.pv_label }}" - -- name: "Check if the {{ item.pv_label }} template has been created already" - oc_obj: - namespace: "{{ openshift_cfme_project }}" - state: list - kind: pv - name: "{{ item.pv_name }}" - register: miq_pv_check - -# Skip all of this if the PV already exists -- block: - - name: "Ensure the {{ item.pv_label }} template is evaluated" - template: - src: "{{ item.pv_template }}.j2" - dest: "{{ template_dir }}/{{ item.pv_template }}" - - - name: "Ensure {{ item.pv_label }} is created" - oc_obj: - namespace: "{{ openshift_cfme_project }}" - kind: pv - name: "{{ item.pv_name }}" - state: present - delete_after: True - files: - - "{{ template_dir }}/{{ item.pv_template }}" - when: - - not miq_pv_check.results.results.0 diff --git a/roles/openshift_cfme/tasks/main.yml b/roles/openshift_cfme/tasks/main.yml index 74ae16d91..cf5a7fdeb 100644 --- a/roles/openshift_cfme/tasks/main.yml +++ b/roles/openshift_cfme/tasks/main.yml @@ -1,117 +1,99 @@ --- -###################################################################### +######################################################################) # Users, projects, and privileges -- name: Ensure the CFME user exists - oc_user: - state: present - username: "{{ openshift_cfme_user }}" +- name: Run pre-install CFME validation checks + include: validate.yml -- name: Ensure the CFME namespace exists with CFME user as admin +- name: "Ensure the CFME '{{ openshift_cfme_project }}' namespace exists" oc_project: state: present name: "{{ openshift_cfme_project }}" display_name: "{{ openshift_cfme_project_description }}" - admin: "{{ openshift_cfme_user }}" - -- name: Ensure the CFME namespace service account is privileged - oc_adm_policy_user: - namespace: "{{ openshift_cfme_project }}" - user: "{{ openshift_cfme_service_account }}" - resource_kind: scc - resource_name: privileged - state: present -###################################################################### -# NFS -# In the case that we are not running on a cloud provider, volumes must be statically provisioned - -- include: nfs.yml - when: not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')) +- name: Create and Authorize CFME Accounts + include: accounts.yml ###################################################################### -# CFME App Template -# -# Note, this is different from the create_pvs.yml tasks in that the -# application template does not require any jinja2 evaluation. -# -# TODO: Handle the case where the server template is updated in -# openshift-ansible and the change needs to be landed on the managed -# cluster. - -- name: Check if the CFME Server template has been created already - oc_obj: - namespace: "{{ openshift_cfme_project }}" - state: list - kind: template - name: manageiq - register: miq_server_check - -- name: Copy over CFME Server template - copy: - src: miq-template.yaml - dest: "{{ template_dir }}/miq-template.yaml" - -- name: Ensure the server template was read from disk +# STORAGE - Initialize basic storage classes +#--------------------------------------------------------------------- +# * nfs - set up NFS shares on the first master for a proof of concept +- name: Create required NFS exports for CFME app storage + include: storage/nfs.yml + when: openshift_cfme_storage_class == 'nfs' + +#--------------------------------------------------------------------- +# * external - NFS again, but pointing to a pre-configured NFS server +- name: Note Storage Type - External NFS debug: - var=r_openshift_cfme_miq_template_content + msg: Setting up external NFS storage, openshift_cfme_storage_class is 'external' + when: openshift_cfme_storage_class == 'external' -- name: Ensure CFME Server Template exists - oc_obj: - namespace: "{{ openshift_cfme_project }}" - kind: template - name: "manageiq" - state: present - content: "{{ r_openshift_cfme_miq_template_content }}" +#--------------------------------------------------------------------- +# * cloudprovider - use an existing cloudprovider based storage +- name: Note Storage Type - Cloud Provider + debug: + msg: Validating cloud provider storage type, openshift_cfme_storage_class is 'cloudprovider' + when: openshift_cfme_storage_class == 'cloudprovider' + +#--------------------------------------------------------------------- +# * preconfigured - don't do anything, assume it's all there ready to go +- name: Note Storage Type - Preconfigured + debug: + msg: Skipping storage configuration, openshift_cfme_storage_class is 'preconfigured' + when: openshift_cfme_storage_class == 'preconfigured' ###################################################################### -# Let's do this - -- name: Ensure the CFME Server is created - oc_process: - namespace: "{{ openshift_cfme_project }}" - template_name: manageiq - create: True - params: - APPLICATION_IMG_NAME: "{{ openshift_cfme_application_img_name }}" - POSTGRESQL_IMG_NAME: "{{ openshift_cfme_postgresql_img_name }}" - MEMCACHED_IMG_NAME: "{{ openshift_cfme_memcached_img_name }}" - APPLICATION_IMG_TAG: "{{ openshift_cfme_application_img_tag }}" - POSTGRESQL_IMG_TAG: "{{ openshift_cfme_postgresql_img_tag }}" - MEMCACHED_IMG_TAG: "{{ openshift_cfme_memcached_img_tag }}" - register: cfme_new_app_process - run_once: True - when: - # User said to install CFME in their inventory - - openshift_cfme_install_app | bool - # # The server app doesn't exist already - # - not miq_server_check.results.results.0 - -- debug: - var: cfme_new_app_process +# APPLICATION TEMPLATE +- name: Install the correct CFME app template + include: template.yml ###################################################################### -# Various cleanup steps - -# TODO: Not sure what to do about this right now. Might be able to -# just delete it? This currently warns about "Unable to find -# '' in expected paths." -- name: Ensure the temporary PV/App templates are erased - file: - path: "{{ item }}" - state: absent - with_fileglob: - - "{{ template_dir }}/*.yaml" - -- name: Ensure the temporary PV/app template directory is erased - file: - path: "{{ template_dir }}" - state: absent +# APP & DB Storage + ###################################################################### -- name: Status update - debug: - msg: > - CFME has been deployed. Note that there will be a delay before - it is fully initialized. +# ###################################################################### +# # Let's do this + +# - name: Ensure the CFME Server is created +# oc_process: +# namespace: "{{ openshift_cfme_project }}" +# template_name: manageiq +# create: True +# params: +# APPLICATION_IMG_NAME: "{{ openshift_cfme_application_img_name }}" +# POSTGRESQL_IMG_NAME: "{{ openshift_cfme_postgresql_img_name }}" +# MEMCACHED_IMG_NAME: "{{ openshift_cfme_memcached_img_name }}" +# APPLICATION_IMG_TAG: "{{ openshift_cfme_application_img_tag }}" +# POSTGRESQL_IMG_TAG: "{{ openshift_cfme_postgresql_img_tag }}" +# MEMCACHED_IMG_TAG: "{{ openshift_cfme_memcached_img_tag }}" +# register: cfme_new_app_process +# run_once: True +# when: +# # User said to install CFME in their inventory +# - openshift_cfme_install_app | bool +# # # The server app doesn't exist already +# # - not miq_server_check.results.results.0 + +# - debug: +# var: cfme_new_app_process + +# ###################################################################### +# # Various cleanup steps + +# # TODO: Not sure what to do about this right now. Might be able to +# # just delete it? This currently warns about "Unable to find +# # '' in expected paths." +# - name: Ensure the temporary PV/App templates are erased +# file: +# path: "{{ item }}" +# state: absent +# with_fileglob: +# - "{{ template_dir }}/*.yaml" + +# - name: Ensure the temporary PV/app template directory is erased +# file: +# path: "{{ template_dir }}" +# state: absent diff --git a/roles/openshift_cfme/tasks/nfs.yml b/roles/openshift_cfme/tasks/nfs.yml deleted file mode 100644 index ca04628a8..000000000 --- a/roles/openshift_cfme/tasks/nfs.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# Tasks to statically provision NFS volumes -# Include if not using dynamic volume provisioning - -- name: Set openshift_cfme_nfs_server fact - when: openshift_cfme_nfs_server is not defined - set_fact: - # Hostname/IP of the NFS server. Currently defaults to first master - openshift_cfme_nfs_server: "{{ oo_nfs_to_config.0 }}" - -- name: Ensure the /exports/ directory exists - file: - path: /exports/ - state: directory - mode: 0755 - owner: root - group: root - -- name: Ensure the miq-pv0X export directories exist - file: - path: "/exports/{{ item }}" - state: directory - mode: 0775 - owner: root - group: root - with_items: "{{ openshift_cfme_pv_exports }}" - -- name: Ensure the NFS exports for CFME PVs exist - copy: - src: openshift_cfme.exports - dest: /etc/exports.d/openshift_cfme.exports - register: nfs_exports_updated - -- name: Ensure the NFS export table is refreshed if exports were added - command: exportfs -ar - when: - - nfs_exports_updated.changed - - -###################################################################### -# Create the required CFME PVs. Check out these online docs if you -# need a refresher on includes looping with items: -# * http://docs.ansible.com/ansible/playbooks_loops.html#loops-and-includes-in-2-0 -# * http://stackoverflow.com/a/35128533 -# -# TODO: Handle the case where a PV template is updated in -# openshift-ansible and the change needs to be landed on the managed -# cluster. - -- include: create_pvs.yml - with_items: "{{ openshift_cfme_pv_data }}" diff --git a/roles/openshift_cfme/tasks/storage/create_pvs.yml b/roles/openshift_cfme/tasks/storage/create_pvs.yml new file mode 100644 index 000000000..7fa7d3997 --- /dev/null +++ b/roles/openshift_cfme/tasks/storage/create_pvs.yml @@ -0,0 +1,36 @@ +--- +# Check for existance and then conditionally: +# - evaluate templates +# - PVs +# +# These tasks idempotently create required CFME PV objects. Do not +# call this file directly. This file is intended to be ran as an +# include that has a 'with_items' attached to it. Hence the use below +# of variables like "{{ item.pv_label }}" + +- name: "Check if the {{ item.pv_label }} template has been created already" + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: pv + name: "{{ item.pv_name }}" + register: miq_pv_check + +# Skip all of this if the PV already exists +- block: + - name: "Ensure the {{ item.pv_label }} template is evaluated" + template: + src: "{{ item.pv_template }}.j2" + dest: "{{ template_dir }}/{{ item.pv_template }}" + + - name: "Ensure {{ item.pv_label }} is created" + oc_obj: + namespace: "{{ openshift_cfme_project }}" + kind: pv + name: "{{ item.pv_name }}" + state: present + delete_after: True + files: + - "{{ template_dir }}/{{ item.pv_template }}" + when: + - not miq_pv_check.results.results.0 diff --git a/roles/openshift_cfme/tasks/storage/nfs.yml b/roles/openshift_cfme/tasks/storage/nfs.yml new file mode 100644 index 000000000..8151f9fbb --- /dev/null +++ b/roles/openshift_cfme/tasks/storage/nfs.yml @@ -0,0 +1,103 @@ +--- +# Tasks to statically provision NFS volumes +# Include if not using dynamic volume provisioning + +- name: Note Storage Type - NFS + debug: + msg: Setting up NFS storage, openshift_cfme_storage_class is 'nfs' + +- name: TODO + debug: + msg: TODO - replace hard-coded hostname below with oo_nfs_to_config.0 + +- name: Set openshift_cfme_nfs_server fact + when: openshift_cfme_nfs_server is not defined + set_fact: + # Hostname/IP of the NFS server. Currently defaults to first master + openshift_cfme_nfs_server: m01.example.com + +# TODO: I was going to try to apply the openshift_storage_nfs role to +# handle this, however, that role is not written to be used by +# itself. Attempting to use it to create CFME exports would just add +# more hard-coded values to the role. That said, we're doing this here +# manually for now until some one comes up with a better solution, or +# the role is made to accept parameters in a more functional way. +# +# I can't really even include the openshift_storage_nfs role in here +# to do basic setup stuff because it would just result in a lot of +# unwanted exports getting set up for the users. + +- name: Ensure the /exports/ directory exists + file: + path: /exports/ + state: directory + mode: 0755 + owner: root + group: root + +- name: Ensure exports directory exists + file: + path: /etc/exports.d/ + state: directory + +# # TODO - with_items should be passed a list of storage configs for the +# # desired CFME setup. This might mean a local or remote nfs server, as +# # well as fully qualified filesystem paths. +# - name: Ensure export directories exist +# file: +# path: "{{ item.storage.nfs.directory }}/{{ item.storage.volume.name }}" +# state: directory +# mode: 0777 +# owner: nfsnobody +# group: nfsnobody +# with_items: + +- name: Enable and start services + systemd: + name: nfs-server + state: started + enabled: yes + register: start_result + +- set_fact: + nfs_service_status_changed: "{{ start_result | changed }}" + +- name: restart nfs-server + systemd: + name: nfs-server + state: restarted + when: nfs_service_status_changed | default(false) + notify: + - "OpenShift-CFME - Reload NFS Exports" + +###################################################################### +# TODO: Move the export directory and PV creation into individual +# tasks under the respective server/database task files. + +# # - name: Ensure the miq-pv0X export directories exist +# # file: +# # path: "/exports/{{ item }}" +# # state: directory +# # mode: 0775 +# # owner: nfsnobody +# # group: nfsnobody +# # with_items: "{{ openshift_cfme_pv_exports }}" + +# # - name: Ensure the NFS exports for CFME PVs exist +# # copy: +# # src: openshift_cfme.exports +# # dest: /etc/exports.d/openshift_cfme.exports +# # register: nfs_exports_updated + + +# # Create the required CFME PVs. Check out these online docs if you +# # need a refresher on includes looping with items: +# # * http://docs.ansible.com/ansible/playbooks_loops.html#loops-and-includes-in-2-0 +# # * http://stackoverflow.com/a/35128533 + +# # TODO: Handle the case where a PV template is updated in +# # openshift-ansible and the change needs to be landed on the managed +# # cluster. + +# # - include: create_pvs.yml +# # with_items: "{{ openshift_cfme_pv_data }}" diff --git a/roles/openshift_cfme/tasks/storage/storage.yml b/roles/openshift_cfme/tasks/storage/storage.yml new file mode 100644 index 000000000..d8bf7aa3e --- /dev/null +++ b/roles/openshift_cfme/tasks/storage/storage.yml @@ -0,0 +1,3 @@ +--- +- include: nfs.yml + when: not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')) diff --git a/roles/openshift_cfme/tasks/template.yml b/roles/openshift_cfme/tasks/template.yml new file mode 100644 index 000000000..11ccae3e6 --- /dev/null +++ b/roles/openshift_cfme/tasks/template.yml @@ -0,0 +1,72 @@ +--- +# Tasks for ensuring the correct CFME templates are landed on the remote system + +###################################################################### +# CFME App Template +# +# Note, this is different from the create_pvs.yml tasks in that the +# application template does not require any jinja2 evaluation. +# +# TODO: Handle the case where the server template is updated in +# openshift-ansible and the change needs to be landed on the managed +# cluster. + +###################################################################### +# STANDARD PODIFIED DATABASE TEMPLATE +- when: openshift_cfme_app_template == 'miq-template' + block: + - name: Check if the CFME Server template has been created already + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: template + name: manageiq + register: miq_server_check + + - name: Copy over CFME Server template + copy: + src: miq-template.yaml + dest: "{{ template_dir }}/" + when: + - miq_server_check.results.results == [{}] + + - name: Ensure CFME Server Template is created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + name: manageiq + state: present + kind: template + files: + - "{{ template_dir }}/miq-template.yaml" + when: + - miq_server_check.results.results == [{}] + +###################################################################### +# EXTERNAL DATABASE TEMPLATE +- when: openshift_cfme_app_template == 'miq-template-ext-db' + block: + - name: Check if the CFME Ext-DB Server template has been created already + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: template + name: manageiq-ext-db + register: miq_ext_db_server_check + + - name: Copy over CFME Ext-DB Server template + copy: + src: miq-template-ext-db.yaml + dest: "{{ template_dir }}/" + when: + - miq_ext_db_server_check.results.results == [{}] + + - name: Ensure CFME Ext-DB Server Template is created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + name: manageiq-ext-db + state: present + kind: template + files: + - "{{ template_dir }}/miq-template-ext-db.yaml" + when: + - miq_ext_db_server_check.results.results == [{}] diff --git a/roles/openshift_cfme/tasks/tune_masters.yml b/roles/openshift_cfme/tasks/tune_masters.yml deleted file mode 100644 index 02b0f10bf..000000000 --- a/roles/openshift_cfme/tasks/tune_masters.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Ensure bulk image import limit is tuned - yedit: - src: /etc/origin/master/master-config.yaml - key: 'imagePolicyConfig.maxImagesBulkImportedPerRepository' - value: "{{ openshift_cfme_maxImagesBulkImportedPerRepository | int() }}" - state: present - backup: True - notify: - - restart master - -- meta: flush_handlers diff --git a/roles/openshift_cfme/tasks/validate.yml b/roles/openshift_cfme/tasks/validate.yml new file mode 100644 index 000000000..61448aa3b --- /dev/null +++ b/roles/openshift_cfme/tasks/validate.yml @@ -0,0 +1,34 @@ +--- +# Validate configuration parameters passed to the openshift_cfme role + +- name: Ensure openshift_cfme_app_template is valid + assert: + that: + - openshift_cfme_app_template in openshift_cfme_app_templates + msg: "openshift_cfme_app_template must be one of {{ openshift_cfme_app_templates | join(', ') }}" + +- name: Ensure openshift_cfme_storage_class is a valid type + assert: + that: + - openshift_cfme_storage_class in openshift_cfme_storage_classes + msg: "openshift_cfme_storage_class must be one of {{ openshift_cfme_storage_classes | join(', ') }}" + +- name: Ensure external NFS storage has a valid NFS server hostname defined + assert: + that: + - openshift_cfme_storage_external_nfs_hostname is not False + msg: The selected storage class 'external' requires a valid hostname for the openshift_cfme_storage_external_nfs_hostname parameter + when: + - openshift_cfme_storage_class == 'external' + +- name: Validate Cloud Provider storage class + assert: + that: + - openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce' + msg: | + openshift_cfme_storage_class is 'cloudprovider' but you have an + invalid kind defined. See 'openshift_cloudprovider_kind' in the + example inventories for the required parameters for your + selected cloud provider. Working providers: 'aws' and 'gce'. + when: + - openshift_cloudprovider_kind is defined -- cgit v1.2.3 From 8e10c53974b4b87e483ed0dfec3946383aa071c7 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Fri, 15 Sep 2017 17:18:22 -0400 Subject: Import upstream templates. Do the work. Validate parameters. --- roles/openshift_cfme/tasks/accounts.yml | 51 +------ roles/openshift_cfme/tasks/main.yml | 76 ++++------ .../tasks/storage/create_nfs_pvs.yml | 43 ++++++ roles/openshift_cfme/tasks/storage/create_pvs.yml | 36 ----- roles/openshift_cfme/tasks/storage/nfs.yml | 156 ++++++++------------- roles/openshift_cfme/tasks/template.yml | 124 +++++++++++----- roles/openshift_cfme/tasks/uninstall.yml | 63 +++------ roles/openshift_cfme/tasks/validate.yml | 52 ++++++- 8 files changed, 293 insertions(+), 308 deletions(-) create mode 100644 roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml delete mode 100644 roles/openshift_cfme/tasks/storage/create_pvs.yml (limited to 'roles/openshift_cfme/tasks') diff --git a/roles/openshift_cfme/tasks/accounts.yml b/roles/openshift_cfme/tasks/accounts.yml index 261e7858b..64976cd0e 100644 --- a/roles/openshift_cfme/tasks/accounts.yml +++ b/roles/openshift_cfme/tasks/accounts.yml @@ -1,65 +1,28 @@ --- # This role task file is responsible for user/system account creation, # and ensuring correct access is provided as required. - -# TODO: This is currently not idempotent, bug report will be filed -# after this. Currently this task will return 'changed' if it just -# created a user, updated a user, or doesn't modify a user at -# all. Seems to be failing some kind of 'does it need updating' test -# condition and running the replace command regardless. -- name: Check if the miq-httpd scc exists - oc_obj: - namespace: "{{ openshift_cfme_project }}" - state: list - kind: scc - name: miq-httpd - register: miq_httpd_scc_exists - -# TODO: Cleanup when conditions -- name: Copy the miq-httpd SCC to the cluster - copy: - src: miq-scc-httpd.yaml - dest: "{{ template_dir }}" - when: - - miq_httpd_scc_exists.results.results | length == 1 - - miq_httpd_scc_exists.results.results[0] == {} - -- name: Ensure the CFME miq-httpd SCC exists - oc_obj: - state: present - name: miq-httpd - namespace: "{{ openshift_cfme_project }}" - kind: scc - files: - - "{{ template_dir }}/miq-scc-httpd.yaml" - delete_after: True - run_once: True - when: - - miq_httpd_scc_exists.results.results | length == 1 - - miq_httpd_scc_exists.results.results[0] == {} - -- name: Ensure the CFME system users exist +- name: Ensure the CFME system accounts exist oc_serviceaccount: namespace: "{{ openshift_cfme_project }}" state: present - name: "{{ item.name }}" + name: "{{ openshift_cfme_flavor_short }}{{ item.name }}" with_items: - - "{{ openshift_system_account_sccs }}" + - "{{ __openshift_system_account_sccs }}" - name: Ensure the CFME system accounts have all the required SCCs oc_adm_policy_user: namespace: "{{ openshift_cfme_project }}" - user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ item.name }}" + user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ openshift_cfme_flavor_short }}{{ item.name }}" resource_kind: scc resource_name: "{{ item.resource_name }}" with_items: - - "{{ openshift_system_account_sccs }}" + - "{{ __openshift_system_account_sccs }}" - name: Ensure the CFME system accounts have the required roles oc_adm_policy_user: namespace: "{{ openshift_cfme_project }}" - user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ item.name }}" + user: "system:serviceaccount:{{ openshift_cfme_project }}:{{ openshift_cfme_flavor_short }}{{ item.name }}" resource_kind: role resource_name: "{{ item.resource_name }}" with_items: - - "{{ openshift_cfme_system_account_roles }}" + - "{{ __openshift_cfme_system_account_roles }}" diff --git a/roles/openshift_cfme/tasks/main.yml b/roles/openshift_cfme/tasks/main.yml index cf5a7fdeb..78a6710b3 100644 --- a/roles/openshift_cfme/tasks/main.yml +++ b/roles/openshift_cfme/tasks/main.yml @@ -15,7 +15,7 @@ include: accounts.yml ###################################################################### -# STORAGE - Initialize basic storage classes +# STORAGE - Initialize basic storage class #--------------------------------------------------------------------- # * nfs - set up NFS shares on the first master for a proof of concept - name: Create required NFS exports for CFME app storage @@ -26,8 +26,8 @@ # * external - NFS again, but pointing to a pre-configured NFS server - name: Note Storage Type - External NFS debug: - msg: Setting up external NFS storage, openshift_cfme_storage_class is 'external' - when: openshift_cfme_storage_class == 'external' + msg: "Setting up external NFS storage, openshift_cfme_storage_class is {{ openshift_cfme_storage_class }}" + when: openshift_cfme_storage_class == 'nfs_external' #--------------------------------------------------------------------- # * cloudprovider - use an existing cloudprovider based storage @@ -45,55 +45,35 @@ ###################################################################### # APPLICATION TEMPLATE -- name: Install the correct CFME app template +- name: Install the CFME app and PV templates include: template.yml ###################################################################### # APP & DB Storage +# For local/external NFS backed installations +- name: "Create the required App and DB PVs using {{ openshift_cfme_storage_class }}" + include: storage/create_nfs_pvs.yml + when: + - openshift_cfme_storage_class in ['nfs', 'nfs_external'] ###################################################################### - -# ###################################################################### -# # Let's do this - -# - name: Ensure the CFME Server is created -# oc_process: -# namespace: "{{ openshift_cfme_project }}" -# template_name: manageiq -# create: True -# params: -# APPLICATION_IMG_NAME: "{{ openshift_cfme_application_img_name }}" -# POSTGRESQL_IMG_NAME: "{{ openshift_cfme_postgresql_img_name }}" -# MEMCACHED_IMG_NAME: "{{ openshift_cfme_memcached_img_name }}" -# APPLICATION_IMG_TAG: "{{ openshift_cfme_application_img_tag }}" -# POSTGRESQL_IMG_TAG: "{{ openshift_cfme_postgresql_img_tag }}" -# MEMCACHED_IMG_TAG: "{{ openshift_cfme_memcached_img_tag }}" -# register: cfme_new_app_process -# run_once: True -# when: -# # User said to install CFME in their inventory -# - openshift_cfme_install_app | bool -# # # The server app doesn't exist already -# # - not miq_server_check.results.results.0 - -# - debug: -# var: cfme_new_app_process - -# ###################################################################### -# # Various cleanup steps - -# # TODO: Not sure what to do about this right now. Might be able to -# # just delete it? This currently warns about "Unable to find -# # '' in expected paths." -# - name: Ensure the temporary PV/App templates are erased -# file: -# path: "{{ item }}" -# state: absent -# with_fileglob: -# - "{{ template_dir }}/*.yaml" - -# - name: Ensure the temporary PV/app template directory is erased -# file: -# path: "{{ template_dir }}" -# state: absent +# CREATE APP +- name: Note the correct ext-db template name + set_fact: + openshift_cfme_template_name: "{{ openshift_cfme_flavor }}-ext-db" + when: + - openshift_cfme_app_template in ['miq-template-ext-db', 'cfme-template-ext-db'] + +- name: Note the correct podified db template name + set_fact: + openshift_cfme_template_name: "{{ openshift_cfme_flavor }}" + when: + - openshift_cfme_app_template in ['miq-template', 'cfme-template'] + +- name: Ensure the CFME App is created + oc_process: + namespace: "{{ openshift_cfme_project }}" + template_name: "{{ openshift_cfme_template_name }}" + create: True + params: "{{ openshift_cfme_template_parameters }}" diff --git a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml new file mode 100644 index 000000000..0a67b2193 --- /dev/null +++ b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml @@ -0,0 +1,43 @@ +--- +# Create the required PVs for the App and the DB +- name: Check if the CFME App PV has been created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: pv + name: "{{ openshift_cfme_flavor_short }}-app" + register: miq_app_pv_check + +- name: Check if the CFME DB PV has been created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: pv + name: "{{ openshift_cfme_flavor_short }}-db" + register: miq_db_pv_check + when: + - openshift_cfme_app_template in ['miq-template', 'cfme-template'] + +- name: Ensure the CFME App PV is created + oc_process: + namespace: "{{ openshift_cfme_project }}" + template_name: "{{ openshift_cfme_flavor }}-app-pv" + create: True + params: + PV_SIZE: "{{ openshift_cfme_app_pv_size }}" + BASE_PATH: "{{ openshift_cfme_storage_nfs_base_dir }}" + NFS_HOST: "{{ openshift_cfme_nfs_server }}" + when: miq_app_pv_check.results.results == [{}] + +- name: Ensure the CFME DB PV is created + oc_process: + namespace: "{{ openshift_cfme_project }}" + template_name: "{{ openshift_cfme_flavor }}-db-pv" + create: True + params: + PV_SIZE: "{{ openshift_cfme_db_pv_size }}" + BASE_PATH: "{{ openshift_cfme_storage_nfs_base_dir }}" + NFS_HOST: "{{ openshift_cfme_nfs_server }}" + when: + - openshift_cfme_app_template in ['miq-template', 'cfme-template'] + - miq_db_pv_check.results.results == [{}] diff --git a/roles/openshift_cfme/tasks/storage/create_pvs.yml b/roles/openshift_cfme/tasks/storage/create_pvs.yml deleted file mode 100644 index 7fa7d3997..000000000 --- a/roles/openshift_cfme/tasks/storage/create_pvs.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# Check for existance and then conditionally: -# - evaluate templates -# - PVs -# -# These tasks idempotently create required CFME PV objects. Do not -# call this file directly. This file is intended to be ran as an -# include that has a 'with_items' attached to it. Hence the use below -# of variables like "{{ item.pv_label }}" - -- name: "Check if the {{ item.pv_label }} template has been created already" - oc_obj: - namespace: "{{ openshift_cfme_project }}" - state: list - kind: pv - name: "{{ item.pv_name }}" - register: miq_pv_check - -# Skip all of this if the PV already exists -- block: - - name: "Ensure the {{ item.pv_label }} template is evaluated" - template: - src: "{{ item.pv_template }}.j2" - dest: "{{ template_dir }}/{{ item.pv_template }}" - - - name: "Ensure {{ item.pv_label }} is created" - oc_obj: - namespace: "{{ openshift_cfme_project }}" - kind: pv - name: "{{ item.pv_name }}" - state: present - delete_after: True - files: - - "{{ template_dir }}/{{ item.pv_template }}" - when: - - not miq_pv_check.results.results.0 diff --git a/roles/openshift_cfme/tasks/storage/nfs.yml b/roles/openshift_cfme/tasks/storage/nfs.yml index 8151f9fbb..c17544480 100644 --- a/roles/openshift_cfme/tasks/storage/nfs.yml +++ b/roles/openshift_cfme/tasks/storage/nfs.yml @@ -2,102 +2,66 @@ # Tasks to statically provision NFS volumes # Include if not using dynamic volume provisioning -- name: Note Storage Type - NFS - debug: - msg: Setting up NFS storage, openshift_cfme_storage_class is 'nfs' - -- name: TODO - debug: - msg: TODO - replace hard-coded hostname below with oo_nfs_to_config.0 - -- name: Set openshift_cfme_nfs_server fact - when: openshift_cfme_nfs_server is not defined +- name: Ensure we save the local NFS server if one is provided set_fact: - # Hostname/IP of the NFS server. Currently defaults to first master - openshift_cfme_nfs_server: m01.example.com - -# TODO: I was going to try to apply the openshift_storage_nfs role to -# handle this, however, that role is not written to be used by -# itself. Attempting to use it to create CFME exports would just add -# more hard-coded values to the role. That said, we're doing this here -# manually for now until some one comes up with a better solution, or -# the role is made to accept parameters in a more functional way. -# -# I can't really even include the openshift_storage_nfs role in here -# to do basic setup stuff because it would just result in a lot of -# unwanted exports getting set up for the users. - -- name: Ensure the /exports/ directory exists - file: - path: /exports/ - state: directory - mode: 0755 - owner: root - group: root - -- name: Ensure exports directory exists - file: - path: /etc/exports.d/ - state: directory - -# # TODO - with_items should be passed a list of storage configs for the -# # desired CFME setup. This might mean a local or remote nfs server, as -# # well as fully qualified filesystem paths. -# - name: Ensure export directories exist -# file: -# path: "{{ item.storage.nfs.directory }}/{{ item.storage.volume.name }}" -# state: directory -# mode: 0777 -# owner: nfsnobody -# group: nfsnobody -# with_items: - -- name: Enable and start services - systemd: - name: nfs-server - state: started - enabled: yes - register: start_result - -- set_fact: - nfs_service_status_changed: "{{ start_result | changed }}" + openshift_cfme_nfs_server: "{{ openshift_cfme_storage_nfs_local_hostname }}" + when: + - openshift_cfme_storage_nfs_local_hostname is defined + - openshift_cfme_storage_nfs_local_hostname != False + - openshift_cfme_storage_class == "nfs" -- name: restart nfs-server - systemd: - name: nfs-server - state: restarted - when: nfs_service_status_changed | default(false) - notify: - - "OpenShift-CFME - Reload NFS Exports" - -###################################################################### -# TODO: Move the export directory and PV creation into individual -# tasks under the respective server/database task files. - -# # - name: Ensure the miq-pv0X export directories exist -# # file: -# # path: "/exports/{{ item }}" -# # state: directory -# # mode: 0775 -# # owner: nfsnobody -# # group: nfsnobody -# # with_items: "{{ openshift_cfme_pv_exports }}" - -# # - name: Ensure the NFS exports for CFME PVs exist -# # copy: -# # src: openshift_cfme.exports -# # dest: /etc/exports.d/openshift_cfme.exports -# # register: nfs_exports_updated - - -# # Create the required CFME PVs. Check out these online docs if you -# # need a refresher on includes looping with items: -# # * http://docs.ansible.com/ansible/playbooks_loops.html#loops-and-includes-in-2-0 -# # * http://stackoverflow.com/a/35128533 - -# # TODO: Handle the case where a PV template is updated in -# # openshift-ansible and the change needs to be landed on the managed -# # cluster. +- name: Ensure we save the local NFS server + set_fact: + openshift_cfme_nfs_server: "{{ groups['oo_nfs_to_config'].0 }}" + when: + - openshift_cfme_nfs_server is not defined + - openshift_cfme_storage_class == "nfs" -# # - include: create_pvs.yml -# # with_items: "{{ openshift_cfme_pv_data }}" +- name: Ensure we save the external NFS server + set_fact: + openshift_cfme_nfs_server: "{{ openshift_cfme_storage_nfs_external_hostname }}" + when: + - openshift_cfme_storage_class == "nfs_external" + +- name: Failed NFS server detection + assert: + that: + - openshift_cfme_nfs_server is defined + msg: | + "Unable to detect an NFS server. The 'nfs_external' + openshift_cfme_storage_class option requires that you set + openshift_cfme_storage_nfs_external_hostname. NFS hosts detected + for local nfs services: {{ groups['oo_nfs_to_config'] | join(', ') }}" + +- name: Setting up NFS storage + block: + - name: Include the NFS Setup role tasks + include_role: + role: openshift_nfs + tasks_from: setup + vars: + l_nfs_base_dir: "{{ openshift_cfme_storage_nfs_base_dir }}" + + - name: Create the App export + include_role: + role: openshift_nfs + tasks_from: create_export + vars: + l_nfs_base_dir: "{{ openshift_cfme_storage_nfs_base_dir }}" + l_nfs_export_config: "{{ openshift_cfme_flavor_short }}" + l_nfs_export_name: "{{ openshift_cfme_flavor_short }}-app" + l_nfs_options: "*(rw,no_root_squash,no_wdelay)" + + - name: Create the DB export + include_role: + role: openshift_nfs + tasks_from: create_export + vars: + l_nfs_base_dir: "{{ openshift_cfme_storage_nfs_base_dir }}" + l_nfs_export_config: "{{ openshift_cfme_flavor_short }}" + l_nfs_export_name: "{{ openshift_cfme_flavor_short }}-db" + l_nfs_options: "*(rw,no_root_squash,no_wdelay)" + when: + - openshift_cfme_app_template in ['miq-template', 'cfme-template'] + + delegate_to: "{{ openshift_cfme_nfs_server }}" diff --git a/roles/openshift_cfme/tasks/template.yml b/roles/openshift_cfme/tasks/template.yml index 11ccae3e6..2061e2bd7 100644 --- a/roles/openshift_cfme/tasks/template.yml +++ b/roles/openshift_cfme/tasks/template.yml @@ -4,69 +4,125 @@ ###################################################################### # CFME App Template # -# Note, this is different from the create_pvs.yml tasks in that the -# application template does not require any jinja2 evaluation. +# Note, this is different from the create_nfs_pvs.yml tasks in that +# the application template does not require any jinja2 evaluation. # -# TODO: Handle the case where the server template is updated in -# openshift-ansible and the change needs to be landed on the managed -# cluster. +# TODO: Handle the case where the server or PV templates are updated +# in openshift-ansible and the change needs to be landed on the +# managed cluster. ###################################################################### # STANDARD PODIFIED DATABASE TEMPLATE -- when: openshift_cfme_app_template == 'miq-template' +- when: openshift_cfme_app_template in ['miq-template', 'cfme-template'] block: - name: Check if the CFME Server template has been created already oc_obj: namespace: "{{ openshift_cfme_project }}" state: list kind: template - name: manageiq + name: "{{ openshift_cfme_flavor }}" register: miq_server_check - - name: Copy over CFME Server template - copy: - src: miq-template.yaml - dest: "{{ template_dir }}/" - when: - - miq_server_check.results.results == [{}] + - when: miq_server_check.results.results == [{}] + block: + - name: Copy over CFME Server template + copy: + src: "templates/{{ openshift_cfme_flavor }}/{{ openshift_cfme_flavor_short }}-template.yaml" + dest: "{{ template_dir }}/" - - name: Ensure CFME Server Template is created - oc_obj: - namespace: "{{ openshift_cfme_project }}" - name: manageiq - state: present - kind: template - files: - - "{{ template_dir }}/miq-template.yaml" - when: - - miq_server_check.results.results == [{}] + - name: Ensure CFME Server Template is created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + name: "{{ openshift_cfme_flavor }}" + state: present + kind: template + files: + - "{{ template_dir }}/{{ openshift_cfme_flavor_short }}-template.yaml" ###################################################################### # EXTERNAL DATABASE TEMPLATE -- when: openshift_cfme_app_template == 'miq-template-ext-db' +- when: openshift_cfme_app_template in ['miq-template-ext-db', 'cfme-template'] block: - name: Check if the CFME Ext-DB Server template has been created already oc_obj: namespace: "{{ openshift_cfme_project }}" state: list kind: template - name: manageiq-ext-db + name: "{{ openshift_cfme_flavor }}-ext-db" register: miq_ext_db_server_check - - name: Copy over CFME Ext-DB Server template + - when: miq_ext_db_server_check.results.results == [{}] + block: + - name: Copy over CFME Ext-DB Server template + copy: + src: "templates/{{ openshift_cfme_flavor }}/{{openshift_cfme_flavor_short}}-template-ext-db.yaml" + dest: "{{ template_dir }}/" + + - name: Ensure CFME Ext-DB Server Template is created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + name: "{{ openshift_cfme_flavor }}-ext-db" + state: present + kind: template + files: + - "{{ template_dir }}/{{ openshift_cfme_flavor_short }}-template-ext-db.yaml" + +# End app template creation. +###################################################################### + +###################################################################### +# Begin conditional PV template creations + +# Required for the application server +- name: Check if the CFME App PV template has been created already + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: template + name: "{{ openshift_cfme_flavor }}-app-pv" + register: miq_app_pv_check + +- when: miq_app_pv_check.results.results == [{}] + block: + - name: Copy over CFME App PV template copy: - src: miq-template-ext-db.yaml + src: "templates/{{ openshift_cfme_flavor }}/{{ openshift_cfme_flavor_short }}-pv-server-example.yaml" dest: "{{ template_dir }}/" - when: - - miq_ext_db_server_check.results.results == [{}] - - name: Ensure CFME Ext-DB Server Template is created + - name: Ensure CFME App PV Template is created oc_obj: namespace: "{{ openshift_cfme_project }}" - name: manageiq-ext-db + name: "{{ openshift_cfme_flavor }}-app-pv" state: present kind: template files: - - "{{ template_dir }}/miq-template-ext-db.yaml" - when: - - miq_ext_db_server_check.results.results == [{}] + - "{{ template_dir }}/{{ openshift_cfme_flavor_short }}-pv-server-example.yaml" + +#--------------------------------------------------------------------- + +# Required for database if the installation is fully podified +- when: openshift_cfme_app_template in ['miq-template', 'cfme-template'] + block: + - name: Check if the CFME DB PV template has been created already + oc_obj: + namespace: "{{ openshift_cfme_project }}" + state: list + kind: template + name: "{{ openshift_cfme_flavor }}-db-pv" + register: miq_db_pv_check + + - when: miq_db_pv_check.results.results == [{}] + block: + - name: Copy over CFME DB PV template + copy: + src: "templates/{{ openshift_cfme_flavor }}/{{ openshift_cfme_flavor_short }}-pv-db-example.yaml" + dest: "{{ template_dir }}/" + + - name: Ensure CFME DB PV Template is created + oc_obj: + namespace: "{{ openshift_cfme_project }}" + name: "{{ openshift_cfme_flavor }}-db-pv" + state: present + kind: template + files: + - "{{ template_dir }}/{{ openshift_cfme_flavor_short }}-pv-db-example.yaml" diff --git a/roles/openshift_cfme/tasks/uninstall.yml b/roles/openshift_cfme/tasks/uninstall.yml index 406b59364..068d065c2 100644 --- a/roles/openshift_cfme/tasks/uninstall.yml +++ b/roles/openshift_cfme/tasks/uninstall.yml @@ -1,46 +1,23 @@ --- -- include_role: - name: lib_openshift +- name: Start removing all the objects + command: "oc delete -n {{ openshift_cfme_project }} {{ item }} --all" + with_items: + - rc + - dc + - po + - svc + - pv + - pvc + - statefulsets + - routes -- name: Uninstall CFME - ManageIQ - debug: - msg: Uninstalling Cloudforms Management Engine - ManageIQ +- name: Remove the project + command: "oc delete -n {{ openshift_cfme_project }} project {{ openshift_cfme_project }}" -- name: Ensure the CFME project is removed - oc_project: - state: absent - name: "{{ openshift_cfme_project }}" - -- name: Ensure the CFME template is removed - oc_obj: - namespace: "{{ openshift_cfme_project }}" - state: absent - kind: template - name: manageiq - -- name: Ensure the CFME PVs are removed - oc_obj: - state: absent - all_namespaces: True - kind: pv - name: "{{ item }}" - with_items: "{{ openshift_cfme_pv_exports }}" - when: not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')) - -- name: Ensure the CFME user is removed - oc_user: - state: absent - username: "{{ openshift_cfme_user }}" - -- name: Ensure the CFME NFS Exports are removed - file: - path: /etc/exports.d/openshift_cfme.exports - state: absent - register: nfs_exports_removed - when: not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')) - -- name: Ensure the NFS export table is refreshed if exports were removed - command: exportfs -ar - when: - - nfs_exports_removed.changed - - not (openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')) +- name: Verify project has been destroyed + command: "oc get project {{ openshift_cfme_project }}" + ignore_errors: True + register: project_terminated + until: project_terminated.stderr.find("NotFound") != -1 + delay: 5 + retries: 30 diff --git a/roles/openshift_cfme/tasks/validate.yml b/roles/openshift_cfme/tasks/validate.yml index 61448aa3b..c7409d9ab 100644 --- a/roles/openshift_cfme/tasks/validate.yml +++ b/roles/openshift_cfme/tasks/validate.yml @@ -1,26 +1,35 @@ --- # Validate configuration parameters passed to the openshift_cfme role +###################################################################### +# CORE PARAMETERS - name: Ensure openshift_cfme_app_template is valid assert: that: - - openshift_cfme_app_template in openshift_cfme_app_templates - msg: "openshift_cfme_app_template must be one of {{ openshift_cfme_app_templates | join(', ') }}" + - openshift_cfme_app_template in __openshift_cfme_app_templates + msg: "openshift_cfme_app_template must be one of {{ __openshift_cfme_app_templates | join(', ') }}" - name: Ensure openshift_cfme_storage_class is a valid type assert: that: - - openshift_cfme_storage_class in openshift_cfme_storage_classes - msg: "openshift_cfme_storage_class must be one of {{ openshift_cfme_storage_classes | join(', ') }}" + - openshift_cfme_storage_class in __openshift_cfme_storage_classes + msg: "openshift_cfme_storage_class must be one of {{ __openshift_cfme_storage_classes | join(', ') }}" +###################################################################### +# STORAGE PARAMS - NFS - name: Ensure external NFS storage has a valid NFS server hostname defined assert: that: - - openshift_cfme_storage_external_nfs_hostname is not False - msg: The selected storage class 'external' requires a valid hostname for the openshift_cfme_storage_external_nfs_hostname parameter + - openshift_cfme_storage_nfs_external_hostname | default(False) + msg: The selected storage class 'nfs_external' requires a valid hostname for the openshift_cfme_storage_nfs_hostname parameter when: - - openshift_cfme_storage_class == 'external' + - openshift_cfme_storage_class == 'nfs_external' +# that 'nfs' types have one of the following set: +# + +###################################################################### +# STORAGE PARAMS -CLOUD PROVIDER - name: Validate Cloud Provider storage class assert: that: @@ -31,4 +40,33 @@ example inventories for the required parameters for your selected cloud provider. Working providers: 'aws' and 'gce'. when: + - openshift_cfme_storage_class == 'cloudprovider' - openshift_cloudprovider_kind is defined + +- name: Validate 'cloudprovider' Storage Class has required parameters defined + assert: + that: + - openshift_cloudprovider_kind is defined + msg: | + openshift_cfme_storage_class is 'cloudprovider' but you do not + have 'openshift_cloudprovider_kind' defined, this is + required. Search the example inventories for + 'openshift_cloudprovider_kind'. The required parameters for your + selected cloud provider must be defined in your inventory as + well. Working providers: 'aws' and 'gce'. + when: + - openshift_cfme_storage_class == 'cloudprovider' + +###################################################################### +# DATABASE CONNECTION VALIDATION +- name: Validate all required database parameters were provided for ext-db template + assert: + that: + - item in openshift_cfme_template_parameters + msg: | + "You are not using podified database services and a required + database parameter {{ item }} was not found in + 'openshift_cfme_template_parameters'" + with_items: "{{ __openshift_cfme_required_db_conn_params }}" + when: + - openshift_cfme_app_template in ['miq-template-ext-db', 'cfme-template-ext-db'] -- cgit v1.2.3 From 99811e05a245ef23e806f5c847f72d267b142bf1 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Wed, 4 Oct 2017 10:06:50 -0400 Subject: Add notes about SA token. Improve NFS validation. --- .../tasks/storage/create_nfs_pvs.yml | 26 ++++++++++++++++ roles/openshift_cfme/tasks/validate.yml | 36 ++++++++++++++++------ 2 files changed, 53 insertions(+), 9 deletions(-) (limited to 'roles/openshift_cfme/tasks') diff --git a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml index 0a67b2193..b8d4ec8c5 100644 --- a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml +++ b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml @@ -1,5 +1,31 @@ --- # Create the required PVs for the App and the DB +- name: Note the App PV Size from Template Parameters + set_fact: + openshift_cfme_app_pv_size: "{{ openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY }}" + when: + - openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY is defined + +- name: Note the App PV Size from defaults + set_fact: + openshift_cfme_app_pv_size: "{{ __openshift_cfme_app_pv_size }}" + when: + - openshift_cfme_template_parameters.APPLICATION_VOLUME_CAPACITY is not defined + +- when: openshift_cfme_app_template in ['miq-template', 'cfme-template'] + block: + - name: Note the DB PV Size from Template Parameters + set_fact: + openshift_cfme_db_pv_size: "{{ openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is defined + + - name: Note the DB PV Size from defaults + set_fact: + openshift_cfme_db_pv_size: "{{ __openshift_cfme_db_pv_size }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is not defined + - name: Check if the CFME App PV has been created oc_obj: namespace: "{{ openshift_cfme_project }}" diff --git a/roles/openshift_cfme/tasks/validate.yml b/roles/openshift_cfme/tasks/validate.yml index c7409d9ab..1ba813a43 100644 --- a/roles/openshift_cfme/tasks/validate.yml +++ b/roles/openshift_cfme/tasks/validate.yml @@ -7,13 +7,18 @@ assert: that: - openshift_cfme_app_template in __openshift_cfme_app_templates - msg: "openshift_cfme_app_template must be one of {{ __openshift_cfme_app_templates | join(', ') }}" + + msg: | + "openshift_cfme_app_template must be one of {{ + __openshift_cfme_app_templates | join(', ') }}" - name: Ensure openshift_cfme_storage_class is a valid type assert: that: - openshift_cfme_storage_class in __openshift_cfme_storage_classes - msg: "openshift_cfme_storage_class must be one of {{ __openshift_cfme_storage_classes | join(', ') }}" + msg: | + "openshift_cfme_storage_class must be one of {{ + __openshift_cfme_storage_classes | join(', ') }}" ###################################################################### # STORAGE PARAMS - NFS @@ -21,12 +26,24 @@ assert: that: - openshift_cfme_storage_nfs_external_hostname | default(False) - msg: The selected storage class 'nfs_external' requires a valid hostname for the openshift_cfme_storage_nfs_hostname parameter + msg: | + The selected storage class 'nfs_external' requires a valid + hostname for the openshift_cfme_storage_nfs_hostname parameter when: - openshift_cfme_storage_class == 'nfs_external' -# that 'nfs' types have one of the following set: -# +- name: Ensure local NFS storage has a valid NFS server to use + fail: + msg: | + No NFS hosts detected or defined but storage class is set to + 'nfs'. Add hosts to your [nfs] group or define one manually with + the 'openshift_cfme_storage_nfs_local_hostname' parameter + when: + - openshift_cfme_storage_class == 'nfs' + # You haven't created any NFS groups + - (groups.nfs is defined and groups.nfs | length == 0) or (groups.nfs is not defined) + # You did not manually specify a host to use + - (openshift_cfme_storage_nfs_local_hostname is not defined) or (openshift_cfme_storage_nfs_local_hostname == false) ###################################################################### # STORAGE PARAMS -CLOUD PROVIDER @@ -36,9 +53,10 @@ - openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce' msg: | openshift_cfme_storage_class is 'cloudprovider' but you have an - invalid kind defined. See 'openshift_cloudprovider_kind' in the - example inventories for the required parameters for your - selected cloud provider. Working providers: 'aws' and 'gce'. + invalid kind defined, '{{ openshift_cloudprovider_kind }}'. See + 'openshift_cloudprovider_kind' in the example inventories for + the required parameters for your selected cloud + provider. Working providers: 'aws' and 'gce'. when: - openshift_cfme_storage_class == 'cloudprovider' - openshift_cloudprovider_kind is defined @@ -64,7 +82,7 @@ that: - item in openshift_cfme_template_parameters msg: | - "You are not using podified database services and a required + "You are using external database services but a required database parameter {{ item }} was not found in 'openshift_cfme_template_parameters'" with_items: "{{ __openshift_cfme_required_db_conn_params }}" -- cgit v1.2.3 From d4c1a0443e7c38343752f880d6ae3c2c2c33ab54 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Wed, 4 Oct 2017 12:54:49 -0400 Subject: Fix lint error --- .../openshift_cfme/tasks/storage/create_nfs_pvs.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'roles/openshift_cfme/tasks') diff --git a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml index b8d4ec8c5..d5252464e 100644 --- a/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml +++ b/roles/openshift_cfme/tasks/storage/create_nfs_pvs.yml @@ -14,17 +14,17 @@ - when: openshift_cfme_app_template in ['miq-template', 'cfme-template'] block: - - name: Note the DB PV Size from Template Parameters - set_fact: - openshift_cfme_db_pv_size: "{{ openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY }}" - when: - - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is defined + - name: Note the DB PV Size from Template Parameters + set_fact: + openshift_cfme_db_pv_size: "{{ openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is defined - - name: Note the DB PV Size from defaults - set_fact: - openshift_cfme_db_pv_size: "{{ __openshift_cfme_db_pv_size }}" - when: - - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is not defined + - name: Note the DB PV Size from defaults + set_fact: + openshift_cfme_db_pv_size: "{{ __openshift_cfme_db_pv_size }}" + when: + - openshift_cfme_template_parameters.DATABASE_VOLUME_CAPACITY is not defined - name: Check if the CFME App PV has been created oc_obj: -- cgit v1.2.3