From 94a77cb1d81b6e4e316ae679890df4994816532f Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 22 May 2015 13:13:17 -0400 Subject: Templatize configs and 0.5.2 changes - Templatize node config - Templatize master config - Integrated sdn changes - Updates for openshift_facts - Added support for node, master and sdn related changes - registry_url - added identity provider facts - Removed openshift_sdn_* roles - Install httpd-tools if configuring htpasswd auth - Remove references to external_id - Setting external_id interferes with nodes associating with the generated node object when pre-registering nodes. - osc/oc and osadm/oadm binary detection in openshift_facts Misc Changes: - make non-errata puddle default for byo example - comment out master in list of nodes in inventory/byo/hosts - remove non-error errors from fluentd_* roles - Use admin kubeconfig instead of openshift-client --- roles/openshift_facts/library/openshift_facts.py | 196 +++++++++++++++++------ 1 file changed, 144 insertions(+), 52 deletions(-) (limited to 'roles/openshift_facts/library') diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index aff7d723e..e4d3bf26f 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1,10 +1,6 @@ #!/usr/bin/python # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 -# disable pylint checks -# temporarily disabled until items can be addressed: -# fixme - until all TODO comments have been addressed -# pylint:disable=fixme """Ansible module for retrieving and setting openshift related facts""" DOCUMENTATION = ''' @@ -19,6 +15,7 @@ EXAMPLES = ''' import ConfigParser import copy +import os def hostname_valid(hostname): @@ -166,7 +163,6 @@ def normalize_gce_facts(metadata, facts): facts['network']['interfaces'].append(int_info) _, _, zone = metadata['instance']['zone'].rpartition('/') facts['zone'] = zone - facts['external_id'] = metadata['instance']['id'] # Default to no sdn for GCE deployments facts['use_openshift_sdn'] = False @@ -215,7 +211,6 @@ def normalize_aws_facts(metadata, facts): int_info['network_id'] = None facts['network']['interfaces'].append(int_info) facts['zone'] = metadata['placement']['availability-zone'] - facts['external_id'] = metadata['instance-id'] # TODO: actually attempt to determine default local and public ips # by using the ansible default ip fact and the ipv4-associations @@ -247,7 +242,7 @@ def normalize_openstack_facts(metadata, facts): # metadata api, should be updated if neutron exposes this. facts['zone'] = metadata['availability_zone'] - facts['external_id'] = metadata['uuid'] + facts['network']['ip'] = metadata['ec2_compat']['local-ipv4'] facts['network']['public_ip'] = metadata['ec2_compat']['public-ipv4'] @@ -288,14 +283,39 @@ def normalize_provider_facts(provider, metadata): facts = normalize_openstack_facts(metadata, facts) return facts -def set_fluentd_facts_if_unset(facts): - """ Set fluentd facts if not already present in facts dict +def set_registry_url_if_unset(facts): + """ Set registry_url fact if not already present in facts dict Args: facts (dict): existing facts Returns: + dict: the facts dict updated with the generated identity providers + facts if they were not already present + """ + for role in ('master', 'node'): + if role in facts: + deployment_type = facts['common']['deployment_type'] + if 'registry_url' not in facts[role]: + registry_url = "openshift/origin-${component}:${version}" + if deployment_type == 'enterprise': + registry_url = "openshift3_beta/ose-${component}:${version}" + elif deployment_type == 'online': + registry_url = ("docker-registry.ops.rhcloud.com/" + "openshift3_beta/ose-${component}:${version}") + facts[role]['registry_url'] = registry_url + + return facts + +def set_fluentd_facts_if_unset(facts): + """ Set fluentd facts if not already present in facts dict dict: the facts dict updated with the generated fluentd facts if missing + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated fluentd + facts if they were not already present + """ if 'common' in facts: deployment_type = facts['common']['deployment_type'] @@ -304,6 +324,32 @@ def set_fluentd_facts_if_unset(facts): facts['common']['use_fluentd'] = use_fluentd return facts +def set_identity_providers_if_unset(facts): + """ Set identity_providers fact if not already present in facts dict + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated identity providers + facts if they were not already present + """ + if 'master' in facts: + deployment_type = facts['common']['deployment_type'] + if 'identity_providers' not in facts['master']: + identity_provider = dict( + name='allow_all', challenge=True, login=True, + kind='AllowAllPasswordIdentityProvider' + ) + if deployment_type == 'enterprise': + identity_provider = dict( + name='deny_all', challenge=True, login=True, + kind='DenyAllPasswordIdentityProvider' + ) + + facts['master']['identity_providers'] = [identity_provider] + + return facts + def set_url_facts_if_unset(facts): """ Set url facts if not already present in facts dict @@ -314,34 +360,77 @@ def set_url_facts_if_unset(facts): were not already present """ if 'master' in facts: - for (url_var, use_ssl, port, default) in [ - ('api_url', - facts['master']['api_use_ssl'], - facts['master']['api_port'], - facts['common']['hostname']), - ('public_api_url', - facts['master']['api_use_ssl'], - facts['master']['api_port'], - facts['common']['public_hostname']), - ('console_url', - facts['master']['console_use_ssl'], - facts['master']['console_port'], - facts['common']['hostname']), - ('public_console_url' 'console_use_ssl', - facts['master']['console_use_ssl'], - facts['master']['console_port'], - facts['common']['public_hostname'])]: - if url_var not in facts['master']: - scheme = 'https' if use_ssl else 'http' - netloc = default - if ((scheme == 'https' and port != '443') - or (scheme == 'http' and port != '80')): - netloc = "%s:%s" % (netloc, port) - facts['master'][url_var] = urlparse.urlunparse( - (scheme, netloc, '', '', '', '') - ) + api_use_ssl = facts['master']['api_use_ssl'] + api_port = facts['master']['api_port'] + console_use_ssl = facts['master']['console_use_ssl'] + console_port = facts['master']['console_port'] + console_path = facts['master']['console_path'] + etcd_use_ssl = facts['master']['etcd_use_ssl'] + etcd_port = facts['master']['etcd_port'], + hostname = facts['common']['hostname'] + public_hostname = facts['common']['public_hostname'] + + if 'etcd_urls' not in facts['master']: + facts['master']['etcd_urls'] = [format_url(etcd_use_ssl, hostname, + etcd_port)] + if 'api_url' not in facts['master']: + facts['master']['api_url'] = format_url(api_use_ssl, hostname, + api_port) + if 'public_api_url' not in facts['master']: + facts['master']['public_api_url'] = format_url(api_use_ssl, + public_hostname, + api_port) + if 'console_url' not in facts['master']: + facts['master']['console_url'] = format_url(console_use_ssl, + hostname, + console_port, + console_path) + if 'public_console_url' not in facts['master']: + facts['master']['public_console_url'] = format_url(console_use_ssl, + public_hostname, + console_port, + console_path) + return facts + +def set_sdn_facts_if_unset(facts): + """ Set sdn facts if not already present in facts dict + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated sdn facts if they + were not already present + """ + if 'common' in facts: + if 'sdn_network_plugin_name' not in facts['common']: + use_sdn = facts['common']['use_openshift_sdn'] + plugin = 'redhat/openshift-ovs-subnet' if use_sdn else '' + facts['common']['sdn_network_plugin_name'] = plugin + + if 'master' in facts: + if 'sdn_cluster_network_cidr' not in facts['master']: + facts['master']['sdn_cluster_network_cidr'] = '10.1.0.0/16' + if 'sdn_host_subnet_length' not in facts['master']: + facts['master']['sdn_host_subnet_length'] = '8' + return facts +def format_url(use_ssl, hostname, port, path=''): + """ Format url based on ssl flag, hostname, port and path + + Args: + use_ssl (bool): is ssl enabled + hostname (str): hostname + port (str): port + path (str): url path + Returns: + str: The generated url string + """ + scheme = 'https' if use_ssl else 'http' + netloc = hostname + if (use_ssl and port != '443') or (not use_ssl and port != '80'): + netloc += ":%s" % port + return urlparse.urlunparse((scheme, netloc, path, '', '', '')) def get_current_config(facts): """ Get current openshift config @@ -405,7 +494,7 @@ def get_current_config(facts): return current_config -def apply_provider_facts(facts, provider_facts, roles): +def apply_provider_facts(facts, provider_facts): """ Apply provider facts to supplied facts dict Args: @@ -433,11 +522,6 @@ def apply_provider_facts(facts, provider_facts, roles): facts['common'][ip_var] ) - if 'node' in roles: - ext_id = provider_facts.get('external_id') - if ext_id: - facts['node']['external_id'] = ext_id - facts['provider'] = provider_facts return facts @@ -571,11 +655,14 @@ class OpenShiftFacts(object): defaults = self.get_defaults(roles) provider_facts = self.init_provider_facts() - facts = apply_provider_facts(defaults, provider_facts, roles) + facts = apply_provider_facts(defaults, provider_facts) facts = merge_facts(facts, local_facts) facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) + facts = set_identity_providers_if_unset(facts) + facts = set_registry_url_if_unset(facts) + facts = set_sdn_facts_if_unset(facts) return dict(openshift=facts) def get_defaults(self, roles): @@ -589,31 +676,36 @@ class OpenShiftFacts(object): """ defaults = dict() - common = dict(use_openshift_sdn=True) ip_addr = self.system_facts['default_ipv4']['address'] - common['ip'] = ip_addr - common['public_ip'] = ip_addr - exit_code, output, _ = module.run_command(['hostname', '-f']) hostname_f = output.strip() if exit_code == 0 else '' hostname_values = [hostname_f, self.system_facts['nodename'], self.system_facts['fqdn']] hostname = choose_hostname(hostname_values) - common['hostname'] = hostname - common['public_hostname'] = hostname + common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr, + deployment_type='origin', hostname=hostname, + public_hostname=hostname) + common['client_binary'] = 'oc' if os.path.isfile('/usr/bin/oc') else 'osc' + common['admin_binary'] = 'oadm' if os.path.isfile('/usr/bin/oadm') else 'osadm' defaults['common'] = common if 'master' in roles: master = dict(api_use_ssl=True, api_port='8443', console_use_ssl=True, console_path='/console', - console_port='8443', etcd_use_ssl=False, - etcd_port='4001', portal_net='172.30.17.0/24') + console_port='8443', etcd_use_ssl=True, + etcd_port='4001', portal_net='172.30.0.0/16', + embedded_etcd=True, embedded_kube=True, + embedded_dns=True, dns_port='53', + bind_addr='0.0.0.0', session_max_seconds=3600, + session_name='ssn', session_secrets_file='', + access_token_max_seconds=86400, + auth_token_max_seconds=500, + oauth_grant_method='auto') defaults['master'] = master if 'node' in roles: - node = dict(external_id=common['hostname'], pod_cidr='', - labels={}, annotations={}) + node = dict(pod_cidr='', labels={}, annotations={}) node['resources_cpu'] = self.system_facts['processor_cores'] node['resources_memory'] = int( int(self.system_facts['memtotal_mb']) * 1024 * 1024 * 0.75 -- cgit v1.2.3