From 60ad4626f03cbfb119290a4bfaf9ecba53dc762b Mon Sep 17 00:00:00 2001
From: ewolinetz <ewolinet@redhat.com>
Date: Tue, 2 May 2017 11:21:56 -0500
Subject: Pulling in changes from master

---
 .../tasks/main.yaml                                | 87 +++++++++++++++++-----
 1 file changed, 69 insertions(+), 18 deletions(-)

(limited to 'roles/openshift_logging_elasticsearch/tasks')

diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml
index 0d4c7a013..620c82fd0 100644
--- a/roles/openshift_logging_elasticsearch/tasks/main.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml
@@ -11,7 +11,9 @@
     msg: Invalid deployment type, one of ['data-master', 'data-client', 'master', 'client'] allowed
   when: not openshift_logging_elasticsearch_deployment_type in __allowed_es_types
 
-- set_fact: elasticsearch_name="{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}"
+- set_fact:
+    elasticsearch_name: "{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}"
+    es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}"
 
 - include: determine_version.yaml
 
@@ -39,7 +41,7 @@
   oc_serviceaccount:
     state: present
     name: "aggregated-logging-elasticsearch"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     image_pull_secrets: "{{ openshift_logging_image_pull_secret }}"
   when: openshift_logging_image_pull_secret != ''
 
@@ -47,7 +49,7 @@
   oc_serviceaccount:
     state: present
     name: "aggregated-logging-elasticsearch"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
   when:
   - openshift_logging_image_pull_secret == ''
 
@@ -61,7 +63,7 @@
     state: present
     name: "rolebinding-reader"
     kind: clusterrole
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     files:
     - "{{ tempdir }}/rolebinding-reader.yml"
     delete_after: true
@@ -70,10 +72,34 @@
 - name: Set rolebinding-reader permissions for ES
   oc_adm_policy_user:
     state: present
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     resource_kind: cluster-role
     resource_name: rolebinding-reader
-    user: "system:serviceaccount:{{ openshift_logging_namespace }}:aggregated-logging-elasticsearch"
+    user: "system:serviceaccount:{{ openshift_logging_elasticsearch_namespace }}:aggregated-logging-elasticsearch"
+
+# View role and binding
+- name: Generate logging-elasticsearch-view-role
+  template:
+    src: rolebinding.j2
+    dest: "{{mktemp.stdout}}/logging-elasticsearch-view-role.yaml"
+  vars:
+    obj_name: logging-elasticsearch-view-role
+    roleRef:
+      name: view
+    subjects:
+      - kind: ServiceAccount
+        name: aggregated-logging-elasticsearch
+  changed_when: no
+
+- name: Set logging-elasticsearch-view-role role
+  oc_obj:
+    state: present
+    name: "logging-elasticsearch-view-role"
+    kind: rolebinding
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+    files:
+    - "{{ tempdir }}/logging-elasticsearch-view-role.yaml"
+    delete_after: true
 
 # configmap
 - template:
@@ -87,7 +113,6 @@
     dest: "{{ tempdir }}/elasticsearch.yml"
   vars:
     allow_cluster_reader: "{{ openshift_logging_elasticsearch_ops_allow_cluster_reader | lower | default('false') }}"
-    deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}"
   when: es_config_contents is undefined
   changed_when: no
 
@@ -106,8 +131,8 @@
 - name: Set ES configmap
   oc_configmap:
     state: present
-    name: "{{ elasticsearch_name }}-{{ openshift_logging_elasticsearch_deployment_type }}"
-    namespace: "{{ openshift_logging_namespace }}"
+    name: "{{ elasticsearch_name }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     from_file:
       elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
       logging.yml: "{{ tempdir }}/elasticsearch-logging.yml"
@@ -119,7 +144,7 @@
   oc_secret:
     state: present
     name: "logging-elasticsearch"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     files:
     - name: key
       path: "{{ generated_certs_dir }}/logging-es.jks"
@@ -138,6 +163,34 @@
     - name: admin.jks
       path: "{{ generated_certs_dir }}/system.admin.jks"
 
+# services
+- name: Set logging-{{ es_component }}-cluster service
+  oc_service:
+    state: present
+    name: "logging-{{ es_component }}-cluster"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+    selector:
+      component: "{{ es_component }}"
+      provider: openshift
+#    labels:
+#    - logging-infra: 'support'
+    ports:
+    - port: 9300
+
+- name: Set logging-{{ es_component }} service
+  oc_service:
+    state: present
+    name: "logging-{{ es_component }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+    selector:
+      component: "{{ es_component }}"
+      provider: openshift
+#    labels:
+#    - logging-infra: 'support'
+    ports:
+    - port: 9200
+      targetPort: "restapi"
+
 - name: Creating ES storage template
   template:
     src: pvc.j2
@@ -171,16 +224,13 @@
     state: present
     kind: pvc
     name: "{{ openshift_logging_elasticsearch_pvc_name }}"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     files:
     - "{{ tempdir }}/templates/logging-es-pvc.yml"
     delete_after: true
   when:
   - openshift_logging_elasticsearch_storage_type == "pvc"
 
-- set_fact:
-    es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}"
-
 - set_fact:
     es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 'abcdefghijklmnopqrstuvwxyz0123456789' | random_word(8) }}"
   when: openshift_logging_elasticsearch_deployment_name == ""
@@ -195,20 +245,21 @@
     src: es.j2
     dest: "{{ tempdir }}/templates/logging-es-dc.yml"
   vars:
-    es_configmap: "{{ elasticsearch_name }}-{{ openshift_logging_elasticsearch_deployment_type }}"
     es_cluster_name: "{{ es_component }}"
-    logging_component: "{{ es_component }}"
+    component: "{{ es_component }}"
+    logging_component: elasticsearch
     deploy_name: "{{ es_deploy_name }}"
     image: "{{ openshift_logging_image_prefix }}logging-elasticsearch:{{ openshift_logging_image_version }}"
     es_cpu_limit: "{{ openshift_logging_elasticsearch_cpu_limit }}"
     es_memory_limit: "{{ openshift_logging_elasticsearch_memory_limit }}"
     es_node_selector: "{{ openshift_logging_elasticsearch_nodeselector | default({}) }}"
+    deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}"
 
 - name: Set ES dc
   oc_obj:
     state: present
     name: "{{ es_deploy_name }}"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     kind: dc
     files:
     - "{{ tempdir }}/templates/logging-es-dc.yml"
@@ -219,7 +270,7 @@
   oc_scale:
     kind: dc
     name: "{{ es_deploy_name }}"
-    namespace: "{{ openshift_logging_namespace }}"
+    namespace: "{{ openshift_logging_elasticsearch_namespace }}"
     replicas: 1
 
 ## Placeholder for migration when necessary ##
-- 
cgit v1.2.3