From 858afb085dab78018f90ff17871b83c1dd9ba5bd Mon Sep 17 00:00:00 2001
From: Clayton Coleman <ccoleman@redhat.com>
Date: Sun, 5 Nov 2017 01:03:05 -0400
Subject: Revert "Bootstrap enhancements."

---
 roles/openshift_master/defaults/main.yml           |  7 ++-
 roles/openshift_master/tasks/bootstrap.yml         | 67 +++++++++++++++++++++-
 .../openshift_master/tasks/bootstrap_settings.yml  | 14 -----
 roles/openshift_master/tasks/main.yml              | 13 ++++-
 4 files changed, 81 insertions(+), 20 deletions(-)
 delete mode 100644 roles/openshift_master/tasks/bootstrap_settings.yml

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 4acac7923..fe78dea66 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -26,6 +26,7 @@ default_r_openshift_master_os_firewall_allow:
   cond: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
 r_openshift_master_os_firewall_allow: "{{ default_r_openshift_master_os_firewall_allow | union(openshift_master_open_ports | default([])) }}"
 
+
 # oreg_url is defined by user input
 oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_url.split('/')[0]) else '' }}"
 oreg_auth_credentials_path: "{{ r_openshift_master_data_dir }}/.docker"
@@ -59,7 +60,7 @@ r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_p
 openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
 openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
 
-openshift_master_config_dir_default: "{{ openshift.common.config_base ~ '/master' if openshift is defined and 'common' in openshift else '/etc/origin/master' }}"
+openshift_master_config_dir_default: "{{ (openshift.common.config_base | default('/etc/origin/master')) ~ '/master' }}"
 openshift_master_config_dir: "{{ openshift_master_config_dir_default }}"
 openshift_master_cloud_provider: "{{ openshift_cloudprovider_kind | default('aws') }}"
 
@@ -70,6 +71,8 @@ openshift_master_node_config_kubeletargs_mem: 512M
 
 openshift_master_bootstrap_enabled: False
 
+openshift_master_client_binary: "{{ openshift.common.client_binary if openshift is defined else 'oc' }}"
+
 openshift_master_config_imageconfig_format: "{{ openshift.node.registry_url }}"
 
 # these are for the default settings in a generated node-config.yaml
@@ -141,5 +144,3 @@ openshift_master_node_configs:
 - "{{ openshift_master_node_config_compute }}"
 
 openshift_master_bootstrap_namespace: openshift-node
-openshift_master_csr_sa: node-bootstrapper
-openshift_master_csr_namespace: openshift-infra
diff --git a/roles/openshift_master/tasks/bootstrap.yml b/roles/openshift_master/tasks/bootstrap.yml
index ce55e7d0c..f837a8bae 100644
--- a/roles/openshift_master/tasks/bootstrap.yml
+++ b/roles/openshift_master/tasks/bootstrap.yml
@@ -2,8 +2,7 @@
 # TODO: create a module for this command.
 # oc_serviceaccounts_kubeconfig
 - name: create service account kubeconfig with csr rights
-  command: >
-    oc serviceaccounts create-kubeconfig {{ openshift_master_csr_sa }} -n {{ openshift_master_csr_namespace }}
+  command: "oc serviceaccounts create-kubeconfig node-bootstrapper -n openshift-infra"
   register: kubeconfig_out
   until: kubeconfig_out.rc == 0
   retries: 24
@@ -13,3 +12,67 @@
   copy:
     content: "{{ kubeconfig_out.stdout }}"
     dest: "{{ openshift_master_config_dir }}/bootstrap.kubeconfig"
+
+- name: create a temp dir for this work
+  command: mktemp -d /tmp/openshift_node_config-XXXXXX
+  register: mktempout
+  run_once: true
+
+# This generate is so that we do not have to maintain
+# our own copy of the template.  This is generated by
+# the product and the following settings will be
+# generated by the master
+- name: generate a node-config dynamically
+  command: >
+    {{ openshift_master_client_binary }} adm create-node-config
+    --node-dir={{ mktempout.stdout }}/
+    --node=CONFIGMAP
+    --hostnames=test
+    --dns-ip=0.0.0.0
+    --certificate-authority={{ openshift_master_config_dir }}/ca.crt
+    --signer-cert={{ openshift_master_config_dir }}/ca.crt
+    --signer-key={{ openshift_master_config_dir }}/ca.key
+    --signer-serial={{ openshift_master_config_dir }}/ca.serial.txt
+    --node-client-certificate-authority={{ openshift_master_config_dir }}/ca.crt
+  register: configgen
+  run_once: true
+
+- name: remove the default settings
+  yedit:
+    state: "{{ item.state | default('present') }}"
+    src: "{{ mktempout.stdout }}/node-config.yaml"
+    key: "{{ item.key }}"
+    value: "{{ item.value | default(omit) }}"
+  with_items: "{{ openshift_master_node_config_default_edits }}"
+  run_once: true
+
+- name: copy the generated config into each group
+  copy:
+    src: "{{ mktempout.stdout }}/node-config.yaml"
+    remote_src: true
+    dest: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+  with_items: "{{ openshift_master_node_configs }}"
+  run_once: true
+
+- name: "specialize the generated configs for node-config-{{ item.type }}"
+  yedit:
+    src: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+    edits: "{{ item.edits }}"
+  with_items: "{{ openshift_master_node_configs }}"
+  run_once: true
+
+- name: create node-config.yaml configmap
+  oc_configmap:
+    name: "node-config-{{ item.type }}"
+    namespace: "{{ openshift_master_bootstrap_namespace }}"
+    from_file:
+      node-config.yaml: "{{ mktempout.stdout }}/node-config-{{ item.type }}.yaml"
+  with_items: "{{ openshift_master_node_configs }}"
+  run_once: true
+
+- name: remove templated files
+  file:
+    dest: "{{ mktempout.stdout }}/"
+    state: absent
+  with_items: "{{ openshift_master_node_configs }}"
+  run_once: true
diff --git a/roles/openshift_master/tasks/bootstrap_settings.yml b/roles/openshift_master/tasks/bootstrap_settings.yml
deleted file mode 100644
index cbd7f587b..000000000
--- a/roles/openshift_master/tasks/bootstrap_settings.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: modify controller args
-  yedit:
-    src: /etc/origin/master/master-config.yaml
-    edits:
-    - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
-      value:
-      - /etc/origin/master/ca.crt
-    - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
-      value:
-      - /etc/origin/master/ca.key
-  notify:
-  - restart master controllers
-  when: openshift_master_bootstrap_enabled | default(False)
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index c7c02d49b..48b34c578 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -218,7 +218,18 @@
   - restart master api
   - restart master controllers
 
-- include: bootstrap_settings.yml
+- name: modify controller args
+  yedit:
+    src: /etc/origin/master/master-config.yaml
+    edits:
+    - key: kubernetesMasterConfig.controllerArguments.cluster-signing-cert-file
+      value:
+      - /etc/origin/master/ca.crt
+    - key: kubernetesMasterConfig.controllerArguments.cluster-signing-key-file
+      value:
+      - /etc/origin/master/ca.key
+  notify:
+  - restart master controllers
   when: openshift_master_bootstrap_enabled | default(False)
 
 - include: set_loopback_context.yml
-- 
cgit v1.2.3