From 595f0f307aeb78de499891f21b99057a6e6b17f0 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 8 Jun 2016 16:59:54 +0200
Subject: atomic-openshift: install as a system container

Use use_system_containers=true in the inventory file

alternatively you can select each component as:

use_openvswitch_system_container=true
use_node_system_container=true
use_master_system_container=true

system_images_registry holds the registry from where to fetch system
containers.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 roles/openshift_node/tasks/main.yml                |  2 +-
 .../openshift_node/tasks/node_system_container.yml | 19 ++++++++++++++++
 .../tasks/openvswitch_system_container.yml         | 19 ++++++++++++++++
 roles/openshift_node/tasks/systemd_units.yml       | 26 ++++++++++++++++++----
 4 files changed, 61 insertions(+), 5 deletions(-)
 create mode 100644 roles/openshift_node/tasks/node_system_container.yml
 create mode 100644 roles/openshift_node/tasks/openvswitch_system_container.yml

(limited to 'roles/openshift_node')

diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index e970c4cd1..3e888b77f 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -69,7 +69,7 @@
 - name: Persist net.ipv4.ip_forward sysctl entry
   sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes state=present reload=yes
 
-- name: Start and enable openvswitch docker service
+- name: Start and enable openvswitch service
   systemd:
     name: openvswitch.service
     enabled: yes
diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml
new file mode 100644
index 000000000..759792b8b
--- /dev/null
+++ b/roles/openshift_node/tasks/node_system_container.yml
@@ -0,0 +1,19 @@
+---
+- name: Pre-pull node system container image
+  command: >
+    atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
+  register: pull_result
+  changed_when: "'Pulling layer' in pull_result.stdout"
+
+- name: Uninstall Node system container package
+  command: >
+    atomic uninstall {{ openshift.common.service_type }}-node
+  failed_when: False
+  when: openshift.common.version != openshift_version | bool
+
+- name: Install Node system container package
+  command: >
+    atomic install --system --name={{ openshift.common.service_type }}-node {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
+  register: install_node_result
+  changed_when: "'Extracting' in pull_result.stdout"
+  when: openshift.common.version != openshift_version | bool
diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml
new file mode 100644
index 000000000..12d62be69
--- /dev/null
+++ b/roles/openshift_node/tasks/openvswitch_system_container.yml
@@ -0,0 +1,19 @@
+---
+- name: Pre-pull OpenVSwitch system container image
+  command: >
+    atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
+  register: pull_result
+  changed_when: "'Pulling layer' in pull_result.stdout"
+
+- name: Uninstall OpenvSwitch system container package
+  command: >
+    atomic uninstall openvswitch
+  failed_when: False
+  when: openshift.common.version != openshift_version | bool
+
+- name: Install OpenvSwitch system container package
+  command: >
+    atomic install --system --name=openvswitch {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
+  when: openshift.common.version != openshift_version | bool
+  notify:
+    - restart docker
diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index 5243a87fe..941fd1d28 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -7,14 +7,14 @@
     docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
   register: pull_result
   changed_when: "'Downloaded newer image' in pull_result.stdout"
-  when: openshift.common.is_containerized | bool
+  when: openshift.common.is_containerized | bool and not openshift.common.is_node_system_container | bool
 
 - name: Pre-pull openvswitch image
   command: >
     docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
   register: pull_result
   changed_when: "'Downloaded newer image' in pull_result.stdout"
-  when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
+  when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool and not openshift.common.is_node_system_container | bool
 
 - name: Install Node dependencies docker service file
   template:
@@ -28,7 +28,9 @@
     dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
     src: openshift.docker.node.service
   register: install_node_result
-  when: openshift.common.is_containerized | bool
+  when:
+  - openshift.common.is_containerized | bool
+  - not openshift.common.is_node_system_container | bool
 
 - name: Create the openvswitch service env file
   template:
@@ -39,6 +41,19 @@
   notify:
   - restart openvswitch
 
+- name: Install Node system container
+  include: node_system_container.yml
+  when:
+  - openshift.common.is_containerized | bool
+  - openshift.common.is_node_system_container | bool
+
+- name: Install OpenvSwitch system containers
+  include: openvswitch_system_container.yml
+  when:
+  - openshift.common.use_openshift_sdn | default(true) | bool
+  - openshift.common.is_containerized | bool
+  - openshift.common.is_openvswitch_system_container | bool
+
 # May be a temporary workaround.
 # https://bugzilla.redhat.com/show_bug.cgi?id=1331590
 - name: Create OpenvSwitch service.d directory
@@ -58,7 +73,10 @@
   template:
     dest: "/etc/systemd/system/openvswitch.service"
     src: openvswitch.docker.service
-  when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | default(true) | bool
+  when:
+  - openshift.common.is_containerized | bool
+  - openshift.common.use_openshift_sdn | default(true) | bool
+  - not openshift.common.is_openvswitch_system_container | bool
   notify:
   - restart openvswitch
 
-- 
cgit v1.2.3


From daa54ed6ced6aac872f9712c17eb0be97b3fe59b Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 18 Jan 2017 14:01:26 +0100
Subject: system-containers: implement idempotent update

Upstream version has "atomic containers update ..." but the RHEL
version is still using "atomic update --container" so stick with this
for now.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 .../openshift_node/tasks/node_system_container.yml | 19 ++++++++++++++++--
 .../tasks/openvswitch_system_container.yml         | 23 +++++++++++++++++++---
 2 files changed, 37 insertions(+), 5 deletions(-)

(limited to 'roles/openshift_node')

diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml
index 759792b8b..01e2d33c7 100644
--- a/roles/openshift_node/tasks/node_system_container.yml
+++ b/roles/openshift_node/tasks/node_system_container.yml
@@ -5,15 +5,30 @@
   register: pull_result
   changed_when: "'Pulling layer' in pull_result.stdout"
 
+- name: Check Node system container package
+  command: >
+    atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-node
+  register: result
+
+- name: Update Node system container package
+  command: >
+    atomic containers update {{ openshift.common.service_type }}-node
+  register: update_result
+  changed_when: "'Extracting' in update_result.stdout"
+  when:
+  - (openshift.common.version is defined) and (openshift.common.version == openshift_version) and ("node" in result.stdout) | bool
+
 - name: Uninstall Node system container package
   command: >
     atomic uninstall {{ openshift.common.service_type }}-node
   failed_when: False
-  when: openshift.common.version != openshift_version | bool
+  when:
+  - (openshift.common.version is not defined) or (openshift.common.version != openshift_version) and ("node" in result.stdout) | bool
 
 - name: Install Node system container package
   command: >
     atomic install --system --name={{ openshift.common.service_type }}-node {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
   register: install_node_result
   changed_when: "'Extracting' in pull_result.stdout"
-  when: openshift.common.version != openshift_version | bool
+  when:
+  - (openshift.common.version is not defined) or (openshift.common.version != openshift_version) or ("node" not in result.stdout) | bool
diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml
index 12d62be69..47fac99eb 100644
--- a/roles/openshift_node/tasks/openvswitch_system_container.yml
+++ b/roles/openshift_node/tasks/openvswitch_system_container.yml
@@ -5,15 +5,32 @@
   register: pull_result
   changed_when: "'Pulling layer' in pull_result.stdout"
 
+- name: Check OpenvSwitch system container package
+  command: >
+    atomic containers list --no-trunc -a -f container=openvswitch
+  register: result
+  when:
+  - openshift.common.is_openvswitch_system_container | bool
+
+- name: Update OpenvSwitch system container package
+  command: >
+    atomic containers update openvswitch
+  register: update_result
+  changed_when: "'Extracting' in update_result.stdout"
+  when:
+  - (openshift.common.version is defined) and (openshift.common.version == openshift_version) and ("openvswitch" in result.stdout) | bool
+
 - name: Uninstall OpenvSwitch system container package
   command: >
     atomic uninstall openvswitch
   failed_when: False
-  when: openshift.common.version != openshift_version | bool
+  when:
+  - (openshift.common.version is not defined) or (openshift.common.version != openshift_version) and ("openvswitch" in result.stdout) | bool
 
 - name: Install OpenvSwitch system container package
   command: >
     atomic install --system --name=openvswitch {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
-  when: openshift.common.version != openshift_version | bool
+  when:
+  - (openshift.common.version is not defined) or (openshift.common.version != openshift_version) or ("openvswitch" not in result.stdout) | bool
   notify:
-    - restart docker
+  - restart docker
-- 
cgit v1.2.3


From b84a2cdcbdcbceed8da09485a9e9015378b5818f Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 8 Feb 2017 17:29:41 +0100
Subject: node: refactor Docker container tasks in a block

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 roles/openshift_node/tasks/systemd_units.yml | 50 ++++++++++++++--------------
 1 file changed, 25 insertions(+), 25 deletions(-)

(limited to 'roles/openshift_node')

diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index 941fd1d28..52482d09b 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -2,20 +2,6 @@
 # This file is included both in the openshift_master role and in the upgrade
 # playbooks.
 
-- name: Pre-pull node image
-  command: >
-    docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
-  register: pull_result
-  changed_when: "'Downloaded newer image' in pull_result.stdout"
-  when: openshift.common.is_containerized | bool and not openshift.common.is_node_system_container | bool
-
-- name: Pre-pull openvswitch image
-  command: >
-    docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
-  register: pull_result
-  changed_when: "'Downloaded newer image' in pull_result.stdout"
-  when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool and not openshift.common.is_node_system_container | bool
-
 - name: Install Node dependencies docker service file
   template:
     dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service"
@@ -23,11 +9,18 @@
   register: install_node_dep_result
   when: openshift.common.is_containerized | bool
 
-- name: Install Node docker service file
-  template:
-    dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
-    src: openshift.docker.node.service
-  register: install_node_result
+- block:
+  - name: Pre-pull node image
+    command: >
+      docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
+    register: pull_result
+    changed_when: "'Downloaded newer image' in pull_result.stdout"
+
+  - name: Install Node docker service file
+    template:
+      dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
+      src: openshift.docker.node.service
+    register: install_node_result
   when:
   - openshift.common.is_containerized | bool
   - not openshift.common.is_node_system_container | bool
@@ -69,16 +62,23 @@
   notify:
   - restart openvswitch
 
-- name: Install OpenvSwitch docker service file
-  template:
-    dest: "/etc/systemd/system/openvswitch.service"
-    src: openvswitch.docker.service
+- block:
+  - name: Pre-pull openvswitch image
+    command: >
+      docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
+    register: pull_result
+    changed_when: "'Downloaded newer image' in pull_result.stdout"
+
+  - name: Install OpenvSwitch docker service file
+    template:
+      dest: "/etc/systemd/system/openvswitch.service"
+      src: openvswitch.docker.service
+    notify:
+    - restart openvswitch
   when:
   - openshift.common.is_containerized | bool
   - openshift.common.use_openshift_sdn | default(true) | bool
   - not openshift.common.is_openvswitch_system_container | bool
-  notify:
-  - restart openvswitch
 
 - name: Configure Node settings
   lineinfile:
-- 
cgit v1.2.3