From d67c5b8f79609d2d3b07cc009f58e3dc988782c5 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Mon, 23 Mar 2015 16:30:49 -0400
Subject: node registration changes

- Remove default value for openshift_hostname and make it required
- Remove workarounds that are no longer needed
- Remove resources parameter from openshift_register_node module
- pre-create node certificates for each node before registering node
- distribute created node certificates to each node
- Move node registration logic to a new openshift_register_nodes role
  - This is because we now have to run the steps on a master as opposed to on
    the nodes like we were previously doing.
- Rename openshift_register_node module to kubernetes_register_node, one more
  step to genericizing enough for upstreaming, however there are still plenty
  of openshift specific commands that still need to be genericized.
---
 roles/openshift_register_nodes/tasks/main.yml | 71 +++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 roles/openshift_register_nodes/tasks/main.yml

(limited to 'roles/openshift_register_nodes/tasks/main.yml')

diff --git a/roles/openshift_register_nodes/tasks/main.yml b/roles/openshift_register_nodes/tasks/main.yml
new file mode 100644
index 000000000..59216fc87
--- /dev/null
+++ b/roles/openshift_register_nodes/tasks/main.yml
@@ -0,0 +1,71 @@
+---
+# TODO: support configuration for multiple masters, currently hardcoding
+# the info from the first master
+
+# TODO: create a failed_when condition
+- name: Create node server certificates
+  command: >
+    /usr/bin/openshift admin create-server-cert
+    --overwrite=false
+    --cert={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/server.crt
+    --key={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/server.key
+    --hostnames={{ [openshift_hostname, openshift_public_hostname, openshift_ip, openshift_public_ip]|join(",") }}
+  args:
+    chdir: "{{ openshift_cert_dir_parent }}"
+    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift_node_hostname }}/server.crt"
+  with_items: openshift_nodes
+  register: server_cert_result
+
+# TODO: create a failed_when condition
+- name: Create node client certificates
+  command: >
+    /usr/bin/openshift admin create-node-cert
+    --overwrite=false
+    --cert={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/cert.crt
+    --key={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/key.key
+    --node-name={{ item.openshift_node_hostname }}
+  args:
+    chdir: "{{ openshift_cert_dir_parent }}"
+    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift_node_hostname }}/cert.crt"
+  with_items: openshift_nodes
+  register: node_cert_result
+
+# TODO: re-create kubeconfig if certs were regenerated, not just if
+# .kubeconfig doesn't exist
+# TODO: create a failed_when condition
+- name: Create kubeconfigs for nodes
+  command: >
+    /usr/bin/openshift admin create-kubeconfig
+    --client-certificate={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/cert.crt
+    --client-key={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/key.key
+    --kubeconfig={{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/.kubeconfig
+    --master={{ openshift_master_urls[0] }}
+    --public-master={{ openshift_master_public_urls[0] }}
+  args:
+    chdir: "{{ openshift_cert_dir_parent }}"
+    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift_node_hostname }}/.kubeconfig"
+  with_items: openshift_nodes
+  register: kubeconfig_result
+
+# TODO: generate the node configs (openshift start node --write-config
+# --config='{{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/node.yaml'
+# --kubeconfig='{{ openshift_cert_dir }}/node-{{ item.openshift_node_hostname }}/.kubeconfig'
+# will need to modify the generated node config as needed
+# (servingInfo.{certFile,clientCA,keyFile})
+
+- name: Register unregistered nodes
+  kubernetes_register_node:
+    name: "{{ item.openshift_node_name }}"
+    api_version: "{{ openshift_kube_api_version }}"
+    cpu: "{{ item.openshift_node_cpu if item.openshift_node_cpu else None }}"
+    memory: "{{ item.openshift_node_memory if item.openshift_node_memory else None }}"
+    pod_cidr: "{{ item.openshift_node_pod_cidr if item.openshift_node_pod_cidr else None }}"
+    host_ip: "{{ item.openshift_node_host_ip }}"
+    labels: "{{ item.openshift_node_labels if item.openshift_node_labels else {} }}"
+    annotations: "{{ item.openshift_node_annotations if item.openshift_node_annotations else {} }}"
+    # TODO: support customizing other attributes such as: client_config,
+    # client_cluster, client_context, client_user
+    # TODO: update for v1beta3 changes after rebase: hostnames, external_ips,
+    # internal_ips, external_id
+  with_items: openshift_nodes
+  register: register_result
-- 
cgit v1.2.3