From ea13eed3bf86a8af67785e588449302ab96a6907 Mon Sep 17 00:00:00 2001
From: Jeff Cantrill <jcantril@redhat.com>
Date: Tue, 7 Feb 2017 19:54:04 -0500
Subject: fixes 1419839. Install only heapster for openshift_metrics when
heapster standalone flag is set
---
.../tasks/generate_certificates.yaml | 15 -------
.../tasks/generate_rolebindings.yaml | 18 --------
.../tasks/generate_serviceaccounts.yaml | 12 -----
.../openshift_metrics/tasks/generate_services.yaml | 13 ------
.../openshift_metrics/tasks/install_heapster.yaml | 52 ++++++++++++++++++++++
roles/openshift_metrics/tasks/install_metrics.yaml | 16 +++----
roles/openshift_metrics/tasks/pre_install.yaml | 27 +++++++++++
roles/openshift_metrics/tasks/start_metrics.yaml | 3 ++
roles/openshift_metrics/tasks/stop_metrics.yaml | 2 +
9 files changed, 90 insertions(+), 68 deletions(-)
create mode 100644 roles/openshift_metrics/tasks/pre_install.yaml
(limited to 'roles')
diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml
index 16a967aa7..4925275e8 100644
--- a/roles/openshift_metrics/tasks/generate_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_certificates.yaml
@@ -1,18 +1,4 @@
---
-- name: create certificate output directory
- file:
- path: "{{ openshift_metrics_certs_dir }}"
- state: directory
- mode: 0700
-
-- name: list existing secrets
- command: >
- {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }}
- --config={{ mktemp.stdout }}/admin.kubeconfig
- get secrets -o name
- register: metrics_secrets
- changed_when: false
-
- name: generate ca certificate chain
shell: >
{{ openshift.common.admin_binary }} ca create-signer-cert
@@ -22,5 +8,4 @@
--serial='{{ openshift_metrics_certs_dir }}/ca.serial.txt'
--name="metrics-signer@$(date +%s)"
when: not '{{ openshift_metrics_certs_dir }}/ca.key' | exists
-- include: generate_heapster_certificates.yaml
- include: generate_hawkular_certificates.yaml
diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
index 6524c3f32..e050c8eb2 100644
--- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml
+++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
@@ -13,21 +13,3 @@
- kind: ServiceAccount
name: hawkular
changed_when: no
-
-- name: generate cluster-reader role binding for the heapster service account
- template:
- src: rolebinding.j2
- dest: "{{ mktemp.stdout }}/templates/heapster-rolebinding.yaml"
- vars:
- cluster: True
- obj_name: heapster-cluster-reader
- labels:
- metrics-infra: heapster
- roleRef:
- kind: ClusterRole
- name: cluster-reader
- subjects:
- - kind: ServiceAccount
- name: heapster
- namespace: "{{ openshift_metrics_project }}"
- changed_when: no
diff --git a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
index 94f34d860..e9d70f74f 100644
--- a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
+++ b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml
@@ -13,15 +13,3 @@
- name: cassandra
secret: hawkular-cassandra-secrets
changed_when: no
-
-- name: Generating serviceaccount for heapster
- template: src=serviceaccount.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-sa.yaml
- vars:
- obj_name: heapster
- labels:
- metrics-infra: support
- secrets:
- - heapster-secrets
- - hawkular-metrics-certificate
- - hawkular-metrics-account
- changed_when: no
diff --git a/roles/openshift_metrics/tasks/generate_services.yaml b/roles/openshift_metrics/tasks/generate_services.yaml
index 903d52bff..47d3c5c2e 100644
--- a/roles/openshift_metrics/tasks/generate_services.yaml
+++ b/roles/openshift_metrics/tasks/generate_services.yaml
@@ -1,17 +1,4 @@
---
-- name: Generate service for heapster
- template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml
- vars:
- obj_name: heapster
- ports:
- - {port: 80, targetPort: http-endpoint}
- selector:
- name: "{{obj_name}}"
- labels:
- metrics-infra: "{{obj_name}}"
- name: "{{obj_name}}"
- changed_when: no
-
- name: Generate service for hawkular-metrics
template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml
vars:
diff --git a/roles/openshift_metrics/tasks/install_heapster.yaml b/roles/openshift_metrics/tasks/install_heapster.yaml
index 44bab8ace..c490bcdd3 100644
--- a/roles/openshift_metrics/tasks/install_heapster.yaml
+++ b/roles/openshift_metrics/tasks/install_heapster.yaml
@@ -13,3 +13,55 @@
replica_count: "{{heapster_replica_count.stdout | default(0)}}"
node_selector: "{{openshift_metrics_heapster_nodeselector | default('') }}"
changed_when: no
+
+- set_fact:
+ heapster_sa_secrets: ["heapster-secrets"]
+
+- set_fact:
+ heapster_sa_secrets: "{{ heapster_sa_secrets + [item] }}"
+ with_items:
+ - hawkular-metrics-certificate
+ - hawkular-metrics-account
+ when: "not {{ openshift_metrics_heapster_standalone | bool }}"
+
+- name: Generating serviceaccount for heapster
+ template: src=serviceaccount.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-sa.yaml
+ vars:
+ obj_name: heapster
+ labels:
+ metrics-infra: support
+ secrets: "{{ heapster_sa_secrets }}"
+ changed_when: no
+
+- name: Generate service for heapster
+ template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml
+ vars:
+ obj_name: heapster
+ ports:
+ - {port: 80, targetPort: http-endpoint}
+ selector:
+ name: "{{obj_name}}"
+ labels:
+ metrics-infra: "{{obj_name}}"
+ name: "{{obj_name}}"
+ changed_when: no
+
+- name: generate cluster-reader role binding for the heapster service account
+ template:
+ src: rolebinding.j2
+ dest: "{{ mktemp.stdout }}/templates/heapster-rolebinding.yaml"
+ vars:
+ cluster: True
+ obj_name: heapster-cluster-reader
+ labels:
+ metrics-infra: heapster
+ roleRef:
+ kind: ClusterRole
+ name: cluster-reader
+ subjects:
+ - kind: ServiceAccount
+ name: heapster
+ namespace: "{{ openshift_metrics_project }}"
+ changed_when: no
+
+- include: generate_heapster_certificates.yaml
diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml
index ddaa54438..66925c113 100644
--- a/roles/openshift_metrics/tasks/install_metrics.yaml
+++ b/roles/openshift_metrics/tasks/install_metrics.yaml
@@ -1,14 +1,5 @@
---
-- name: Check that hawkular_metrics_hostname is set
- fail: msg='the openshift_metrics_hawkular_hostname variable is required'
- when: openshift_metrics_hawkular_hostname is not defined
-
-- name: Check the value of openshift_metrics_cassandra_storage_type
- fail:
- msg: >
- openshift_metrics_cassandra_storage_type ({{ openshift_metrics_cassandra_storage_type }})
- is invalid, must be one of: emptydir, pv, dynamic
- when: openshift_metrics_cassandra_storage_type not in openshift_metrics_cassandra_storage_types
+- include: pre_install.yaml
- name: Install Metrics
include: "{{ role_path }}/tasks/install_{{ include_file }}.yaml"
@@ -19,6 +10,11 @@
- cassandra
loop_control:
loop_var: include_file
+ when: "not {{ openshift_metrics_heapster_standalone | bool }}"
+
+- name: Install Heapster Standalone
+ include: install_heapster.yaml
+ when: "{{ openshift_metrics_heapster_standalone | bool }}"
- find: paths={{ mktemp.stdout }}/templates patterns=*.yaml
register: object_def_files
diff --git a/roles/openshift_metrics/tasks/pre_install.yaml b/roles/openshift_metrics/tasks/pre_install.yaml
new file mode 100644
index 000000000..262acd546
--- /dev/null
+++ b/roles/openshift_metrics/tasks/pre_install.yaml
@@ -0,0 +1,27 @@
+---
+- name: Check that hawkular_metrics_hostname is set
+ fail: msg='the openshift_metrics_hawkular_hostname variable is required'
+ when: openshift_metrics_hawkular_hostname is not defined
+
+- name: Check the value of openshift_metrics_cassandra_storage_type
+ fail:
+ msg: >
+ openshift_metrics_cassandra_storage_type ({{ openshift_metrics_cassandra_storage_type }})
+ is invalid, must be one of: emptydir, pv, dynamic
+ when:
+ - openshift_metrics_cassandra_storage_type not in openshift_metrics_cassandra_storage_types
+ - "not {{ openshift_metrics_heapster_standalone | bool }}"
+
+- name: create certificate output directory
+ file:
+ path: "{{ openshift_metrics_certs_dir }}"
+ state: directory
+ mode: 0700
+
+- name: list existing secrets
+ command: >
+ {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }}
+ --config={{ mktemp.stdout }}/admin.kubeconfig
+ get secrets -o name
+ register: metrics_secrets
+ changed_when: false
diff --git a/roles/openshift_metrics/tasks/start_metrics.yaml b/roles/openshift_metrics/tasks/start_metrics.yaml
index f02774e47..b5a1c8f06 100644
--- a/roles/openshift_metrics/tasks/start_metrics.yaml
+++ b/roles/openshift_metrics/tasks/start_metrics.yaml
@@ -19,6 +19,8 @@
with_items: "{{metrics_cassandra_rc.stdout_lines}}"
loop_control:
loop_var: object
+ when: metrics_cassandra_rc is defined
+ changed_when: "{{metrics_cassandra_rc | length > 0 }}"
- command: >
{{openshift.common.client_binary}}
@@ -40,6 +42,7 @@
with_items: "{{metrics_metrics_rc.stdout_lines}}"
loop_control:
loop_var: object
+ changed_when: "{{metrics_metrics_rc | length > 0 }}"
- command: >
{{openshift.common.client_binary}}
diff --git a/roles/openshift_metrics/tasks/stop_metrics.yaml b/roles/openshift_metrics/tasks/stop_metrics.yaml
index 5a73443a8..f69bb0f11 100644
--- a/roles/openshift_metrics/tasks/stop_metrics.yaml
+++ b/roles/openshift_metrics/tasks/stop_metrics.yaml
@@ -41,6 +41,7 @@
with_items: "{{metrics_hawkular_rc.stdout_lines}}"
loop_control:
loop_var: object
+ changed_when: "{{metrics_hawkular_rc | length > 0 }}"
- command: >
{{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig
@@ -62,3 +63,4 @@
loop_control:
loop_var: object
when: metrics_cassandra_rc is defined
+ changed_when: "{{metrics_cassandra_rc | length > 0 }}"
--
cgit v1.2.3