--- - block: - name: Retrieve list of openshift nodes matching registry selector oc_obj: state: list kind: node selector: "{{ openshift.hosted.registry.selector | default(omit) }}" register: registry_nodes - name: set_fact l_node_count to number of nodes matching registry selector set_fact: l_node_count: "{{ registry_nodes.results.results[0]['items'] | length }}" # Determine the default number of registry/router replicas to use if no count # has been specified. # If no registry nodes defined, the default should be 0. - name: set_fact l_default_replicas when l_node_count == 0 set_fact: l_default_replicas: 0 when: l_node_count | int == 0 # If registry nodes are defined and the registry storage kind is # defined, default should be the number of registry nodes, otherwise # just 1: - name: set_fact l_default_replicas when l_node_count > 0 set_fact: l_default_replicas: "{{ l_node_count if openshift.hosted.registry.storage.kind | default(none) is not none else 1 }}" when: l_node_count | int > 0 when: openshift.hosted.registry.replicas | default(none) is none - name: set openshift_hosted facts set_fact: openshift_hosted_registry_replicas: "{{ openshift.hosted.registry.replicas | default(l_default_replicas) }}" openshift_hosted_registry_name: docker-registry openshift_hosted_registry_serviceaccount: registry openshift_hosted_registry_namespace: "{{ openshift.hosted.registry.namespace | default('default') }}" openshift_hosted_registry_selector: "{{ openshift.hosted.registry.selector }}" openshift_hosted_registry_images: "{{ openshift.hosted.registry.registryurl | default('openshift3/ose-${component}:${version}')}}" openshift_hosted_registry_volumes: [] openshift_hosted_registry_env_vars: {} openshift_hosted_registry_routecertificates: "{{ ('routecertificates' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routecertificates, {}) }}" openshift_hosted_registry_routehost: "{{ ('routehost' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routehost, False) }}" openshift_hosted_registry_routetermination: "{{ ('routetermination' in openshift.hosted.registry.keys()) | ternary(openshift.hosted.registry.routetermination, 'passthrough') }}" openshift_hosted_registry_edits: # These edits are being specified only to prevent 'changed' on rerun - key: spec.strategy.rollingParams value: intervalSeconds: 1 maxSurge: "25%" maxUnavailable: "25%" timeoutSeconds: 600 updatePeriodSeconds: 1 action: put openshift_hosted_registry_force: - False - name: Create the registry service account oc_serviceaccount: name: "{{ openshift_hosted_registry_serviceaccount }}" namespace: "{{ openshift_hosted_registry_namespace }}" - name: Grant the registry service account access to the appropriate scc oc_adm_policy_user: user: "system:serviceaccount:{{ openshift_hosted_registry_namespace }}:{{ openshift_hosted_registry_serviceaccount }}" namespace: "{{ openshift_hosted_registry_namespace }}" resource_kind: scc resource_name: hostnetwork - name: oc adm policy add-cluster-role-to-user system:registry system:serviceaccount:default:registry oc_adm_policy_user: user: "system:serviceaccount:{{ openshift_hosted_registry_namespace }}:{{ openshift_hosted_registry_serviceaccount }}" namespace: "{{ openshift_hosted_registry_namespace }}" resource_kind: cluster-role resource_name: system:registry - name: create the default registry service oc_service: namespace: "{{ openshift_hosted_registry_namespace }}" name: "{{ openshift_hosted_registry_name }}" ports: - name: 5000-tcp port: 5000 protocol: TCP targetPort: 5000 selector: docker-registry: default session_affinity: ClientIP service_type: ClusterIP - include: secure.yml static: no run_once: true when: - not (openshift.docker.hosted_registry_insecure | default(false) | bool) - include: storage/object_storage.yml static: no when: - openshift.hosted.registry.storage.kind | default(none) == 'object' - name: Update openshift_hosted facts for persistent volumes set_fact: openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(pvc_volume_mounts) }}" vars: pvc_volume_mounts: - name: registry-storage type: persistentVolumeClaim claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-claim" when: - openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack', 'glusterfs'] - name: Create OpenShift registry oc_adm_registry: name: "{{ openshift_hosted_registry_name }}" namespace: "{{ openshift_hosted_registry_namespace }}" selector: "{{ openshift_hosted_registry_selector }}" replicas: "{{ openshift_hosted_registry_replicas }}" service_account: "{{ openshift_hosted_registry_serviceaccount }}" images: "{{ openshift_hosted_registry_images }}" env_vars: "{{ openshift_hosted_registry_env_vars }}" volume_mounts: "{{ openshift_hosted_registry_volumes }}" edits: "{{ openshift_hosted_registry_edits }}" force: "{{ True|bool in openshift_hosted_registry_force }}" - name: Ensure OpenShift registry correctly rolls out command: | oc rollout status deploymentconfig {{ openshift_hosted_registry_name }} \ --namespace {{ openshift_hosted_registry_namespace }} \ --config {{ openshift.common.config_base }}/master/admin.kubeconfig - include: storage/glusterfs.yml when: - openshift.hosted.registry.storage.kind | default(none) == 'glusterfs' or openshift.hosted.registry.storage.glusterfs.swap