blob: aff3d09fb0b5b57d43c36245aafd55296bd0b0dd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
---
- fail: msg="This role requires the following vars to be defined: master_url, kibana_hostname, es_cluster_size"
when: "kibana_hostname is not defined or
es_cluster_size is not defined or
master_url is not defined"
- name: "Checking for logging project"
command: oc get project logging
register: logging_project
failed_when: "'FAILED' in logging_project.stderr"
tags:
- cleanup
- name: "Create logging project"
command: oadm new-project logging
when: logging_project.rc != 0
tags:
- build
- name: "Changing projects"
command: oc project logging
tags:
- cleanup
- name: "Cleanup any previous logging infrastructure"
command: oc delete all --selector logging-infra={{ item }}
with_items:
- kibana
- fluentd
- elasticsearch
ignore_errors: yes
tags:
- cleanup
- name: "Cleanup existing support infrastructure"
command: oc delete all,sa,oauthclient --selector logging-infra=support
ignore_errors: yes
tags:
- cleanup
- name: "Cleanup existing secrets"
command: oc delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy
ignore_errors: yes
register: clean_result
failed_when: clean_result.rc == 1 and 'not found' not in clean_result.stderr
tags:
- cleanup
- name: "Cleanup existing logging deployers"
command: oc delete pods --all
tags:
- cleanup
- name: "Creating logging deployer secret"
command: oc secrets new logging-deployer {{ logging_secret_vars | default('nothing=/dev/null') }}
register: secret_output
failed_when: "secret_output.rc == 1 and 'exists' not in secret_output.stderr"
tags:
- build
- name: "Copy serviceAccount file"
copy: dest=/tmp/logging-deployer-sa.yaml
src={{role_path}}/files/logging-deployer-sa.yaml
force=yes
tags:
- build
- name: "Create logging-deployer service account"
shell: oc create -f /tmp/logging-deployer-sa.yaml
register: deployer_output
failed_when: "deployer_output.rc == 1 and 'exists' not in deployer_output.stderr"
tags:
- build
- name: "Set permissions for logging-deployer service account"
command: oc policy add-role-to-user edit system:serviceaccount:logging:logging-deployer
register: permiss_output
failed_when: "permiss_output.rc == 1 and 'exists' not in permiss_output.stderr"
tags:
- build
- name: "Set permissions for fluentd"
command: oadm policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd
register: fluentd_output
failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr"
tags:
- build
- name: "Set additional permissions for fluentd"
command: oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd
register: fluentd2_output
failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr"
tags:
- build
- name: "Make sure to remove stale deployer template"
command: oc delete template logging-deployer-template -n openshift
register: delete_ouput
failed_when: delete_ouput.rc == 1 and 'exists' not in delete_ouput.stderr
tags:
- build
- name: "Create deployer template"
command: oc create -f /usr/share/openshift/examples/infrastructure-templates/enterprise/logging-deployer.yaml -n openshift
register: template_output
failed_when: "template_output.rc == 1 and 'exists' not in template_output.stderr"
tags:
- build
- name: "Clear out any previous pods"
command: oc delete pods --all
tags:
- build
- name: "Process the deployer template with an registry other than registry.access.redhat.com"
shell: oc process logging-deployer-template -n openshift -v KIBANA_HOSTNAME={{ kibana_hostname | quote }},ES_CLUSTER_SIZE={{ es_cluster_size | quote }},PUBLIC_MASTER_URL={{ master_url | quote }},IMAGE_PREFIX={{ target_registry | quote }}/ | oc create -f -
when: target_registry is defined
tags:
- build
- name: "Process the default deployer template"
shell: oc process logging-deployer-template -n openshift -v KIBANA_HOSTNAME={{ kibana_hostname | quote }},ES_CLUSTER_SIZE={{ es_cluster_size | quote }},PUBLIC_MASTER_URL={{ master_url | quote }} | oc create -f -
when: target_registry is not defined
tags:
- build
- name: "Wait for image pull and deployer pod"
action: shell oc get pods | grep logging-deployer.*Completed
register: result
until: result.rc == 0
retries: 15
delay: 10
tags:
- build
- name: "Process support template"
shell: oc process logging-support-template | oc create -f -
tags:
- build
- name: "Set insecured registry"
command: oc annotate is --all openshift.io/image.insecureRepository=true --overwrite
when: "target_registry is defined and insecure_registry == 'true'"
tags:
- build
- name: "Scale fluentd deployment config"
command: oc scale dc/logging-fluentd --replicas={{ fluentd_replicas | default('1') }}
tags:
- build
- name: "Wait for imagestreams to become available"
action: shell oc get is | grep logging-fluentd
register: result
until: result.rc == 0
failed_when: result.rc == 1 and 'not found' not in result.stderr
retries: 15
delay: 5
tags:
- build
- name: "Wait for replication controllers to become available"
action: shell oc get rc | grep logging-fluentd-1
register: result
until: result.rc == 0
failed_when: result.rc == 1 and 'not found' not in result.stderr
retries: 15
delay: 5
tags:
- build
- name: "Scale fluentd replication controller"
command: oc scale rc/logging-fluentd-1 --replicas={{ fluentd_replicas | default('1') }}
tags:
- build
- debug: msg="Logging components deployed. Note persistant volume for elasticsearch must be setup manually"
tags:
- build
|