summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThomas Wiest <twiest@users.noreply.github.com>2015-02-05 16:02:00 -0500
committerThomas Wiest <twiest@users.noreply.github.com>2015-02-05 16:02:00 -0500
commit04343e7588118359d178fa63554909efb222648a (patch)
tree21ae9b09d447700b13e91acf3308748d3a6af8fd
parent076434d7a1026540f0eee5479adddc895d73b9b0 (diff)
parentddf12084e107152f70f7cad82bd1fcdb54880db3 (diff)
downloadopenshift-04343e7588118359d178fa63554909efb222648a.tar.gz
openshift-04343e7588118359d178fa63554909efb222648a.tar.bz2
openshift-04343e7588118359d178fa63554909efb222648a.tar.xz
openshift-04343e7588118359d178fa63554909efb222648a.zip
Merge pull request #53 from twiest/atomic
Changed os2-atomic-proxy to be able to launch inside of both a vpc and classic. Changed STG to default to launching in a vpc, prod still launches in classic. Also cleaned up some cruft.
-rw-r--r--lib/ansible_helper.rb7
-rw-r--r--lib/aws_command.rb2
-rw-r--r--lib/gce_command.rb3
-rw-r--r--playbooks/aws/os2-atomic-proxy/launch.yml32
-rw-r--r--playbooks/aws/os2-atomic-proxy/vars.stg.yml7
-rw-r--r--roles/atomic_base/tasks/bash.yml13
-rw-r--r--roles/atomic_base/tasks/ostree.yml18
-rw-r--r--roles/atomic_proxy/tasks/setup_puppet.yml36
-rw-r--r--roles/base_os/tasks/main.yaml25
-rw-r--r--roles/kubernetes_apiserver/tasks/main.yml8
-rw-r--r--roles/kubernetes_kubelet/tasks/main.yml8
-rw-r--r--roles/kubernetes_proxy/tasks/main.yml8
-rw-r--r--roles/openshift_master/tasks/main.yml8
-rw-r--r--roles/openshift_minion/tasks/main.yml8
-rw-r--r--roles/repos/tasks/main.yaml11
15 files changed, 106 insertions, 88 deletions
diff --git a/lib/ansible_helper.rb b/lib/ansible_helper.rb
index 080c9d00b..395bb51a8 100644
--- a/lib/ansible_helper.rb
+++ b/lib/ansible_helper.rb
@@ -89,13 +89,6 @@ extra_vars: #{@extra_vars.to_json}
ah.inventory = 'inventory/aws/ec2.py'
return ah
end
-
-
- def ignore_bug_6407
- puts
- puts %q[ .---- Spurious warning "It is unnecessary to use '{{' in loops" (ansible bug 6407) ----.]
- puts %q[ V V]
- end
end
end
end
diff --git a/lib/aws_command.rb b/lib/aws_command.rb
index 288a539a1..1c3efc91c 100644
--- a/lib/aws_command.rb
+++ b/lib/aws_command.rb
@@ -42,7 +42,6 @@ module OpenShift
puts
puts "Creating #{options[:count]} #{options[:type]} instance(s) in AWS..."
- ah.ignore_bug_6407
# Make sure we're completely up to date before launching
clear_cache()
@@ -91,7 +90,6 @@ module OpenShift
puts
puts "Configuring #{options[:type]} instance(s) in AWS..."
- ah.ignore_bug_6407
ah.run_playbook("playbooks/aws/#{host_type}/config.yml")
end
diff --git a/lib/gce_command.rb b/lib/gce_command.rb
index 8be8fb357..54dbf29ba 100644
--- a/lib/gce_command.rb
+++ b/lib/gce_command.rb
@@ -43,7 +43,6 @@ module OpenShift
puts
puts "Creating #{options[:count]} #{options[:type]} instance(s) in GCE..."
- ah.ignore_bug_6407
ah.run_playbook("playbooks/gce/#{options[:type]}/launch.yml")
end
@@ -80,7 +79,6 @@ module OpenShift
puts
puts "Configuring #{options[:type]} instance(s) in GCE..."
- ah.ignore_bug_6407
ah.run_playbook("playbooks/gce/#{host_type}/config.yml")
end
@@ -118,7 +116,6 @@ module OpenShift
puts
puts "Terminating #{options[:type]} instance(s) in GCE..."
- ah.ignore_bug_6407
ah.run_playbook("playbooks/gce/#{host_type}/terminate.yml")
end
diff --git a/playbooks/aws/os2-atomic-proxy/launch.yml b/playbooks/aws/os2-atomic-proxy/launch.yml
index 23bf67bb7..fd6b0f39a 100644
--- a/playbooks/aws/os2-atomic-proxy/launch.yml
+++ b/playbooks/aws/os2-atomic-proxy/launch.yml
@@ -8,12 +8,35 @@
inst_region: us-east-1
atomic_ami: ami-8e239fe6
user_data_file: user_data.txt
+ oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files
+ oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files
vars_files:
- vars.yml
+ - "vars.{{ oo_env }}.yml"
tasks:
- - name: Launch instances
+ - name: Launch instances in VPC
+ ec2:
+ state: present
+ region: "{{ inst_region }}"
+ keypair: mmcgrath_libra
+ group_id: "{{ oo_security_group_ids }}"
+ instance_type: m3.large
+ image: "{{ atomic_ami }}"
+ count: "{{ oo_new_inst_names | oo_len }}"
+ user_data: "{{ lookup('file', user_data_file) }}"
+ wait: yes
+ assign_public_ip: "{{ oo_assign_public_ip }}"
+ vpc_subnet_id: "{{ oo_vpc_subnet_id }}"
+ when: oo_vpc_subnet_id
+ register: ec2_vpc
+
+ - set_fact:
+ ec2: "{{ ec2_vpc }}"
+ when: oo_vpc_subnet_id
+
+ - name: Launch instances in Classic
ec2:
state: present
region: "{{ inst_region }}"
@@ -24,7 +47,12 @@
count: "{{ oo_new_inst_names | oo_len }}"
user_data: "{{ lookup('file', user_data_file) }}"
wait: yes
- register: ec2
+ when: not oo_vpc_subnet_id
+ register: ec2_classic
+
+ - set_fact:
+ ec2: "{{ ec2_classic }}"
+ when: not oo_vpc_subnet_id
- name: Add new instances public IPs to the atomic proxy host group
add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances"
diff --git a/playbooks/aws/os2-atomic-proxy/vars.stg.yml b/playbooks/aws/os2-atomic-proxy/vars.stg.yml
index 8d994c2fc..1cecfc9b2 100644
--- a/playbooks/aws/os2-atomic-proxy/vars.stg.yml
+++ b/playbooks/aws/os2-atomic-proxy/vars.stg.yml
@@ -1,3 +1,10 @@
---
oo_env_long: staging
oo_zabbix_hostgroups: ['STG Environment']
+oo_vpc_subnet_id: subnet-700bdd07
+oo_assign_public_ip: yes
+oo_security_group_ids:
+ - sg-02c2f267 # Libra (vpc)
+ - sg-f0bfbe95 # stg (vpc)
+ - sg-a3bfbec6 # stg_proxy (vpc)
+ - sg-d4bfbeb1 # stg_proxy_atomic (vpc)
diff --git a/roles/atomic_base/tasks/bash.yml b/roles/atomic_base/tasks/bash.yml
index 6e577971a..547ae83c3 100644
--- a/roles/atomic_base/tasks/bash.yml
+++ b/roles/atomic_base/tasks/bash.yml
@@ -5,9 +5,10 @@
- name: Link to .profile to .bashrc
file: src=/root/.bashrc dest=/root/.profile owner=root group=root state=link
-- name: Setup Timezone [{{ oo_timezone }}]
- file: >
- src=/usr/share/zoneinfo/{{ oo_timezone }}
- dest=/etc/localtime
- owner=root
- group=root state=link
+- name: "Setup Timezone [{{ oo_timezone }}]"
+ file:
+ src: "/usr/share/zoneinfo/{{ oo_timezone }}"
+ dest: /etc/localtime
+ owner: root
+ group: root
+ state: link
diff --git a/roles/atomic_base/tasks/ostree.yml b/roles/atomic_base/tasks/ostree.yml
index b9d366f1b..aacaa5efd 100644
--- a/roles/atomic_base/tasks/ostree.yml
+++ b/roles/atomic_base/tasks/ostree.yml
@@ -1,18 +1,18 @@
---
- name: Copy ostree repo config
- copy: >
- src=ostree/repo_config
- dest=/ostree/repo/config
- owner=root
- group=root
- mode=0644
+ copy:
+ src: ostree/repo_config
+ dest: /ostree/repo/config
+ owner: root
+ group: root
+ mode: 0644
- name: "WORK AROUND: Stat redhat repo file"
stat: path=/etc/yum.repos.d/redhat.repo
register: redhat_repo
- name: "WORK AROUND: subscription manager failures"
- file: >
- path=/etc/yum.repos.d/redhat.repo
- state=touch
+ file:
+ path: /etc/yum.repos.d/redhat.repo
+ state: touch
when: redhat_repo.stat.exists == False
diff --git a/roles/atomic_proxy/tasks/setup_puppet.yml b/roles/atomic_proxy/tasks/setup_puppet.yml
index e711d06c1..7a599f06d 100644
--- a/roles/atomic_proxy/tasks/setup_puppet.yml
+++ b/roles/atomic_proxy/tasks/setup_puppet.yml
@@ -1,24 +1,24 @@
---
- name: make puppet conf dir
- file: >
- dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet
- mode=755
- owner=root
- group=root
- state=directory
+ file:
+ dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet"
+ mode: 755
+ owner: root
+ group: root
+ state: directory
- name: upload puppet auth config
- copy: >
- src=puppet/auth.conf
- dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf
- mode=0644
- owner=root
- group=root
+ copy:
+ src: puppet/auth.conf
+ dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf"
+ mode: 0644
+ owner: root
+ group: root
- name: upload puppet config
- template: >
- src=puppet/puppet.conf.j2
- dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf
- mode=0644
- owner=root
- group=root
+ template:
+ src: puppet/puppet.conf.j2
+ dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf"
+ mode: 0644
+ owner: root
+ group: root
diff --git a/roles/base_os/tasks/main.yaml b/roles/base_os/tasks/main.yaml
index ff8cfbe33..01d2898c5 100644
--- a/roles/base_os/tasks/main.yaml
+++ b/roles/base_os/tasks/main.yaml
@@ -2,25 +2,30 @@
# basic role, configures irbrc, vimrc
- name: Ensure irbrc is installed for user root
- copy: >
- src=irbrc
- dest=/root/.irbrc
+ copy:
+ src: irbrc
+ dest: /root/.irbrc
- name: Ensure vimrc is installed for user root
- copy: >
- src=vimrc
- dest=/root/.vimrc
+ copy:
+ src: vimrc
+ dest: /root/.vimrc
- name: Ensure vimrc is installed for user root
- copy: >
- src=vimrc
- dest=/root/.vimrc
+ copy:
+ src: vimrc
+ dest: /root/.vimrc
- name: Install firewalld
- yum: pkg=firewalld state=installed
+ yum:
+ pkg: firewalld
+ state: installed
- name: enable firewalld service
command: /usr/bin/systemctl enable firewalld.service
- name: start firewalld service
command: /usr/bin/systemctl start firewalld.service
+
+- name: need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail
+ pause: seconds=10
diff --git a/roles/kubernetes_apiserver/tasks/main.yml b/roles/kubernetes_apiserver/tasks/main.yml
index 622ecd5ca..81fdbbb40 100644
--- a/roles/kubernetes_apiserver/tasks/main.yml
+++ b/roles/kubernetes_apiserver/tasks/main.yml
@@ -4,10 +4,10 @@
yum: pkg=kubernetes
- name: Configure apiserver settings
- lineinfile: >
- dest=/etc/sysconfig/kubernetes
- regexp={{ item.regex }}
- line="{{ item.line }}"
+ lineinfile:
+ dest: /etc/sysconfig/kubernetes
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
with_items:
- { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' }
- { regex: '^KUBE_API_ADDRESS=', line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' }
diff --git a/roles/kubernetes_kubelet/tasks/main.yml b/roles/kubernetes_kubelet/tasks/main.yml
index 48eab7f84..b48c0039a 100644
--- a/roles/kubernetes_kubelet/tasks/main.yml
+++ b/roles/kubernetes_kubelet/tasks/main.yml
@@ -4,10 +4,10 @@
yum: pkg=kubernetes state=installed
- name: Configure kubelet
- lineinfile: >
- dest=/etc/sysconfig/kubernetes
- regexp={{ item.regex }}
- line="{{ item.line }}"
+ lineinfile:
+ dest: /etc/sysconfig/kubernetes
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
with_items:
- { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' }
- { regex: '^KUBE_KUBELET_ADDRESS=', line: 'KUBE_KUBELET_ADDRESS=\"0.0.0.0\"' }
diff --git a/roles/kubernetes_proxy/tasks/main.yml b/roles/kubernetes_proxy/tasks/main.yml
index 901b5f3ad..407c9ab46 100644
--- a/roles/kubernetes_proxy/tasks/main.yml
+++ b/roles/kubernetes_proxy/tasks/main.yml
@@ -4,10 +4,10 @@
yum: pkg=kubernetes state=installed
- name: Configure kubernetes-proxy etcd servers
- lineinfile: >
- dest=/etc/sysconfig/kubernetes
- regexp={{ item.regex }}
- line="{{ item.line }}"
+ lineinfile:
+ dest: /etc/sysconfig/kubernetes
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
with_items:
- { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' }
notify:
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 3cfb2dd7d..6826ef452 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -8,10 +8,10 @@
command: /usr/bin/hostname {{ oo_bind_ip }}
- name: Configure OpenShift Master settings
- lineinfile: >
- dest=/etc/sysconfig/openshift
- regexp={{ item.regex }}
- line="{{ item.line }}"
+ lineinfile:
+ dest: /etc/sysconfig/openshift
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
with_items:
- { regex: '^ROLE=', line: 'ROLE=\"master\"' }
- { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }} --loglevel=5\"' }
diff --git a/roles/openshift_minion/tasks/main.yml b/roles/openshift_minion/tasks/main.yml
index e328eb5d5..3821277bc 100644
--- a/roles/openshift_minion/tasks/main.yml
+++ b/roles/openshift_minion/tasks/main.yml
@@ -8,10 +8,10 @@
command: /usr/bin/hostname {{ oo_bind_ip }}
- name: Configure OpenShift Minion settings
- lineinfile: >
- dest=/etc/sysconfig/openshift
- regexp={{ item.regex }}
- line="{{ item.line }}"
+ lineinfile:
+ dest: /etc/sysconfig/openshift
+ regexp: "{{ item.regex }}"
+ line: "{{ item.line }}"
with_items:
- { regex: '^ROLE=', line: 'ROLE=\"node\"' }
- { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' }
diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml
index 48c123ab1..3b66bb392 100644
--- a/roles/repos/tasks/main.yaml
+++ b/roles/repos/tasks/main.yaml
@@ -1,16 +1,5 @@
---
# The following role lays down the correct repository and gpg key for yum
-
-#- name: Ensure oso rhui rhel 7 server repository exists in yum.repos.d
-# copy: >
-# src=oso-rhui-rhel-7-server.repo
-# dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo
-#
-#- name: Ensure Red Hat GPG Key is in place for the previous repo
-# copy: >
-# src=RPM-GPG-KEY-redhat-release
-# dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-
- name: Ensure rhel 7 libra candidate exists in yum.repos.d
copy: src=rhel-7-libra-candidate.repo dest=/etc/yum.repos.d/rhel-7-libra-candidate.repo