diff options
author | Thomas Wiest <twiest@users.noreply.github.com> | 2015-02-05 16:02:00 -0500 |
---|---|---|
committer | Thomas Wiest <twiest@users.noreply.github.com> | 2015-02-05 16:02:00 -0500 |
commit | 04343e7588118359d178fa63554909efb222648a (patch) | |
tree | 21ae9b09d447700b13e91acf3308748d3a6af8fd | |
parent | 076434d7a1026540f0eee5479adddc895d73b9b0 (diff) | |
parent | ddf12084e107152f70f7cad82bd1fcdb54880db3 (diff) | |
download | openshift-04343e7588118359d178fa63554909efb222648a.tar.gz openshift-04343e7588118359d178fa63554909efb222648a.tar.bz2 openshift-04343e7588118359d178fa63554909efb222648a.tar.xz openshift-04343e7588118359d178fa63554909efb222648a.zip |
Merge pull request #53 from twiest/atomic
Changed os2-atomic-proxy to be able to launch inside of both a vpc and classic. Changed STG to default to launching in a vpc, prod still launches in classic. Also cleaned up some cruft.
-rw-r--r-- | lib/ansible_helper.rb | 7 | ||||
-rw-r--r-- | lib/aws_command.rb | 2 | ||||
-rw-r--r-- | lib/gce_command.rb | 3 | ||||
-rw-r--r-- | playbooks/aws/os2-atomic-proxy/launch.yml | 32 | ||||
-rw-r--r-- | playbooks/aws/os2-atomic-proxy/vars.stg.yml | 7 | ||||
-rw-r--r-- | roles/atomic_base/tasks/bash.yml | 13 | ||||
-rw-r--r-- | roles/atomic_base/tasks/ostree.yml | 18 | ||||
-rw-r--r-- | roles/atomic_proxy/tasks/setup_puppet.yml | 36 | ||||
-rw-r--r-- | roles/base_os/tasks/main.yaml | 25 | ||||
-rw-r--r-- | roles/kubernetes_apiserver/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/kubernetes_kubelet/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/kubernetes_proxy/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/openshift_master/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/openshift_minion/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/repos/tasks/main.yaml | 11 |
15 files changed, 106 insertions, 88 deletions
diff --git a/lib/ansible_helper.rb b/lib/ansible_helper.rb index 080c9d00b..395bb51a8 100644 --- a/lib/ansible_helper.rb +++ b/lib/ansible_helper.rb @@ -89,13 +89,6 @@ extra_vars: #{@extra_vars.to_json} ah.inventory = 'inventory/aws/ec2.py' return ah end - - - def ignore_bug_6407 - puts - puts %q[ .---- Spurious warning "It is unnecessary to use '{{' in loops" (ansible bug 6407) ----.] - puts %q[ V V] - end end end end diff --git a/lib/aws_command.rb b/lib/aws_command.rb index 288a539a1..1c3efc91c 100644 --- a/lib/aws_command.rb +++ b/lib/aws_command.rb @@ -42,7 +42,6 @@ module OpenShift puts puts "Creating #{options[:count]} #{options[:type]} instance(s) in AWS..." - ah.ignore_bug_6407 # Make sure we're completely up to date before launching clear_cache() @@ -91,7 +90,6 @@ module OpenShift puts puts "Configuring #{options[:type]} instance(s) in AWS..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/aws/#{host_type}/config.yml") end diff --git a/lib/gce_command.rb b/lib/gce_command.rb index 8be8fb357..54dbf29ba 100644 --- a/lib/gce_command.rb +++ b/lib/gce_command.rb @@ -43,7 +43,6 @@ module OpenShift puts puts "Creating #{options[:count]} #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{options[:type]}/launch.yml") end @@ -80,7 +79,6 @@ module OpenShift puts puts "Configuring #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{host_type}/config.yml") end @@ -118,7 +116,6 @@ module OpenShift puts puts "Terminating #{options[:type]} instance(s) in GCE..." - ah.ignore_bug_6407 ah.run_playbook("playbooks/gce/#{host_type}/terminate.yml") end diff --git a/playbooks/aws/os2-atomic-proxy/launch.yml b/playbooks/aws/os2-atomic-proxy/launch.yml index 23bf67bb7..fd6b0f39a 100644 --- a/playbooks/aws/os2-atomic-proxy/launch.yml +++ b/playbooks/aws/os2-atomic-proxy/launch.yml @@ -8,12 +8,35 @@ inst_region: us-east-1 atomic_ami: ami-8e239fe6 user_data_file: user_data.txt + oo_vpc_subnet_id: # Purposely left blank, these are here to be overridden in env vars_files + oo_assign_public_ip: # Purposely left blank, these are here to be overridden in env vars_files vars_files: - vars.yml + - "vars.{{ oo_env }}.yml" tasks: - - name: Launch instances + - name: Launch instances in VPC + ec2: + state: present + region: "{{ inst_region }}" + keypair: mmcgrath_libra + group_id: "{{ oo_security_group_ids }}" + instance_type: m3.large + image: "{{ atomic_ami }}" + count: "{{ oo_new_inst_names | oo_len }}" + user_data: "{{ lookup('file', user_data_file) }}" + wait: yes + assign_public_ip: "{{ oo_assign_public_ip }}" + vpc_subnet_id: "{{ oo_vpc_subnet_id }}" + when: oo_vpc_subnet_id + register: ec2_vpc + + - set_fact: + ec2: "{{ ec2_vpc }}" + when: oo_vpc_subnet_id + + - name: Launch instances in Classic ec2: state: present region: "{{ inst_region }}" @@ -24,7 +47,12 @@ count: "{{ oo_new_inst_names | oo_len }}" user_data: "{{ lookup('file', user_data_file) }}" wait: yes - register: ec2 + when: not oo_vpc_subnet_id + register: ec2_classic + + - set_fact: + ec2: "{{ ec2_classic }}" + when: not oo_vpc_subnet_id - name: Add new instances public IPs to the atomic proxy host group add_host: "hostname={{ item.public_ip }} groupname=new_ec2_instances" diff --git a/playbooks/aws/os2-atomic-proxy/vars.stg.yml b/playbooks/aws/os2-atomic-proxy/vars.stg.yml index 8d994c2fc..1cecfc9b2 100644 --- a/playbooks/aws/os2-atomic-proxy/vars.stg.yml +++ b/playbooks/aws/os2-atomic-proxy/vars.stg.yml @@ -1,3 +1,10 @@ --- oo_env_long: staging oo_zabbix_hostgroups: ['STG Environment'] +oo_vpc_subnet_id: subnet-700bdd07 +oo_assign_public_ip: yes +oo_security_group_ids: + - sg-02c2f267 # Libra (vpc) + - sg-f0bfbe95 # stg (vpc) + - sg-a3bfbec6 # stg_proxy (vpc) + - sg-d4bfbeb1 # stg_proxy_atomic (vpc) diff --git a/roles/atomic_base/tasks/bash.yml b/roles/atomic_base/tasks/bash.yml index 6e577971a..547ae83c3 100644 --- a/roles/atomic_base/tasks/bash.yml +++ b/roles/atomic_base/tasks/bash.yml @@ -5,9 +5,10 @@ - name: Link to .profile to .bashrc file: src=/root/.bashrc dest=/root/.profile owner=root group=root state=link -- name: Setup Timezone [{{ oo_timezone }}] - file: > - src=/usr/share/zoneinfo/{{ oo_timezone }} - dest=/etc/localtime - owner=root - group=root state=link +- name: "Setup Timezone [{{ oo_timezone }}]" + file: + src: "/usr/share/zoneinfo/{{ oo_timezone }}" + dest: /etc/localtime + owner: root + group: root + state: link diff --git a/roles/atomic_base/tasks/ostree.yml b/roles/atomic_base/tasks/ostree.yml index b9d366f1b..aacaa5efd 100644 --- a/roles/atomic_base/tasks/ostree.yml +++ b/roles/atomic_base/tasks/ostree.yml @@ -1,18 +1,18 @@ --- - name: Copy ostree repo config - copy: > - src=ostree/repo_config - dest=/ostree/repo/config - owner=root - group=root - mode=0644 + copy: + src: ostree/repo_config + dest: /ostree/repo/config + owner: root + group: root + mode: 0644 - name: "WORK AROUND: Stat redhat repo file" stat: path=/etc/yum.repos.d/redhat.repo register: redhat_repo - name: "WORK AROUND: subscription manager failures" - file: > - path=/etc/yum.repos.d/redhat.repo - state=touch + file: + path: /etc/yum.repos.d/redhat.repo + state: touch when: redhat_repo.stat.exists == False diff --git a/roles/atomic_proxy/tasks/setup_puppet.yml b/roles/atomic_proxy/tasks/setup_puppet.yml index e711d06c1..7a599f06d 100644 --- a/roles/atomic_proxy/tasks/setup_puppet.yml +++ b/roles/atomic_proxy/tasks/setup_puppet.yml @@ -1,24 +1,24 @@ --- - name: make puppet conf dir - file: > - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet - mode=755 - owner=root - group=root - state=directory + file: + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet" + mode: 755 + owner: root + group: root + state: directory - name: upload puppet auth config - copy: > - src=puppet/auth.conf - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf - mode=0644 - owner=root - group=root + copy: + src: puppet/auth.conf + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/auth.conf" + mode: 0644 + owner: root + group: root - name: upload puppet config - template: > - src=puppet/puppet.conf.j2 - dest={{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf - mode=0644 - owner=root - group=root + template: + src: puppet/puppet.conf.j2 + dest: "{{ oo_proxy_puppet_volume_dir }}/etc/puppet/puppet.conf" + mode: 0644 + owner: root + group: root diff --git a/roles/base_os/tasks/main.yaml b/roles/base_os/tasks/main.yaml index ff8cfbe33..01d2898c5 100644 --- a/roles/base_os/tasks/main.yaml +++ b/roles/base_os/tasks/main.yaml @@ -2,25 +2,30 @@ # basic role, configures irbrc, vimrc - name: Ensure irbrc is installed for user root - copy: > - src=irbrc - dest=/root/.irbrc + copy: + src: irbrc + dest: /root/.irbrc - name: Ensure vimrc is installed for user root - copy: > - src=vimrc - dest=/root/.vimrc + copy: + src: vimrc + dest: /root/.vimrc - name: Ensure vimrc is installed for user root - copy: > - src=vimrc - dest=/root/.vimrc + copy: + src: vimrc + dest: /root/.vimrc - name: Install firewalld - yum: pkg=firewalld state=installed + yum: + pkg: firewalld + state: installed - name: enable firewalld service command: /usr/bin/systemctl enable firewalld.service - name: start firewalld service command: /usr/bin/systemctl start firewalld.service + +- name: need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail + pause: seconds=10 diff --git a/roles/kubernetes_apiserver/tasks/main.yml b/roles/kubernetes_apiserver/tasks/main.yml index 622ecd5ca..81fdbbb40 100644 --- a/roles/kubernetes_apiserver/tasks/main.yml +++ b/roles/kubernetes_apiserver/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes - name: Configure apiserver settings - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' } - { regex: '^KUBE_API_ADDRESS=', line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' } diff --git a/roles/kubernetes_kubelet/tasks/main.yml b/roles/kubernetes_kubelet/tasks/main.yml index 48eab7f84..b48c0039a 100644 --- a/roles/kubernetes_kubelet/tasks/main.yml +++ b/roles/kubernetes_kubelet/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes state=installed - name: Configure kubelet - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' } - { regex: '^KUBE_KUBELET_ADDRESS=', line: 'KUBE_KUBELET_ADDRESS=\"0.0.0.0\"' } diff --git a/roles/kubernetes_proxy/tasks/main.yml b/roles/kubernetes_proxy/tasks/main.yml index 901b5f3ad..407c9ab46 100644 --- a/roles/kubernetes_proxy/tasks/main.yml +++ b/roles/kubernetes_proxy/tasks/main.yml @@ -4,10 +4,10 @@ yum: pkg=kubernetes state=installed - name: Configure kubernetes-proxy etcd servers - lineinfile: > - dest=/etc/sysconfig/kubernetes - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/kubernetes + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^KUBE_ETCD_SERVERS=', line: 'KUBE_ETCD_SERVERS=\"http://{{ oo_master_ips[0] }}:4001\"' } notify: diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 3cfb2dd7d..6826ef452 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,10 +8,10 @@ command: /usr/bin/hostname {{ oo_bind_ip }} - name: Configure OpenShift Master settings - lineinfile: > - dest=/etc/sysconfig/openshift - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/openshift + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^ROLE=', line: 'ROLE=\"master\"' } - { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }} --loglevel=5\"' } diff --git a/roles/openshift_minion/tasks/main.yml b/roles/openshift_minion/tasks/main.yml index e328eb5d5..3821277bc 100644 --- a/roles/openshift_minion/tasks/main.yml +++ b/roles/openshift_minion/tasks/main.yml @@ -8,10 +8,10 @@ command: /usr/bin/hostname {{ oo_bind_ip }} - name: Configure OpenShift Minion settings - lineinfile: > - dest=/etc/sysconfig/openshift - regexp={{ item.regex }} - line="{{ item.line }}" + lineinfile: + dest: /etc/sysconfig/openshift + regexp: "{{ item.regex }}" + line: "{{ item.line }}" with_items: - { regex: '^ROLE=', line: 'ROLE=\"node\"' } - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080 --loglevel=5\"' } diff --git a/roles/repos/tasks/main.yaml b/roles/repos/tasks/main.yaml index 48c123ab1..3b66bb392 100644 --- a/roles/repos/tasks/main.yaml +++ b/roles/repos/tasks/main.yaml @@ -1,16 +1,5 @@ --- # The following role lays down the correct repository and gpg key for yum - -#- name: Ensure oso rhui rhel 7 server repository exists in yum.repos.d -# copy: > -# src=oso-rhui-rhel-7-server.repo -# dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo -# -#- name: Ensure Red Hat GPG Key is in place for the previous repo -# copy: > -# src=RPM-GPG-KEY-redhat-release -# dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release - - name: Ensure rhel 7 libra candidate exists in yum.repos.d copy: src=rhel-7-libra-candidate.repo dest=/etc/yum.repos.d/rhel-7-libra-candidate.repo |