summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Chaloupka <jchaloup@redhat.com>2017-03-01 12:54:19 +0100
committerJan Chaloupka <jchaloup@redhat.com>2017-03-07 22:27:48 +0100
commit1a16667b6a2e99ca6dc6b83c5794fb9995501280 (patch)
tree3427f0f326a307bf2b63e16c8fb5c1f887731712
parent6ecb86b2fcc36e3383d86395d3be0a443e12981e (diff)
downloadopenshift-1a16667b6a2e99ca6dc6b83c5794fb9995501280.tar.gz
openshift-1a16667b6a2e99ca6dc6b83c5794fb9995501280.tar.bz2
openshift-1a16667b6a2e99ca6dc6b83c5794fb9995501280.tar.xz
openshift-1a16667b6a2e99ca6dc6b83c5794fb9995501280.zip
- update excluders to latest, in non-upgrade scenarios do not update
- check both available excluder versions are at most of upgrade target version - get excluder status through status command - make excluders enablement configurable
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml2
-rw-r--r--playbooks/common/openshift-cluster/config.yml3
-rw-r--r--playbooks/common/openshift-cluster/disable_excluder.yml14
-rw-r--r--playbooks/common/openshift-cluster/initialize_openshift_version.yml3
-rw-r--r--playbooks/common/openshift-cluster/reset_excluder.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/disable_excluder.yml21
-rw-r--r--playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml22
-rw-r--r--roles/openshift_excluder/README.md17
-rw-r--r--roles/openshift_excluder/defaults/main.yml4
-rw-r--r--roles/openshift_excluder/tasks/adjust.yml23
-rw-r--r--roles/openshift_excluder/tasks/disable.yml26
-rw-r--r--roles/openshift_excluder/tasks/enable.yml21
-rw-r--r--roles/openshift_excluder/tasks/exclude.yml27
-rw-r--r--roles/openshift_excluder/tasks/init.yml12
-rw-r--r--roles/openshift_excluder/tasks/install.yml29
-rw-r--r--roles/openshift_excluder/tasks/reset.yml12
-rw-r--r--roles/openshift_excluder/tasks/status.yml103
-rw-r--r--roles/openshift_excluder/tasks/unexclude.yml23
26 files changed, 284 insertions, 96 deletions
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
index b1510e062..d268850d8 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
@@ -46,7 +46,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
index b61d9e58a..d11e51640 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_control_plane.yml
@@ -54,7 +54,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
index f0b2a2c75..5a0f143ac 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade_nodes.yml
@@ -47,7 +47,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
index 82a1d0935..25d8cd2ba 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
@@ -46,7 +46,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
index 7ae1b3e6e..d52f3c111 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_control_plane.yml
@@ -54,7 +54,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
index ec63ea60e..07c734a40 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade_nodes.yml
@@ -47,7 +47,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
index 69cabcd33..a35227283 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade.yml
@@ -46,7 +46,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
index 719057d2b..069b31ad1 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
@@ -54,7 +54,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
index 259be6f8e..f858de3d5 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_5/upgrade_nodes.yml
@@ -47,7 +47,7 @@
tags:
- pre_upgrade
-- include: ../../../../common/openshift-cluster/disable_excluder.yml
+- include: ../../../../common/openshift-cluster/upgrades/disable_excluder.yml
tags:
- pre_upgrade
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 113b401f9..82f711f40 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -27,6 +27,9 @@
when: openshift_docker_selinux_enabled is not defined
- include: disable_excluder.yml
+ vars:
+ # the excluders needs to be disabled no matter what status says
+ with_status_check: false
tags:
- always
diff --git a/playbooks/common/openshift-cluster/disable_excluder.yml b/playbooks/common/openshift-cluster/disable_excluder.yml
index eb146bab8..b2e025cb8 100644
--- a/playbooks/common/openshift-cluster/disable_excluder.yml
+++ b/playbooks/common/openshift-cluster/disable_excluder.yml
@@ -3,9 +3,15 @@
hosts: l_oo_all_hosts
gather_facts: no
tasks:
+
+ # During installation the excluders are installed with present state.
+ # So no pre-validation check here as the excluders are either to be installed (present = latest)
+ # or they are not going to be updated if already installed
+
+ # disable excluders based on their status
- include_role:
name: openshift_excluder
- tasks_from: status
- - include_role:
- name: openshift_excluder
- tasks_from: unexclude
+ tasks_from: disable
+ vars:
+ openshift_excluder_package_state: present
+ docker_excluder_package_state: present
diff --git a/playbooks/common/openshift-cluster/initialize_openshift_version.yml b/playbooks/common/openshift-cluster/initialize_openshift_version.yml
index 6b40176e1..7f37c606f 100644
--- a/playbooks/common/openshift-cluster/initialize_openshift_version.yml
+++ b/playbooks/common/openshift-cluster/initialize_openshift_version.yml
@@ -19,6 +19,9 @@
when: "not openshift.common.is_atomic | bool and 'Plugin \"search-disabled-repos\" requires API 2.7. Supported API is 2.6.' in yum_ver_test.stdout"
- include: disable_excluder.yml
+ vars:
+ # the excluders needs to be disabled no matter what status says
+ with_status_check: false
tags:
- always
diff --git a/playbooks/common/openshift-cluster/reset_excluder.yml b/playbooks/common/openshift-cluster/reset_excluder.yml
index fe86f4c23..7c544ee32 100644
--- a/playbooks/common/openshift-cluster/reset_excluder.yml
+++ b/playbooks/common/openshift-cluster/reset_excluder.yml
@@ -5,4 +5,4 @@
tasks:
- include_role:
name: openshift_excluder
- tasks_from: reset
+ tasks_from: enable
diff --git a/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml b/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml
new file mode 100644
index 000000000..2a85dc92e
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/disable_excluder.yml
@@ -0,0 +1,21 @@
+---
+- name: Record excluder state and disable
+ hosts: l_oo_all_hosts
+ gather_facts: no
+ tasks:
+ - include: pre/validate_excluder.yml
+ vars:
+ #repoquery_cmd: repoquery_cmd
+ #openshift_upgrade_target: openshift_upgrade_target
+ excluder: "{{ item }}"
+ with_items:
+ - "{{ openshift.common.service_type }}-docker-excluder"
+ - "{{ openshift.common.service_type }}-excluder"
+
+ # disable excluders based on their status
+ - include_role:
+ name: openshift_excluder
+ tasks_from: disable
+ vars:
+ openshift_excluder_package_state: latest
+ docker_excluder_package_state: latest
diff --git a/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml b/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml
new file mode 100644
index 000000000..5078638b7
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/pre/validate_excluder.yml
@@ -0,0 +1,22 @@
+---
+# input variables:
+# - repoquery_cmd
+# - excluder
+# - openshift_upgrade_target
+- name: Get available excluder version
+ command: >
+ {{ repoquery_cmd }} --qf '%{version}' "{{ excluder }}"
+ register: excluder_version
+ failed_when: false
+ changed_when: false
+
+- name: Docker excluder version detected
+ debug:
+ msg: "{{ excluder }}: {{ excluder_version.stdout }}"
+
+- name: Check the available {{ excluder }} version is at most of the upgrade target version
+ fail:
+ msg: "Available {{ excluder }} version {{ excluder_version.stdout }} is higher than the upgrade target version {{ openshift_upgrade_target }}"
+ when:
+ - "{{ excluder_version.stdout != '' }}"
+ - "{{ excluder_version.stdout.split('.')[0:2] | join('.') | version_compare(openshift_upgrade_target, '>', strict=True) }}"
diff --git a/roles/openshift_excluder/README.md b/roles/openshift_excluder/README.md
index 6c90b4e96..e76a15952 100644
--- a/roles/openshift_excluder/README.md
+++ b/roles/openshift_excluder/README.md
@@ -15,8 +15,11 @@ Facts
| Name | Default Value | Description |
-----------------------------|---------------|----------------------------------------|
-| docker_excluder_enabled | none | Records the status of docker excluder |
-| openshift_excluder_enabled | none | Records the status of the openshift excluder |
+| enable_docker_excluder | enable_excluders | Enable docker excluder. If not set, the docker excluder is ignored. |
+| enable_openshift_excluder | enable_excluders | Enable openshift excluder. If not set, the openshift excluder is ignored. |
+| enable_excluders | None | Enable all excluders
+| enable_docker_excluder_override | None | indication the docker excluder needs to be enabled |
+| disable_openshift_excluder_override | None | indication the openshift excluder needs to be disabled |
Role Variables
--------------
@@ -25,6 +28,16 @@ None
Dependencies
------------
+Tasks to include
+----------------
+
+- exclude: enable excluders (assuming excluders are installed)
+- unexclude: disable excluders (assuming excluders are installed)
+- install: install excluders (installation is followed by excluder enabling)
+- enable: enable excluders (optionally with installation step)
+- disabled: disable excluders (optionally with installation and status step, the status check that can override which excluder gets enabled/disabled)
+- status: determine status of excluders
+
Example Playbook
----------------
diff --git a/roles/openshift_excluder/defaults/main.yml b/roles/openshift_excluder/defaults/main.yml
new file mode 100644
index 000000000..0d275e954
--- /dev/null
+++ b/roles/openshift_excluder/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+# keep the 'current' package or update to 'latest' if available?
+openshift_excluder_package_state: present
+docker_excluder_package_state: present
diff --git a/roles/openshift_excluder/tasks/adjust.yml b/roles/openshift_excluder/tasks/adjust.yml
new file mode 100644
index 000000000..6f4070c3d
--- /dev/null
+++ b/roles/openshift_excluder/tasks/adjust.yml
@@ -0,0 +1,23 @@
+---
+# Depending on enablement of individual excluders and their status
+# some excluders needs to be disabled, resp. enabled
+# By default, all excluders are disabled unless overrided.
+- block:
+ - include: init.yml
+ # All excluders that are to be enabled are enabled
+ - include: exclude.yml
+ vars:
+ # Enable the docker excluder only if it is overrided
+ enable_docker_excluder: "{{ enable_docker_excluder_override | default(false) | bool }}"
+ # excluder is to be disabled by default
+ enable_openshift_excluder: false
+ # All excluders that are to be disabled are disabled
+ - include: unexclude.yml
+ vars:
+ # If the docker override is not set, default to the generic behaviour
+ disable_docker_excluder: "{{ not enable_docker_excluder_override | default(not docker_excluder_on) | bool }}"
+ # disable openshift excluder is never overrided to be enabled
+ # disable it if the docker excluder is enabled
+ disable_openshift_excluder: "{{ openshift_excluder_on | bool }}"
+ when:
+ - not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/disable.yml b/roles/openshift_excluder/tasks/disable.yml
new file mode 100644
index 000000000..a8deb3eb1
--- /dev/null
+++ b/roles/openshift_excluder/tasks/disable.yml
@@ -0,0 +1,26 @@
+---
+# input variables
+# - with_status_check
+# - with_install
+# - excluder_package_state
+# - docker_excluder_package_state
+- include: init.yml
+
+# Install any excluder that is enabled
+- include: install.yml
+ vars:
+ # Both docker_excluder_on and openshift_excluder_on are set in openshift_excluder->init task
+ install_docker_excluder: "{{ docker_excluder_on | bool }}"
+ install_openshift_excluder: "{{ openshift_excluder_on | bool }}"
+ when: docker_excluder_on or openshift_excluder_on
+
+ # if the docker excluder is not enabled, we don't care about its status
+ # it the docker excluder is enabled, we install it and in case its status is non-zero
+ # it is enabled no matter what
+
+# Check the current state of all excluders
+- include: status.yml
+ when: with_status_check | default(docker_excluder_on or openshift_excluder_on) | bool
+
+ # And finally adjust an excluder in order to update host components correctly
+- include: adjust.yml
diff --git a/roles/openshift_excluder/tasks/enable.yml b/roles/openshift_excluder/tasks/enable.yml
new file mode 100644
index 000000000..ef6fc4a01
--- /dev/null
+++ b/roles/openshift_excluder/tasks/enable.yml
@@ -0,0 +1,21 @@
+---
+# input variables:
+# - with_install
+- block:
+ - include: init.yml
+
+ - include: install.yml
+ vars:
+ install_docker_excluder: "{{ docker_excluder_on | bool }}"
+ install_openshift_excluder: "{{ openshift_excluder_on | bool }}"
+ when: with_install | default(docker_excluder_on or openshift_excluder_on) | bool
+
+ - include: exclude.yml
+ vars:
+ # Enable the docker excluder only if it is overrided, resp. enabled by default (in that order)
+ enable_docker_excluder: "{{ enable_docker_excluder_override | default(docker_excluder_on) | bool }}"
+ # Enable the openshift excluder only if it is not overrided, resp. enabled by default (in that order)
+ enable_openshift_excluder: "{{ not disable_openshift_excluder_override | default(not openshift_excluder_on) | bool }}"
+
+ when:
+ - not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/exclude.yml b/roles/openshift_excluder/tasks/exclude.yml
index 570183aef..ee0ad8a0b 100644
--- a/roles/openshift_excluder/tasks/exclude.yml
+++ b/roles/openshift_excluder/tasks/exclude.yml
@@ -1,11 +1,20 @@
---
-- include: install.yml
- when: not openshift.common.is_containerized | bool
+# input variables:
+# - enable_docker_excluder
+# - enable_openshift_excluder
+- block:
+ - name: Enable docker excluder
+ command: "{{ openshift.common.service_type }}-docker-excluder exclude"
+ # if the docker override is set, it means the docker excluder needs to be enabled no matter what
+ # if the docker override is not set, the excluder is set based on enable_docker_excluder
+ when:
+ - enable_docker_excluder | default(false) | bool
-- name: Enable docker excluder
- command: "{{ openshift.common.service_type }}-docker-excluder exclude"
- when: not openshift.common.is_containerized | bool
-
-- name: Enable excluder
- command: "{{ openshift.common.service_type }}-excluder exclude"
- when: not openshift.common.is_containerized | bool
+ - name: Enable openshift excluder
+ command: "{{ openshift.common.service_type }}-excluder exclude"
+ # if the openshift override is set, it means the openshift excluder is disabled no matter what
+ # if the openshift override is not set, the excluder is set based on enable_openshift_excluder
+ when:
+ - enable_openshift_excluder | default(false) | bool
+ when:
+ - not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/init.yml b/roles/openshift_excluder/tasks/init.yml
new file mode 100644
index 000000000..dee779925
--- /dev/null
+++ b/roles/openshift_excluder/tasks/init.yml
@@ -0,0 +1,12 @@
+---
+- name: Evalute if docker excluder is to be enabled
+ set_fact:
+ docker_excluder_on: "{{ enable_docker_excluder | default(enable_excluders | default(false)) | bool }}"
+
+- debug: var=docker_excluder_on
+
+- name: Evalute if openshift excluder is to be enabled
+ set_fact:
+ openshift_excluder_on: "{{ enable_openshift_excluder | default(enable_excluders | default(false)) | bool }}"
+
+- debug: var=openshift_excluder_on
diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml
index ee4cb2c05..01fe5da55 100644
--- a/roles/openshift_excluder/tasks/install.yml
+++ b/roles/openshift_excluder/tasks/install.yml
@@ -1,16 +1,21 @@
---
-- name: Install latest excluder
- package:
- name: "{{ openshift.common.service_type }}-excluder"
- state: latest
- when:
- - openshift_excluder_enabled | default(false) | bool
- - not openshift.common.is_containerized | bool
+# input Variables
+# - install_docker_excluder
+# - install_openshift_excluder
+- block:
+
+ - name: Install docker excluder
+ package:
+ name: "{{ openshift.common.service_type }}-docker-excluder"
+ state: "{{ docker_excluder_package_state }}"
+ when:
+ - install_docker_excluder | default(true) | bool
-- name: Install latest docker excluder
- package:
- name: "{{ openshift.common.service_type }}-excluder"
- state: latest
+ - name: Install openshift excluder
+ package:
+ name: "{{ openshift.common.service_type }}-excluder"
+ state: "{{ openshift_excluder_package_state }}"
+ when:
+ - install_openshift_excluder | default(true) | bool
when:
- - docker_excluder_enabled | default(false) | bool
- not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/reset.yml b/roles/openshift_excluder/tasks/reset.yml
deleted file mode 100644
index 486a23fd0..000000000
--- a/roles/openshift_excluder/tasks/reset.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Enable docker excluder
- command: "{{ openshift.common.service_type }}-docker-excluder exclude"
- when:
- - docker_excluder_enabled | default(false) | bool
- - not openshift.common.is_containerized | bool
-
-- name: Enable excluder
- command: "{{ openshift.common.service_type }}-excluder exclude"
- when:
- - openshift_excluder_enabled | default(false) | bool
- - not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/status.yml b/roles/openshift_excluder/tasks/status.yml
index ef118d94c..40bf98c18 100644
--- a/roles/openshift_excluder/tasks/status.yml
+++ b/roles/openshift_excluder/tasks/status.yml
@@ -1,8 +1,4 @@
---
-# Latest versions of the excluders include a status function, old packages dont
-# So, if packages are installed, upgrade them to the latest so we get the status
-# If they're not installed when we should assume they're disabled
-
- name: Determine if excluder packages are installed
rpm_q:
name: "{{ openshift.common.service_type }}-excluder"
@@ -10,49 +6,78 @@
register: openshift_excluder_installed
failed_when: false
+# docker excluder needs to be enable by default
- name: Determine if docker packages are installed
rpm_q:
- name: "{{ openshift.common.service_type }}-excluder"
+ name: "{{ openshift.common.service_type }}-docker-excluder"
state: present
register: docker_excluder_installed
failed_when: false
-- name: Update to latest excluder packages
- package:
- name: "{{ openshift.common.service_type }}-excluder"
- state: latest
- when:
- - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}"
- - not openshift.common.is_containerized | bool
+# The excluder status function returns 0 when everything is excluded
+# and 1 if any packages are missing from the exclusions list and outputs a warning to stderr
+# # atomic-openshift-excluder status ; echo $?
+# exclude -- All packages excluded
+# 0
+# # atomic-openshift-excluder unexclude
+# # atomic-openshift-excluder status ; echo $?
+# unexclude -- At least one package not excluded
+# 1
-- name: Update to the latest docker-excluder packages
- package:
- name: "{{ openshift.common.service_type }}-docker-excluder"
- state: latest
- when:
- - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}"
- - not openshift.common.is_containerized | bool
+- block:
+ - include: init.yml
+ - block:
+ - name: Record openshift excluder status
+ command: "{{ openshift.common.service_type }}-excluder status"
+ register: excluder_status
+ failed_when: false
-- name: Record excluder status
- command: "{{ openshift.common.service_type }}-excluder"
- register: excluder_status
- when:
- - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}"
- - not openshift.common.is_containerized | bool
- failed_when: false
+ # Even though the openshift excluder is enabled
+ # if the status is non-zero, disabled the excluder
+ - name: Override openshift excluder enablement if the status is non-zero
+ set_fact:
+ disable_openshift_excluder_override: true
+ when:
+ - "{{ excluder_status.rc | default(0) != 0 }}"
-- name: Record docker excluder status
- command: "{{ openshift.common.service_type }}-docker-excluder"
- register: docker_excluder_status
- when:
- - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}"
- - not openshift.common.is_containerized | bool
- failed_when: false
+ - debug:
+ msg: "Disabling openshift excluder"
+ when:
+ - "{{ excluder_status.rc | default(0) != 0 }}"
+
+ when:
+ - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}"
+ - "{{ openshift_excluder_on }}"
+
+ - block:
+ - name: Record docker excluder status
+ command: "{{ openshift.common.service_type }}-docker-excluder status"
+ register: docker_excluder_status
+ failed_when: false
-- name: Set excluder status facts
- set_fact:
- docker_excluder_enabled: "{{ 'false' if docker_excluder_status.rc | default(0) == 0 or docker_excluder_installed.installed_versions | default(0) | length == 0 else 'true' }}"
- openshift_excluder_enabled: "{{ 'false' if docker_excluder_status.rc | default(0) == 0 or openshift_excluder_installed.installed_versions | default(0) | length == 0 else 'true' }}"
+ # If the docker excluder is installed and the status is non-zero
+ # always enable the docker excluder
+ - name: Override docker excluder enablement if the status is non-zero
+ set_fact:
+ enable_docker_excluder_override: true
+ when:
+ - "{{ docker_excluder_status.rc | default(0) != 0 }}"
-- debug: var=docker_excluder_enabled
-- debug: var=openshift_excluder_enabled
+ - debug:
+ msg: "Enabling docker excluder"
+ when:
+ - "{{ docker_excluder_status.rc | default(0) != 0 }}"
+
+ # As the docker excluder status is not satisfied,
+ # re-enable entire docker excluder again
+ # At the same time keep the override set in a case other task would
+ - name: Enable docker excluder
+ command: "{{ openshift.common.service_type }}-docker-excluder exclude"
+
+ # Run the docker excluder status even if the excluder is disabled.
+ # In order to determine of the excluder needs to be enabled.
+ when:
+ - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}"
+
+ when:
+ - not openshift.common.is_containerized | bool
diff --git a/roles/openshift_excluder/tasks/unexclude.yml b/roles/openshift_excluder/tasks/unexclude.yml
index 38f0759aa..4df92bc65 100644
--- a/roles/openshift_excluder/tasks/unexclude.yml
+++ b/roles/openshift_excluder/tasks/unexclude.yml
@@ -1,12 +1,19 @@
---
-- name: disable docker excluder
- command: "{{ openshift.common.service_type }}-docker-excluder unexclude"
- when:
- - docker_excluder_enabled | bool
- - not openshift.common.is_containerized | bool
+# input variables:
+# - disable_docker_excluder
+# - disable_openshift_excluder
+- block:
+ - include: init.yml
+
+ - name: disable docker excluder
+ command: "{{ openshift.common.service_type }}-docker-excluder unexclude"
+ when:
+ - disable_docker_excluder | default(false) | bool
+
+ - name: disable openshift excluder
+ command: "{{ openshift.common.service_type }}-excluder unexclude"
+ when:
+ - disable_openshift_excluder | default(false) | bool
-- name: disable excluder
- command: "{{ openshift.common.service_type }}-excluder unexclude"
when:
- - openshift_excluder_enabled | bool
- not openshift.common.is_containerized | bool