diff options
author | John Kwiatkoski <jkwiatko@redhat.com> | 2016-03-22 14:48:31 -0400 |
---|---|---|
committer | John Kwiatkoski <jkwiatko@redhat.com> | 2016-03-22 14:48:31 -0400 |
commit | 7fa2d035c9f2051e5e07134522871ea23f85e52c (patch) | |
tree | 75c23b64c8b2592d5e6ac4babde0eb8f09e888e5 | |
parent | ea71f3a00c1749e43cba6b821480a5966bbfc22e (diff) | |
download | openshift-7fa2d035c9f2051e5e07134522871ea23f85e52c.tar.gz openshift-7fa2d035c9f2051e5e07134522871ea23f85e52c.tar.bz2 openshift-7fa2d035c9f2051e5e07134522871ea23f85e52c.tar.xz openshift-7fa2d035c9f2051e5e07134522871ea23f85e52c.zip |
revised and restructured logging role
-rw-r--r-- | roles/openshift_efk/README.md | 9 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/README.md | 10 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/files/logging-deployer-sa.yaml (renamed from roles/openshift_efk/files/logging-deployer-sa.yaml) | 0 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/files/openshift_hosted_logging_efk.yaml | 4 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/tasks/cleanup_logging.yaml | 76 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/tasks/deploy_logging.yaml (renamed from roles/openshift_efk/tasks/main.yaml) | 136 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/tasks/main.yaml | 8 | ||||
-rw-r--r-- | roles/openshift_hosted_logging/vars/main.yaml | 5 |
8 files changed, 135 insertions, 113 deletions
diff --git a/roles/openshift_efk/README.md b/roles/openshift_efk/README.md deleted file mode 100644 index d948dad5d..000000000 --- a/roles/openshift_efk/README.md +++ /dev/null @@ -1,9 +0,0 @@ -###Required vars: - -- kibana_hostname: kibana.example.com -- es_cluster_size: 1 -- master_url: https://localhost:8443 - -###Optional vars: -- logging_secret_vars: (defaults to nothing=/dev/null) kibana.crt=/etc/origin/master/ca.crt kibana.key=/etc/origin/master/ca.key ca.crt=/etc/origin/master/ca.crt ca.key=/etc/origin/master/ca.key -- fluentd_replicas: (defaults to 1) 3 diff --git a/roles/openshift_hosted_logging/README.md b/roles/openshift_hosted_logging/README.md new file mode 100644 index 000000000..b3f363571 --- /dev/null +++ b/roles/openshift_hosted_logging/README.md @@ -0,0 +1,10 @@ +###Required vars: + +- openshift_hosted_logging_hostname: kibana.example.com +- openshift_hosted_logging_elasticsearch_cluster_size: 1 +- openshift_hosted_logging_master_public_url: https://localhost:8443 + +###Optional vars: +- openshift_hosted_logging_secret_vars: (defaults to nothing=/dev/null) kibana.crt=/etc/origin/master/ca.crt kibana.key=/etc/origin/master/ca.key ca.crt=/etc/origin/master/ca.crt ca.key=/etc/origin/master/ca.key +- openshift_hosted_logging_fluentd_replicas: (defaults to 1) 3 +- openshift_hosted_logging_cleanup: (defaults to no) Set this to 'yes' in order to cleanup logging components instead of deploying. diff --git a/roles/openshift_efk/files/logging-deployer-sa.yaml b/roles/openshift_hosted_logging/files/logging-deployer-sa.yaml index 334c9402b..334c9402b 100644 --- a/roles/openshift_efk/files/logging-deployer-sa.yaml +++ b/roles/openshift_hosted_logging/files/logging-deployer-sa.yaml diff --git a/roles/openshift_hosted_logging/files/openshift_hosted_logging_efk.yaml b/roles/openshift_hosted_logging/files/openshift_hosted_logging_efk.yaml new file mode 100644 index 000000000..f55db11ac --- /dev/null +++ b/roles/openshift_hosted_logging/files/openshift_hosted_logging_efk.yaml @@ -0,0 +1,4 @@ +- hosts: my_master_host + roles: + - role: openshift_hosted_logging + openshift_hosted_logging_cleanup: no diff --git a/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml new file mode 100644 index 000000000..23a514ffd --- /dev/null +++ b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml @@ -0,0 +1,76 @@ +--- + + - name: "Checking for logging project" + command: oc get project logging + register: logging_project + failed_when: "'FAILED' in logging_project.stderr" + tags: + - cleanup + + - name: "Changing projects" + command: oc project logging + tags: + - cleanup + - build + + - name: Create temp directory for kubeconfig + command: mktemp -d /tmp/openshift-ansible-XXXXXX + register: mktemp + changed_when: False + + - name: Copy the admin client config(s) + command: > + cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig + changed_when: False + + - name: "Changing projects" + command: oc project logging + tags: + - cleanup + - build + + + - name: "Cleanup any previous logging infrastructure" + command: oc delete --ignore-not-found all --selector logging-infra={{ item }} + with_items: + - kibana + - fluentd + - elasticsearch + ignore_errors: yes + tags: + - cleanup + + + - name: "Cleanup existing support infrastructure" + command: oc delete --ignore-not-found all,sa,oauthclient --selector logging-infra=support + ignore_errors: yes + tags: + - cleanup + + - name: "Cleanup existing secrets" + command: oc delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy + ignore_errors: yes + register: clean_result + failed_when: clean_result.rc == 1 and 'not found' not in clean_result.stderr + tags: + - cleanup + + - name: "Cleanup existing logging deployers" + command: oc delete pods --all + tags: + - cleanup + + - name: "Make sure to remove deployer template" + command: oc delete template logging-deployer-template -n openshift + register: delete_ouput + failed_when: delete_ouput.rc == 1 and 'exists' not in delete_ouput.stderr + tags: + - cleanup + + - name: Delete temp directory + file: + name: "{{ mktemp.stdout }}" + state: absent + changed_when: False + + - debug: msg="Success!" diff --git a/roles/openshift_efk/tasks/main.yaml b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml index aff3d09fb..5d69175ae 100644 --- a/roles/openshift_efk/tasks/main.yaml +++ b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml @@ -1,179 +1,107 @@ --- - - fail: msg="This role requires the following vars to be defined: master_url, kibana_hostname, es_cluster_size" - when: "kibana_hostname is not defined or - es_cluster_size is not defined or - master_url is not defined" - - - name: "Checking for logging project" - command: oc get project logging - register: logging_project - failed_when: "'FAILED' in logging_project.stderr" - tags: - - cleanup + - fail: msg="This role requires the following vars to be defined: openshift_hosted_logging_master_public_url, openshift_hosted_logging_hostname, penshift_hosted_logging_elasticsearchs_cluster_size" + when: "openshift_hosted_logging_hostname is not defined or + penshift_hosted_logging_elasticsearchs_cluster_size is not defined or + openshift_hosted_logging_master_public_url is not defined" + + - name: Create temp directory for kubeconfig + command: mktemp -d /tmp/openshift-ansible-XXXXXX + register: mktemp + changed_when: False + + - name: Copy the admin client config(s) + command: > + cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig + changed_when: False + - name: "Create logging project" command: oadm new-project logging when: logging_project.rc != 0 - tags: - - build + + - name: "Changing projects" command: oc project logging - tags: - - cleanup - - - name: "Cleanup any previous logging infrastructure" - command: oc delete all --selector logging-infra={{ item }} - with_items: - - kibana - - fluentd - - elasticsearch - ignore_errors: yes - tags: - - cleanup - - - name: "Cleanup existing support infrastructure" - command: oc delete all,sa,oauthclient --selector logging-infra=support - ignore_errors: yes - tags: - - cleanup - - - name: "Cleanup existing secrets" - command: oc delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy - ignore_errors: yes - register: clean_result - failed_when: clean_result.rc == 1 and 'not found' not in clean_result.stderr - tags: - - cleanup - - - name: "Cleanup existing logging deployers" - command: oc delete pods --all - tags: - - cleanup - name: "Creating logging deployer secret" - command: oc secrets new logging-deployer {{ logging_secret_vars | default('nothing=/dev/null') }} + command: oc secrets new logging-deployer {{ openshift_hosted_logging_secret_vars | default('nothing=/dev/null') }} register: secret_output failed_when: "secret_output.rc == 1 and 'exists' not in secret_output.stderr" - tags: - - build - name: "Copy serviceAccount file" copy: dest=/tmp/logging-deployer-sa.yaml src={{role_path}}/files/logging-deployer-sa.yaml force=yes - tags: - - build - name: "Create logging-deployer service account" shell: oc create -f /tmp/logging-deployer-sa.yaml register: deployer_output failed_when: "deployer_output.rc == 1 and 'exists' not in deployer_output.stderr" - tags: - - build - name: "Set permissions for logging-deployer service account" command: oc policy add-role-to-user edit system:serviceaccount:logging:logging-deployer register: permiss_output failed_when: "permiss_output.rc == 1 and 'exists' not in permiss_output.stderr" - tags: - - build - name: "Set permissions for fluentd" command: oadm policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd_output failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr" - tags: - - build - name: "Set additional permissions for fluentd" command: oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd2_output failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr" - tags: - - build - - - name: "Make sure to remove stale deployer template" - command: oc delete template logging-deployer-template -n openshift - register: delete_ouput - failed_when: delete_ouput.rc == 1 and 'exists' not in delete_ouput.stderr - tags: - - build - name: "Create deployer template" command: oc create -f /usr/share/openshift/examples/infrastructure-templates/enterprise/logging-deployer.yaml -n openshift register: template_output failed_when: "template_output.rc == 1 and 'exists' not in template_output.stderr" - tags: - - build - - - name: "Clear out any previous pods" - command: oc delete pods --all - tags: - - build - name: "Process the deployer template with an registry other than registry.access.redhat.com" - shell: oc process logging-deployer-template -n openshift -v KIBANA_HOSTNAME={{ kibana_hostname | quote }},ES_CLUSTER_SIZE={{ es_cluster_size | quote }},PUBLIC_MASTER_URL={{ master_url | quote }},IMAGE_PREFIX={{ target_registry | quote }}/ | oc create -f - - when: target_registry is defined - tags: - - build - - - name: "Process the default deployer template" - shell: oc process logging-deployer-template -n openshift -v KIBANA_HOSTNAME={{ kibana_hostname | quote }},ES_CLUSTER_SIZE={{ es_cluster_size | quote }},PUBLIC_MASTER_URL={{ master_url | quote }} | oc create -f - - when: target_registry is not defined - tags: - - build + shell: oc process logging-deployer-template -n openshift -v {{ oc_process_values}} | oc create -f - - name: "Wait for image pull and deployer pod" - action: shell oc get pods | grep logging-deployer.*Completed - register: result - until: result.rc == 0 - retries: 15 - delay: 10 - tags: - - build + shell: oc get pods | grep logging-deployer.*Completed + register: result + until: result.rc == 0 + retries: 15 + delay: 10 - name: "Process support template" shell: oc process logging-support-template | oc create -f - - tags: - - build - name: "Set insecured registry" command: oc annotate is --all openshift.io/image.insecureRepository=true --overwrite when: "target_registry is defined and insecure_registry == 'true'" - tags: - - build - name: "Scale fluentd deployment config" command: oc scale dc/logging-fluentd --replicas={{ fluentd_replicas | default('1') }} - tags: - - build - name: "Wait for imagestreams to become available" - action: shell oc get is | grep logging-fluentd + shell: oc get is | grep logging-fluentd register: result until: result.rc == 0 failed_when: result.rc == 1 and 'not found' not in result.stderr retries: 15 delay: 5 - tags: - - build - name: "Wait for replication controllers to become available" - action: shell oc get rc | grep logging-fluentd-1 + shell: oc get rc | grep logging-fluentd-1 register: result until: result.rc == 0 failed_when: result.rc == 1 and 'not found' not in result.stderr retries: 15 delay: 5 - tags: - - build - name: "Scale fluentd replication controller" command: oc scale rc/logging-fluentd-1 --replicas={{ fluentd_replicas | default('1') }} - tags: - - build - debug: msg="Logging components deployed. Note persistant volume for elasticsearch must be setup manually" - tags: - - build + + - name: Delete temp directory + file: + name: "{{ mktemp.stdout }}" + state: absent + changed_when: False diff --git a/roles/openshift_hosted_logging/tasks/main.yaml b/roles/openshift_hosted_logging/tasks/main.yaml new file mode 100644 index 000000000..aea53804a --- /dev/null +++ b/roles/openshift_hosted_logging/tasks/main.yaml @@ -0,0 +1,8 @@ +--- +- name: Cleanup logging deployment + include: {{ role_path }}/tasks/cleanup_logging.yaml + when: openshift_hosted_logging_cleanup | default(false) | bool + +- name: Deploy logging + include: {{ role_path }}/tasks/deploy_logging.yaml + when: not openshift_hosted_logging_cleanup | default(false) | bool diff --git a/roles/openshift_hosted_logging/vars/main.yaml b/roles/openshift_hosted_logging/vars/main.yaml new file mode 100644 index 000000000..7baef0311 --- /dev/null +++ b/roles/openshift_hosted_logging/vars/main.yaml @@ -0,0 +1,5 @@ +kh_kv: KIBANA_HOSTNAME={{ openshift_hosted_logging_hostname | quote }} +es_cs_kv: ES_CLUSTER_SIZE={{ openshift_hosted_logging_elasticsearch_cluster_size | quote }} +pmu_kv: PUBLIC_MASTER_URL={{ openshift_hosted_logging_master_public_url | quote }} +ip_kv: "{{ 'IMAGE_PREFIX=' ~ target_registry | quote if target_registry is defined else '' }}" +oc_process_values: "{{ kh_kv }} {{ es_cs_kv }} {{ pmu_kv }} {{ ip_kv }}" |