summaryrefslogtreecommitdiffstats
path: root/playbooks/common
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2017-11-21 14:28:32 -0500
committerGitHub <noreply@github.com>2017-11-21 14:28:32 -0500
commitffff1d7465d92e7f5522da11d6fd1ae23c54fdfb (patch)
tree1d6e3abafaeee24c1b84c05d376dcaf70683c885 /playbooks/common
parent33350641a1377c66356f8b4b96a7011607a29b50 (diff)
parent79939ca092b9ee0fe31e5964102c60fca73da568 (diff)
downloadopenshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.gz
openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.bz2
openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.xz
openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.zip
Merge pull request #6145 from mtnbikenc/consolidate-openshift-etcd
Playbook Consolidation - openshift-etcd
Diffstat (limited to 'playbooks/common')
-rw-r--r--playbooks/common/openshift-cluster/config.yml2
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml4
-rw-r--r--playbooks/common/openshift-etcd/ca.yml15
-rw-r--r--playbooks/common/openshift-etcd/certificates.yml4
-rw-r--r--playbooks/common/openshift-etcd/config.yml40
-rw-r--r--playbooks/common/openshift-etcd/embedded2external.yml172
l---------playbooks/common/openshift-etcd/filter_plugins1
l---------playbooks/common/openshift-etcd/lookup_plugins1
-rw-r--r--playbooks/common/openshift-etcd/master_etcd_certificates.yml14
-rw-r--r--playbooks/common/openshift-etcd/migrate.yml169
-rw-r--r--playbooks/common/openshift-etcd/restart.yml27
l---------playbooks/common/openshift-etcd/roles1
-rw-r--r--playbooks/common/openshift-etcd/scaleup.yml83
-rw-r--r--playbooks/common/openshift-etcd/server_certificates.yml15
-rw-r--r--playbooks/common/openshift-master/scaleup.yml2
15 files changed, 4 insertions, 546 deletions
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index ad10ba821..77b7a903f 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -1,7 +1,7 @@
---
- include: ../../openshift-checks/private/install.yml
-- include: ../openshift-etcd/config.yml
+- include: ../../openshift-etcd/private/config.yml
- include: ../../openshift-nfs/private/config.yml
when: groups.oo_nfs_to_config | default([]) | count > 0
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
index 044875d1c..41e19f5d6 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml
@@ -21,7 +21,7 @@
name: etcd
tasks_from: remove_ca_certificates
-- include: ../../openshift-etcd/ca.yml
+- include: ../../../openshift-etcd/private/ca.yml
- name: Create temp directory for syncing certs
hosts: localhost
@@ -45,7 +45,7 @@
etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}"
etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
-- include: ../../openshift-etcd/restart.yml
+- include: ../../../openshift-etcd/private/restart.yml
# Do not restart etcd when etcd certificates were previously expired.
when: ('expired' not in (hostvars
| oo_select_keys(groups['etcd'])
diff --git a/playbooks/common/openshift-etcd/ca.yml b/playbooks/common/openshift-etcd/ca.yml
deleted file mode 100644
index ac5543be9..000000000
--- a/playbooks/common/openshift-etcd/ca.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: Generate new etcd CA
- hosts: oo_first_etcd
- roles:
- - role: openshift_etcd_facts
- tasks:
- - include_role:
- name: etcd
- tasks_from: ca
- vars:
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- when:
- - etcd_ca_setup | default(True) | bool
diff --git a/playbooks/common/openshift-etcd/certificates.yml b/playbooks/common/openshift-etcd/certificates.yml
deleted file mode 100644
index eb6b94f33..000000000
--- a/playbooks/common/openshift-etcd/certificates.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- include: server_certificates.yml
-
-- include: master_etcd_certificates.yml
diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml
deleted file mode 100644
index 3fe483785..000000000
--- a/playbooks/common/openshift-etcd/config.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-- name: etcd Install Checkpoint Start
- hosts: all
- gather_facts: false
- tasks:
- - name: Set etcd install 'In Progress'
- run_once: true
- set_stats:
- data:
- installer_phase_etcd:
- status: "In Progress"
- start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
-
-- include: ca.yml
-
-- include: certificates.yml
-
-- name: Configure etcd
- hosts: oo_etcd_to_config
- any_errors_fatal: true
- roles:
- - role: os_firewall
- - role: openshift_etcd
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - role: nickhammond.logrotate
-
-- name: etcd Install Checkpoint End
- hosts: all
- gather_facts: false
- tasks:
- - name: Set etcd install 'Complete'
- run_once: true
- set_stats:
- data:
- installer_phase_etcd:
- status: "Complete"
- end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}"
diff --git a/playbooks/common/openshift-etcd/embedded2external.yml b/playbooks/common/openshift-etcd/embedded2external.yml
deleted file mode 100644
index b16b78c4f..000000000
--- a/playbooks/common/openshift-etcd/embedded2external.yml
+++ /dev/null
@@ -1,172 +0,0 @@
----
-- name: Pre-migrate checks
- hosts: localhost
- tasks:
- # Check there is only one etcd host
- - assert:
- that: groups.oo_etcd_to_config | default([]) | length == 1
- msg: "[etcd] group must contain only one host"
- # Check there is only one master
- - assert:
- that: groups.oo_masters_to_config | default([]) | length == 1
- msg: "[master] group must contain only one host"
-
-# 1. stop a master
-- name: Prepare masters for etcd data migration
- hosts: oo_first_master
- roles:
- - role: openshift_facts
- tasks:
- - name: Check the master API is ready
- include_role:
- name: openshift_master
- tasks_from: check_master_api_is_ready
- - set_fact:
- master_service: "{{ openshift.common.service_type + '-master' }}"
- embedded_etcd_backup_suffix: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
- - debug:
- msg: "master service name: {{ master_service }}"
- - name: Stop master
- service:
- name: "{{ master_service }}"
- state: stopped
- # 2. backup embedded etcd
- # Can't use with_items with include_role: https://github.com/ansible/ansible/issues/21285
- - include_role:
- name: etcd
- tasks_from: backup
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.archive
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"
-
-# 3. deploy certificates (for etcd and master)
-- include: ca.yml
-
-- include: server_certificates.yml
-
-- name: Backup etcd client certificates for master host
- hosts: oo_first_master
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup_master_etcd_certificates
-
-- name: Redeploy master etcd certificates
- include: master_etcd_certificates.yml
- vars:
- etcd_certificates_redeploy: "{{ true }}"
-
-# 4. deploy external etcd
-- include: ../openshift-etcd/config.yml
-
-# 5. stop external etcd
-- name: Cleanse etcd
- hosts: oo_etcd_to_config[0]
- gather_facts: no
- pre_tasks:
- - include_role:
- name: etcd
- tasks_from: disable_etcd
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - include_role:
- name: etcd
- tasks_from: clean_data
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
-
-# 6. copy the embedded etcd backup to the external host
-# TODO(jchaloup): if the etcd and first master are on the same host, just copy the directory
-- name: Copy embedded etcd backup to the external host
- hosts: localhost
- tasks:
- - name: Create local temp directory for syncing etcd backup
- local_action: command mktemp -d /tmp/etcd_backup-XXXXXXX
- register: g_etcd_client_mktemp
- changed_when: False
- become: no
-
- - include_role:
- name: etcd
- tasks_from: backup.fetch
- vars:
- r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_first_master.0].openshift.common.etcd_runtime }}"
- etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_embedded_etcd: "{{ true }}"
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- delegate_to: "{{ groups.oo_first_master[0] }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.copy
- vars:
- r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.etcd_runtime }}"
- etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- delegate_to: "{{ groups.oo_etcd_to_config[0] }}"
-
- - debug:
- msg: "etcd_backup_dest_directory: {{ g_etcd_client_mktemp.stdout }}"
-
- - name: Delete temporary directory
- local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent
- changed_when: False
- become: no
-
-# 7. force new cluster from the backup
-- name: Force new etcd cluster
- hosts: oo_etcd_to_config[0]
- tasks:
- - include_role:
- name: etcd
- tasks_from: backup.unarchive
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
-
- - include_role:
- name: etcd
- tasks_from: backup.force_new_cluster
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migrate
- r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
-
-# 8. re-configure master to use the external etcd
-- name: Configure master to use external etcd
- hosts: oo_first_master
- tasks:
- - include_role:
- name: openshift_master
- tasks_from: configure_external_etcd
- vars:
- etcd_peer_url_scheme: "https"
- etcd_ip: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.ip }}"
- etcd_peer_port: 2379
-
- # 9. start the master
- - name: Start master
- service:
- name: "{{ master_service }}"
- state: started
- register: service_status
- until: service_status.state is defined and service_status.state == "started"
- retries: 5
- delay: 10
diff --git a/playbooks/common/openshift-etcd/filter_plugins b/playbooks/common/openshift-etcd/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/common/openshift-etcd/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-etcd/lookup_plugins b/playbooks/common/openshift-etcd/lookup_plugins
deleted file mode 120000
index ac79701db..000000000
--- a/playbooks/common/openshift-etcd/lookup_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins \ No newline at end of file
diff --git a/playbooks/common/openshift-etcd/master_etcd_certificates.yml b/playbooks/common/openshift-etcd/master_etcd_certificates.yml
deleted file mode 100644
index 0a25aac57..000000000
--- a/playbooks/common/openshift-etcd/master_etcd_certificates.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: Create etcd client certificates for master hosts
- hosts: oo_masters_to_config
- any_errors_fatal: true
- roles:
- - role: openshift_etcd_facts
- - role: openshift_etcd_client_certificates
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}"
- etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"
- etcd_cert_prefix: "master.etcd-"
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
diff --git a/playbooks/common/openshift-etcd/migrate.yml b/playbooks/common/openshift-etcd/migrate.yml
deleted file mode 100644
index 31362f2f6..000000000
--- a/playbooks/common/openshift-etcd/migrate.yml
+++ /dev/null
@@ -1,169 +0,0 @@
----
-- name: Check if the master has embedded etcd
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tags:
- - always
- tasks:
- - fail:
- msg: "Migration of an embedded etcd is not supported. Please, migrate the embedded etcd into an external etcd first."
- when:
- - groups.oo_etcd_to_config | default([]) | length == 0
-
-- name: Run pre-checks
- hosts: oo_etcd_to_migrate
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.pre_check
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ ansible_default_ipv4.address }}"
-
-# TODO: This will be different for release-3.6 branch
-- name: Prepare masters for etcd data migration
- hosts: oo_masters_to_config
- tasks:
- - set_fact:
- master_services:
- - "{{ openshift.common.service_type + '-master-controllers' }}"
- - "{{ openshift.common.service_type + '-master-api' }}"
- - debug:
- msg: "master service name: {{ master_services }}"
- - name: Stop masters
- service:
- name: "{{ item }}"
- state: stopped
- with_items: "{{ master_services }}"
-
-- name: Backup v2 data
- hosts: oo_etcd_to_migrate
- gather_facts: no
- roles:
- - role: openshift_facts
- post_tasks:
- - include_role:
- name: etcd
- tasks_from: backup
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- r_etcd_common_backup_tag: pre-migration
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
-
-- name: Gate on etcd backup
- hosts: localhost
- connection: local
- become: no
- tasks:
- - set_fact:
- etcd_backup_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_migrate)
- | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
- - set_fact:
- etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) | list }}"
- - fail:
- msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
- when:
- - etcd_backup_failed | length > 0
-
-- name: Stop etcd
- hosts: oo_etcd_to_migrate
- gather_facts: no
- pre_tasks:
- - include_role:
- name: etcd
- tasks_from: disable_etcd
- vars:
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
-
-- name: Migrate data on first etcd
- hosts: oo_etcd_to_migrate[0]
- gather_facts: no
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
-
-- name: Clean data stores on remaining etcd hosts
- hosts: oo_etcd_to_migrate[1:]
- gather_facts: no
- tasks:
- - include_role:
- name: etcd
- tasks_from: clean_data
- vars:
- r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
- etcd_peer: "{{ openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
- - name: Add etcd hosts
- delegate_to: localhost
- add_host:
- name: "{{ item }}"
- groups: oo_new_etcd_to_config
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: "{{ groups.oo_etcd_to_migrate[1:] | default([]) }}"
- changed_when: no
- - name: Set success
- set_fact:
- r_etcd_migrate_success: true
-
-- include: ./scaleup.yml
-
-- name: Gate on etcd migration
- hosts: oo_masters_to_config
- gather_facts: no
- tasks:
- - set_fact:
- etcd_migration_completed: "{{ hostvars
- | oo_select_keys(groups.oo_etcd_to_migrate)
- | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
- - set_fact:
- etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) | list }}"
-
-- name: Add TTLs on the first master
- hosts: oo_first_master[0]
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.add_ttls
- vars:
- etcd_peer: "{{ hostvars[groups.oo_etcd_to_migrate.0].openshift.common.ip }}"
- etcd_url_scheme: "https"
- etcd_peer_url_scheme: "https"
- when: etcd_migration_failed | length == 0
-
-- name: Configure masters if etcd data migration is succesfull
- hosts: oo_masters_to_config
- tasks:
- - include_role:
- name: etcd
- tasks_from: migrate.configure_master
- when: etcd_migration_failed | length == 0
- - debug:
- msg: "Skipping master re-configuration since migration failed."
- when:
- - etcd_migration_failed | length > 0
- - name: Start master services
- service:
- name: "{{ item }}"
- state: started
- register: service_status
- # Sometimes the master-api, resp. master-controllers fails to start for the first time
- until: service_status.state is defined and service_status.state == "started"
- retries: 5
- delay: 10
- with_items: "{{ master_services[::-1] }}"
- - fail:
- msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
- when:
- - etcd_migration_failed | length > 0
diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml
deleted file mode 100644
index 5eaea5ae8..000000000
--- a/playbooks/common/openshift-etcd/restart.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Restart etcd
- hosts: oo_etcd_to_config
- serial: 1
- tasks:
- - name: restart etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: restarted
- when:
- - not g_etcd_certificates_expired | default(false) | bool
-
-- name: Restart etcd
- hosts: oo_etcd_to_config
- tasks:
- - name: stop etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: stopped
- when:
- - g_etcd_certificates_expired | default(false) | bool
- - name: start etcd
- service:
- name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
- state: started
- when:
- - g_etcd_certificates_expired | default(false) | bool
diff --git a/playbooks/common/openshift-etcd/roles b/playbooks/common/openshift-etcd/roles
deleted file mode 120000
index e2b799b9d..000000000
--- a/playbooks/common/openshift-etcd/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles/ \ No newline at end of file
diff --git a/playbooks/common/openshift-etcd/scaleup.yml b/playbooks/common/openshift-etcd/scaleup.yml
deleted file mode 100644
index 20061366c..000000000
--- a/playbooks/common/openshift-etcd/scaleup.yml
+++ /dev/null
@@ -1,83 +0,0 @@
----
-- name: Gather facts
- hosts: oo_etcd_to_config:oo_new_etcd_to_config
- roles:
- - openshift_etcd_facts
- post_tasks:
- - set_fact:
- etcd_hostname: "{{ etcd_hostname }}"
- etcd_ip: "{{ etcd_ip }}"
-
-- name: Configure etcd
- hosts: oo_new_etcd_to_config
- serial: 1
- any_errors_fatal: true
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- pre_tasks:
- - name: Add new etcd members to cluster
- command: >
- /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
- --key-file {{ etcd_peer_key_file }}
- --ca-file {{ etcd_peer_ca_file }}
- -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }}
- member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}
- delegate_to: "{{ etcd_ca_host }}"
- failed_when:
- - etcd_add_check.rc == 1
- - ("peerURL exists" not in etcd_add_check.stderr)
- register: etcd_add_check
- retries: 3
- delay: 10
- until: etcd_add_check.rc == 0
- - include_role:
- name: etcd
- tasks_from: server_certificates
- vars:
- etcd_peers: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_new_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- roles:
- - role: os_firewall
- when: etcd_add_check.rc == 0
- - role: openshift_etcd
- when: etcd_add_check.rc == 0
- etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_initial_cluster_state: "existing"
- etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}"
- etcd_ca_setup: False
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
- - role: nickhammond.logrotate
- when: etcd_add_check.rc == 0
- post_tasks:
- - name: Verify cluster is stable
- command: >
- /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }}
- --key-file {{ etcd_peer_key_file }}
- --ca-file {{ etcd_peer_ca_file }}
- -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_hostname }}:{{ etcd_client_port }}
- cluster-health
- register: scaleup_health
- retries: 3
- delay: 30
- until: scaleup_health.rc == 0
-
-- name: Update master etcd client urls
- hosts: oo_masters_to_config
- serial: 1
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- openshift_master_etcd_hosts: "{{ hostvars
- | oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) ))
- | oo_collect('openshift.common.hostname')
- | default(none, true) }}"
- openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
- roles:
- - role: openshift_master_facts
- post_tasks:
- - include_role:
- name: openshift_master
- tasks_from: update_etcd_client_urls
diff --git a/playbooks/common/openshift-etcd/server_certificates.yml b/playbooks/common/openshift-etcd/server_certificates.yml
deleted file mode 100644
index 10e06747b..000000000
--- a/playbooks/common/openshift-etcd/server_certificates.yml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-- name: Create etcd server certificates for etcd hosts
- hosts: oo_etcd_to_config
- any_errors_fatal: true
- roles:
- - role: openshift_etcd_facts
- post_tasks:
- - include_role:
- name: etcd
- tasks_from: server_certificates
- vars:
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
- etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
- r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml
index 4c415ebce..cc0196e5b 100644
--- a/playbooks/common/openshift-master/scaleup.yml
+++ b/playbooks/common/openshift-master/scaleup.yml
@@ -46,7 +46,7 @@
- include: ../openshift-master/set_network_facts.yml
-- include: ../openshift-etcd/certificates.yml
+- include: ../../openshift-etcd/private/certificates.yml
- include: ../openshift-master/config.yml