diff options
author | Scott Dodson <sdodson@redhat.com> | 2017-11-21 14:28:32 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-21 14:28:32 -0500 |
commit | ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb (patch) | |
tree | 1d6e3abafaeee24c1b84c05d376dcaf70683c885 /playbooks/common | |
parent | 33350641a1377c66356f8b4b96a7011607a29b50 (diff) | |
parent | 79939ca092b9ee0fe31e5964102c60fca73da568 (diff) | |
download | openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.gz openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.bz2 openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.tar.xz openshift-ffff1d7465d92e7f5522da11d6fd1ae23c54fdfb.zip |
Merge pull request #6145 from mtnbikenc/consolidate-openshift-etcd
Playbook Consolidation - openshift-etcd
Diffstat (limited to 'playbooks/common')
-rw-r--r-- | playbooks/common/openshift-cluster/config.yml | 2 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml | 4 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/ca.yml | 15 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/certificates.yml | 4 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/config.yml | 40 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/embedded2external.yml | 172 | ||||
l--------- | playbooks/common/openshift-etcd/filter_plugins | 1 | ||||
l--------- | playbooks/common/openshift-etcd/lookup_plugins | 1 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/master_etcd_certificates.yml | 14 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/migrate.yml | 169 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/restart.yml | 27 | ||||
l--------- | playbooks/common/openshift-etcd/roles | 1 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/scaleup.yml | 83 | ||||
-rw-r--r-- | playbooks/common/openshift-etcd/server_certificates.yml | 15 | ||||
-rw-r--r-- | playbooks/common/openshift-master/scaleup.yml | 2 |
15 files changed, 4 insertions, 546 deletions
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index ad10ba821..77b7a903f 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,7 +1,7 @@ --- - include: ../../openshift-checks/private/install.yml -- include: ../openshift-etcd/config.yml +- include: ../../openshift-etcd/private/config.yml - include: ../../openshift-nfs/private/config.yml when: groups.oo_nfs_to_config | default([]) | count > 0 diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml index 044875d1c..41e19f5d6 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/etcd-ca.yml @@ -21,7 +21,7 @@ name: etcd tasks_from: remove_ca_certificates -- include: ../../openshift-etcd/ca.yml +- include: ../../../openshift-etcd/private/ca.yml - name: Create temp directory for syncing certs hosts: localhost @@ -45,7 +45,7 @@ etcd_sync_cert_dir: "{{ hostvars['localhost'].g_etcd_mktemp.stdout }}" etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" -- include: ../../openshift-etcd/restart.yml +- include: ../../../openshift-etcd/private/restart.yml # Do not restart etcd when etcd certificates were previously expired. when: ('expired' not in (hostvars | oo_select_keys(groups['etcd']) diff --git a/playbooks/common/openshift-etcd/ca.yml b/playbooks/common/openshift-etcd/ca.yml deleted file mode 100644 index ac5543be9..000000000 --- a/playbooks/common/openshift-etcd/ca.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Generate new etcd CA - hosts: oo_first_etcd - roles: - - role: openshift_etcd_facts - tasks: - - include_role: - name: etcd - tasks_from: ca - vars: - etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}" - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" - when: - - etcd_ca_setup | default(True) | bool diff --git a/playbooks/common/openshift-etcd/certificates.yml b/playbooks/common/openshift-etcd/certificates.yml deleted file mode 100644 index eb6b94f33..000000000 --- a/playbooks/common/openshift-etcd/certificates.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- include: server_certificates.yml - -- include: master_etcd_certificates.yml diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml deleted file mode 100644 index 3fe483785..000000000 --- a/playbooks/common/openshift-etcd/config.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -- name: etcd Install Checkpoint Start - hosts: all - gather_facts: false - tasks: - - name: Set etcd install 'In Progress' - run_once: true - set_stats: - data: - installer_phase_etcd: - status: "In Progress" - start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" - -- include: ca.yml - -- include: certificates.yml - -- name: Configure etcd - hosts: oo_etcd_to_config - any_errors_fatal: true - roles: - - role: os_firewall - - role: openshift_etcd - etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}" - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - - role: nickhammond.logrotate - -- name: etcd Install Checkpoint End - hosts: all - gather_facts: false - tasks: - - name: Set etcd install 'Complete' - run_once: true - set_stats: - data: - installer_phase_etcd: - status: "Complete" - end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" diff --git a/playbooks/common/openshift-etcd/embedded2external.yml b/playbooks/common/openshift-etcd/embedded2external.yml deleted file mode 100644 index b16b78c4f..000000000 --- a/playbooks/common/openshift-etcd/embedded2external.yml +++ /dev/null @@ -1,172 +0,0 @@ ---- -- name: Pre-migrate checks - hosts: localhost - tasks: - # Check there is only one etcd host - - assert: - that: groups.oo_etcd_to_config | default([]) | length == 1 - msg: "[etcd] group must contain only one host" - # Check there is only one master - - assert: - that: groups.oo_masters_to_config | default([]) | length == 1 - msg: "[master] group must contain only one host" - -# 1. stop a master -- name: Prepare masters for etcd data migration - hosts: oo_first_master - roles: - - role: openshift_facts - tasks: - - name: Check the master API is ready - include_role: - name: openshift_master - tasks_from: check_master_api_is_ready - - set_fact: - master_service: "{{ openshift.common.service_type + '-master' }}" - embedded_etcd_backup_suffix: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" - - debug: - msg: "master service name: {{ master_service }}" - - name: Stop master - service: - name: "{{ master_service }}" - state: stopped - # 2. backup embedded etcd - # Can't use with_items with include_role: https://github.com/ansible/ansible/issues/21285 - - include_role: - name: etcd - tasks_from: backup - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_embedded_etcd: "{{ true }}" - r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}" - - - include_role: - name: etcd - tasks_from: backup.archive - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_embedded_etcd: "{{ true }}" - r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}" - -# 3. deploy certificates (for etcd and master) -- include: ca.yml - -- include: server_certificates.yml - -- name: Backup etcd client certificates for master host - hosts: oo_first_master - tasks: - - include_role: - name: etcd - tasks_from: backup_master_etcd_certificates - -- name: Redeploy master etcd certificates - include: master_etcd_certificates.yml - vars: - etcd_certificates_redeploy: "{{ true }}" - -# 4. deploy external etcd -- include: ../openshift-etcd/config.yml - -# 5. stop external etcd -- name: Cleanse etcd - hosts: oo_etcd_to_config[0] - gather_facts: no - pre_tasks: - - include_role: - name: etcd - tasks_from: disable_etcd - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - - include_role: - name: etcd - tasks_from: clean_data - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - -# 6. copy the embedded etcd backup to the external host -# TODO(jchaloup): if the etcd and first master are on the same host, just copy the directory -- name: Copy embedded etcd backup to the external host - hosts: localhost - tasks: - - name: Create local temp directory for syncing etcd backup - local_action: command mktemp -d /tmp/etcd_backup-XXXXXXX - register: g_etcd_client_mktemp - changed_when: False - become: no - - - include_role: - name: etcd - tasks_from: backup.fetch - vars: - r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_first_master.0].openshift.common.etcd_runtime }}" - etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_embedded_etcd: "{{ true }}" - r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}" - delegate_to: "{{ groups.oo_first_master[0] }}" - - - include_role: - name: etcd - tasks_from: backup.copy - vars: - r_etcd_common_etcd_runtime: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.etcd_runtime }}" - etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}" - delegate_to: "{{ groups.oo_etcd_to_config[0] }}" - - - debug: - msg: "etcd_backup_dest_directory: {{ g_etcd_client_mktemp.stdout }}" - - - name: Delete temporary directory - local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent - changed_when: False - become: no - -# 7. force new cluster from the backup -- name: Force new etcd cluster - hosts: oo_etcd_to_config[0] - tasks: - - include_role: - name: etcd - tasks_from: backup.unarchive - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}" - - - include_role: - name: etcd - tasks_from: backup.force_new_cluster - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - r_etcd_common_backup_tag: pre-migrate - r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}" - etcd_peer: "{{ openshift.common.ip }}" - etcd_url_scheme: "https" - etcd_peer_url_scheme: "https" - -# 8. re-configure master to use the external etcd -- name: Configure master to use external etcd - hosts: oo_first_master - tasks: - - include_role: - name: openshift_master - tasks_from: configure_external_etcd - vars: - etcd_peer_url_scheme: "https" - etcd_ip: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.ip }}" - etcd_peer_port: 2379 - - # 9. start the master - - name: Start master - service: - name: "{{ master_service }}" - state: started - register: service_status - until: service_status.state is defined and service_status.state == "started" - retries: 5 - delay: 10 diff --git a/playbooks/common/openshift-etcd/filter_plugins b/playbooks/common/openshift-etcd/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/common/openshift-etcd/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/lookup_plugins b/playbooks/common/openshift-etcd/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/common/openshift-etcd/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/master_etcd_certificates.yml b/playbooks/common/openshift-etcd/master_etcd_certificates.yml deleted file mode 100644 index 0a25aac57..000000000 --- a/playbooks/common/openshift-etcd/master_etcd_certificates.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Create etcd client certificates for master hosts - hosts: oo_masters_to_config - any_errors_fatal: true - roles: - - role: openshift_etcd_facts - - role: openshift_etcd_client_certificates - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}" - etcd_cert_config_dir: "{{ openshift.common.config_base }}/master" - etcd_cert_prefix: "master.etcd-" - openshift_ca_host: "{{ groups.oo_first_master.0 }}" - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config diff --git a/playbooks/common/openshift-etcd/migrate.yml b/playbooks/common/openshift-etcd/migrate.yml deleted file mode 100644 index 31362f2f6..000000000 --- a/playbooks/common/openshift-etcd/migrate.yml +++ /dev/null @@ -1,169 +0,0 @@ ---- -- name: Check if the master has embedded etcd - hosts: localhost - connection: local - become: no - gather_facts: no - tags: - - always - tasks: - - fail: - msg: "Migration of an embedded etcd is not supported. Please, migrate the embedded etcd into an external etcd first." - when: - - groups.oo_etcd_to_config | default([]) | length == 0 - -- name: Run pre-checks - hosts: oo_etcd_to_migrate - tasks: - - include_role: - name: etcd - tasks_from: migrate.pre_check - vars: - r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}" - etcd_peer: "{{ ansible_default_ipv4.address }}" - -# TODO: This will be different for release-3.6 branch -- name: Prepare masters for etcd data migration - hosts: oo_masters_to_config - tasks: - - set_fact: - master_services: - - "{{ openshift.common.service_type + '-master-controllers' }}" - - "{{ openshift.common.service_type + '-master-api' }}" - - debug: - msg: "master service name: {{ master_services }}" - - name: Stop masters - service: - name: "{{ item }}" - state: stopped - with_items: "{{ master_services }}" - -- name: Backup v2 data - hosts: oo_etcd_to_migrate - gather_facts: no - roles: - - role: openshift_facts - post_tasks: - - include_role: - name: etcd - tasks_from: backup - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - r_etcd_common_backup_tag: pre-migration - r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}" - r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" - -- name: Gate on etcd backup - hosts: localhost - connection: local - become: no - tasks: - - set_fact: - etcd_backup_completed: "{{ hostvars - | oo_select_keys(groups.oo_etcd_to_migrate) - | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}" - - set_fact: - etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) | list }}" - - fail: - msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}" - when: - - etcd_backup_failed | length > 0 - -- name: Stop etcd - hosts: oo_etcd_to_migrate - gather_facts: no - pre_tasks: - - include_role: - name: etcd - tasks_from: disable_etcd - vars: - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - -- name: Migrate data on first etcd - hosts: oo_etcd_to_migrate[0] - gather_facts: no - tasks: - - include_role: - name: etcd - tasks_from: migrate - vars: - r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}" - etcd_peer: "{{ openshift.common.ip }}" - etcd_url_scheme: "https" - etcd_peer_url_scheme: "https" - -- name: Clean data stores on remaining etcd hosts - hosts: oo_etcd_to_migrate[1:] - gather_facts: no - tasks: - - include_role: - name: etcd - tasks_from: clean_data - vars: - r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}" - etcd_peer: "{{ openshift.common.ip }}" - etcd_url_scheme: "https" - etcd_peer_url_scheme: "https" - - name: Add etcd hosts - delegate_to: localhost - add_host: - name: "{{ item }}" - groups: oo_new_etcd_to_config - ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" - ansible_become: "{{ g_sudo | default(omit) }}" - with_items: "{{ groups.oo_etcd_to_migrate[1:] | default([]) }}" - changed_when: no - - name: Set success - set_fact: - r_etcd_migrate_success: true - -- include: ./scaleup.yml - -- name: Gate on etcd migration - hosts: oo_masters_to_config - gather_facts: no - tasks: - - set_fact: - etcd_migration_completed: "{{ hostvars - | oo_select_keys(groups.oo_etcd_to_migrate) - | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}" - - set_fact: - etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) | list }}" - -- name: Add TTLs on the first master - hosts: oo_first_master[0] - tasks: - - include_role: - name: etcd - tasks_from: migrate.add_ttls - vars: - etcd_peer: "{{ hostvars[groups.oo_etcd_to_migrate.0].openshift.common.ip }}" - etcd_url_scheme: "https" - etcd_peer_url_scheme: "https" - when: etcd_migration_failed | length == 0 - -- name: Configure masters if etcd data migration is succesfull - hosts: oo_masters_to_config - tasks: - - include_role: - name: etcd - tasks_from: migrate.configure_master - when: etcd_migration_failed | length == 0 - - debug: - msg: "Skipping master re-configuration since migration failed." - when: - - etcd_migration_failed | length > 0 - - name: Start master services - service: - name: "{{ item }}" - state: started - register: service_status - # Sometimes the master-api, resp. master-controllers fails to start for the first time - until: service_status.state is defined and service_status.state == "started" - retries: 5 - delay: 10 - with_items: "{{ master_services[::-1] }}" - - fail: - msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}" - when: - - etcd_migration_failed | length > 0 diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml deleted file mode 100644 index 5eaea5ae8..000000000 --- a/playbooks/common/openshift-etcd/restart.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Restart etcd - hosts: oo_etcd_to_config - serial: 1 - tasks: - - name: restart etcd - service: - name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" - state: restarted - when: - - not g_etcd_certificates_expired | default(false) | bool - -- name: Restart etcd - hosts: oo_etcd_to_config - tasks: - - name: stop etcd - service: - name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" - state: stopped - when: - - g_etcd_certificates_expired | default(false) | bool - - name: start etcd - service: - name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}" - state: started - when: - - g_etcd_certificates_expired | default(false) | bool diff --git a/playbooks/common/openshift-etcd/roles b/playbooks/common/openshift-etcd/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/playbooks/common/openshift-etcd/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/scaleup.yml b/playbooks/common/openshift-etcd/scaleup.yml deleted file mode 100644 index 20061366c..000000000 --- a/playbooks/common/openshift-etcd/scaleup.yml +++ /dev/null @@ -1,83 +0,0 @@ ---- -- name: Gather facts - hosts: oo_etcd_to_config:oo_new_etcd_to_config - roles: - - openshift_etcd_facts - post_tasks: - - set_fact: - etcd_hostname: "{{ etcd_hostname }}" - etcd_ip: "{{ etcd_ip }}" - -- name: Configure etcd - hosts: oo_new_etcd_to_config - serial: 1 - any_errors_fatal: true - vars: - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - pre_tasks: - - name: Add new etcd members to cluster - command: > - /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }} - --key-file {{ etcd_peer_key_file }} - --ca-file {{ etcd_peer_ca_file }} - -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }} - member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }} - delegate_to: "{{ etcd_ca_host }}" - failed_when: - - etcd_add_check.rc == 1 - - ("peerURL exists" not in etcd_add_check.stderr) - register: etcd_add_check - retries: 3 - delay: 10 - until: etcd_add_check.rc == 0 - - include_role: - name: etcd - tasks_from: server_certificates - vars: - etcd_peers: "{{ groups.oo_new_etcd_to_config | default([], true) }}" - etcd_certificates_etcd_hosts: "{{ groups.oo_new_etcd_to_config | default([], true) }}" - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - roles: - - role: os_firewall - when: etcd_add_check.rc == 0 - - role: openshift_etcd - when: etcd_add_check.rc == 0 - etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}" - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" - etcd_initial_cluster_state: "existing" - etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}" - etcd_ca_setup: False - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" - - role: nickhammond.logrotate - when: etcd_add_check.rc == 0 - post_tasks: - - name: Verify cluster is stable - command: > - /usr/bin/etcdctl --cert-file {{ etcd_peer_cert_file }} - --key-file {{ etcd_peer_key_file }} - --ca-file {{ etcd_peer_ca_file }} - -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_hostname }}:{{ etcd_client_port }} - cluster-health - register: scaleup_health - retries: 3 - delay: 30 - until: scaleup_health.rc == 0 - -- name: Update master etcd client urls - hosts: oo_masters_to_config - serial: 1 - vars: - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - openshift_ca_host: "{{ groups.oo_first_master.0 }}" - openshift_master_etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) )) - | oo_collect('openshift.common.hostname') - | default(none, true) }}" - openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}" - roles: - - role: openshift_master_facts - post_tasks: - - include_role: - name: openshift_master - tasks_from: update_etcd_client_urls diff --git a/playbooks/common/openshift-etcd/server_certificates.yml b/playbooks/common/openshift-etcd/server_certificates.yml deleted file mode 100644 index 10e06747b..000000000 --- a/playbooks/common/openshift-etcd/server_certificates.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Create etcd server certificates for etcd hosts - hosts: oo_etcd_to_config - any_errors_fatal: true - roles: - - role: openshift_etcd_facts - post_tasks: - - include_role: - name: etcd - tasks_from: server_certificates - vars: - etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" - etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}" - etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" - r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}" diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml index 4c415ebce..cc0196e5b 100644 --- a/playbooks/common/openshift-master/scaleup.yml +++ b/playbooks/common/openshift-master/scaleup.yml @@ -46,7 +46,7 @@ - include: ../openshift-master/set_network_facts.yml -- include: ../openshift-etcd/certificates.yml +- include: ../../openshift-etcd/private/certificates.yml - include: ../openshift-master/config.yml |