Add support for creating secure router.

* Move openshift_router to openshift_hosted role which will eventually contain registry, metrics and logging. * Adds option for specifying an openshift_hosted_router_certificate cert and key pair. * Removes dependency on node label variables and retrieves the node list from the API s.t. this role can be applied to any cluster with existing nodes. I've added an openshift_hosted playbook that occurs after node install to account for this. * Infrastructure nodes are selected using openshift_hosted_router_selector which is based on deployment type by default; openshift-enterprise -> "region=infra" and online -> "type=infra".
author: Andrew Butcher <abutcher@redhat.com> 2016-04-11 15:45:26 -0400
committer: Andrew Butcher <abutcher@redhat.com> 2016-04-11 15:45:26 -0400
commit: 4ac07696f3db92d1361290c3a0d7b7637d3d1994 (patch)
tree: 58ec00b29f982a9cd78b80bcf4aed1763a91bec3 /roles/openshift_facts
parent: 1bc6b51585c23670fdc08a1df6a89d35cd0b8149 (diff)
download: openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.gz
openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.bz2
openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.xz
openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.zip
1 files changed, 43 insertions, 27 deletions
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 32e608e86..92d650550 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -63,7 +63,16 @@ def migrate_local_facts(facts):
     migrated_facts = copy.deepcopy(facts)
     return migrate_docker_facts(migrated_facts)
 
-
+def migrate_hosted_facts(facts):
+    """ Apply migrations for master facts """
+    if 'master' in facts:
+        if 'router_selector' in facts['master']:
+            if 'hosted' not in facts:
+                facts['hosted'] = {}
+            if 'router' not in facts['hosted']:
+                facts['hosted']['router'] = {}
+            facts['hosted']['router']['selector'] = facts['master'].pop('router_selector')
+    return facts
 
 def first_ip(network):
     """ Return the first IPv4 address in network
@@ -394,7 +403,7 @@ def set_node_schedulability(facts):
                 facts['node']['schedulable'] = True
     return facts
 
-def set_master_selectors(facts):
+def set_selectors(facts):
     """ Set selectors facts if not already present in facts dict
         Args:
             facts (dict): existing facts
@@ -403,16 +412,21 @@ def set_master_selectors(facts):
             facts if they were not already present
 
     """
+    deployment_type = facts['common']['deployment_type']
+    if deployment_type == 'online':
+        selector = "type=infra"
+    else:
+        selector = "region=infra"
+
+    if 'hosted' not in facts:
+        facts['hosted'] = {}
+    if 'router' not in facts['hosted']:
+        facts['hosted']['router'] = {}
+    if 'selector' not in facts['hosted']['router'] or facts['hosted']['router']['selector'] in [None, 'None']:
+        facts['hosted']['router']['selector'] = selector
+
     if 'master' in facts:
         if 'infra_nodes' in facts['master']:
-            deployment_type = facts['common']['deployment_type']
-            if deployment_type == 'online':
-                selector = "type=infra"
-            else:
-                selector = "region=infra"
-
-            if 'router_selector' not in facts['master']:
-                facts['master']['router_selector'] = selector
             if 'registry_selector' not in facts['master']:
                 facts['master']['registry_selector'] = selector
     return facts
@@ -1479,7 +1493,7 @@ class OpenShiftFacts(object):
         facts = set_flannel_facts_if_unset(facts)
         facts = set_nuage_facts_if_unset(facts)
         facts = set_node_schedulability(facts)
-        facts = set_master_selectors(facts)
+        facts = set_selectors(facts)
         facts = set_metrics_facts_if_unset(facts)
         facts = set_identity_providers_if_unset(facts)
         facts = set_sdn_facts_if_unset(facts, self.system_facts)
@@ -1573,23 +1587,25 @@ class OpenShiftFacts(object):
         if 'cloudprovider' in roles:
             defaults['cloudprovider'] = dict(kind=None)
 
-        defaults['hosted'] = dict(
-            registry=dict(
-                storage=dict(
-                    kind=None,
-                    volume=dict(
-                        name='registry',
-                        size='5Gi'
-                    ),
-                    nfs=dict(
-                        directory='/exports',
-                        options='*(rw,root_squash)'),
-                    host=None,
-                    access_modes=['ReadWriteMany'],
-                    create_pv=True
-                )
+        if 'hosted' in roles or self.role == 'hosted':
+            defaults['hosted'] = dict(
+                registry=dict(
+                    storage=dict(
+                        kind=None,
+                        volume=dict(
+                            name='registry',
+                            size='5Gi'
+                        ),
+                        nfs=dict(
+                            directory='/exports',
+                            options='*(rw,root_squash)'),
+                        host=None,
+                        access_modes=['ReadWriteMany'],
+                        create_pv=True
+                    )
+                ),
+                router=dict()
             )
-        )
 
         return defaults
author	Andrew Butcher <abutcher@redhat.com>	2016-04-11 15:45:26 -0400
committer	Andrew Butcher <abutcher@redhat.com>	2016-04-11 15:45:26 -0400
commit	4ac07696f3db92d1361290c3a0d7b7637d3d1994 (patch)
tree	58ec00b29f982a9cd78b80bcf4aed1763a91bec3 /roles/openshift_facts
parent	1bc6b51585c23670fdc08a1df6a89d35cd0b8149 (diff)
download	openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.gz openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.bz2 openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.tar.xz openshift-4ac07696f3db92d1361290c3a0d7b7637d3d1994.zip