summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master/tasks
diff options
context:
space:
mode:
authorJason DeTiberus <jdetiber@redhat.com>2015-02-17 22:33:33 -0500
committerJason DeTiberus <jdetiber@redhat.com>2015-02-24 23:10:37 -0500
commit4ac06057c9a77626bb181c22a5f1adc8014b13d2 (patch)
treec8ab69e2e65de32d2f29771fb47fcce78fe5dd04 /roles/openshift_master/tasks
parent114fcaac2a8f8e3d68baf8945f8991b1da9763ee (diff)
downloadopenshift-4ac06057c9a77626bb181c22a5f1adc8014b13d2.tar.gz
openshift-4ac06057c9a77626bb181c22a5f1adc8014b13d2.tar.bz2
openshift-4ac06057c9a77626bb181c22a5f1adc8014b13d2.tar.xz
openshift-4ac06057c9a77626bb181c22a5f1adc8014b13d2.zip
create openshift_common role
- move common openshift logic into openshift_common - set openshift_common as a dependency for openshift_node and openshift_master - rename role variables to openshift_* to be more descriptive - start recording local_facts on the openshift hosts - clean up firewalld config to be a bit more dry - Update firewall ports for https, make sure http rules are removed - Replace references to ansible_eth0.ipv4.address with ansible_default_ipv4.address
Diffstat (limited to 'roles/openshift_master/tasks')
-rw-r--r--roles/openshift_master/tasks/main.yml52
1 files changed, 24 insertions, 28 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 6f96a6cdb..ea97e42cc 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -1,37 +1,33 @@
---
-# tasks file for openshift_master
-- name: Install Origin
+- name: Install OpenShift Master package
yum: pkg=openshift-master state=installed
- # fixme: Once openshift stops resolving hostnames for node queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
- command: /usr/bin/hostname {{ oo_bind_ip }}
+- name: Set master OpenShift facts
+ include: "{{ role_path | dirname }}/openshift_common/tasks/set_facts.yml"
+ facts:
+ - { section: master, option: debug_level, value: "{{ openshift_master_debug_level }}" }
+ - { section: master, option: public_ip, value: "{{ openshift_public_ip }}" }
+ - { section: master, option: externally_managed, value: "{{ openshift_master_manage_service_externally }}" }
-- name: Configure OpenShift Master settings
+- name: Configure firewall for OpenShift Master
+ include: "{{ role_path | dirname }}/openshift_common/tasks/firewall.yml"
+ allow:
+ - { service: etcd embedded, port: 4001/tcp}
+ - { service: etcd peer, port: 7001/tcp}
+ - { service: OpenShift api https, port: 8443/tcp}
+ - { service: OpenShift web console https, port: 8444/tcp}
+ deny:
+ - { service: OpenShift api http, port: 8080/tcp }
+
+- name: Configure OpenShift settings
lineinfile:
dest: /etc/sysconfig/openshift-master
- regexp: "{{ item.regex }}"
- line: "{{ item.line }}"
- with_items:
- - regex: '^OPTIONS='
- line: "OPTIONS=\"--public-master={{ oo_public_ip }} --nodes={{ oo_node_ips | join(',') }} --loglevel=5\""
+ regexp: '^OPTIONS='
+ line: "OPTIONS=\"--public-master={{ openshift_public_ip }} --nodes={{ openshift_node_ips
+ | join(',') }} --loglevel={{ openshift_master_debug_level }}\""
notify:
- - restart openshift-master
-
-# Open etcd embedded, etcd embedded peer, openshift api, and
-# openshift client ports
-- name: Open firewalld ports for openshift-master
- firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
- with_nested:
- - [ 4001/tcp, 7001/tcp, 8443/tcp, 8444/tcp ]
- - [ true, false ]
-
-# Disable previously exposed ports that are no longer needed
-- name: Close firewalld ports for openshift-master that are no longer needed
- firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
- with_nested:
- - [ 8080/tcp ]
- - [ true, false ]
+ - restart openshift-master
-- name: Enable OpenShift
+- name: Start and enable openshift-master
service: name=openshift-master enabled=yes state=started
+ when: not openshift_master_manage_service_externally