summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node/tasks
diff options
context:
space:
mode:
authorJason DeTiberus <jdetiber@redhat.com>2015-03-23 16:30:49 -0400
committerJhon Honce <jhonce@redhat.com>2015-03-24 11:29:44 -0700
commitd67c5b8f79609d2d3b07cc009f58e3dc988782c5 (patch)
tree9daf6d897dbb60d680f6dd195464e5157eab6953 /roles/openshift_node/tasks
parent461f6c1e07f36238729944a5f769600077ebf0b0 (diff)
downloadopenshift-d67c5b8f79609d2d3b07cc009f58e3dc988782c5.tar.gz
openshift-d67c5b8f79609d2d3b07cc009f58e3dc988782c5.tar.bz2
openshift-d67c5b8f79609d2d3b07cc009f58e3dc988782c5.tar.xz
openshift-d67c5b8f79609d2d3b07cc009f58e3dc988782c5.zip
node registration changes
- Remove default value for openshift_hostname and make it required - Remove workarounds that are no longer needed - Remove resources parameter from openshift_register_node module - pre-create node certificates for each node before registering node - distribute created node certificates to each node - Move node registration logic to a new openshift_register_nodes role - This is because we now have to run the steps on a master as opposed to on the nodes like we were previously doing. - Rename openshift_register_node module to kubernetes_register_node, one more step to genericizing enough for upstreaming, however there are still plenty of openshift specific commands that still need to be genericized.
Diffstat (limited to 'roles/openshift_node/tasks')
-rw-r--r--roles/openshift_node/tasks/main.yml68
1 files changed, 19 insertions, 49 deletions
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index e380ba1fb..c039e3f05 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -1,27 +1,29 @@
---
+- name: Test if node certs and config exist
+ stat: path={{ item }}
+ failed_when: not result.stat.exists
+ register: result
+ with_items:
+ - "{{ cert_path }}"
+ - "{{ cert_path }}/cert.crt"
+ - "{{ cert_path }}/key.key"
+ - "{{ cert_path }}/.kubeconfig"
+ - "{{ cert_path }}/server.crt"
+ - "{{ cert_path }}/server.key"
+ - "{{ cert_parent_path }}/ca/cert.crt"
+ #- "{{ cert_path }}/node.yaml"
+
- name: Install OpenShift Node package
yum: pkg=openshift-node state=installed
-- local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: mktemp
-
-- name: Retrieve OpenShift Master credentials
- local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ openshift_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ {{ mktemp.stdout }}
- ignore_errors: yes
-
-- file: path=/var/lib/openshift/openshift.local.certificates/admin state=directory
-
-- name: Store OpenShift Master credentials
- local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' {{ mktemp.stdout }}/ root@{{ openshift_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
- ignore_errors: yes
-
-- local_action: file name={{ mktemp.stdout }} state=absent
-
+# --create-certs=false is a temporary workaround until
+# https://github.com/openshift/origin/pull/1361 is merged upstream and it is
+# the default for nodes
- name: Configure OpenShift Node settings
lineinfile:
dest: /etc/sysconfig/openshift-node
regexp: '^OPTIONS='
- line: "OPTIONS=\"--master=https://{{ openshift_master_ips[0] }}:8443 --hostname={{ openshift_hostname }} --loglevel={{ openshift_node_debug_level }}\""
+ line: "OPTIONS=\"--hostname={{ openshift_hostname }} --loglevel={{ openshift_node_debug_level }} --create-certs=false\""
notify:
- restart openshift-node
@@ -47,42 +49,10 @@
option: externally_managed
value: "{{ openshift_node_manage_service_externally }}"
-# fixme: Once the openshift_cluster playbook is published state should be started
-# Always bounce service to pick up new credentials
- name: Start and enable openshift-node
- service: name=openshift-node enabled=yes state=restarted
+ service: name=openshift-node enabled=yes state=started
when: not openshift_node_manage_service_externally
- name: Disable openshift-node if openshift-node is managed externally
service: name=openshift-node enabled=false
when: openshift_node_manage_service_externally
-
-# TODO: create an os_vars role that has generic env related config and move
-# the root kubeconfig setting there, cannot use dependencies to force ordering
-# with openshift_node and openshift_master because the way conditional
-# dependencies work with current ansible would also exclude the
-# openshift_common dependency.
-- name: Create .kube directory
- file:
- path: /root/.kube
- state: directory
- mode: 0700
-- name: Configure root user kubeconfig
- command: cp /var/lib/openshift/openshift.local.certificates/admin/.kubeconfig /root/.kube/.kubeconfig
- args:
- creates: /root/.kube/.kubeconfig
-
-- name: Register node (if not already registered)
- openshift_register_node:
- name: "{{ openshift_hostname }}"
- api_version: v1beta1
- cpu: "{{ openshift_node_resources.cpu }}"
- memory: "{{ openshift_node_resources.memory }}"
- pod_cidr: "{{ openshift_node_resources.cidr }}"
- host_ip: "{{ ansible_default_ipv4.address }}"
- labels: "{{ openshift_node_labels }}"
- annotations: "{{ openshift_node_annotations }}"
- # TODO: support customizing other attributes such as: client_config,
- # client_cluster, client_context, client_user
- # TODO: updated for v1beta3 changes after rebase: hostnames, external_ips,
- # internal_ips, external_id