diff options
-rw-r--r-- | lookup_plugins/oo_option.py | 27 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml | 2 | ||||
-rw-r--r-- | playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml | 26 | ||||
-rw-r--r-- | playbooks/libvirt/openshift-cluster/templates/domain.xml | 3 | ||||
-rw-r--r-- | playbooks/libvirt/openshift-cluster/terminate.yml | 12 | ||||
-rw-r--r-- | playbooks/libvirt/openshift-cluster/update.yml | 4 | ||||
-rw-r--r-- | roles/etcd/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_cli/library/openshift_container_binary_sync.py | 131 | ||||
-rw-r--r-- | roles/openshift_cli/tasks/main.yml | 22 | ||||
-rw-r--r-- | roles/openshift_cli/templates/openshift.j2 | 28 | ||||
-rw-r--r-- | roles/openshift_master/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_node/tasks/main.yml | 8 |
12 files changed, 176 insertions, 91 deletions
diff --git a/lookup_plugins/oo_option.py b/lookup_plugins/oo_option.py index 3fc46ab9b..bca545771 100644 --- a/lookup_plugins/oo_option.py +++ b/lookup_plugins/oo_option.py @@ -33,15 +33,6 @@ except ImportError: def get_basedir(self, variables): return self.basedir -# pylint: disable=no-name-in-module,import-error -try: - # ansible-2.0 - from ansible import template -except ImportError: - # ansible 1.9.x - from ansible.utils import template - - # Reason: disable too-few-public-methods because the `run` method is the only # one required by the Ansible API # Status: permanently disabled @@ -65,28 +56,16 @@ class LookupModule(LookupBase): # which is not used # Status: permanently disabled unless Ansible API evolves # pylint: disable=unused-argument - def run(self, terms, inject=None, **kwargs): + def run(self, terms, variables, **kwargs): ''' Main execution path ''' - try: - terms = template.template(self.basedir, terms, inject) - # Reason: disable broad-except to really ignore any potential exception - # This is inspired by the upstream "env" lookup plugin: - # https://github.com/ansible/ansible/blob/devel/v1/ansible/runner/lookup_plugins/env.py#L29 - # pylint: disable=broad-except - except Exception: - pass - - if isinstance(terms, basestring): - terms = [terms] - ret = [] for term in terms: option_name = term.split()[0] cli_key = 'cli_' + option_name - if inject and cli_key in inject: - ret.append(inject[cli_key]) + if 'vars' in variables and cli_key in variables['vars']: + ret.append(variables['vars'][cli_key]) elif option_name in os.environ: ret.append(os.environ[option_name]) else: diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml index a27b62971..a32123952 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml @@ -163,6 +163,8 @@ - name: Verify containers are available for upgrade command: > docker pull {{ openshift.common.cli_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: openshift.common.is_containerized | bool - name: Check latest available OpenShift RPM version diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index 833586ffa..cc34d0ef9 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -39,14 +39,14 @@ file: dest: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/' state: directory - with_items: instances + with_items: '{{ instances }}' - name: Create the cloud-init config drive files template: src: '{{ item[1] }}' dest: '{{ libvirt_storage_pool_path }}/{{ item[0] }}_configdrive/{{ item[1] }}' with_nested: - - instances + - '{{ instances }}' - [ user-data, meta-data ] - name: Create the cloud-init config drive @@ -54,18 +54,18 @@ args: chdir: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/' creates: '{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso' - with_items: instances + with_items: '{{ instances }}' - name: Refresh the libvirt storage pool for openshift command: 'virsh -c {{ libvirt_uri }} pool-refresh {{ libvirt_storage_pool }}' - name: Create VM drives command: 'virsh -c {{ libvirt_uri }} vol-create-as {{ libvirt_storage_pool }} {{ item }}.qcow2 10G --format qcow2 --backing-vol {{ image_name }} --backing-vol-format qcow2' - with_items: instances + with_items: '{{ instances }}' - name: Create VM docker drives command: 'virsh -c {{ libvirt_uri }} vol-create-as {{ libvirt_storage_pool }} {{ item }}-docker.qcow2 10G --format qcow2 --allocation 0' - with_items: instances + with_items: '{{ instances }}' - name: Create VMs virt: @@ -73,14 +73,14 @@ command: define xml: "{{ lookup('template', '../templates/domain.xml') }}" uri: '{{ libvirt_uri }}' - with_items: instances + with_items: '{{ instances }}' - name: Start VMs virt: name: '{{ item }}' state: running uri: '{{ libvirt_uri }}' - with_items: instances + with_items: '{{ instances }}' - name: Wait for the VMs to get an IP shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases {{ libvirt_network }} | egrep -c ''{{ instances | join("|") }}''' @@ -93,7 +93,7 @@ - name: Collect IP addresses of the VMs shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases {{ libvirt_network }} | awk ''$6 == "{{ item }}" {gsub(/\/.*/, "", $5); print $5}''' register: scratch_ip - with_items: instances + with_items: '{{ instances }}' - set_fact: ips: "{{ scratch_ip.results | default([]) | oo_collect('stdout') }}" @@ -117,14 +117,14 @@ groups: "tag_environment-{{ cluster_env }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}, tag_clusterid-{{ cluster_id }}" openshift_node_labels: "{{ node_label }}" with_together: - - instances - - ips + - '{{ instances }}' + - '{{ ips }}' - name: Wait for ssh wait_for: host: '{{ item }}' port: 22 - with_items: ips + with_items: '{{ ips }}' - name: Wait for openshift user setup command: 'ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null openshift@{{ item.1 }} echo openshift user is setup' @@ -133,5 +133,5 @@ retries: 30 delay: 1 with_together: - - instances - - ips + - '{{ instances }}' + - '{{ ips }}'
\ No newline at end of file diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index b645a791a..88504a5f6 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -19,6 +19,9 @@ <apic/> <pae/> </features> + <cpu mode='host-model'> + <model fallback='allow'/> + </cpu> <clock offset='utc'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml index baef911f9..df5c52f2d 100644 --- a/playbooks/libvirt/openshift-cluster/terminate.yml +++ b/playbooks/libvirt/openshift-cluster/terminate.yml @@ -15,7 +15,7 @@ groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_become: "{{ deployment_vars[deployment_type].become }}" - with_items: groups[cluster_group] | default([]) + with_items: '{{ groups[cluster_group] | default([]) }}' - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -42,30 +42,30 @@ command: '{{ item[1] }}' uri: '{{ libvirt_uri }}' with_nested: - - groups['oo_hosts_to_terminate'] + - "{{ groups['oo_hosts_to_terminate'] }}" - [ destroy, undefine ] - name: Delete VM drives command: 'virsh -c {{ libvirt_uri }} vol-delete --pool {{ libvirt_storage_pool }} {{ item }}.qcow2' args: removes: '{{ libvirt_storage_pool_path }}/{{ item }}.qcow2' - with_items: groups['oo_hosts_to_terminate'] + with_items: "{{ groups['oo_hosts_to_terminate'] }}" - name: Delete VM docker drives command: 'virsh -c {{ libvirt_uri }} vol-delete --pool {{ libvirt_storage_pool }} {{ item }}-docker.qcow2' args: removes: '{{ libvirt_storage_pool_path }}/{{ item }}-docker.qcow2' - with_items: groups['oo_hosts_to_terminate'] + with_items: "{{ groups['oo_hosts_to_terminate'] }}" - name: Delete the VM cloud-init image file: path: '{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso' state: absent - with_items: groups['oo_hosts_to_terminate'] + with_items: "{{ groups['oo_hosts_to_terminate'] }}" - name: Remove the cloud-init config directory file: path: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/' state: absent - with_items: groups['oo_hosts_to_terminate'] + with_items: "{{ groups['oo_hosts_to_terminate'] }}" diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml index 28362c984..a152135fc 100644 --- a/playbooks/libvirt/openshift-cluster/update.yml +++ b/playbooks/libvirt/openshift-cluster/update.yml @@ -7,7 +7,7 @@ - add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: g_all_hosts + with_items: '{{ g_all_hosts }}' - hosts: l_oo_all_hosts gather_facts: no @@ -30,7 +30,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_become: "{{ deployment_vars[deployment_type].become }}" - with_items: g_all_hosts | default([]) + with_items: '{{ g_all_hosts | default([]) }}' - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 71735dc25..75d40216d 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -12,6 +12,8 @@ - name: Pull etcd container command: docker pull {{ openshift.etcd.etcd_image }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: etcd_is_containerized | bool - name: Install etcd container service file diff --git a/roles/openshift_cli/library/openshift_container_binary_sync.py b/roles/openshift_cli/library/openshift_container_binary_sync.py new file mode 100644 index 000000000..fd290c6fc --- /dev/null +++ b/roles/openshift_cli/library/openshift_container_binary_sync.py @@ -0,0 +1,131 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# vim: expandtab:tabstop=4:shiftwidth=4 +# pylint: disable=missing-docstring,invalid-name +# + +import random +import tempfile +import shutil +import os.path + +# pylint: disable=redefined-builtin,wildcard-import,unused-wildcard-import +from ansible.module_utils.basic import * + + +DOCUMENTATION = ''' +--- +module: openshift_container_binary_sync +short_description: Copies OpenShift binaries out of the given image tag to host system. +''' + + +class BinarySyncError(Exception): + def __init__(self, msg): + super(BinarySyncError, self).__init__(msg) + self.msg = msg + + +# pylint: disable=too-few-public-methods +class BinarySyncer(object): + """ + Syncs the openshift, oc, oadm, and kubectl binaries/symlinks out of + a container onto the host system. + """ + + def __init__(self, module, image, tag): + self.module = module + self.changed = False + self.output = [] + self.bin_dir = '/usr/local/bin' + self.image = image + self.tag = tag + self.temp_dir = None # TBD + + def sync(self): + container_name = "openshift-cli-%s" % random.randint(1, 100000) + rc, stdout, stderr = self.module.run_command(['docker', 'create', '--name', + container_name, '%s:%s' % (self.image, self.tag)]) + if rc: + raise BinarySyncError("Error creating temporary docker container. stdout=%s, stderr=%s" % + (stdout, stderr)) + self.output.append(stdout) + try: + self.temp_dir = tempfile.mkdtemp() + self.output.append("Using temp dir: %s" % self.temp_dir) + + rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/openshift" % container_name, + self.temp_dir]) + if rc: + raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" % + (stdout, stderr)) + + rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/oc" % container_name, + self.temp_dir]) + if rc: + raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" % + (stdout, stderr)) + + self._sync_binary('openshift') + + # In older versions, oc was a symlink to openshift: + if os.path.islink(os.path.join(self.temp_dir, 'oc')): + self._sync_symlink('oc', 'openshift') + else: + self._sync_binary('oc') + + # Ensure correct symlinks created: + self._sync_symlink('kubectl', 'openshift') + self._sync_symlink('oadm', 'openshift') + finally: + shutil.rmtree(self.temp_dir) + self.module.run_command(['docker', 'rm', container_name]) + + def _sync_symlink(self, binary_name, link_to): + """ Ensure the given binary name exists and links to the expected binary. """ + link_path = os.path.join(self.bin_dir, binary_name) + link_dest = os.path.join(self.bin_dir, binary_name) + if not os.path.exists(link_path) or \ + not os.path.islink(link_path) or \ + os.path.realpath(link_path) != os.path.realpath(link_dest): + if os.path.exists(link_path): + os.remove(link_path) + os.symlink(link_to, os.path.join(self.bin_dir, binary_name)) + self.output.append("Symlinked %s to %s." % (link_path, link_dest)) + self.changed = True + + def _sync_binary(self, binary_name): + src_path = os.path.join(self.temp_dir, binary_name) + dest_path = os.path.join(self.bin_dir, binary_name) + incoming_checksum = self.module.run_command(['sha256sum', src_path])[1] + if not os.path.exists(dest_path) or self.module.run_command(['sha256sum', dest_path])[1] != incoming_checksum: + shutil.move(src_path, dest_path) + self.output.append("Moved %s to %s." % (src_path, dest_path)) + self.changed = True + + +def main(): + module = AnsibleModule( + argument_spec=dict( + image=dict(required=True), + tag=dict(required=True), + ), + supports_check_mode=True + ) + + image = module.params['image'] + tag = module.params['tag'] + + binary_syncer = BinarySyncer(module, image, tag) + + try: + binary_syncer.sync() + except BinarySyncError as ex: + module.fail_json(msg=ex.msg) + + return module.exit_json(changed=binary_syncer.changed, + output=binary_syncer.output) + + +if __name__ == '__main__': + main() diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 4d6219b94..11c73b25c 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -6,24 +6,14 @@ - name: Pull CLI Image command: > docker pull {{ openshift.common.cli_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: openshift.common.is_containerized | bool -- name: Create /usr/local/bin/openshift cli wrapper - template: - src: openshift.j2 - dest: /usr/local/bin/openshift - mode: 0755 - when: openshift.common.is_containerized | bool - -- name: Create client symlinks - file: - path: "{{ item }}" - state: link - src: /usr/local/bin/openshift - with_items: - - /usr/local/bin/oadm - - /usr/local/bin/oc - - /usr/local/bin/kubectl +- name: Copy client binaries/symlinks out of CLI image for use on the host + openshift_container_binary_sync: + image: "{{ openshift.common.cli_image }}" + tag: "{{ openshift_image_tag }}" when: openshift.common.is_containerized | bool - name: Reload facts to pick up installed OpenShift version diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 deleted file mode 100644 index 7786acead..000000000 --- a/roles/openshift_cli/templates/openshift.j2 +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -if [ ! -d ~/.kube ]; then - mkdir -m 0700 ~/.kube -fi -cmd=`basename $0` -user=`id -u` -group=`id -g` -image_tag="{{ openshift_image_tag }}" - ->&2 echo """ -================================================================================ -ATTENTION: You are running ${cmd} via a wrapper around 'docker run {{ openshift.common.cli_image }}:${image_tag}'. -This wrapper is intended only to be used to bootstrap an environment. Please -install client tools on another host once you have granted cluster-admin -privileges to a user. -{% if openshift.common.deployment_type in ['openshift-enterprise','atomic-enterprise'] %} -See https://docs.openshift.com/enterprise/latest/cli_reference/get_started_cli.html -{% else %} -See https://docs.openshift.org/latest/cli_reference/get_started_cli.html -{% endif %} -================================================================================= -""" - -if [ -n "$image_tag" ]; then - image_tag=":$image_tag" -fi - -docker run -i --privileged --net=host --user=${user}:${group} -v ~/.kube:/root/.kube -v /tmp:/tmp -v {{ openshift.common.config_base}}:{{ openshift.common.config_base }} -e KUBECONFIG=/root/.kube/config --entrypoint ${cmd} --rm {{ openshift.common.cli_image }}${image_tag} "${@}" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 7a80ed8e3..5c6c64018 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -30,6 +30,8 @@ - name: Pull master image command: > docker pull {{ openshift.master.master_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: openshift.common.is_containerized | bool - name: Create openshift.common.data_dir diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 97a21544d..889541e25 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -41,11 +41,15 @@ - name: Pull node image command: > docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: openshift.common.is_containerized | bool - name: Pull OpenVSwitch image command: > docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool - name: Install the systemd units @@ -129,12 +133,12 @@ service: name={{ openshift.common.service_type }}-node enabled=yes state=started register: node_start_result ignore_errors: yes - + - name: Wait 30 seconds for docker initialization whenever node has failed pause: seconds: 30 when: node_start_result | failed - + - name: Start and enable node again service: name={{ openshift.common.service_type }}-node enabled=yes state=started register: node_start_result |