summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--playbooks/common/openshift-cluster/config.yml2
-rw-r--r--roles/ansible_service_broker/tasks/main.yml2
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py2
-rw-r--r--roles/openshift_logging/tasks/install_logging.yaml4
-rw-r--r--roles/openshift_master/tasks/systemd_units.yml11
-rw-r--r--roles/openshift_sanitize_inventory/tasks/main.yml18
-rw-r--r--roles/openshift_service_catalog/tasks/generate_certs.yml2
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml8
-rw-r--r--roles/openshift_service_catalog/tasks/remove.yml6
-rw-r--r--roles/template_service_broker/tasks/main.yml2
10 files changed, 43 insertions, 14 deletions
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 244787985..3b4d6f9a6 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -27,7 +27,7 @@
when: openshift_logging_install_logging | default(false) | bool
- include: service_catalog.yml
- when: openshift_enable_service_catalog | default(false) | bool
+ when: openshift_enable_service_catalog | default(true) | bool
- include: ../openshift-management/config.yml
when: openshift_management_install_management | default(false) | bool
diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml
index d8695bd3a..2ed156728 100644
--- a/roles/ansible_service_broker/tasks/main.yml
+++ b/roles/ansible_service_broker/tasks/main.yml
@@ -2,7 +2,7 @@
# do any asserts here
- include: install.yml
- when: ansible_service_broker_install | default(false) | bool
+ when: ansible_service_broker_install | default(true) | bool
- include: remove.yml
when: ansible_service_broker_remove | default(false) | bool
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 33028fea4..a88945538 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1289,7 +1289,7 @@ def get_container_openshift_version(facts):
If containerized, see if we can determine the installed version via the
systemd environment files.
"""
- for filename in ['/etc/sysconfig/%s-master', '/etc/sysconfig/%s-node']:
+ for filename in ['/etc/sysconfig/%s-master-controllers', '/etc/sysconfig/%s-node']:
env_path = filename % facts['common']['service_type']
if not os.path.exists(env_path):
continue
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml
index b98e281a3..cec295d65 100644
--- a/roles/openshift_logging/tasks/install_logging.yaml
+++ b/roles/openshift_logging/tasks/install_logging.yaml
@@ -78,7 +78,7 @@
generated_certs_dir: "{{openshift.common.config_base}}/logging"
openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_deployment_name: "{{ outer_item.0.name }}"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim.claimName if outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim is defined else openshift_logging_es_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"
openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
@@ -136,7 +136,7 @@
generated_certs_dir: "{{openshift.common.config_base}}/logging"
openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_deployment_name: "{{ outer_item.0.name }}"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim.claimName if outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim is defined else openshift_logging_es_ops_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
openshift_logging_elasticsearch_ops_deployment: true
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"
diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml
index 5751723ab..8420dfb8c 100644
--- a/roles/openshift_master/tasks/systemd_units.yml
+++ b/roles/openshift_master/tasks/systemd_units.yml
@@ -58,6 +58,17 @@
- l_create_ha_unit_files | changed
# end workaround for missing systemd unit files
+- name: enable master services
+ systemd:
+ name: "{{ openshift.common.service_type }}-master-{{ item }}"
+ enabled: yes
+ with_items:
+ - api
+ - controllers
+ when:
+ - openshift.master.cluster_method == "native"
+ - not openshift.common.is_master_system_container | bool
+
- name: Preserve Master API Proxy Config options
command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api
register: l_master_api_proxy
diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml
index a6c168bc7..70b236033 100644
--- a/roles/openshift_sanitize_inventory/tasks/main.yml
+++ b/roles/openshift_sanitize_inventory/tasks/main.yml
@@ -69,3 +69,21 @@
- openshift_clusterid is not defined
- openshift_cloudprovider_kind is defined
- openshift_cloudprovider_kind == 'aws'
+
+- name: Ensure ansible_service_broker_remove and ansible_service_broker_install are mutually exclusive
+ fail:
+ msg: >
+ Ensure ansible_service_broker_remove and ansible_service_broker_install are mutually exclusive,
+ do not set both to true. ansible_service_broker_install defaults to true.
+ when:
+ - ansible_service_broker_remove | default(false) | bool
+ - ansible_service_broker_install | default(true) | bool
+
+- name: Ensure template_service_broker_remove and template_service_broker_install are mutually exclusive
+ fail:
+ msg: >
+ Ensure that template_service_broker_remove and template_service_broker_install are mutually exclusive,
+ do not set both to true. template_service_broker_remove defaults to true.
+ when:
+ - template_service_broker_remove | default(false) | bool
+ - template_service_broker_install | default(true) | bool
diff --git a/roles/openshift_service_catalog/tasks/generate_certs.yml b/roles/openshift_service_catalog/tasks/generate_certs.yml
index 9d55185c8..cd7bda2c6 100644
--- a/roles/openshift_service_catalog/tasks/generate_certs.yml
+++ b/roles/openshift_service_catalog/tasks/generate_certs.yml
@@ -60,7 +60,7 @@
register: apiserver_ca
- shell: >
- oc get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
register: get_apiservices
changed_when: no
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
index 0641483cd..3507330e3 100644
--- a/roles/openshift_service_catalog/tasks/install.yml
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -38,7 +38,7 @@
- name: Make kube-service-catalog project network global
command: >
- oc adm pod-network make-projects-global kube-service-catalog
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog
- include: generate_certs.yml
@@ -93,7 +93,7 @@
# only do this if we don't already have the updated role info
- name: update edit role for service catalog and pod preset access
command: >
- oc replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
when:
- not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
@@ -116,7 +116,7 @@
# only do this if we don't already have the updated role info
- name: update admin role for service catalog and pod preset access
command: >
- oc replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
when:
- not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
@@ -139,7 +139,7 @@
# only do this if we don't already have the updated role info
- name: update view role for service catalog access
command: >
- oc replace -f {{ mktemp.stdout }}/view_sc_patch.yml
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/view_sc_patch.yml
when:
- not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])
diff --git a/roles/openshift_service_catalog/tasks/remove.yml b/roles/openshift_service_catalog/tasks/remove.yml
index ca9844e79..a832e1f85 100644
--- a/roles/openshift_service_catalog/tasks/remove.yml
+++ b/roles/openshift_service_catalog/tasks/remove.yml
@@ -1,7 +1,7 @@
---
- name: Remove Service Catalog APIServer
command: >
- oc delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog
# TODO: this module doesn't currently remove this
#- name: Remove service catalog api service
@@ -48,7 +48,7 @@
- name: Remove Service Catalog kube-system Role Bindinds
shell: >
- oc process kube-system-service-catalog-role-bindings -n kube-system | oc delete --ignore-not-found -f -
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process kube-system-service-catalog-role-bindings -n kube-system | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f -
- oc_obj:
kind: template
@@ -58,7 +58,7 @@
- name: Remove Service Catalog kube-service-catalog Role Bindinds
shell: >
- oc process service-catalog-role-bindings -n kube-service-catalog | oc delete --ignore-not-found -f -
+ {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process service-catalog-role-bindings -n kube-service-catalog | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f -
- oc_obj:
kind: template
diff --git a/roles/template_service_broker/tasks/main.yml b/roles/template_service_broker/tasks/main.yml
index d7ca970c7..da8aa291b 100644
--- a/roles/template_service_broker/tasks/main.yml
+++ b/roles/template_service_broker/tasks/main.yml
@@ -2,7 +2,7 @@
# do any asserts here
- include: install.yml
- when: template_service_broker_install | default(false) | bool
+ when: template_service_broker_install | default(true) | bool
- include: remove.yml
when: template_service_broker_remove | default(false) | bool