diff options
-rw-r--r-- | playbooks/common/openshift-master/config.yml | 72 | ||||
-rw-r--r-- | roles/openshift_cli/defaults/main.yml | 1 | ||||
-rw-r--r-- | roles/openshift_cli/tasks/main.yml | 5 | ||||
-rw-r--r-- | roles/openshift_cli/templates/openshift.j2 | 4 | ||||
-rw-r--r-- | roles/openshift_docker/tasks/main.yml | 2 | ||||
-rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 12 | ||||
-rw-r--r-- | roles/openshift_master/tasks/main.yml | 2 |
7 files changed, 79 insertions, 19 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 125aab0ae..17afbb48c 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -156,6 +156,29 @@ - master.etcd-ca.crt when: etcd_client_certs_missing is defined and etcd_client_certs_missing +# Must be run before generating master certs which involved openshift_cli role and needs +# to pull down the correct docker container: +- name: Determine openshift_version to install on first master + hosts: oo_first_master + any_errors_fatal: true + tasks: + - debug: var=openshift.common + - debug: var=openshift_image_tag + - debug: var=openshift_release + - name: Determine version to configure if containerized and release specified + set_fact: + openshift_version: "{{ openshift_release }}" + when: openshift.common.is_containerized | bool and openshift_release is defined + - name: Determine version to configure if containerized and image tag specified + set_fact: + openshift_version: "{{ openshift_image_tag.split('v',1)[1] }}" + when: openshift.common.is_containerized | bool and openshift_image_tag is defined + - name: Determine version to configure if already installed + set_fact: + openshift_version: "{{ openshift.common.version }}" + when: openshift.common.is_containerized | bool and openshift.common.version is defined + - debug: var=openshift_version + - name: Determine if master certificates need to be generated hosts: oo_first_master:oo_masters_to_config tasks: @@ -337,8 +360,50 @@ with_items: openshift_master_named_certificates when: named_certs_specified | bool -- name: Configure master instances - hosts: oo_masters_to_config +- name: Configure first master instances + hosts: oo_first_master + any_errors_fatal: true + serial: 1 + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_master_ha: "{{ openshift.master.ha }}" + openshift_master_count: "{{ openshift.master.master_count }}" + openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}" + openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}" + openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}" + openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + | union(groups['oo_masters_to_config']) + | union(groups['oo_etcd_to_config'] | default([]))) + | oo_collect('openshift.common.hostname') | default([]) | join (',') + }}" + openshift_version: "{{ g_openshift_version_requested }}" + when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and + openshift_generate_no_proxy_hosts | default(True) | bool }}" + pre_tasks: + - name: Ensure certificate directory exists + file: + path: "{{ openshift.common.config_base }}/master" + state: directory + when: master_certs_missing | bool and 'oo_first_master' not in group_names + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" + dest: "{{ master_cert_config_dir }}" + when: master_certs_missing | bool and 'oo_first_master' not in group_names + - debug: var=openshift_version + roles: + - openshift_master + - role: nickhammond.logrotate + - role: nuage_master + when: openshift.common.use_nuage | bool + post_tasks: + - name: Create group for deployment type + group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }} + changed_when: False + +# TODO: This is a copy paste of the oo_first_master, how do we reconcile the code but change openshift_version? +- name: Configure remaining master instances + hosts: oo_masters_to_config[1:] any_errors_fatal: true serial: 1 vars: @@ -353,7 +418,8 @@ | union(groups['oo_etcd_to_config'] | default([]))) | oo_collect('openshift.common.hostname') | default([]) | join (',') }}" - when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and + openshift_version: "{{ g_openshift_version_requested }}" + when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and openshift_generate_no_proxy_hosts | default(True) | bool }}" pre_tasks: - name: Ensure certificate directory exists diff --git a/roles/openshift_cli/defaults/main.yml b/roles/openshift_cli/defaults/main.yml index 7baa87ab8..ed97d539c 100644 --- a/roles/openshift_cli/defaults/main.yml +++ b/roles/openshift_cli/defaults/main.yml @@ -1,2 +1 @@ --- -openshift_version: "{{ openshift_image_tag | default(openshift.docker.openshift_image_tag | default('')) }}" diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index a2be95eac..95711f95d 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -1,9 +1,6 @@ --- - debug: var=openshift_version -- debug: var=openshift_release -- debug: var=openshift_image_tag - debug: var=openshift.common -- debug: var=openshift.docker - name: Install clients action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present" @@ -11,7 +8,7 @@ - name: Pull CLI Image command: > - docker pull {{ openshift.common.cli_image }}:{{ openshift_version }} + docker pull {{ openshift.common.cli_image }}:v{{ openshift_version }} when: openshift.common.is_containerized | bool - name: Create /usr/local/bin/openshift cli wrapper diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2 index 437e08aab..501796b0b 100644 --- a/roles/openshift_cli/templates/openshift.j2 +++ b/roles/openshift_cli/templates/openshift.j2 @@ -5,14 +5,14 @@ fi cmd=`basename $0` user=`id -u` group=`id -g` -image_tag={{ openshift_version }} +image_tag=v{{ openshift_version }} >&2 echo """ ================================================================================ ATTENTION: You are running ${cmd} via a wrapper around 'docker run {{ openshift.common.cli_image }}:${image_tag}'. This wrapper is intended only to be used to bootstrap an environment. Please install client tools on another host once you have granted cluster-admin -privileges to a user. +privileges to a user. {% if openshift.common.deployment_type in ['openshift-enterprise','atomic-enterprise'] %} See https://docs.openshift.com/enterprise/latest/cli_reference/get_started_cli.html {% else %} diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml index cff1c6bb4..79efb193b 100644 --- a/roles/openshift_docker/tasks/main.yml +++ b/roles/openshift_docker/tasks/main.yml @@ -17,6 +17,8 @@ register: cli_image_version when: is_containerized | bool and openshift_image_tag is not defined and (upgrading | bool or not has_image_tag_fact | bool) +- debug: var=cli_image_version + # Use the pre-existing image tag from system facts if present, and we're not upgrading. # Ignores explicit openshift_image_tag if it's in the inventory, as this isn't an upgrade. - set_fact: diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index b13343776..6127948bf 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1133,15 +1133,9 @@ def get_openshift_version(facts): if os.path.isfile('/usr/bin/openshift'): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) version = parse_openshift_version(output) - - # openshift_facts runs before openshift_docker_facts. However, it will be - # called again and set properly throughout the playbook run. This could be - # refactored to simply set the openshift.common.version in the - # openshift_docker_facts role but it would take reworking some assumptions - # on how get_openshift_version is called. - if 'is_containerized' in facts['common'] and safe_get_bool(facts['common']['is_containerized']): - if 'docker' in facts and 'openshift_version' in facts['docker']: - version = facts['docker']['openshift_version'] + elif os.path.isfile('/usr/local/bin/openshift'): + _, output, _ = module.run_command(['/usr/local/bin/openshift', 'version']) + version = parse_openshift_version(output) return version diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 56ce0e396..0cbb49758 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -1,6 +1,8 @@ --- # TODO: add ability to configure certificates given either a local file to # point to or certificate contents, set in default cert locations. +- debug: var=openshift_version +- fail: # Authentication Variable Validation # TODO: validate the different identity provider kinds as well |