summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--playbooks/common/openshift-master/config.yml72
-rw-r--r--roles/openshift_cli/defaults/main.yml1
-rw-r--r--roles/openshift_cli/tasks/main.yml5
-rw-r--r--roles/openshift_cli/templates/openshift.j24
-rw-r--r--roles/openshift_docker/tasks/main.yml2
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py12
-rw-r--r--roles/openshift_master/tasks/main.yml2
7 files changed, 79 insertions, 19 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 125aab0ae..17afbb48c 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -156,6 +156,29 @@
- master.etcd-ca.crt
when: etcd_client_certs_missing is defined and etcd_client_certs_missing
+# Must be run before generating master certs which involved openshift_cli role and needs
+# to pull down the correct docker container:
+- name: Determine openshift_version to install on first master
+ hosts: oo_first_master
+ any_errors_fatal: true
+ tasks:
+ - debug: var=openshift.common
+ - debug: var=openshift_image_tag
+ - debug: var=openshift_release
+ - name: Determine version to configure if containerized and release specified
+ set_fact:
+ openshift_version: "{{ openshift_release }}"
+ when: openshift.common.is_containerized | bool and openshift_release is defined
+ - name: Determine version to configure if containerized and image tag specified
+ set_fact:
+ openshift_version: "{{ openshift_image_tag.split('v',1)[1] }}"
+ when: openshift.common.is_containerized | bool and openshift_image_tag is defined
+ - name: Determine version to configure if already installed
+ set_fact:
+ openshift_version: "{{ openshift.common.version }}"
+ when: openshift.common.is_containerized | bool and openshift.common.version is defined
+ - debug: var=openshift_version
+
- name: Determine if master certificates need to be generated
hosts: oo_first_master:oo_masters_to_config
tasks:
@@ -337,8 +360,50 @@
with_items: openshift_master_named_certificates
when: named_certs_specified | bool
-- name: Configure master instances
- hosts: oo_masters_to_config
+- name: Configure first master instances
+ hosts: oo_first_master
+ any_errors_fatal: true
+ serial: 1
+ vars:
+ sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
+ openshift_master_ha: "{{ openshift.master.ha }}"
+ openshift_master_count: "{{ openshift.master.master_count }}"
+ openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
+ openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
+ openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+ openshift_version: "{{ g_openshift_version_requested }}"
+ when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
+ openshift_generate_no_proxy_hosts | default(True) | bool }}"
+ pre_tasks:
+ - name: Ensure certificate directory exists
+ file:
+ path: "{{ openshift.common.config_base }}/master"
+ state: directory
+ when: master_certs_missing | bool and 'oo_first_master' not in group_names
+ - name: Unarchive the tarball on the master
+ unarchive:
+ src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz"
+ dest: "{{ master_cert_config_dir }}"
+ when: master_certs_missing | bool and 'oo_first_master' not in group_names
+ - debug: var=openshift_version
+ roles:
+ - openshift_master
+ - role: nickhammond.logrotate
+ - role: nuage_master
+ when: openshift.common.use_nuage | bool
+ post_tasks:
+ - name: Create group for deployment type
+ group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}
+ changed_when: False
+
+# TODO: This is a copy paste of the oo_first_master, how do we reconcile the code but change openshift_version?
+- name: Configure remaining master instances
+ hosts: oo_masters_to_config[1:]
any_errors_fatal: true
serial: 1
vars:
@@ -353,7 +418,8 @@
| union(groups['oo_etcd_to_config'] | default([])))
| oo_collect('openshift.common.hostname') | default([]) | join (',')
}}"
- when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
+ openshift_version: "{{ g_openshift_version_requested }}"
+ when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
openshift_generate_no_proxy_hosts | default(True) | bool }}"
pre_tasks:
- name: Ensure certificate directory exists
diff --git a/roles/openshift_cli/defaults/main.yml b/roles/openshift_cli/defaults/main.yml
index 7baa87ab8..ed97d539c 100644
--- a/roles/openshift_cli/defaults/main.yml
+++ b/roles/openshift_cli/defaults/main.yml
@@ -1,2 +1 @@
---
-openshift_version: "{{ openshift_image_tag | default(openshift.docker.openshift_image_tag | default('')) }}"
diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml
index a2be95eac..95711f95d 100644
--- a/roles/openshift_cli/tasks/main.yml
+++ b/roles/openshift_cli/tasks/main.yml
@@ -1,9 +1,6 @@
---
- debug: var=openshift_version
-- debug: var=openshift_release
-- debug: var=openshift_image_tag
- debug: var=openshift.common
-- debug: var=openshift.docker
- name: Install clients
action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present"
@@ -11,7 +8,7 @@
- name: Pull CLI Image
command: >
- docker pull {{ openshift.common.cli_image }}:{{ openshift_version }}
+ docker pull {{ openshift.common.cli_image }}:v{{ openshift_version }}
when: openshift.common.is_containerized | bool
- name: Create /usr/local/bin/openshift cli wrapper
diff --git a/roles/openshift_cli/templates/openshift.j2 b/roles/openshift_cli/templates/openshift.j2
index 437e08aab..501796b0b 100644
--- a/roles/openshift_cli/templates/openshift.j2
+++ b/roles/openshift_cli/templates/openshift.j2
@@ -5,14 +5,14 @@ fi
cmd=`basename $0`
user=`id -u`
group=`id -g`
-image_tag={{ openshift_version }}
+image_tag=v{{ openshift_version }}
>&2 echo """
================================================================================
ATTENTION: You are running ${cmd} via a wrapper around 'docker run {{ openshift.common.cli_image }}:${image_tag}'.
This wrapper is intended only to be used to bootstrap an environment. Please
install client tools on another host once you have granted cluster-admin
-privileges to a user.
+privileges to a user.
{% if openshift.common.deployment_type in ['openshift-enterprise','atomic-enterprise'] %}
See https://docs.openshift.com/enterprise/latest/cli_reference/get_started_cli.html
{% else %}
diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml
index cff1c6bb4..79efb193b 100644
--- a/roles/openshift_docker/tasks/main.yml
+++ b/roles/openshift_docker/tasks/main.yml
@@ -17,6 +17,8 @@
register: cli_image_version
when: is_containerized | bool and openshift_image_tag is not defined and (upgrading | bool or not has_image_tag_fact | bool)
+- debug: var=cli_image_version
+
# Use the pre-existing image tag from system facts if present, and we're not upgrading.
# Ignores explicit openshift_image_tag if it's in the inventory, as this isn't an upgrade.
- set_fact:
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index b13343776..6127948bf 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1133,15 +1133,9 @@ def get_openshift_version(facts):
if os.path.isfile('/usr/bin/openshift'):
_, output, _ = module.run_command(['/usr/bin/openshift', 'version'])
version = parse_openshift_version(output)
-
- # openshift_facts runs before openshift_docker_facts. However, it will be
- # called again and set properly throughout the playbook run. This could be
- # refactored to simply set the openshift.common.version in the
- # openshift_docker_facts role but it would take reworking some assumptions
- # on how get_openshift_version is called.
- if 'is_containerized' in facts['common'] and safe_get_bool(facts['common']['is_containerized']):
- if 'docker' in facts and 'openshift_version' in facts['docker']:
- version = facts['docker']['openshift_version']
+ elif os.path.isfile('/usr/local/bin/openshift'):
+ _, output, _ = module.run_command(['/usr/local/bin/openshift', 'version'])
+ version = parse_openshift_version(output)
return version
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 56ce0e396..0cbb49758 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -1,6 +1,8 @@
---
# TODO: add ability to configure certificates given either a local file to
# point to or certificate contents, set in default cert locations.
+- debug: var=openshift_version
+- fail:
# Authentication Variable Validation
# TODO: validate the different identity provider kinds as well