diff options
-rw-r--r-- | inventory/byo/hosts.origin.example | 2 | ||||
-rw-r--r-- | inventory/byo/hosts.ose.example | 2 | ||||
-rw-r--r-- | roles/lib_openshift/library/oc_adm_registry.py | 8 | ||||
-rw-r--r-- | roles/lib_openshift/src/class/oc_adm_registry.py | 8 | ||||
-rw-r--r-- | roles/nuage_master/tasks/main.yaml | 9 | ||||
-rw-r--r-- | roles/nuage_master/tasks/serviceaccount.yml | 14 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/generate_secrets.yaml | 6 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/install_elasticsearch.yaml | 4 | ||||
-rw-r--r-- | roles/openshift_logging/templates/pvc.j2 | 2 | ||||
-rw-r--r-- | roles/openshift_metrics/tasks/install_cassandra.yaml | 2 | ||||
-rw-r--r-- | roles/openshift_metrics/templates/pvc.j2 | 2 | ||||
-rw-r--r-- | roles/openshift_metrics/vars/main.yaml | 1 |
12 files changed, 42 insertions, 18 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index bb9f4706a..76b1f3691 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -540,7 +540,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # # Configure loggingPublicURL in the master config for aggregate logging, defaults # to https://kibana.{{ openshift_master_default_subdomain }} -#openshift_master_logging_public_url=https://kibana.example.com +#openshift_hosted_logging_hostname=https://kibana.example.com # Configure the number of elastic search nodes, unless you're using dynamic provisioning # this value must be 1 #openshift_hosted_logging_elasticsearch_cluster_size=1 diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 12a1b3991..39e9488d5 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -541,7 +541,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # # Configure loggingPublicURL in the master config for aggregate logging, defaults # to https://kibana.{{ openshift_master_default_subdomain }} -#openshift_master_logging_public_url=https://kibana.example.com +#openshift_hosted_logging_hostname=https://kibana.example.com # Configure the number of elastic search nodes, unless you're using dynamic provisioning # this value must be 1 #openshift_hosted_logging_elasticsearch_cluster_size=1 diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py index c398c5551..9eb268388 100644 --- a/roles/lib_openshift/library/oc_adm_registry.py +++ b/roles/lib_openshift/library/oc_adm_registry.py @@ -2235,8 +2235,8 @@ class Registry(OpenShiftCLI): ''' prepared_registry property ''' if not self.__prepared_registry: results = self.prepare_registry() - if not results: - raise RegistryException('Could not perform registry preparation.') + if not results or ('returncode' in results and results['returncode'] != 0): + raise RegistryException('Could not perform registry preparation. {}'.format(results)) self.__prepared_registry = results return self.__prepared_registry @@ -2301,8 +2301,8 @@ class Registry(OpenShiftCLI): # probably need to parse this # pylint thinks results is a string # pylint: disable=no-member - if results['returncode'] != 0 and 'items' in results['results']: - return results + if results['returncode'] != 0 and 'items' not in results['results']: + raise RegistryException('Could not perform registry preparation. {}'.format(results)) service = None deploymentconfig = None diff --git a/roles/lib_openshift/src/class/oc_adm_registry.py b/roles/lib_openshift/src/class/oc_adm_registry.py index c083cd179..25519c9c9 100644 --- a/roles/lib_openshift/src/class/oc_adm_registry.py +++ b/roles/lib_openshift/src/class/oc_adm_registry.py @@ -87,8 +87,8 @@ class Registry(OpenShiftCLI): ''' prepared_registry property ''' if not self.__prepared_registry: results = self.prepare_registry() - if not results: - raise RegistryException('Could not perform registry preparation.') + if not results or ('returncode' in results and results['returncode'] != 0): + raise RegistryException('Could not perform registry preparation. {}'.format(results)) self.__prepared_registry = results return self.__prepared_registry @@ -153,8 +153,8 @@ class Registry(OpenShiftCLI): # probably need to parse this # pylint thinks results is a string # pylint: disable=no-member - if results['returncode'] != 0 and 'items' in results['results']: - return results + if results['returncode'] != 0 and 'items' not in results['results']: + raise RegistryException('Could not perform registry preparation. {}'.format(results)) service = None deploymentconfig = None diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml index d211d30e8..fefd28bbd 100644 --- a/roles/nuage_master/tasks/main.yaml +++ b/roles/nuage_master/tasks/main.yaml @@ -22,6 +22,15 @@ - nuage.key - nuage.kubeconfig +- name: Copy the certificates and keys + become: yes + copy: src="/tmp/{{ item }}" dest="{{ cert_output_dir }}/{{ item }}" + with_items: + - ca.crt + - nuage.crt + - nuage.key + - nuage.kubeconfig + - include: certificates.yml - name: Create nuage-openshift-monitor.yaml diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml index 16ea08244..eee448e2c 100644 --- a/roles/nuage_master/tasks/serviceaccount.yml +++ b/roles/nuage_master/tasks/serviceaccount.yml @@ -3,14 +3,20 @@ command: mktemp -u /tmp/openshift-ansible-XXXXXXX.kubeconfig register: nuage_tmp_conf_mktemp changed_when: False + run_once: True + delegate_to: "{{ nuage_ca_master }}" - set_fact: nuage_tmp_conf: "{{ nuage_tmp_conf_mktemp.stdout }}" + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Copy Configuration to temporary conf command: > cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{nuage_tmp_conf}} changed_when: false + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Create Admin Service Account oc_serviceaccount: @@ -18,6 +24,8 @@ name: nuage namespace: default state: present + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Configure role/user permissions command: > @@ -27,6 +35,8 @@ register: osnuage_perm_task failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0" changed_when: osnuage_perm_task.rc == 0 + run_once: True + delegate_to: "{{ nuage_ca_master }}" - name: Generate the node client config command: > @@ -40,8 +50,12 @@ --signer-serial={{ openshift_master_ca_serial }} --basename='nuage' --user={{ nuage_service_account }} + delegate_to: "{{ nuage_ca_master }}" + run_once: True - name: Clean temporary configuration file command: > rm -f {{nuage_tmp_conf}} changed_when: false + delegate_to: "{{ nuage_ca_master }}" + run_once: True diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml index 0f8e7ae58..f396bcc6d 100644 --- a/roles/openshift_logging/tasks/generate_secrets.yaml +++ b/roles/openshift_logging/tasks/generate_secrets.yaml @@ -31,8 +31,6 @@ - fluentd loop_control: loop_var: component - when: secret_name not in openshift_logging_facts.{{component}}.secrets or - secret_keys | difference(openshift_logging_facts.{{component}}.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no @@ -50,8 +48,6 @@ kibana_key_file: "{{key_pairs | entry_from_named_pair('kibana_internal_key')| b64decode }}" kibana_cert_file: "{{key_pairs | entry_from_named_pair('kibana_internal_cert')| b64decode }}" server_tls_file: "{{key_pairs | entry_from_named_pair('server_tls')| b64decode }}" - when: secret_name not in openshift_logging_facts.kibana.secrets or - secret_keys | difference(openshift_logging_facts.kibana.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no @@ -66,8 +62,6 @@ secret_name: logging-elasticsearch secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key", "searchguard.truststore"] register: logging_es_secret - when: secret_name not in openshift_logging_facts.elasticsearch.secrets or - secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0 check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_elasticsearch.yaml b/roles/openshift_logging/tasks/install_elasticsearch.yaml index 086f9e33f..7cf39234f 100644 --- a/roles/openshift_logging/tasks/install_elasticsearch.yaml +++ b/roles/openshift_logging/tasks/install_elasticsearch.yaml @@ -4,6 +4,8 @@ - set_fact: es_pvc_pool={{[]}} +- set_fact: openshift_logging_es_pvc_prefix="{{ openshift_logging_es_pvc_prefix | default('logging-es') }}" + - name: Generate PersistentVolumeClaims include: "{{ role_path}}/tasks/generate_pvcs.yaml" vars: @@ -58,6 +60,8 @@ - name: Getting current ES deployment size set_fact: openshift_logging_current_es_ops_size={{ openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | length }} +- set_fact: openshift_logging_es_ops_pvc_prefix="{{ openshift_logging_es_ops_pvc_prefix | default('logging-es-ops') }}" + - name: Validate Elasticsearch cluster size for Ops fail: msg="The openshift_logging_es_ops_cluster_size may not be scaled down more than 1 less (or 0) the number of Elasticsearch nodes already deployed" vars: diff --git a/roles/openshift_logging/templates/pvc.j2 b/roles/openshift_logging/templates/pvc.j2 index f19a3a750..07d81afff 100644 --- a/roles/openshift_logging/templates/pvc.j2 +++ b/roles/openshift_logging/templates/pvc.j2 @@ -1,7 +1,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{obj_name}} + name: "{{obj_name}}" labels: logging-infra: support {% if annotations is defined %} diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml index 66c81562b..878bf2c82 100644 --- a/roles/openshift_metrics/tasks/install_cassandra.yaml +++ b/roles/openshift_metrics/tasks/install_cassandra.yaml @@ -22,6 +22,8 @@ with_sequence: count={{ openshift_metrics_cassandra_replicas }} changed_when: false +- set_fact: openshift_metrics_cassandra_pvc_prefix="{{ openshift_metrics_cassandra_pvc_prefix | default('hawkular-metrics') }}" + - name: generate hawkular-cassandra persistent volume claims template: src: pvc.j2 diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2 index 8fbfa8b5d..885dd368d 100644 --- a/roles/openshift_metrics/templates/pvc.j2 +++ b/roles/openshift_metrics/templates/pvc.j2 @@ -1,7 +1,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{obj_name}} + name: "{{obj_name}}" {% if labels is not defined %} labels: logging-infra: support diff --git a/roles/openshift_metrics/vars/main.yaml b/roles/openshift_metrics/vars/main.yaml index 4a3724e3f..47aa76dd2 100644 --- a/roles/openshift_metrics/vars/main.yaml +++ b/roles/openshift_metrics/vars/main.yaml @@ -8,3 +8,4 @@ openshift_metrics_cassandra_storage_types: - emptydir - pv - dynamic +- nfs |