summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--inventory/byo/hosts.origin.example2
-rw-r--r--inventory/byo/hosts.ose.example2
-rw-r--r--roles/lib_openshift/library/oc_adm_registry.py8
-rw-r--r--roles/lib_openshift/src/class/oc_adm_registry.py8
-rw-r--r--roles/nuage_master/tasks/main.yaml9
-rw-r--r--roles/nuage_master/tasks/serviceaccount.yml14
-rw-r--r--roles/openshift_logging/tasks/generate_secrets.yaml6
-rw-r--r--roles/openshift_logging/tasks/install_elasticsearch.yaml4
-rw-r--r--roles/openshift_logging/templates/pvc.j22
-rw-r--r--roles/openshift_metrics/tasks/install_cassandra.yaml2
-rw-r--r--roles/openshift_metrics/templates/pvc.j22
-rw-r--r--roles/openshift_metrics/vars/main.yaml1
12 files changed, 42 insertions, 18 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index bb9f4706a..76b1f3691 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -540,7 +540,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
#
# Configure loggingPublicURL in the master config for aggregate logging, defaults
# to https://kibana.{{ openshift_master_default_subdomain }}
-#openshift_master_logging_public_url=https://kibana.example.com
+#openshift_hosted_logging_hostname=https://kibana.example.com
# Configure the number of elastic search nodes, unless you're using dynamic provisioning
# this value must be 1
#openshift_hosted_logging_elasticsearch_cluster_size=1
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index 12a1b3991..39e9488d5 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -541,7 +541,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
#
# Configure loggingPublicURL in the master config for aggregate logging, defaults
# to https://kibana.{{ openshift_master_default_subdomain }}
-#openshift_master_logging_public_url=https://kibana.example.com
+#openshift_hosted_logging_hostname=https://kibana.example.com
# Configure the number of elastic search nodes, unless you're using dynamic provisioning
# this value must be 1
#openshift_hosted_logging_elasticsearch_cluster_size=1
diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py
index c398c5551..9eb268388 100644
--- a/roles/lib_openshift/library/oc_adm_registry.py
+++ b/roles/lib_openshift/library/oc_adm_registry.py
@@ -2235,8 +2235,8 @@ class Registry(OpenShiftCLI):
''' prepared_registry property '''
if not self.__prepared_registry:
results = self.prepare_registry()
- if not results:
- raise RegistryException('Could not perform registry preparation.')
+ if not results or ('returncode' in results and results['returncode'] != 0):
+ raise RegistryException('Could not perform registry preparation. {}'.format(results))
self.__prepared_registry = results
return self.__prepared_registry
@@ -2301,8 +2301,8 @@ class Registry(OpenShiftCLI):
# probably need to parse this
# pylint thinks results is a string
# pylint: disable=no-member
- if results['returncode'] != 0 and 'items' in results['results']:
- return results
+ if results['returncode'] != 0 and 'items' not in results['results']:
+ raise RegistryException('Could not perform registry preparation. {}'.format(results))
service = None
deploymentconfig = None
diff --git a/roles/lib_openshift/src/class/oc_adm_registry.py b/roles/lib_openshift/src/class/oc_adm_registry.py
index c083cd179..25519c9c9 100644
--- a/roles/lib_openshift/src/class/oc_adm_registry.py
+++ b/roles/lib_openshift/src/class/oc_adm_registry.py
@@ -87,8 +87,8 @@ class Registry(OpenShiftCLI):
''' prepared_registry property '''
if not self.__prepared_registry:
results = self.prepare_registry()
- if not results:
- raise RegistryException('Could not perform registry preparation.')
+ if not results or ('returncode' in results and results['returncode'] != 0):
+ raise RegistryException('Could not perform registry preparation. {}'.format(results))
self.__prepared_registry = results
return self.__prepared_registry
@@ -153,8 +153,8 @@ class Registry(OpenShiftCLI):
# probably need to parse this
# pylint thinks results is a string
# pylint: disable=no-member
- if results['returncode'] != 0 and 'items' in results['results']:
- return results
+ if results['returncode'] != 0 and 'items' not in results['results']:
+ raise RegistryException('Could not perform registry preparation. {}'.format(results))
service = None
deploymentconfig = None
diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml
index d211d30e8..fefd28bbd 100644
--- a/roles/nuage_master/tasks/main.yaml
+++ b/roles/nuage_master/tasks/main.yaml
@@ -22,6 +22,15 @@
- nuage.key
- nuage.kubeconfig
+- name: Copy the certificates and keys
+ become: yes
+ copy: src="/tmp/{{ item }}" dest="{{ cert_output_dir }}/{{ item }}"
+ with_items:
+ - ca.crt
+ - nuage.crt
+ - nuage.key
+ - nuage.kubeconfig
+
- include: certificates.yml
- name: Create nuage-openshift-monitor.yaml
diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml
index 16ea08244..eee448e2c 100644
--- a/roles/nuage_master/tasks/serviceaccount.yml
+++ b/roles/nuage_master/tasks/serviceaccount.yml
@@ -3,14 +3,20 @@
command: mktemp -u /tmp/openshift-ansible-XXXXXXX.kubeconfig
register: nuage_tmp_conf_mktemp
changed_when: False
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- set_fact:
nuage_tmp_conf: "{{ nuage_tmp_conf_mktemp.stdout }}"
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Copy Configuration to temporary conf
command: >
cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{nuage_tmp_conf}}
changed_when: false
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Create Admin Service Account
oc_serviceaccount:
@@ -18,6 +24,8 @@
name: nuage
namespace: default
state: present
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Configure role/user permissions
command: >
@@ -27,6 +35,8 @@
register: osnuage_perm_task
failed_when: "'the object has been modified' not in osnuage_perm_task.stderr and osnuage_perm_task.rc != 0"
changed_when: osnuage_perm_task.rc == 0
+ run_once: True
+ delegate_to: "{{ nuage_ca_master }}"
- name: Generate the node client config
command: >
@@ -40,8 +50,12 @@
--signer-serial={{ openshift_master_ca_serial }}
--basename='nuage'
--user={{ nuage_service_account }}
+ delegate_to: "{{ nuage_ca_master }}"
+ run_once: True
- name: Clean temporary configuration file
command: >
rm -f {{nuage_tmp_conf}}
changed_when: false
+ delegate_to: "{{ nuage_ca_master }}"
+ run_once: True
diff --git a/roles/openshift_logging/tasks/generate_secrets.yaml b/roles/openshift_logging/tasks/generate_secrets.yaml
index 0f8e7ae58..f396bcc6d 100644
--- a/roles/openshift_logging/tasks/generate_secrets.yaml
+++ b/roles/openshift_logging/tasks/generate_secrets.yaml
@@ -31,8 +31,6 @@
- fluentd
loop_control:
loop_var: component
- when: secret_name not in openshift_logging_facts.{{component}}.secrets or
- secret_keys | difference(openshift_logging_facts.{{component}}.secrets["{{secret_name}}"]["keys"]) | length != 0
check_mode: no
changed_when: no
@@ -50,8 +48,6 @@
kibana_key_file: "{{key_pairs | entry_from_named_pair('kibana_internal_key')| b64decode }}"
kibana_cert_file: "{{key_pairs | entry_from_named_pair('kibana_internal_cert')| b64decode }}"
server_tls_file: "{{key_pairs | entry_from_named_pair('server_tls')| b64decode }}"
- when: secret_name not in openshift_logging_facts.kibana.secrets or
- secret_keys | difference(openshift_logging_facts.kibana.secrets["{{secret_name}}"]["keys"]) | length != 0
check_mode: no
changed_when: no
@@ -66,8 +62,6 @@
secret_name: logging-elasticsearch
secret_keys: ["admin-cert", "searchguard.key", "admin-ca", "key", "truststore", "admin-key", "searchguard.truststore"]
register: logging_es_secret
- when: secret_name not in openshift_logging_facts.elasticsearch.secrets or
- secret_keys | difference(openshift_logging_facts.elasticsearch.secrets["{{secret_name}}"]["keys"]) | length != 0
check_mode: no
changed_when: no
diff --git a/roles/openshift_logging/tasks/install_elasticsearch.yaml b/roles/openshift_logging/tasks/install_elasticsearch.yaml
index 086f9e33f..7cf39234f 100644
--- a/roles/openshift_logging/tasks/install_elasticsearch.yaml
+++ b/roles/openshift_logging/tasks/install_elasticsearch.yaml
@@ -4,6 +4,8 @@
- set_fact: es_pvc_pool={{[]}}
+- set_fact: openshift_logging_es_pvc_prefix="{{ openshift_logging_es_pvc_prefix | default('logging-es') }}"
+
- name: Generate PersistentVolumeClaims
include: "{{ role_path}}/tasks/generate_pvcs.yaml"
vars:
@@ -58,6 +60,8 @@
- name: Getting current ES deployment size
set_fact: openshift_logging_current_es_ops_size={{ openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | length }}
+- set_fact: openshift_logging_es_ops_pvc_prefix="{{ openshift_logging_es_ops_pvc_prefix | default('logging-es-ops') }}"
+
- name: Validate Elasticsearch cluster size for Ops
fail: msg="The openshift_logging_es_ops_cluster_size may not be scaled down more than 1 less (or 0) the number of Elasticsearch nodes already deployed"
vars:
diff --git a/roles/openshift_logging/templates/pvc.j2 b/roles/openshift_logging/templates/pvc.j2
index f19a3a750..07d81afff 100644
--- a/roles/openshift_logging/templates/pvc.j2
+++ b/roles/openshift_logging/templates/pvc.j2
@@ -1,7 +1,7 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: {{obj_name}}
+ name: "{{obj_name}}"
labels:
logging-infra: support
{% if annotations is defined %}
diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml
index 66c81562b..878bf2c82 100644
--- a/roles/openshift_metrics/tasks/install_cassandra.yaml
+++ b/roles/openshift_metrics/tasks/install_cassandra.yaml
@@ -22,6 +22,8 @@
with_sequence: count={{ openshift_metrics_cassandra_replicas }}
changed_when: false
+- set_fact: openshift_metrics_cassandra_pvc_prefix="{{ openshift_metrics_cassandra_pvc_prefix | default('hawkular-metrics') }}"
+
- name: generate hawkular-cassandra persistent volume claims
template:
src: pvc.j2
diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2
index 8fbfa8b5d..885dd368d 100644
--- a/roles/openshift_metrics/templates/pvc.j2
+++ b/roles/openshift_metrics/templates/pvc.j2
@@ -1,7 +1,7 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: {{obj_name}}
+ name: "{{obj_name}}"
{% if labels is not defined %}
labels:
logging-infra: support
diff --git a/roles/openshift_metrics/vars/main.yaml b/roles/openshift_metrics/vars/main.yaml
index 4a3724e3f..47aa76dd2 100644
--- a/roles/openshift_metrics/vars/main.yaml
+++ b/roles/openshift_metrics/vars/main.yaml
@@ -8,3 +8,4 @@ openshift_metrics_cassandra_storage_types:
- emptydir
- pv
- dynamic
+- nfs