diff options
-rw-r--r-- | roles/etcd/tasks/system_container.yml | 72 | ||||
-rw-r--r-- | roles/lib_openshift/library/oc_adm_registry.py | 9 | ||||
-rw-r--r-- | roles/lib_openshift/library/oc_atomic_container.py | 203 | ||||
-rw-r--r-- | roles/lib_openshift/src/ansible/oc_atomic_container.py | 137 | ||||
-rw-r--r-- | roles/lib_openshift/src/doc/atomic_container | 36 | ||||
-rw-r--r-- | roles/lib_openshift/src/lib/volume.py | 9 | ||||
-rw-r--r-- | roles/lib_openshift/src/sources.yml | 6 | ||||
-rw-r--r-- | roles/openshift_excluder/tasks/status.yml | 2 | ||||
-rw-r--r-- | roles/openshift_hosted/tasks/registry/registry.yml | 5 | ||||
-rw-r--r-- | roles/openshift_logging/files/fluent.conf | 2 | ||||
-rw-r--r-- | roles/openshift_master/tasks/system_container.yml | 79 | ||||
-rw-r--r-- | roles/openshift_master/vars/main.yml | 1 | ||||
-rw-r--r-- | roles/openshift_node/tasks/node_system_container.yml | 38 | ||||
-rw-r--r-- | roles/openshift_node/tasks/openvswitch_system_container.yml | 38 | ||||
-rw-r--r-- | roles/openshift_node/vars/main.yml | 2 |
15 files changed, 464 insertions, 175 deletions
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml index 241180e2c..3b80164cc 100644 --- a/roles/etcd/tasks/system_container.yml +++ b/roles/etcd/tasks/system_container.yml @@ -1,17 +1,16 @@ --- +- name: Load lib_openshift modules + include_role: + name: lib_openshift + - name: Pull etcd system container command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }} register: pull_result changed_when: "'Pulling layer' in pull_result.stdout" -- name: Check etcd system container package - command: > - atomic containers list --no-trunc -a -f container=etcd - register: result - - name: Set initial Etcd cluster set_fact: - etcd_initial_cluster: > + etcd_initial_cluster: >- {% for host in etcd_peers | default([]) -%} {% if loop.last -%} {{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }} @@ -20,44 +19,23 @@ {%- endif -%} {% endfor -%} -- name: Update Etcd system container package - command: > - atomic containers update - --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} - --set ETCD_NAME={{ etcd_hostname }} - --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }} - --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} - --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} - --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} - --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} - --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} - --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt - --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key - --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt - --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key - etcd - when: - - ("etcd" in result.stdout) - -- name: Install Etcd system container package - command: > - atomic install --system --name=etcd - --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} - --set ETCD_NAME={{ etcd_hostname }} - --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }} - --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} - --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} - --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} - --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} - --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} - --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt - --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key - --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt - --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt - --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key - {{ openshift.etcd.etcd_image }} - when: - - ("etcd" not in result.stdout) +- name: Install or Update Etcd system container package + oc_atomic_container: + name: etcd + image: "{{ openshift.etcd.etcd_image }}" + state: latest + values: + - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} + - ETCD_NAME={{ etcd_hostname }} + - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }} + - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} + - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} + - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} + - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} + - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} + - ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt + - ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt + - ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key + - ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt + - ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt + - ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py index b6b1f4a04..62018d758 100644 --- a/roles/lib_openshift/library/oc_adm_registry.py +++ b/roles/lib_openshift/library/oc_adm_registry.py @@ -2068,20 +2068,21 @@ class Volume(object): ''' return a properly structured volume ''' volume_mount = None volume = {'name': volume_info['name']} - if volume_info['type'] == 'secret': + volume_type = volume_info['type'].lower() + if volume_type == 'secret': volume['secret'] = {} volume[volume_info['type']] = {'secretName': volume_info['secret_name']} volume_mount = {'mountPath': volume_info['path'], 'name': volume_info['name']} - elif volume_info['type'] == 'emptydir': + elif volume_type == 'emptydir': volume['emptyDir'] = {} volume_mount = {'mountPath': volume_info['path'], 'name': volume_info['name']} - elif volume_info['type'] == 'pvc': + elif volume_type == 'pvc' or volume_type == 'persistentvolumeclaim': volume['persistentVolumeClaim'] = {} volume['persistentVolumeClaim']['claimName'] = volume_info['claimName'] volume['persistentVolumeClaim']['claimSize'] = volume_info['claimSize'] - elif volume_info['type'] == 'hostpath': + elif volume_type == 'hostpath': volume['hostPath'] = {} volume['hostPath']['path'] = volume_info['path'] diff --git a/roles/lib_openshift/library/oc_atomic_container.py b/roles/lib_openshift/library/oc_atomic_container.py new file mode 100644 index 000000000..d2620b4cc --- /dev/null +++ b/roles/lib_openshift/library/oc_atomic_container.py @@ -0,0 +1,203 @@ +#!/usr/bin/env python +# pylint: disable=missing-docstring +# flake8: noqa: T001 +# ___ ___ _ _ ___ ___ _ _____ ___ ___ +# / __| __| \| | __| _ \ /_\_ _| __| \ +# | (_ | _|| .` | _|| / / _ \| | | _|| |) | +# \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____ +# | \ / _ \ | \| |/ _ \_ _| | __| \_ _|_ _| +# | |) | (_) | | .` | (_) || | | _|| |) | | | | +# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_| +# +# Copyright 2016 Red Hat, Inc. and/or its affiliates +# and other contributors as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# -*- -*- -*- Begin included fragment: doc/atomic_container -*- -*- -*- + +DOCUMENTATION = ''' +--- +module: oc_atomic_container +short_description: Manage the container images on the atomic host platform +description: + - Manage the container images on the atomic host platform + - Allows to execute the commands on the container images +requirements: + - atomic + - "python >= 2.6" +options: + name: + description: + - Name of the container + required: True + default: null + image: + description: + - The image to use to install the container + required: True + default: null + state: + description: + - State of the container + required: True + choices: ["latest", "absent", "latest", "rollback"] + default: "latest" + values: + description: + - Values for the installation of the container + required: False + default: None +''' + +# -*- -*- -*- End included fragment: doc/atomic_container -*- -*- -*- + +# -*- -*- -*- Begin included fragment: ansible/oc_atomic_container.py -*- -*- -*- + +# pylint: disable=wrong-import-position,too-many-branches,invalid-name +import json +from ansible.module_utils.basic import AnsibleModule + + +def _install(module, container, image, values_list): + ''' install a container using atomic CLI. values_list is the list of --set arguments. + container is the name given to the container. image is the image to use for the installation. ''' + args = ['atomic', 'install', "--system", '--name=%s' % container] + values_list + [image] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + return rc, out, err, False + else: + changed = "Extracting" in out + return rc, out, err, changed + +def _uninstall(module, name): + ''' uninstall an atomic container by its name. ''' + args = ['atomic', 'uninstall', name] + rc, out, err = module.run_command(args, check_rc=False) + return rc, out, err, False + + +def do_install(module, container, image, values_list): + ''' install a container and exit the module. ''' + rc, out, err, changed = _install(module, container, image, values_list) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + module.exit_json(msg=out, changed=changed) + + +def do_uninstall(module, name): + ''' uninstall a container and exit the module. ''' + rc, out, err, changed = _uninstall(module, name) + if rc != 0: + module.fail_json(rc=rc, msg=err) + module.exit_json(msg=out, changed=changed) + + +def do_update(module, container, old_image, image, values_list): + ''' update a container and exit the module. If the container uses a different + image than the current installed one, then first uninstall the old one ''' + + # the image we want is different than the installed one + if old_image != image: + rc, out, err, _ = _uninstall(module, container) + if rc != 0: + module.fail_json(rc=rc, msg=err) + return do_install(module, container, image, values_list) + + # if the image didn't change, use "atomic containers update" + args = ['atomic', 'containers', 'update'] + values_list + [container] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + changed = "Extracting" in out + module.exit_json(msg=out, changed=changed) + + +def do_rollback(module, name): + ''' move to the previous deployment of the container, if present, and exit the module. ''' + args = ['atomic', 'containers', 'rollback', name] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + changed = "Rolling back" in out + module.exit_json(msg=out, changed=changed) + + +def core(module): + ''' entrypoint for the module. ''' + name = module.params['name'] + image = module.params['image'] + values = module.params['values'] + state = module.params['state'] + + module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C') + out = {} + err = {} + rc = 0 + + values_list = ["--set=%s" % x for x in values] if values else [] + + args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + return + + containers = json.loads(out) + present = len(containers) > 0 + old_image = containers[0]["image_name"] if present else None + + if state == 'present' and present: + module.exit_json(msg=out, changed=False) + elif (state in ['latest', 'present']) and not present: + do_install(module, name, image, values_list) + elif state == 'latest': + do_update(module, name, old_image, image, values_list) + elif state == 'absent': + if not present: + module.exit_json(msg="", changed=False) + else: + do_uninstall(module, name) + elif state == 'rollback': + do_rollback(module, name) + + +def main(): + module = AnsibleModule( + argument_spec=dict( + name=dict(default=None, required=True), + image=dict(default=None, required=True), + state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']), + values=dict(type='list', default=[]), + ), + ) + + # Verify that the platform supports atomic command + rc, _, err = module.run_command('atomic -v', check_rc=False) + if rc != 0: + module.fail_json(msg="Error in running atomic command", err=err) + + try: + core(module) + except Exception as e: # pylint: disable=broad-except + module.fail_json(msg=str(e)) + + +if __name__ == '__main__': + main() + +# -*- -*- -*- End included fragment: ansible/oc_atomic_container.py -*- -*- -*- diff --git a/roles/lib_openshift/src/ansible/oc_atomic_container.py b/roles/lib_openshift/src/ansible/oc_atomic_container.py new file mode 100644 index 000000000..20d75cb63 --- /dev/null +++ b/roles/lib_openshift/src/ansible/oc_atomic_container.py @@ -0,0 +1,137 @@ +# pylint: skip-file +# flake8: noqa + +# pylint: disable=wrong-import-position,too-many-branches,invalid-name +import json +from ansible.module_utils.basic import AnsibleModule + + +def _install(module, container, image, values_list): + ''' install a container using atomic CLI. values_list is the list of --set arguments. + container is the name given to the container. image is the image to use for the installation. ''' + args = ['atomic', 'install', "--system", '--name=%s' % container] + values_list + [image] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + return rc, out, err, False + else: + changed = "Extracting" in out + return rc, out, err, changed + +def _uninstall(module, name): + ''' uninstall an atomic container by its name. ''' + args = ['atomic', 'uninstall', name] + rc, out, err = module.run_command(args, check_rc=False) + return rc, out, err, False + + +def do_install(module, container, image, values_list): + ''' install a container and exit the module. ''' + rc, out, err, changed = _install(module, container, image, values_list) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + module.exit_json(msg=out, changed=changed) + + +def do_uninstall(module, name): + ''' uninstall a container and exit the module. ''' + rc, out, err, changed = _uninstall(module, name) + if rc != 0: + module.fail_json(rc=rc, msg=err) + module.exit_json(msg=out, changed=changed) + + +def do_update(module, container, old_image, image, values_list): + ''' update a container and exit the module. If the container uses a different + image than the current installed one, then first uninstall the old one ''' + + # the image we want is different than the installed one + if old_image != image: + rc, out, err, _ = _uninstall(module, container) + if rc != 0: + module.fail_json(rc=rc, msg=err) + return do_install(module, container, image, values_list) + + # if the image didn't change, use "atomic containers update" + args = ['atomic', 'containers', 'update'] + values_list + [container] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + changed = "Extracting" in out + module.exit_json(msg=out, changed=changed) + + +def do_rollback(module, name): + ''' move to the previous deployment of the container, if present, and exit the module. ''' + args = ['atomic', 'containers', 'rollback', name] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + else: + changed = "Rolling back" in out + module.exit_json(msg=out, changed=changed) + + +def core(module): + ''' entrypoint for the module. ''' + name = module.params['name'] + image = module.params['image'] + values = module.params['values'] + state = module.params['state'] + + module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C') + out = {} + err = {} + rc = 0 + + values_list = ["--set=%s" % x for x in values] if values else [] + + args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name] + rc, out, err = module.run_command(args, check_rc=False) + if rc != 0: + module.fail_json(rc=rc, msg=err) + return + + containers = json.loads(out) + present = len(containers) > 0 + old_image = containers[0]["image_name"] if present else None + + if state == 'present' and present: + module.exit_json(msg=out, changed=False) + elif (state in ['latest', 'present']) and not present: + do_install(module, name, image, values_list) + elif state == 'latest': + do_update(module, name, old_image, image, values_list) + elif state == 'absent': + if not present: + module.exit_json(msg="", changed=False) + else: + do_uninstall(module, name) + elif state == 'rollback': + do_rollback(module, name) + + +def main(): + module = AnsibleModule( + argument_spec=dict( + name=dict(default=None, required=True), + image=dict(default=None, required=True), + state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']), + values=dict(type='list', default=[]), + ), + ) + + # Verify that the platform supports atomic command + rc, _, err = module.run_command('atomic -v', check_rc=False) + if rc != 0: + module.fail_json(msg="Error in running atomic command", err=err) + + try: + core(module) + except Exception as e: # pylint: disable=broad-except + module.fail_json(msg=str(e)) + + +if __name__ == '__main__': + main() diff --git a/roles/lib_openshift/src/doc/atomic_container b/roles/lib_openshift/src/doc/atomic_container new file mode 100644 index 000000000..53fc40f36 --- /dev/null +++ b/roles/lib_openshift/src/doc/atomic_container @@ -0,0 +1,36 @@ +# flake8: noqa +# pylint: skip-file + +DOCUMENTATION = ''' +--- +module: oc_atomic_container +short_description: Manage the container images on the atomic host platform +description: + - Manage the container images on the atomic host platform + - Allows to execute the commands on the container images +requirements: + - atomic + - "python >= 2.6" +options: + name: + description: + - Name of the container + required: True + default: null + image: + description: + - The image to use to install the container + required: True + default: null + state: + description: + - State of the container + required: True + choices: ["latest", "absent", "latest", "rollback"] + default: "latest" + values: + description: + - Values for the installation of the container + required: False + default: None +''' diff --git a/roles/lib_openshift/src/lib/volume.py b/roles/lib_openshift/src/lib/volume.py index 84ef1f705..e0abb1d1b 100644 --- a/roles/lib_openshift/src/lib/volume.py +++ b/roles/lib_openshift/src/lib/volume.py @@ -17,20 +17,21 @@ class Volume(object): ''' return a properly structured volume ''' volume_mount = None volume = {'name': volume_info['name']} - if volume_info['type'] == 'secret': + volume_type = volume_info['type'].lower() + if volume_type == 'secret': volume['secret'] = {} volume[volume_info['type']] = {'secretName': volume_info['secret_name']} volume_mount = {'mountPath': volume_info['path'], 'name': volume_info['name']} - elif volume_info['type'] == 'emptydir': + elif volume_type == 'emptydir': volume['emptyDir'] = {} volume_mount = {'mountPath': volume_info['path'], 'name': volume_info['name']} - elif volume_info['type'] == 'pvc': + elif volume_type == 'pvc' or volume_type == 'persistentvolumeclaim': volume['persistentVolumeClaim'] = {} volume['persistentVolumeClaim']['claimName'] = volume_info['claimName'] volume['persistentVolumeClaim']['claimSize'] = volume_info['claimSize'] - elif volume_info['type'] == 'hostpath': + elif volume_type == 'hostpath': volume['hostPath'] = {} volume['hostPath']['path'] = volume_info['path'] diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index 6585b1258..a48fdf0c2 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -49,6 +49,12 @@ oc_adm_router.py: - class/oc_adm_router.py - ansible/oc_adm_router.py +oc_atomic_container.py: +- doc/generated +- doc/license +- doc/atomic_container +- ansible/oc_atomic_container.py + oc_edit.py: - doc/generated - doc/license diff --git a/roles/openshift_excluder/tasks/status.yml b/roles/openshift_excluder/tasks/status.yml index 6ef4af22d..ef118d94c 100644 --- a/roles/openshift_excluder/tasks/status.yml +++ b/roles/openshift_excluder/tasks/status.yml @@ -20,6 +20,7 @@ - name: Update to latest excluder packages package: name: "{{ openshift.common.service_type }}-excluder" + state: latest when: - "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}" - not openshift.common.is_containerized | bool @@ -27,6 +28,7 @@ - name: Update to the latest docker-excluder packages package: name: "{{ openshift.common.service_type }}-docker-excluder" + state: latest when: - "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}" - not openshift.common.is_containerized | bool diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml index d49967837..39e7de230 100644 --- a/roles/openshift_hosted/tasks/registry/registry.yml +++ b/roles/openshift_hosted/tasks/registry/registry.yml @@ -80,13 +80,14 @@ when: - openshift.hosted.registry.storage.kind | default(none) == 'object' -- name: Set facts for persistent volume +- name: Update openshift_hosted facts for persistent volumes set_fact: + openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(pvc_volume_mounts) }}" + vars: pvc_volume_mounts: - name: registry-storage type: persistentVolumeClaim claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-claim" - openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(pvc_volume_mounts) }}" when: - openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack'] diff --git a/roles/openshift_logging/files/fluent.conf b/roles/openshift_logging/files/fluent.conf index c0c1c8a44..aeaa705ee 100644 --- a/roles/openshift_logging/files/fluent.conf +++ b/roles/openshift_logging/files/fluent.conf @@ -22,7 +22,7 @@ @include configs.d/openshift/filter-k8s-flatten-hash.conf @include configs.d/openshift/filter-k8s-record-transform.conf @include configs.d/openshift/filter-syslog-record-transform.conf - @include configs.d/openshift/filter-common-data-model.conf + @include configs.d/openshift/filter-viaq-data-model.conf @include configs.d/openshift/filter-post-*.conf ## diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml index a0e1ac75e..1b3e0dba1 100644 --- a/roles/openshift_master/tasks/system_container.yml +++ b/roles/openshift_master/tasks/system_container.yml @@ -1,4 +1,8 @@ --- +- name: Load lib_openshift modules + include_role: + name: lib_openshift + - name: Pre-pull master system container image command: > atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }} @@ -10,68 +14,31 @@ atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-master register: result -- name: Update Master system container package - command: > - atomic containers update {{ openshift.common.service_type }}-master - register: update_result - changed_when: "'Extracting' in update_result.stdout" - when: - - ("master" in result.stdout) - - l_is_same_version - - not l_is_ha - -- name: Uninstall Master system container package - command: > - atomic uninstall {{ openshift.common.service_type }}-master - failed_when: False - when: - - ("master" in result.stdout) - - not l_is_same_version - - not l_is_ha - -- name: Install Master system container package - command: > - atomic install --system --name={{ openshift.common.service_type }}-master {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }} +- name: Install or Update master system container + oc_atomic_container: + name: "{{ openshift.common.service_type }}-master" + image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" + state: latest when: - - not l_is_same_version or ("master" not in result.stdout) | bool - not l_is_ha - notify: - - restart master # HA -- name: Update Master HA system container package - command: > - atomic containers update {{ openshift.common.service_type }}-master-{{ item }} - register: update_result - changed_when: "'Extracting' in update_result.stdout" - with_items: - - api - - controllers - when: - - ("master" in result.stdout) - - l_is_same_version - - l_is_ha - -- name: Uninstall Master HA system container package - command: > - atomic uninstall {{ openshift.common.service_type }}-master-{{ item }} - failed_when: False - with_items: - - api - - controllers +- name: Install or Update HA api master system container + oc_atomic_container: + name: "{{ openshift.common.service_type }}-master-api" + image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" + state: latest + values: + - COMMAND=api when: - - ("master" in result.stdout) - - not l_is_same_version - l_is_ha -- name: Install Master HA system container package - command: > - atomic install --system --set COMMAND={{ item }} --name={{ openshift.common.service_type }}-master-{{ item }} {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }} - with_items: - - api - - controllers +- name: Install or Update HA controller master system container + oc_atomic_container: + name: "{{ openshift.common.service_type }}-master-controllers" + image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}" + state: latest + values: + - COMMAND=controllers when: - - not l_is_same_version or ("master" not in result.stdout) | bool - l_is_ha - notify: - - restart master diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index 1e157097d..c5ba20409 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -20,4 +20,3 @@ openshift_master_valid_grant_methods: - deny l_is_ha: "{{ openshift.master.ha is defined and openshift.master.ha | bool }}" -l_is_same_version: "{{ (openshift.common.version is defined) and (openshift.common.version == openshift_version) | bool }}" diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml index 3ae5c7600..abe139418 100644 --- a/roles/openshift_node/tasks/node_system_container.yml +++ b/roles/openshift_node/tasks/node_system_container.yml @@ -1,36 +1,16 @@ --- +- name: Load lib_openshift modules + include_role: + name: lib_openshift + - name: Pre-pull node system container image command: > atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Pulling layer' in pull_result.stdout" -- name: Check Node system container package - command: > - atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-node - register: result - -- name: Update Node system container package - command: > - atomic containers update {{ openshift.common.service_type }}-node - register: update_result - changed_when: "'Extracting' in update_result.stdout" - when: - - l_is_same_version - - ("node" in result.stdout) - -- name: Uninstall Node system container package - command: > - atomic uninstall {{ openshift.common.service_type }}-node - failed_when: False - when: - - not l_is_same_version - - ("node" in result.stdout) - -- name: Install Node system container package - command: > - atomic install --system --name={{ openshift.common.service_type }}-node {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }} - register: install_node_result - changed_when: "'Extracting' in pull_result.stdout" - when: - - not l_is_same_version or ("node" not in result.stdout) | bool +- name: Install or Update node system container + oc_atomic_container: + name: "{{ openshift.common.service_type }}-node" + image: "{{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}" + state: latest diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml index 6114230d0..b76ce8797 100644 --- a/roles/openshift_node/tasks/openvswitch_system_container.yml +++ b/roles/openshift_node/tasks/openvswitch_system_container.yml @@ -1,36 +1,16 @@ --- +- name: Load lib_openshift modules + include_role: + name: lib_openshift + - name: Pre-pull OpenVSwitch system container image command: > atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Pulling layer' in pull_result.stdout" -- name: Check OpenvSwitch system container package - command: > - atomic containers list --no-trunc -a -f container=openvswitch - register: result - -- name: Update OpenvSwitch system container package - command: > - atomic containers update openvswitch - register: update_result - changed_when: "'Extracting' in update_result.stdout" - when: - - l_is_same_version - - ("openvswitch" in result.stdout) | bool - -- name: Uninstall OpenvSwitch system container package - command: > - atomic uninstall openvswitch - failed_when: False - when: - - not l_is_same_version - - ("openvswitch" in result.stdout) | bool - -- name: Install OpenvSwitch system container package - command: > - atomic install --system --name=openvswitch {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }} - when: - - not l_is_same_version or ("openvswitch" not in result.stdout) | bool - notify: - - restart docker +- name: Install or Update OpenVSwitch system container + oc_atomic_container: + name: openvswitch + image: "{{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}" + state: latest diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml deleted file mode 100644 index 0c2abf3b9..000000000 --- a/roles/openshift_node/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -l_is_same_version: "{{ (openshift.common.version is defined) and (openshift.common.version == openshift_version) | bool }}" |