diff options
Diffstat (limited to 'playbooks/openstack')
11 files changed, 542 insertions, 166 deletions
diff --git a/playbooks/openstack/openshift-cluster/cluster_hosts.yml b/playbooks/openstack/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..12c436eaf --- /dev/null +++ b/playbooks/openstack/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,21 @@ +--- +g_all_hosts: "{{ groups['meta-clusterid_' ~ cluster_id] | default([]) + | intersect(groups['meta-environment_' ~ cluster_env] | default([])) }}" + +g_etcd_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_etcd'] | default([])) }}" + +g_lb_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_lb'] | default([])) }}" + +g_nfs_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_nfs'] | default([])) }}" + +g_master_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_master'] | default([])) }}" + +g_new_master_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_new_master'] | default([])) }}" + +g_node_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_node'] | default([])) }}" + +g_new_node_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_new_node'] | default([])) }}" + +g_infra_hosts: "{{ g_node_hosts | intersect(groups['meta-sub-host-type_infra'] | default([])) }}" + +g_compute_hosts: "{{ g_node_hosts | intersect(groups['meta-sub-host-type_compute'] | default([])) }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index 3c9a231e3..f6550b2c4 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -1,20 +1,34 @@ +--- +- include: ../../common/openshift-cluster/verify_ansible_version.yml + - hosts: localhost gather_facts: no - vars_files: - - vars.yml tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" + - include_vars: vars.yml + - include_vars: cluster_hosts.yml + - add_host: + name: "{{ item }}" + groups: l_oo_all_hosts + with_items: "{{ g_all_hosts | default([]) }}" + +- hosts: l_oo_all_hosts + gather_facts: no + tasks: + - include_vars: vars.yml + - include_vars: cluster_hosts.yml - include: ../../common/openshift-cluster/config.yml vars: - g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}" - g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}" - g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_nodeonmaster: true + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].become }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 4 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" - openshift_hostname: "{{ ansible_default_ipv4.address }}" + openshift_hosted_registry_selector: 'type=infra' + openshift_hosted_router_selector: 'type=infra' + openshift_master_cluster_method: 'native' + openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}" + os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}" + openshift_use_flannel: "{{ lookup('oo_option', 'use_flannel') }}" + openshift_use_fluentd: "{{ lookup('oo_option', 'use_fluentd') }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index a15ec749c..20ce47c07 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -4,25 +4,20 @@ description: OpenShift cluster parameters: + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID description: Identifier of the cluster - num_masters: - type: number - label: Number of masters - description: Number of masters - - num_nodes: - type: number - label: Number of nodes - description: Number of nodes - - cidr: + subnet_24_prefix: type: string - label: CIDR - description: CIDR of the network of the cluster + label: subnet /24 prefix + description: /24 subnet prefix of the network of the cluster (dot separated number triplet) dns_nameservers: type: comma_delimited_list @@ -47,6 +42,37 @@ parameters: description: Source of legitimate ssh connections default: 0.0.0.0/0 + node_port_incoming: + type: string + label: Source of node port connections + description: Authorized sources targeting node ports + default: 0.0.0.0/0 + + num_etcd: + type: number + label: Number of etcd nodes + description: Number of etcd nodes + + num_masters: + type: number + label: Number of masters + description: Number of masters + + num_nodes: + type: number + label: Number of compute nodes + description: Number of compute nodes + + num_infra: + type: number + label: Number of infrastructure nodes + description: Number of infrastructure nodes + + etcd_image: + type: string + label: Etcd image + description: Name of the image for the etcd servers + master_image: type: string label: Master image @@ -55,7 +81,17 @@ parameters: node_image: type: string label: Node image - description: Name of the image for the node servers + description: Name of the image for the compute node servers + + infra_image: + type: string + label: Infra image + description: Name of the image for the infra node servers + + etcd_flavor: + type: string + label: Etcd flavor + description: Flavor of the etcd servers master_flavor: type: string @@ -65,10 +101,27 @@ parameters: node_flavor: type: string label: Node flavor - description: Flavor of the node servers + description: Flavor of the compute node servers + + infra_flavor: + type: string + label: Infra flavor + description: Flavor of the infra node servers outputs: + etcd_names: + description: Name of the etcds + value: { get_attr: [ etcd, name ] } + + etcd_ips: + description: IPs of the etcds + value: { get_attr: [ etcd, private_ip ] } + + etcd_floating_ips: + description: Floating IPs of the etcds + value: { get_attr: [ etcd, floating_ip ] } + master_names: description: Name of the masters value: { get_attr: [ masters, name ] } @@ -83,15 +136,27 @@ outputs: node_names: description: Name of the nodes - value: { get_attr: [ nodes, name ] } + value: { get_attr: [ compute_nodes, name ] } node_ips: description: IPs of the nodes - value: { get_attr: [ nodes, private_ip ] } + value: { get_attr: [ compute_nodes, private_ip ] } node_floating_ips: description: Floating IPs of the nodes - value: { get_attr: [ nodes, floating_ip ] } + value: { get_attr: [ compute_nodes, floating_ip ] } + + infra_names: + description: Name of the nodes + value: { get_attr: [ infra_nodes, name ] } + + infra_ips: + description: IPs of the nodes + value: { get_attr: [ infra_nodes, private_ip ] } + + infra_floating_ips: + description: Floating IPs of the nodes + value: { get_attr: [ infra_nodes, floating_ip ] } resources: @@ -113,7 +178,11 @@ resources: params: cluster_id: { get_param: cluster_id } network: { get_resource: net } - cidr: { get_param: cidr } + cidr: + str_replace: + template: subnet_24_prefix.0/24 + params: + subnet_24_prefix: { get_param: subnet_24_prefix } dns_nameservers: { get_param: dns_nameservers } router: @@ -172,6 +241,10 @@ resources: port_range_max: 8443 - direction: ingress protocol: tcp + port_range_min: 8444 + port_range_max: 8444 + - direction: ingress + protocol: tcp port_range_min: 53 port_range_max: 53 - direction: ingress @@ -180,12 +253,67 @@ resources: port_range_max: 53 - direction: ingress protocol: tcp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: udp + port_range_min: 8053 + port_range_max: 8053 + - direction: ingress + protocol: tcp port_range_min: 24224 port_range_max: 24224 - direction: ingress protocol: udp port_range_min: 24224 port_range_max: 24224 + - direction: ingress + protocol: tcp + port_range_min: 2224 + port_range_max: 2224 + - direction: ingress + protocol: udp + port_range_min: 5404 + port_range_max: 5404 + - direction: ingress + protocol: udp + port_range_min: 5405 + port_range_max: 5405 + - direction: ingress + protocol: tcp + port_range_min: 9090 + port_range_max: 9090 + + etcd-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-etcd-secgrp + params: + cluster_id: { get_param: cluster_id } + description: + str_replace: + template: Security group for cluster_id etcd cluster + params: + cluster_id: { get_param: cluster_id } + rules: + - direction: ingress + protocol: tcp + port_range_min: 22 + port_range_max: 22 + remote_ip_prefix: { get_param: ssh_incoming } + - direction: ingress + protocol: tcp + port_range_min: 2379 + port_range_max: 2379 + remote_mode: remote_group_id + remote_group_id: { get_resource: master-secgrp } + - direction: ingress + protocol: tcp + port_range_min: 2380 + port_range_max: 2380 + remote_mode: remote_group_id node-secgrp: type: OS::Neutron::SecurityGroup @@ -207,16 +335,85 @@ resources: port_range_max: 22 remote_ip_prefix: { get_param: ssh_incoming } - direction: ingress + protocol: tcp + port_range_min: 10250 + port_range_max: 10250 + remote_mode: remote_group_id + - direction: ingress + protocol: tcp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress protocol: udp port_range_min: 4789 port_range_max: 4789 remote_mode: remote_group_id - direction: ingress protocol: tcp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - remote_group_id: { get_resource: master-secgrp } + port_range_min: 30000 + port_range_max: 32767 + remote_ip_prefix: { get_param: node_port_incoming } + + infra-secgrp: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: openshift-ansible-cluster_id-infra-secgrp + params: + cluster_id: { get_param: cluster_id } + description: + str_replace: + template: Security group for cluster_id OpenShift infrastructure cluster nodes + params: + cluster_id: { get_param: cluster_id } + rules: + - direction: ingress + protocol: tcp + port_range_min: 80 + port_range_max: 80 + - direction: ingress + protocol: tcp + port_range_min: 443 + port_range_max: 443 + + etcd: + type: OS::Heat::ResourceGroup + properties: + count: { get_param: num_etcd } + resource_def: + type: heat_stack_server.yaml + properties: + name: + str_replace: + template: cluster_id-k8s_type-%index% + params: + cluster_id: { get_param: cluster_id } + k8s_type: etcd + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: etcd + image: { get_param: etcd_image } + flavor: { get_param: etcd_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } + secgrp: + - { get_resource: etcd-secgrp } + floating_network: { get_param: external_net } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: { get_param: cluster_id } + depends_on: + - interface masters: type: OS::Heat::ResourceGroup @@ -231,24 +428,27 @@ resources: params: cluster_id: { get_param: cluster_id } k8s_type: master - cluster_id: { get_param: cluster_id } - type: master - image: { get_param: master_image } - flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: master + image: { get_param: master_image } + flavor: { get_param: master_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: master-secgrp } + - { get_resource: node-secgrp } floating_network: { get_param: external_net } net_name: str_replace: template: openshift-ansible-cluster_id-net params: cluster_id: { get_param: cluster_id } - depends_on: interface + depends_on: + - interface - nodes: + compute_nodes: type: OS::Heat::ResourceGroup properties: count: { get_param: num_nodes } @@ -257,23 +457,62 @@ resources: properties: name: str_replace: - template: cluster_id-k8s_type-%index% + template: cluster_id-k8s_type-sub_host_type-%index% + params: + cluster_id: { get_param: cluster_id } + k8s_type: node + sub_host_type: compute + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: compute + image: { get_param: node_image } + flavor: { get_param: node_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } + secgrp: + - { get_resource: node-secgrp } + floating_network: { get_param: external_net } + net_name: + str_replace: + template: openshift-ansible-cluster_id-net + params: + cluster_id: { get_param: cluster_id } + depends_on: + - interface + + infra_nodes: + type: OS::Heat::ResourceGroup + properties: + count: { get_param: num_infra } + resource_def: + type: heat_stack_server.yaml + properties: + name: + str_replace: + template: cluster_id-k8s_type-sub_host_type-%index% params: cluster_id: { get_param: cluster_id } k8s_type: node - cluster_id: { get_param: cluster_id } - type: node - image: { get_param: node_image } - flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + sub_host_type: infra + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: infra + image: { get_param: infra_image } + flavor: { get_param: infra_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } + - { get_resource: infra-secgrp } floating_network: { get_param: external_net } net_name: str_replace: template: openshift-ansible-cluster_id-net params: cluster_id: { get_param: cluster_id } - depends_on: interface + depends_on: + - interface diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml index 55f64211a..435139849 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml @@ -9,6 +9,11 @@ parameters: label: Name description: Name + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID @@ -19,6 +24,12 @@ parameters: label: Type description: Type master or node + subtype: + type: string + label: Sub-type + description: Sub-type compute or infra for nodes, default otherwise + default: default + key_name: type: string label: Key name @@ -96,17 +107,13 @@ resources: flavor: { get_param: flavor } networks: - port: { get_resource: port } - user_data: { get_file: user-data } + user_data: { get_resource: config } user_data_format: RAW metadata: - env: { get_param: cluster_id } + environment: { get_param: cluster_env } + clusterid: { get_param: cluster_id } host-type: { get_param: type } - env-host-type: - str_template: - template: cluster_id-openshift-type - params: - cluster_id: { get_param: cluster_id } - type: { get_param: type } + sub-host-type: { get_param: subtype } port: type: OS::Neutron::Port @@ -121,3 +128,25 @@ resources: properties: floating_network: { get_param: floating_network } port_id: { get_resource: port } + + config: + type: OS::Heat::CloudConfig + properties: + cloud_config: + disable_root: true + + hostname: { get_param: name } + + system_info: + default_user: + name: openshift + sudo: ["ALL=(ALL) NOPASSWD: ALL"] + + write_files: + - path: /etc/sudoers.d/00-openshift-no-requiretty + permissions: 440 + # content: Defaults:openshift !requiretty + # Encoded in base64 to be sure that we do not forget the trailing newline or + # sudo will not be able to parse that file + encoding: b64 + content: RGVmYXVsdHM6b3BlbnNoaWZ0ICFyZXF1aXJldHR5Cg== diff --git a/playbooks/openstack/openshift-cluster/files/user-data b/playbooks/openstack/openshift-cluster/files/user-data deleted file mode 100644 index e789a5b69..000000000 --- a/playbooks/openstack/openshift-cluster/files/user-data +++ /dev/null @@ -1,7 +0,0 @@ -#cloud-config -disable_root: true - -system_info: - default_user: - name: openshift - sudo: ["ALL=(ALL) NOPASSWD: ALL"] diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 3cdd2ae4d..7e037f2af 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -1,15 +1,12 @@ --- - name: Launch instance(s) hosts: localhost + become: no connection: local gather_facts: no vars_files: - vars.yml tasks: - - fail: - msg: "Deployment type not supported for OpenStack provider yet" - when: deployment_type == 'online' - # TODO: Write an Ansible module for dealing with HEAT stacks # Dealing with the outputs is currently terrible @@ -19,45 +16,80 @@ changed_when: false failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - - name: Create OpenStack Stack - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} - -P cluster_id={{ cluster_id }} - -P dns_nameservers={{ openstack_network_dns | join(",") }} - -P cidr={{ openstack_network_cidr }} - -P ssh_incoming={{ openstack_ssh_access_from }} - -P num_masters={{ num_masters }} - -P num_nodes={{ num_nodes }} - -P master_image={{ deployment_vars[deployment_type].image }} - -P node_image={{ deployment_vars[deployment_type].image }} - -P master_flavor={{ openstack_flavor["master"] }} - -P node_flavor={{ openstack_flavor["node"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" - openshift-ansible-{{ cluster_id }}-stack' + - set_fact: + heat_stack_action: 'stack-create' when: stack_show_result.rc == 1 + - set_fact: + heat_stack_action: 'stack-update' + when: stack_show_result.rc == 0 - - name: Update OpenStack Stack - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} + - name: Create or Update OpenStack Stack + command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + --timeout {{ openstack_heat_timeout }} + -P cluster_env={{ cluster_env }} -P cluster_id={{ cluster_id }} + -P subnet_24_prefix={{ openstack_subnet_24_prefix }} -P dns_nameservers={{ openstack_network_dns | join(",") }} - -P cidr={{ openstack_network_cidr }} + -P external_net={{ openstack_network_external_net }} + -P ssh_public_key="{{ openstack_ssh_public_key }}" -P ssh_incoming={{ openstack_ssh_access_from }} + -P node_port_incoming={{ openstack_node_port_access_from }} + -P num_etcd={{ num_etcd }} -P num_masters={{ num_masters }} -P num_nodes={{ num_nodes }} + -P num_infra={{ num_infra }} + -P etcd_image={{ deployment_vars[deployment_type].image }} -P master_image={{ deployment_vars[deployment_type].image }} -P node_image={{ deployment_vars[deployment_type].image }} + -P infra_image={{ deployment_vars[deployment_type].image }} + -P etcd_flavor={{ openstack_flavor["etcd"] }} -P master_flavor={{ openstack_flavor["master"] }} -P node_flavor={{ openstack_flavor["node"] }} - -P ssh_public_key="{{ openstack_ssh_public_key }}" + -P infra_flavor={{ openstack_flavor["infra"] }} openshift-ansible-{{ cluster_id }}-stack' - when: stack_show_result.rc == 0 + args: + chdir: '{{ playbook_dir }}' - name: Wait for OpenStack Stack readiness shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}''' register: stack_show_status_result until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] retries: 30 - delay: 1 - failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] + delay: 5 + + - name: Display the stack resources + command: 'heat resource-list openshift-ansible-{{ cluster_id }}-stack' + register: stack_resource_list_result + when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] + + - name: Display the stack status + command: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack' + register: stack_show_result + when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] + + - name: Delete the stack + command: 'heat stack-delete openshift-ansible-{{ cluster_id }}-stack' + when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] + + - fail: + msg: | + + +--------------------------------------+ + | ^ | + | /!\ Failed to create the heat stack | + | /___\ | + +--------------------------------------+ + + Here is the list of stack resources and their status: + {{ stack_resource_list_result.stdout }} + + Here is the status of the stack: + {{ stack_show_result.stdout }} + + ^ Failed to create the heat stack + /!\ + /___\ Please check the `stack_status_reason` line in the above array to know why. + when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] - name: Read OpenStack Stack outputs command: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack' @@ -66,37 +98,70 @@ - set_fact: parsed_outputs: "{{ stack_show_result | oo_parse_heat_stack_outputs }}" + - name: Add new etcd instances groups and variables + add_host: + hostname: '{{ item[0] }}' + ansible_ssh_host: '{{ item[2] }}' + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_become: "{{ deployment_vars[deployment_type].become }}" + groups: 'meta-environment_{{ cluster_env }}, meta-host-type_etcd, meta-sub-host-type_default, meta-clusterid_{{ cluster_id }}' + openshift_node_labels: + type: "etcd" + with_together: + - '{{ parsed_outputs.etcd_names }}' + - '{{ parsed_outputs.etcd_ips }}' + - '{{ parsed_outputs.etcd_floating_ips }}' + - name: Add new master instances groups and variables add_host: hostname: '{{ item[0] }}' ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_master, tag_env-host-type_{{ cluster_id }}-openshift-master' + ansible_become: "{{ deployment_vars[deployment_type].become }}" + groups: 'meta-environment_{{ cluster_env }}, meta-host-type_master, meta-sub-host-type_default, meta-clusterid_{{ cluster_id }}' + openshift_node_labels: + type: "master" with_together: - - parsed_outputs.master_names - - parsed_outputs.master_ips - - parsed_outputs.master_floating_ips + - '{{ parsed_outputs.master_names }}' + - '{{ parsed_outputs.master_ips }}' + - '{{ parsed_outputs.master_floating_ips }}' - name: Add new node instances groups and variables add_host: hostname: '{{ item[0] }}' ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_env-host-type_{{ cluster_id }}-openshift-node' + ansible_become: "{{ deployment_vars[deployment_type].become }}" + groups: 'meta-environment_{{ cluster_env }}, meta-host-type_node, meta-sub-host-type_compute, meta-clusterid_{{ cluster_id }}' + openshift_node_labels: + type: "compute" + with_together: + - '{{ parsed_outputs.node_names }}' + - '{{ parsed_outputs.node_ips }}' + - '{{ parsed_outputs.node_floating_ips }}' + + - name: Add new infra instances groups and variables + add_host: + hostname: '{{ item[0] }}' + ansible_ssh_host: '{{ item[2] }}' + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_become: "{{ deployment_vars[deployment_type].become }}" + groups: 'meta-environment_{{ cluster_env }}, meta-host-type_node, meta-sub-host-type_infra, meta-clusterid_{{ cluster_id }}' + openshift_node_labels: + type: "infra" with_together: - - parsed_outputs.node_names - - parsed_outputs.node_ips - - parsed_outputs.node_floating_ips + - '{{ parsed_outputs.infra_names }}' + - '{{ parsed_outputs.infra_ips }}' + - '{{ parsed_outputs.infra_floating_ips }}' - name: Wait for ssh wait_for: host: '{{ item }}' port: 22 with_flattened: - - parsed_outputs.master_floating_ips - - parsed_outputs.node_floating_ips + - '{{ parsed_outputs.master_floating_ips }}' + - '{{ parsed_outputs.node_floating_ips }}' + - '{{ parsed_outputs.infra_floating_ips }}' - name: Wait for user setup command: 'ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ deployment_vars[deployment_type].ssh_user }}@{{ item }} echo {{ deployment_vars[deployment_type].ssh_user }} user is setup' @@ -105,8 +170,9 @@ retries: 30 delay: 1 with_flattened: - - parsed_outputs.master_floating_ips - - parsed_outputs.node_floating_ips + - '{{ parsed_outputs.master_floating_ips }}' + - '{{ parsed_outputs.node_floating_ips }}' + - '{{ parsed_outputs.infra_floating_ips }}' - include: update.yml diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml index a75e350c7..6c6f671be 100644 --- a/playbooks/openstack/openshift-cluster/list.yml +++ b/playbooks/openstack/openshift-cluster/list.yml @@ -1,11 +1,13 @@ --- - name: Generate oo_list_hosts group hosts: localhost + become: no + connection: local gather_facts: no vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} + - set_fact: scratch_group=meta-clusterid_{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' @@ -14,11 +16,9 @@ groups: oo_list_hosts ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_ssh_host: "{{ hostvars[item].ansible_ssh_host | default(item) }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) - -- name: List Hosts - hosts: oo_list_hosts - tasks: + ansible_become: "{{ deployment_vars[deployment_type].become }}" + oo_public_ipv4: "{{ hostvars[item].openstack.public_v4 }}" + oo_private_ipv4: "{{ hostvars[item].openstack.private_v4 }}" + with_items: "{{ groups[scratch_group] | default([]) | difference(['localhost']) }}" - debug: - msg: 'public:{{ansible_ssh_host}} private:{{ansible_default_ipv4.address}}' + msg: "{{ hostvars | oo_select_keys(groups[scratch_group] | default([])) | oo_pretty_print_cluster('meta-') }}" diff --git a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml b/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml deleted file mode 100644 index 2cbdb4805..000000000 --- a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Check infra - command: 'heat stack-show {{ openstack_network_prefix }}-stack' - register: stack_show_result - changed_when: false - failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr - -- name: Create infra - command: 'heat stack-create -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack' - when: stack_show_result.rc == 1 - -- name: Update infra - command: 'heat stack-update -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack' - when: stack_show_result.rc == 0 - -- name: Wait for infra readiness - shell: 'heat stack-show {{ openstack_network_prefix }}-stack | awk ''$2 == "stack_status" {print $4}''' - register: stack_show_status_result - until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS'] - retries: 30 - delay: 1 - failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE'] - -- name: Create ssh keypair - nova_keypair: - name: "{{ openstack_ssh_keypair }}" - public_key: "{{ openstack_ssh_public_key }}" diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml index fc4ec3c88..4527f4a28 100644 --- a/playbooks/openstack/openshift-cluster/terminate.yml +++ b/playbooks/openstack/openshift-cluster/terminate.yml @@ -1,5 +1,31 @@ - name: Terminate instance(s) hosts: localhost + become: no + connection: local + gather_facts: no + vars_files: + - vars.yml + tasks: + - add_host: + name: "{{ item }}" + groups: oo_hosts_to_terminate + ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + ansible_become: "{{ deployment_vars[deployment_type].become }}" + with_items: "{{ (groups['meta-environment_' ~ cluster_env]|default([])) | intersect(groups['meta-clusterid_' ~ cluster_id ]|default([])) }}" + +- name: Unsubscribe VMs + hosts: oo_hosts_to_terminate + vars_files: + - vars.yml + roles: + - role: rhel_unsubscribe + when: deployment_type in ['atomic-enterprise', 'enterprise', 'openshift-enterprise'] and + ansible_distribution == "RedHat" and + lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | + default('no', True) | lower in ['no', 'false'] + +- hosts: localhost + become: no connection: local gather_facts: no vars_files: @@ -17,6 +43,6 @@ register: stack_show_result until: stack_show_result.stdout != 'DELETE_IN_PROGRESS' retries: 60 - delay: 1 + delay: 5 failed_when: '"Stack not found" not in stack_show_result.stderr and stack_show_result.stdout != "DELETE_COMPLETE"' diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml index e006aa74a..6d2af3d26 100644 --- a/playbooks/openstack/openshift-cluster/update.yml +++ b/playbooks/openstack/openshift-cluster/update.yml @@ -1,19 +1,33 @@ --- +- hosts: localhost + gather_facts: no + tasks: + - include_vars: vars.yml + - include_vars: cluster_hosts.yml + - add_host: + name: "{{ item }}" + groups: l_oo_all_hosts + with_items: "{{ g_all_hosts }}" + +- hosts: l_oo_all_hosts + gather_facts: no + tasks: + - include_vars: vars.yml + - include_vars: cluster_hosts.yml + - name: Populate oo_hosts_to_update group hosts: localhost + connection: local + become: no gather_facts: no - vars_files: - - vars.yml tasks: - name: Evaluate oo_hosts_to_update add_host: name: "{{ item }}" groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" - ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: (groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([])) - | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([])) - | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-etcd"] | default([])) + ansible_become: "{{ deployment_vars[deployment_type].become }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index d077a6ced..79b336ce7 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -1,36 +1,37 @@ --- +debug_level: 2 openstack_infra_heat_stack: "{{ lookup('oo_option', 'infra_heat_stack' ) | default('files/heat_stack.yaml', True) }}" -openstack_network_prefix: "{{ lookup('oo_option', 'network_prefix' ) | - default('openshift-ansible-'+cluster_id, True) }}" -openstack_network_cidr: "{{ lookup('oo_option', 'net_cidr' ) | - default('192.168.' + ( ( 1048576 | random % 256 ) | string() ) + '.0/24', True) }}" +openstack_subnet_24_prefix: "{{ lookup('oo_option', 'subnet_24_prefix' ) | + default('192.168.' + ( ( 1048576 | random % 256 ) | string() ), True) }}" openstack_network_external_net: "{{ lookup('oo_option', 'external_net' ) | default('external', True) }}" -openstack_floating_ip_pools: "{{ lookup('oo_option', 'floating_ip_pools') | - default('external', True) | oo_split() }}" openstack_network_dns: "{{ lookup('oo_option', 'dns' ) | default('8.8.8.8,8.8.4.4', True) | oo_split() }}" -openstack_ssh_keypair: "{{ lookup('oo_option', 'keypair' ) | - default(lookup('env', 'LOGNAME')+'_key', True) }}" openstack_ssh_public_key: "{{ lookup('file', lookup('oo_option', 'public_key') | default('~/.ssh/id_rsa.pub', True)) }}" openstack_ssh_access_from: "{{ lookup('oo_option', 'ssh_from') | default('0.0.0.0/0', True) }}" +openstack_node_port_access_from: "{{ lookup('oo_option', 'node_port_from') | + default('0.0.0.0/0', True) }}" +openstack_heat_timeout: "{{ lookup('oo_option', 'heat_timeout') | + default('3', True) }}" openstack_flavor: + etcd: "{{ lookup('oo_option', 'etcd_flavor' ) | default('m1.small', True) }}" master: "{{ lookup('oo_option', 'master_flavor' ) | default('m1.small', True) }}" + infra: "{{ lookup('oo_option', 'infra_flavor' ) | default('m1.small', True) }}" node: "{{ lookup('oo_option', 'node_flavor' ) | default('m1.medium', True) }}" +deployment_rhel7_ent_base: + image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}" + ssh_user: openshift + become: yes + deployment_vars: origin: image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}" ssh_user: openshift - sudo: yes - online: - image: - ssh_user: root - sudo: no - enterprise: - image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.1-20150224.0.x86_64', True) }}" - ssh_user: openshift - sudo: yes + become: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" |