diff options
Diffstat (limited to 'playbooks')
67 files changed, 548 insertions, 310 deletions
diff --git a/playbooks/adhoc/create_pv/create_pv.yaml b/playbooks/adhoc/create_pv/create_pv.yaml index 0ca040ee1..347d9f574 100644 --- a/playbooks/adhoc/create_pv/create_pv.yaml +++ b/playbooks/adhoc/create_pv/create_pv.yaml @@ -3,9 +3,8 @@ # ansible-playbook -e "cli_volume_size=1" \ # -e "cli_device_name=/dev/xvdf" \ # -e "cli_hosttype=master" \ -# -e "cli_env=ops" \ +# -e "cli_clusterid=ops" \ # create_pv.yaml -# FIXME: we need to change "env" to "clusterid" as that's what it really is now. # - name: Create a volume and attach it to master hosts: localhost @@ -16,7 +15,7 @@ cli_volume_type: gp2 cli_volume_iops: '' oo_name: "{{ groups['tag_host-type_' ~ cli_hosttype] | - intersect(groups['tag_env_' ~ cli_env]) | + intersect(groups['oo_clusterid_' ~ cli_clusterid]) | first }}" pre_tasks: - fail: @@ -26,7 +25,7 @@ - cli_volume_size - cli_device_name - cli_hosttype - - cli_env + - cli_clusterid - name: set oo_name fact set_fact: @@ -57,7 +56,7 @@ args: tags: Name: "pv-{{ hostvars[oo_name]['ec2_tag_Name'] }}" - env: "{{cli_env}}" + clusterid: "{{cli_clusterid}}" register: voltags - debug: var=voltags diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 89128dd3c..4d32fc40b 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -113,7 +113,7 @@ args: tags: Name: "{{ ec2_tag_Name }}" - env: "{{ ec2_tag_env}}" + clusterid: "{{ ec2_tag_clusterid }}" register: voltags - name: Wait for volume to attach diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml index b4bcb25da..174cea460 100644 --- a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -151,7 +151,7 @@ args: tags: Name: "{{ ec2_tag_Name }}" - env: "{{ ec2_tag_env }}" + clusterid: "{{ ec2_tag_clusterid }}" register: voltags - name: check for attached drive diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 071c2cf46..d409b4086 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -6,7 +6,7 @@ # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. # The 'clusterid' is the short name of your cluster. -- hosts: tag_env_{{ clusterid }}:&tag_host-type_openshift-master +- hosts: tag_clusterid_{{ clusterid }}:&tag_host-type_openshift-master remote_user: root gather_facts: False diff --git a/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml new file mode 100755 index 000000000..0dc021fbc --- /dev/null +++ b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml @@ -0,0 +1,53 @@ +#!/usr/bin/ansible-playbook +--- +#example run: +# ansible-playbook -e "host=ops-node-compute-abcde" oo-sdn-restart.yml +# + +- name: Check vars + hosts: localhost + gather_facts: false + + pre_tasks: + - fail: + msg: "Playbook requires host to be set" + when: host is not defined or host == '' + +- name: Restart openshift/docker (and monitoring containers) + hosts: oo_version_3:&oo_name_{{ host }} + gather_facts: false + user: root + + tasks: + - name: stop openshift/docker + service: + name: "{{ item }}" + state: stopped + with_items: + - atomic-openshift-node + - docker + + - name: restart openvswitch + service: + name: openvswitch + state: restarted + + - name: wait 5 sec + pause: + seconds: 5 + + - name: start openshift/docker + service: + name: "{{ item }}" + state: started + with_items: + - atomic-openshift-node + - docker + + - name: start monitoring containers + service: + name: "{{ item }}" + state: restarted + with_items: + - oso-f22-host-monitoring + - oso-rhel7-zagg-client diff --git a/playbooks/adhoc/setupnfs.yml b/playbooks/adhoc/setupnfs.yml new file mode 100644 index 000000000..5f3631fcf --- /dev/null +++ b/playbooks/adhoc/setupnfs.yml @@ -0,0 +1,21 @@ +--- +### This playbook is old and we are currently not using NFS. +- hosts: tag_Name_nfs-v3-stg + sudo: no + remote_user: root + gather_facts: no + roles: + - role: openshift_storage_nfs_lvm + mount_dir: /exports/stg-black + volume_prefix: "kwoodsontest" + volume_size: 5 + volume_num_start: 222 + number_of_volumes: 3 + tasks: + - fetch: + dest: json/ + src: /root/"{{ item }}" + with_items: + - persistent-volume.kwoodsontest5g0222.json + - persistent-volume.kwoodsontest5g0223.json + - persistent-volume.kwoodsontest5g0224.json diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 9161076e5..ac20f5f9b 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -19,15 +19,19 @@ failed_when: false register: ostree_output + # Since we're not calling openshift_facts we'll do this for now - set_fact: is_atomic: "{{ ostree_output.rc == 0 }}" + - set_fact: + is_containerized: "{{ is_atomic or containerized | default(false) | bool }}" - name: Remove br0 interface shell: ovs-vsctl del-br br0 changed_when: False failed_when: False - - service: name={{ item }} state=stopped + - name: Stop services + service: name={{ item }} state=stopped with_items: - atomic-enterprise-master - atomic-enterprise-node @@ -36,6 +40,7 @@ - atomic-openshift-master-controllers - atomic-openshift-node - etcd + - haproxy - openshift-master - openshift-master-api - openshift-master-controllers @@ -46,8 +51,10 @@ - origin-master-controllers - origin-node - pcsd + failed_when: false - - action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" + - name: Remove packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" when: not is_atomic | bool with_items: - atomic-enterprise @@ -61,6 +68,7 @@ - atomic-openshift-sdn-ovs - corosync - etcd + - haproxy - openshift - openshift-master - openshift-node @@ -132,14 +140,26 @@ with_items: - registry\.access\..*redhat\.com/openshift3 - registry\.access\..*redhat\.com/aep3 + - registry\.access\..*redhat\.com/rhel7/etcd - docker.io/openshift - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}" changed_when: False failed_when: False with_items: "{{ images_to_delete.results }}" + + - name: Remove sdn drop files + file: + path: /run/openshift-sdn + state: absent + + - name: restart docker + service: + name: docker + state: restarted - - file: path={{ item }} state=absent + - name: Remove remaining files + file: path={{ item }} state=absent with_items: - "~{{ ansible_ssh_user }}/.kube" - /etc/ansible/facts.d/openshift.fact @@ -149,7 +169,15 @@ - /etc/openshift - /etc/openshift-sdn - /etc/origin + - /etc/systemd/system/atomic-openshift-master.service + - /etc/systemd/system/atomic-openshift-master-api.service + - /etc/systemd/system/atomic-openshift-master-controllers.service + - /etc/systemd/system/atomic-openshift-node.service + - /etc/systemd/system/etcd_container.service + - /etc/systemd/system/openvswitch.service - /etc/sysconfig/atomic-enterprise-master + - /etc/sysconfig/atomic-enterprise-master-api + - /etc/sysconfig/atomic-enterprise-master-controllers - /etc/sysconfig/atomic-enterprise-node - /etc/sysconfig/atomic-openshift-master - /etc/sysconfig/atomic-openshift-master-api diff --git a/playbooks/aws/openshift-cluster/cluster_hosts.yml b/playbooks/aws/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..d6b413c6f --- /dev/null +++ b/playbooks/aws/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type_nfs']|default([])) + | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 50fe42d6c..abdb23d78 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -1,26 +1,14 @@ --- -- hosts: localhost - gather_facts: no - connection: local - become: no - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../aws/openshift-cluster/vars.yml + - ../../aws/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml index 8341ba9c1..8b41a355e 100644 --- a/playbooks/aws/openshift-cluster/list.yml +++ b/playbooks/aws/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid_{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/aws/openshift-cluster/scaleup.yml b/playbooks/aws/openshift-cluster/scaleup.yml index 9c9118286..c2135cd03 100644 --- a/playbooks/aws/openshift-cluster/scaleup.yml +++ b/playbooks/aws/openshift-cluster/scaleup.yml @@ -7,9 +7,6 @@ vars_files: - vars.yml tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - name: Evaluate oo_hosts_to_update add_host: name: "{{ item }}" @@ -21,16 +18,16 @@ - include: ../../common/openshift-cluster/update_repos_and_packages.yml - include: ../../common/openshift-cluster/scaleup.yml + vars_files: + - ../../aws/openshift-cluster/vars.yml + - ../../aws/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" g_new_node_hosts: "{{ groups.nodes_to_add }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/service.yml b/playbooks/aws/openshift-cluster/service.yml index ce0992a45..d5f7d6b19 100644 --- a/playbooks/aws/openshift-cluster/service.yml +++ b/playbooks/aws/openshift-cluster/service.yml @@ -6,6 +6,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - fail: msg="cluster_id is required to be injected in this playbook" when: cluster_id is not defined @@ -16,7 +17,7 @@ groups: g_service_masters ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | default([]) }}" + with_items: "{{ master_hosts | default([]) }}" - name: Evaluate g_service_nodes add_host: @@ -24,7 +25,7 @@ groups: g_service_nodes ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_node_hosts | default([]) }}" + with_items: "{{ node_hosts | default([]) }}" - include: ../../common/openshift-node/service.yml - include: ../../common/openshift-master/service.yml diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 1fbd71a75..6090ed6fe 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -2,7 +2,8 @@ - set_fact: created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}" docker_vol_ephemeral: "{{ lookup('env', 'os_docker_vol_ephemeral') | default(false, true) }}" - env: "{{ cluster }}" + cluster: "{{ cluster_id }}" + env: "{{ cluster_env }}" host_type: "{{ type }}" sub_host_type: "{{ g_sub_host_type }}" @@ -123,7 +124,8 @@ wait: yes instance_tags: created-by: "{{ created_by }}" - env: "{{ env }}" + clusterid: "{{ cluster }}" + environment: "{{ cluster_env }}" host-type: "{{ host_type }}" sub-host-type: "{{ sub_host_type }}" volumes: "{{ volumes }}" @@ -139,7 +141,8 @@ Name: "{{ item.0 }}" - set_fact: - instance_groups: "tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}" + instance_groups: "tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }}, tag_environment_{{ cluster_env }}, + tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}" - set_fact: node_label: diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml index aafd40c43..4b9c80b14 100644 --- a/playbooks/aws/openshift-cluster/terminate.yml +++ b/playbooks/aws/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) + with_items: (groups['tag_clusterid_' ~ cluster_id] | default([])) | difference(['localhost']) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -29,34 +28,35 @@ connection: local become: no gather_facts: no - vars: - host_vars: "{{ hostvars - | oo_select_keys(groups['oo_hosts_to_terminate']) }}" tasks: - name: Remove tags from instances - ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent - args: + ec2_tag: + resource: "{{ hostvars[item]['ec2_id'] }}" + region: "{{ hostvars[item]['ec2_region'] }}" + state: absent tags: - env: "{{ item['ec2_tag_env'] }}" - host-type: "{{ item['ec2_tag_host-type'] }}" - sub_host_type: "{{ item['ec2_tag_sub-host-type'] }}" - with_items: host_vars + environment: "{{ hostvars[item]['ec2_tag_environment'] }}" + clusterid: "{{ hostvars[item]['ec2_tag_clusterid'] }}" + host-type: "{{ hostvars[item]['ec2_tag_host-type'] }}" + sub_host_type: "{{ hostvars[item]['ec2_tag_sub-host-type'] }}" + with_items: groups.oo_hosts_to_terminate when: "'oo_hosts_to_terminate' in groups" - name: Terminate instances ec2: state: absent - instance_ids: ["{{ item.ec2_id }}"] - region: "{{ item.ec2_region }}" + instance_ids: ["{{ hostvars[item].ec2_id }}"] + region: "{{ hostvars[item].ec2_region }}" ignore_errors: yes register: ec2_term - with_items: host_vars + with_items: groups.oo_hosts_to_terminate when: "'oo_hosts_to_terminate' in groups" # Fail if any of the instances failed to terminate with an error other # than 403 Forbidden - - fail: msg=Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }} - when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" + - fail: + msg: "Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }}" + when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed" with_items: ec2_term.results - name: Stop instance if termination failed @@ -65,7 +65,7 @@ instance_ids: ["{{ item.item.ec2_id }}"] region: "{{ item.item.ec2_region }}" register: ec2_stop - when: "'oo_hosts_to_terminate' in groups and item.failed" + when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed" with_items: ec2_term.results - name: Rename stopped instances diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml index 3df0c3f3a..32bab76b5 100644 --- a/playbooks/aws/openshift-cluster/update.yml +++ b/playbooks/aws/openshift-cluster/update.yml @@ -4,13 +4,9 @@ connection: local become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Update - Evaluate oo_hosts_to_update add_host: @@ -18,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 20cc97c8a..11026e38d 100644 --- a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -2,32 +2,16 @@ # This playbook upgrades an existing AWS cluster, leaving nodes untouched if used with an 'online' deployment type. # Usage: # ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=online -e cluster_id=<cluster_id> -- hosts: localhost - gather_facts: no - vars_files: - - ../../vars.yml - - "../../vars.{{ deployment_type }}.{{ cluster_id }}.yml" - - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - - set_fact: - tmp_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" - when: deployment_type != 'online' - - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../aws/openshift-cluster/vars.yml')}}" + - "{{lookup('file', '../../../../aws/openshift-cluster/cluster_hosts.yml')}}" vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index 95bc4b3e2..ae12286bd 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -1,8 +1,23 @@ --- +debug_level: 2 + +deployment_rhel7_ent_base: + # rhel-7.1, requires cloud access subscription + image: ami-10663b78 + image_name: + region: us-east-1 + ssh_user: ec2-user + sudo: yes + keypair: libra + type: m4.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: + deployment_vars: origin: # centos-7, requires marketplace - image: ami-96a818fe + image: ami-61bbf104 image_name: region: us-east-1 ssh_user: centos @@ -24,15 +39,6 @@ deployment_vars: security_groups: [ 'public' ] vpc_subnet: assign_public_ip: - enterprise: - # rhel-7.1, requires cloud access subscription - image: ami-10663b78 - image_name: - region: us-east-1 - ssh_user: ec2-user - sudo: yes - keypair: libra - type: m4.large - security_groups: [ 'public' ] - vpc_subnet: - assign_public_ip: + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/byo/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..e093b2580 --- /dev/null +++ b/playbooks/byo/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,13 @@ +--- +g_etcd_hosts: "{{ groups.etcd | default([]) }}" + +g_lb_hosts: "{{ groups.lb | default([]) }}" + +g_master_hosts: "{{ groups.masters | default([]) }}" + +g_node_hosts: "{{ groups.nodes | default([]) }}" + +g_nfs_hosts: "{{ groups.nfs | default([]) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index ba8fe0a52..5887b3208 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -1,10 +1,8 @@ --- - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../byo/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ groups.etcd | default([]) }}" - g_master_hosts: "{{ groups.masters | default([]) }}" - g_node_hosts: "{{ groups.nodes | default([]) }}" - g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level | default(2) }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/scaleup.yml b/playbooks/byo/openshift-cluster/scaleup.yml index 8f8ef6f21..1702690f6 100644 --- a/playbooks/byo/openshift-cluster/scaleup.yml +++ b/playbooks/byo/openshift-cluster/scaleup.yml @@ -1,10 +1,8 @@ --- - include: ../../common/openshift-cluster/scaleup.yml + vars_files: + - ../../byo/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ groups.etcd | default([]) }}" - g_master_hosts: "{{ groups.masters | default([]) }}" - g_new_node_hosts: "{{ groups.new_nodes | default([]) }}" - g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level | default(2) }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md index ce7aebf8e..ca01dbc9d 100644 --- a/playbooks/byo/openshift-cluster/upgrades/README.md +++ b/playbooks/byo/openshift-cluster/upgrades/README.md @@ -1,6 +1,6 @@ # Upgrade playbooks The playbooks provided in this directory can be used for upgrading an existing -environment. Additional notes for the associated upgrade playbooks are +cluster. Additional notes for the associated upgrade playbooks are provided in their respective directories. # Upgrades available diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml index 56e79e8c2..b52456dcd 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml @@ -1,8 +1,11 @@ --- - include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}" vars: g_etcd_hosts: "{{ groups.etcd | default([]) }}" g_master_hosts: "{{ groups.masters | default([]) }}" + g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_node_hosts: "{{ groups.nodes | default([]) }}" g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index b4b4f3ec0..e07e2b88e 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -1,8 +1,11 @@ --- - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}" vars: g_etcd_hosts: "{{ groups.etcd | default([]) }}" g_master_hosts: "{{ groups.masters | default([]) }}" + g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_node_hosts: "{{ groups.nodes | default([]) }}" g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 482fa8441..11e5b68f6 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,8 +1,12 @@ --- - include: evaluate_groups.yml +- include: ../openshift-docker/config.yml + - include: ../openshift-etcd/config.yml +- include: ../openshift-nfs/config.yml + - include: ../openshift-master/config.yml - include: ../openshift-node/config.yml diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 6343a2567..db7105ed5 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -21,6 +21,14 @@ msg: This playbook requires g_lb_hosts to be set when: g_lb_hosts is not defined + - fail: + msg: This playbook requires g_nfs_hosts to be set + when: g_nfs_hosts is not defined + + - fail: + msg: The nfs group must be limited to one host + when: (groups[g_nfs_hosts] | default([])) | length > 1 + - name: Evaluate oo_etcd_to_config add_host: name: "{{ item }}" @@ -81,3 +89,11 @@ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" ansible_sudo: "{{ g_sudo | default(omit) }}" with_items: "{{ g_lb_hosts | default([]) }}" + + - name: Evaluate oo_nfs_to_config + add_host: + name: "{{ item }}" + groups: oo_nfs_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ g_nfs_hosts | default([]) }}" diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 190e2d862..88736ee03 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -4,9 +4,10 @@ openshift_deployment_type: "{{ deployment_type }}" roles: - role: rhel_subscribe - when: deployment_type == "enterprise" and + when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and ansible_distribution == "RedHat" and lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] + and not openshift.common.is_atomic | bool - openshift_repos - os_update_latest diff --git a/playbooks/common/openshift-cluster/upgrades/files/versions.sh b/playbooks/common/openshift-cluster/upgrades/files/versions.sh index c7c966b60..b46407ed7 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/versions.sh +++ b/playbooks/common/openshift-cluster/upgrades/files/versions.sh @@ -1,9 +1,8 @@ #!/bin/bash -yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') - -yum_available=$(yum list available -q "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') +yum_installed=$(yum list installed -e 0 -q "$@" 2>&1 | tail -n +2 | awk '{ print $2 }' | tr '\n' ' ') +yum_available=$(yum list available -e 0 -q "$@" 2>&1 | tail -n +2 | grep -v 'el7ose' | awk '{ print $2 }' | tr '\n' ' ') echo "---" echo "curr_version: ${yum_installed}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index fc098b4ed..68df2153d 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -29,6 +29,7 @@ hosts: oo_first_master vars: openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}" gather_facts: no tasks: # Pacemaker is currently the only supported upgrade path for multiple masters @@ -45,8 +46,8 @@ - fail: msg: > openshift_pkg_version is {{ openshift_pkg_version }} which is not a - valid version for a 3.1 upgrade - when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare('3.0.2.900','<') + valid version for a {{ target_version }} upgrade + when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<') # If this script errors out ansible will show the default stdout/stderr # which contains details for the user: @@ -55,6 +56,8 @@ - name: Verify upgrade can proceed hosts: oo_masters_to_config:oo_nodes_to_config + vars: + target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}" tasks: - name: Clean package cache command: "{{ ansible_pkg_mgr }} clean all" @@ -77,8 +80,8 @@ when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') - fail: - msg: Atomic OpenShift 3.1 packages not found - when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + msg: Upgrade packages not found + when: (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) - set_fact: pre_upgrade_complete: True @@ -235,6 +238,7 @@ - name: Ensure python-yaml present for config upgrade action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" + when: not openshift.common.is_atomic | bool - name: Upgrade master configuration openshift_upgrade_config: diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml new file mode 100644 index 000000000..092d5533c --- /dev/null +++ b/playbooks/common/openshift-docker/config.yml @@ -0,0 +1,9 @@ +- name: Configure docker hosts + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config + vars: + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}" + docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}" + docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" + roles: + - openshift_facts + - openshift_docker diff --git a/playbooks/common/openshift-docker/filter_plugins b/playbooks/common/openshift-docker/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-docker/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/lookup_plugins b/playbooks/common/openshift-docker/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-docker/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/roles b/playbooks/common/openshift-docker/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/common/openshift-docker/roles @@ -0,0 +1 @@ +../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 6dee196e3..9a5ae0e6b 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -14,7 +14,8 @@ public_hostname: "{{ openshift_public_hostname | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" - role: etcd - local_facts: {} + local_facts: + etcd_image: "{{ osm_etcd_image | default(None) }}" - name: Check status of etcd certificates stat: path: "{{ item }}" @@ -88,6 +89,7 @@ roles: - etcd - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - name: Delete temporary directory on localhost hosts: localhost diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index dd638487a..677c274c4 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -232,31 +232,36 @@ balance: source servers: "{{ hostvars.localhost.haproxy_backend_servers }}" roles: + - role: openshift_facts - role: haproxy when: groups.oo_masters_to_config | length > 1 -- name: Generate master session keys +- name: Check for cached session secrets + hosts: oo_first_master + roles: + - role: openshift_facts + post_tasks: + - openshift_facts: + role: master + local_facts: + session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}" + session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}" + +- name: Generate master session secrets hosts: oo_first_master + vars: + g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([]) and openshift.master.session_encryption_secrets | default([])) | length > 0 }}" + g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}" + g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}" + roles: + - role: openshift_facts tasks: - - fail: - msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set" - when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined) - - fail: - msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" - when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) - - name: Install OpenSSL package - action: "{{ ansible_pkg_mgr }} name=openssl state=present" - - name: Generate session authentication key - command: /usr/bin/openssl rand -base64 24 - register: session_auth_output - when: openshift_master_session_auth_secrets is undefined - - name: Generate session encryption key - command: /usr/bin/openssl rand -base64 24 - register: session_encryption_output - when: openshift_master_session_encryption_secrets is undefined - - set_fact: - session_auth_secret: "{{ openshift_master_session_auth_secrets | default([session_auth_output.stdout]) }}" - session_encryption_secret: "{{ openshift_master_session_encryption_secrets | default([session_encryption_output.stdout]) }}" + - openshift_facts: + role: master + local_facts: + session_auth_secrets: "{{ g_session_auth_secrets }}" + session_encryption_secrets: "{{ g_session_encryption_secrets }}" + when: not g_session_secrets_present | bool - name: Parse named certificates hosts: localhost @@ -312,8 +317,8 @@ sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" openshift_master_count: "{{ groups.oo_masters_to_config | length }}" - openshift_master_session_auth_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_auth_secret'] }}" - openshift_master_session_encryption_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_encryption_secret'] }}" + openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}" + openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -328,6 +333,7 @@ roles: - openshift_master - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - role: fluentd_master when: openshift.common.use_fluentd | bool post_tasks: @@ -356,7 +362,7 @@ cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}" roles: - role: cockpit - when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and + when: not openshift.common.is_containerized and ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and (osm_use_cockpit | bool or osm_use_cockpit is undefined ) - name: Configure flannel @@ -394,7 +400,15 @@ - name: Create services hosts: oo_first_master + vars: + attach_registry_volume: "{{ groups.oo_nfs_to_config | length > 0 }}" + pre_tasks: + - set_fact: + nfs_host: "{{ groups.oo_nfs_to_config.0 }}" + registry_volume_path: "{{ hostvars[groups.oo_nfs_to_config.0].openshift.nfs.exports_dir + '/' + hostvars[groups.oo_nfs_to_config.0].openshift.nfs.registry_volume }}" + when: attach_registry_volume | bool roles: - role: openshift_router when: openshift.master.infra_nodes is defined - #- role: openshift_registry + - role: openshift_registry + when: openshift.master.infra_nodes is defined and attach_registry_volume | bool diff --git a/playbooks/common/openshift-nfs/config.yml b/playbooks/common/openshift-nfs/config.yml new file mode 100644 index 000000000..e3f5c17ca --- /dev/null +++ b/playbooks/common/openshift-nfs/config.yml @@ -0,0 +1,5 @@ +--- +- name: Configure nfs hosts + hosts: oo_nfs_to_config + roles: + - role: openshift_storage_nfs diff --git a/playbooks/common/openshift-nfs/filter_plugins b/playbooks/common/openshift-nfs/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-nfs/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/lookup_plugins b/playbooks/common/openshift-nfs/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-nfs/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/roles b/playbooks/common/openshift-nfs/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/common/openshift-nfs/roles @@ -0,0 +1 @@ +../../../roles/
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/service.yml b/playbooks/common/openshift-nfs/service.yml new file mode 100644 index 000000000..20c8ca248 --- /dev/null +++ b/playbooks/common/openshift-nfs/service.yml @@ -0,0 +1,18 @@ +--- +- name: Populate g_service_nfs host group if needed + hosts: localhost + gather_facts: no + tasks: + - fail: msg="new_cluster_state is required to be injected in this playbook" + when: new_cluster_state is not defined + + - name: Evaluate g_service_nfs + add_host: name={{ item }} groups=g_service_nfs + with_items: oo_host_group_exp | default([]) + +- name: Change state on nfs instance(s) + hosts: g_service_nfs + connection: ssh + gather_facts: no + tasks: + - service: name=nfs-server state="{{ new_cluster_state }}" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 69ccb0cb8..483a7768c 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -16,6 +16,7 @@ hostname: "{{ openshift_hostname | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" + use_flannel: "{{ openshift_use_flannel | default(None) }}" - role: node local_facts: labels: "{{ openshift_node_labels | default(None) }}" @@ -181,6 +182,7 @@ - role: flannel when: openshift.common.use_flannel | bool - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - role: fluentd_node when: openshift.common.use_fluentd | bool tasks: diff --git a/playbooks/gce/openshift-cluster/cluster_hosts.yml b/playbooks/gce/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..2bfcedfc9 --- /dev/null +++ b/playbooks/gce/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type-nfs']|default([])) + | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 5bf98c2d5..3231ecc8e 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -1,32 +1,16 @@ --- # TODO: fix firewall related bug with GCE and origin, since GCE is overriding # /etc/sysconfig/iptables - -- hosts: localhost - gather_facts: no - connection: local - become: no - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - use_sdn: "{{ do_we_use_openshift_sdn }}" - sdn_plugin: "{{ sdn_network_plugin }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../gce/openshift-cluster/vars.yml + - ../../gce/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" - openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" - os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" + openshift_use_openshift_sdn: "{{ do_we_use_openshift_sdn }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index ab593b897..acf5e5110 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -4,13 +4,9 @@ connection: local become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -28,6 +24,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_nodes_to_config add_host: @@ -38,11 +35,11 @@ - name: Evaluate oo_first_master add_host: - name: "{{ g_master_hosts | first }}" + name: "{{ master_hosts | first }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: oo_first_master - when: g_master_hosts is defined and g_master_hosts|length > 0 + when: master_hosts is defined and master_hosts|length > 0 #- include: config.yml - include: ../../common/openshift-node/config.yml diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index b9ff89c79..e67685912 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid-{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/gce/openshift-cluster/service.yml b/playbooks/gce/openshift-cluster/service.yml index 337ba7e44..8925de4cb 100644 --- a/playbooks/gce/openshift-cluster/service.yml +++ b/playbooks/gce/openshift-cluster/service.yml @@ -6,6 +6,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - fail: msg="cluster_id is required to be injected in this playbook" when: cluster_id is not defined @@ -15,14 +16,14 @@ groups: g_service_nodes ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" + with_items: "{{ node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" - add_host: name: "{{ item }}" groups: g_service_masters ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" + with_items: "{{ master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" - include: ../../common/openshift-node/service.yml - include: ../../common/openshift-master/service.yml diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 2360a3263..488b62eb9 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -16,7 +16,8 @@ #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - - env-{{ cluster }} + - environment-{{ cluster_env }} + - clusterid-{{ cluster_id }} - host-type-{{ type }} - sub-host-type-{{ g_sub_host_type }} when: instances |length > 0 diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index f4e89983b..faa46c0d6 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) + with_items: (groups['tag_clusterid-' ~ cluster_id] | default([])) | difference(['localhost']) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate diff --git a/playbooks/gce/openshift-cluster/update.yml b/playbooks/gce/openshift-cluster/update.yml index d60662397..dadceae58 100644 --- a/playbooks/gce/openshift-cluster/update.yml +++ b/playbooks/gce/openshift-cluster/update.yml @@ -1,16 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -18,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index a8ce8eb22..7fb13c7a6 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,7 +1,15 @@ --- do_we_use_openshift_sdn: true -sdn_network_plugin: redhat/openshift-ovs-subnet +sdn_network_plugin: redhat/openshift-ovs-subnet +debug_level: 2 # os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation + +deployment_rhel7_ent_base: + image: rhel-7 + machine_type: n1-standard-1 + ssh_user: + sudo: yes + deployment_vars: origin: image: preinstalled-slave-50g-v5 @@ -13,8 +21,6 @@ deployment_vars: machine_type: n1-standard-1 ssh_user: root sudo: no - enterprise: - image: rhel-7 - machine_type: n1-standard-1 - ssh_user: - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/libvirt/openshift-cluster/cluster_hosts.yml b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..198a3e4e2 --- /dev/null +++ b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index b84bde084..be9cbbfaa 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -2,26 +2,14 @@ # TODO: need to figure out a plan for setting hostname, currently the default # is localhost, so no hostname value (or public_hostname) value is getting # assigned - -- hosts: localhost - gather_facts: no - become: no - connection: local - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../libvirt/openshift-cluster/vars.yml + - ../../libvirt/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" + g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/libvirt/openshift-cluster/list.yml b/playbooks/libvirt/openshift-cluster/list.yml index d89e699f2..6cb81ee79 100644 --- a/playbooks/libvirt/openshift-cluster/list.yml +++ b/playbooks/libvirt/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid-{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml index 8a67d713f..397158b9e 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml @@ -4,13 +4,17 @@ dest: "{{ libvirt_storage_pool_path }}" state: directory +# We need to set permissions on the directory and any items created under the directory, so we need to call the acl module with and without default set. - acl: - default: yes + default: "{{ item }}" entity: kvm etype: group name: "{{ libvirt_storage_pool_path }}" permissions: rwx state: present + with_items: + - no + - yes - name: Test if libvirt storage pool for openshift already exists command: "virsh -c {{ libvirt_uri }} pool-info {{ libvirt_storage_pool }}" diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index ae8275ef6..ff1cedc94 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -88,7 +88,7 @@ ansible_ssh_host: '{{ item.1 }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env-{{ cluster }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}' + groups: "tag_environment-{{ cluster_env }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}, tag_clusterid-{{ cluster_id }}" with_together: - instances - ips diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index c4ac6a434..0ca8e0974 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -3,7 +3,8 @@ <memory unit='GiB'>1</memory> <metadata xmlns:ansible="https://github.com/ansible/ansible"> <ansible:tags> - <ansible:tag>env-{{ cluster }}</ansible:tag> + <ansible:tag>environment-{{ cluster_env }}</ansible:tag> + <ansible:tag>clusterid-{{ cluster }}</ansible:tag> <ansible:tag>host-type-{{ type }}</ansible:tag> <ansible:tag>sub-host-type-{{ g_sub_host_type }}</ansible:tag> </ansible:tags> diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml index a6b963608..8d845c8f2 100644 --- a/playbooks/libvirt/openshift-cluster/terminate.yml +++ b/playbooks/libvirt/openshift-cluster/terminate.yml @@ -9,7 +9,7 @@ vars_files: - vars.yml tasks: - - set_fact: cluster_group=tag_env-{{ cluster_id }} + - set_fact: cluster_group=tag_clusterid-{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml index 5e2bd3a3d..2dc540978 100644 --- a/playbooks/libvirt/openshift-cluster/update.yml +++ b/playbooks/libvirt/openshift-cluster/update.yml @@ -1,17 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -19,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index 67cfbcdb8..da628786b 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -3,6 +3,20 @@ libvirt_storage_pool_path: "{{ lookup('env','HOME') }}/libvirt-storage-pool-open libvirt_storage_pool: 'openshift-ansible' libvirt_network: openshift-ansible libvirt_uri: 'qemu:///system' +debug_level: 2 + +# Automatic download of the qcow2 image for RHEL cannot be done directly from the RedHat portal because it requires authentication. +# The default value of image_url for enterprise and openshift-enterprise deployment types below won't work. +deployment_rhel7_ent_base: + image: + url: "{{ lookup('oo_option', 'image_url') | + default('https://access.cdn.redhat.com//content/origin/files/sha256/25/25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0/rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + name: "{{ lookup('oo_option', 'image_name') | + default('rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + sha256: "{{ lookup('oo_option', 'image_sha256') | + default('25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0', True) }}" + ssh_user: openshift + sudo: yes deployment_vars: origin: @@ -24,18 +38,6 @@ deployment_vars: sha256: ssh_user: root sudo: no - enterprise: - image: - url: "{{ lookup('oo_option', 'image_url') | - default('https://access.cdn.redhat.com//content/origin/files/sha256/ff/ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3/rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - name: "{{ lookup('oo_option', 'image_name') | - default('rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - sha256: "{{ lookup('oo_option', 'image_sha256') | - default('ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3', True) }}" - ssh_user: openshift - sudo: yes -# origin: -# fedora: -# url: "http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.qcow2" -# name: Fedora-Cloud-Base-20141203-21.x86_64.qcow2 -# sha256: 3a99bb89f33e3d4ee826c8160053cdb8a72c80cd23350b776ce73cd244467d86 + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/openstack/openshift-cluster/cluster_hosts.yml b/playbooks/openstack/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..bc586d983 --- /dev/null +++ b/playbooks/openstack/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type_nfs']|default([])) + | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index da7b5cc49..b338d2eb4 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -1,23 +1,13 @@ -- hosts: localhost - gather_facts: no - become: no - connection: local - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - +--- - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../openstack/openshift-cluster/vars.yml + - ../../openstack/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_nodeonmaster: true + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index bfd73c777..4f6a59a30 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -4,6 +4,11 @@ description: OpenShift cluster parameters: + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID @@ -345,13 +350,14 @@ resources: params: cluster_id: { get_param: cluster_id } k8s_type: etcd - cluster_id: { get_param: cluster_id } - type: etcd - image: { get_param: etcd_image } - flavor: { get_param: etcd_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: etcd + image: { get_param: etcd_image } + flavor: { get_param: etcd_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: etcd-secgrp } floating_network: { get_param: floating_ip_pool } @@ -375,13 +381,14 @@ resources: params: cluster_id: { get_param: cluster_id } k8s_type: master - cluster_id: { get_param: cluster_id } - type: master - image: { get_param: master_image } - flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: master + image: { get_param: master_image } + flavor: { get_param: master_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: master-secgrp } floating_network: { get_param: floating_ip_pool } @@ -406,14 +413,15 @@ resources: cluster_id: { get_param: cluster_id } k8s_type: node sub_host_type: compute - cluster_id: { get_param: cluster_id } - type: node - subtype: compute - image: { get_param: node_image } - flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: compute + image: { get_param: node_image } + flavor: { get_param: node_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } floating_network: { get_param: floating_ip_pool } @@ -438,14 +446,15 @@ resources: cluster_id: { get_param: cluster_id } k8s_type: node sub_host_type: infra - cluster_id: { get_param: cluster_id } - type: node - subtype: infra - image: { get_param: infra_image } - flavor: { get_param: infra_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: infra + image: { get_param: infra_image } + flavor: { get_param: infra_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } - { get_resource: infra-secgrp } diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml index 3f24a3e45..f83f2c984 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml @@ -9,6 +9,11 @@ parameters: label: Name description: Name + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID @@ -105,7 +110,8 @@ resources: user_data: { get_file: user-data } user_data_format: RAW metadata: - env: { get_param: cluster_id } + environment: { get_param: cluster_env } + clusterid: { get_param: cluster_id } host-type: { get_param: type } sub-host-type: { get_param: subtype } diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 876ca595a..fdcb77acc 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -29,6 +29,7 @@ - name: Create or Update OpenStack Stack command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + -P cluster_env={{ cluster_env }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -71,7 +72,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_etcd, tag_sub-host-type_default' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_etcd, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.etcd_names - parsed_outputs.etcd_ips @@ -83,7 +84,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_master, tag_sub-host-type_default' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_master, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.master_names - parsed_outputs.master_ips @@ -95,7 +96,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_compute' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_compute, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.node_names - parsed_outputs.node_ips @@ -107,7 +108,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_infra' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_infra, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.infra_names - parsed_outputs.infra_ips diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml index 436d3e6f7..123ebd323 100644 --- a/playbooks/openstack/openshift-cluster/list.yml +++ b/playbooks/openstack/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid_{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml index 2a7f04505..d4ab51fa7 100644 --- a/playbooks/openstack/openshift-cluster/terminate.yml +++ b/playbooks/openstack/openshift-cluster/terminate.yml @@ -6,13 +6,12 @@ vars_files: - vars.yml tasks: - - set_fact: cluster_group=tag_env_{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[cluster_group] | default([]) + with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | intersect(groups['tag_clusterid_' ~ cluster_id ]|default([])) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml index 4ecf75a5d..2dc540978 100644 --- a/playbooks/openstack/openshift-cluster/update.yml +++ b/playbooks/openstack/openshift-cluster/update.yml @@ -1,17 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -19,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index e3796c91f..76cde1706 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -1,4 +1,5 @@ --- +debug_level: 2 openstack_infra_heat_stack: "{{ lookup('oo_option', 'infra_heat_stack' ) | default('files/heat_stack.yaml', True) }}" openstack_network_cidr: "{{ lookup('oo_option', 'net_cidr' ) | @@ -19,6 +20,11 @@ openstack_flavor: infra: "{{ lookup('oo_option', 'infra_flavor' ) | default('m1.small', True) }}" node: "{{ lookup('oo_option', 'node_flavor' ) | default('m1.medium', True) }}" +deployment_rhel7_ent_base: + image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}" + ssh_user: openshift + sudo: yes + deployment_vars: origin: image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}" @@ -28,7 +34,6 @@ deployment_vars: image: ssh_user: root sudo: no - enterprise: - image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.1-20150224.0.x86_64', True) }}" - ssh_user: openshift - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" |