summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/byo/openshift-cluster/config.yml6
-rw-r--r--playbooks/common/openshift-cluster/config.yml2
-rw-r--r--playbooks/common/openshift-cluster/openshift_hosted.yml106
-rw-r--r--playbooks/common/openshift-cluster/verify_ansible_version.yml3
-rw-r--r--playbooks/common/openshift-master/config.yml4
-rw-r--r--playbooks/common/openshift-master/scaleup.yml4
-rw-r--r--playbooks/common/openshift-nfs/config.yml2
-rw-r--r--playbooks/common/openshift-node/config.yml14
8 files changed, 45 insertions, 96 deletions
diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml
index 0b85b2485..fccb03982 100644
--- a/playbooks/byo/openshift-cluster/config.yml
+++ b/playbooks/byo/openshift-cluster/config.yml
@@ -1,7 +1,8 @@
---
- include: ../../common/openshift-cluster/verify_ansible_version.yml
-- hosts: localhost
+- name: Create initial host groups for localhost
+ hosts: localhost
connection: local
become: no
gather_facts: no
@@ -14,7 +15,8 @@
groups: l_oo_all_hosts
with_items: "{{ g_all_hosts | default([]) }}"
-- hosts: l_oo_all_hosts
+- name: Create initial host groups for all hosts
+ hosts: l_oo_all_hosts
gather_facts: no
tags:
- always
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index d6a99fcda..801c8065d 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -13,7 +13,7 @@
- include: initialize_openshift_version.yml
-- name: Set oo_options
+- name: Set oo_option facts
hosts: oo_all_hosts
tags:
- always
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
index 4aca4daf4..2ba7fded5 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted.yml
+++ b/playbooks/common/openshift-cluster/openshift_hosted.yml
@@ -19,6 +19,12 @@
openshift_hosted_router_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
openshift_hosted_registry_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}"
when: "'master' in hostvars[groups.oo_first_master.0].openshift and 'registry_url' in hostvars[groups.oo_first_master.0].openshift.master"
+ - set_fact:
+ logging_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift.master.default_subdomain | default('router.default.svc.cluster.local', true))) }}"
+ logging_ops_hostname: "{{ openshift_hosted_logging_ops_hostname | default('kibana-ops.' ~ (openshift.master.default_subdomain | default('router.default.svc.cluster.local', true))) }}"
+ logging_master_public_url: "{{ openshift_hosted_logging_master_public_url | default(openshift.master.public_api_url) }}"
+ logging_elasticsearch_cluster_size: "{{ openshift_hosted_logging_elasticsearch_cluster_size | default(1) }}"
+ logging_elasticsearch_ops_cluster_size: "{{ openshift_hosted_logging_elasticsearch_ops_cluster_size | default(1) }}"
roles:
- role: openshift_cli
- role: openshift_hosted_facts
@@ -43,88 +49,20 @@
when: not openshift.common.version_gte_3_2_or_1_2
- role: openshift_hosted
- role: openshift_metrics
- when: openshift.hosted.metrics.deploy | bool
- - role: cockpit-ui
- when: openshift.common.deployment_subtype == 'registry'
+ when: openshift_hosted_metrics_deploy | default(false) | bool
+ - role: openshift_hosted_logging
+ when: openshift_hosted_logging_deploy | default(false) | bool
+ openshift_hosted_logging_hostname: "{{ logging_hostname }}"
+ openshift_hosted_logging_ops_hostname: "{{ logging_ops_hostname }}"
+ openshift_hosted_logging_master_public_url: "{{ logging_master_public_url }}"
+ openshift_hosted_logging_elasticsearch_cluster_size: "{{ logging_elasticsearch_cluster_size }}"
+ openshift_hosted_logging_elasticsearch_pvc_dynamic: "{{ 'true' if openshift.hosted.logging.storage_kind | default(none) == 'dynamic' else 'false' }}"
+ openshift_hosted_logging_elasticsearch_pvc_size: "{{ openshift.hosted.logging.storage.volume.size if openshift.hosted.logging.storage_kind | default(none) == 'dynamic' else '' }}"
+ openshift_hosted_logging_elasticsearch_pvc_prefix: "{{ 'logging-es' if openshift.hosted.logging.storage_kind | default(none) is not none else '' }}"
+ openshift_hosted_logging_elasticsearch_ops_cluster_size: "{{ logging_elasticsearch_ops_cluster_size }}"
+ openshift_hosted_logging_elasticsearch_ops_pvc_dynamic: "{{ 'true' if openshift.hosted.logging.storage_kind | default(none) == 'dynamic' else 'false' }}"
+ openshift_hosted_logging_elasticsearch_ops_pvc_size: "{{ openshift.hosted.logging.storage.volume.size if openshift.hosted.logging.storage_kind | default(none) == 'dynamic' else '' }}"
+ openshift_hosted_logging_elasticsearch_ops_pvc_prefix: "{{ 'logging-es' if openshift.hosted.logging.storage_kind | default(none) is not none else '' }}"
-- name: Configure CA certificate for secure registry
- hosts: oo_nodes_to_config
- tags:
- - hosted
- tasks:
- - name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: mktemp
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - set_fact:
- openshift_hosted_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
- when: openshift.common.deployment_subtype == 'registry'
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Copy the admin client config(s)
- command: >
- cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{ openshift_hosted_kubeconfig }}
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Retrieve docker-registry route
- command: >
- {{ openshift.common.client_binary }} get route docker-registry
- --template='{{ '{{' }} .spec.host {{ '}}' }}'
- --config={{ openshift_hosted_kubeconfig }}
- -n default
- register: docker_registry_route
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Retrieve registry service IP
- command: >
- {{ openshift.common.client_binary }} get service docker-registry
- --template='{{ '{{' }} .spec.clusterIP {{ '}}' }}'
- --config={{ openshift_hosted_kubeconfig }}
- -n default
- register: docker_registry_service_ip
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Create registry CA directories
- file:
- path: "/etc/docker/certs.d/{{ item }}"
- state: directory
- with_items:
- - "{{ docker_registry_service_ip.stdout }}:5000"
- - "{{ docker_registry_route.stdout }}"
- - "docker-registry.default.svc.cluster.local:5000"
- when: openshift.common.deployment_subtype == 'registry'
- - name: Copy CA to registry CA directories
- copy:
- src: "{{ openshift.common.config_base }}/node/ca.crt"
- dest: "/etc/docker/certs.d/{{ item }}"
- remote_src: yes
- force: yes
- with_items:
- - "{{ docker_registry_service_ip.stdout }}:5000"
- - "{{ docker_registry_route.stdout }}"
- - "docker-registry.default.svc.cluster.local:5000"
- when: openshift.common.deployment_subtype == 'registry'
- notify:
- - Restart docker
- - name: Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: False
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- handlers:
- - name: Restart docker
- service:
- name: docker
- state: restarted
+ - role: cockpit-ui
+ when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool )
diff --git a/playbooks/common/openshift-cluster/verify_ansible_version.yml b/playbooks/common/openshift-cluster/verify_ansible_version.yml
index 2a143b065..d75b23bf7 100644
--- a/playbooks/common/openshift-cluster/verify_ansible_version.yml
+++ b/playbooks/common/openshift-cluster/verify_ansible_version.yml
@@ -1,5 +1,6 @@
---
-- hosts: localhost
+- name: Verify Ansible version is greater than or equal to 2.1.0.0
+ hosts: localhost
connection: local
become: no
gather_facts: no
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 7f60cd9e4..a53c55c14 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -1,5 +1,5 @@
---
-- name: Set master facts
+- name: Gather and set facts for master hosts
hosts: oo_masters_to_config
vars:
t_oo_option_master_debug_level: "{{ lookup('oo_option', 'openshift_master_debug_level') }}"
@@ -91,7 +91,7 @@
register: g_master_mktemp
changed_when: False
-- name: Check for cached session secrets
+- name: Determine if session secrets must be generated
hosts: oo_first_master
roles:
- role: openshift_facts
diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml
index 7304fca56..56ed09e1b 100644
--- a/playbooks/common/openshift-master/scaleup.yml
+++ b/playbooks/common/openshift-master/scaleup.yml
@@ -40,6 +40,10 @@
--cacert {{ openshift.common.config_base }}/master/ca.crt
{% endif %}
{{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
register: api_available_output
until: api_available_output.stdout == 'ok'
retries: 120
diff --git a/playbooks/common/openshift-nfs/config.yml b/playbooks/common/openshift-nfs/config.yml
index ba7530ed7..000e46e80 100644
--- a/playbooks/common/openshift-nfs/config.yml
+++ b/playbooks/common/openshift-nfs/config.yml
@@ -1,5 +1,5 @@
---
-- name: Configure nfs hosts
+- name: Configure nfs
hosts: oo_nfs_to_config
roles:
- role: openshift_facts
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index 66eb293e5..364a62dd0 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -45,7 +45,7 @@
with_items: "{{ groups.oo_nodes_to_config | default([]) }}"
when: hostvars[item].openshift.common is defined and hostvars[item].openshift.common.is_containerized | bool and (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config)
-- name: Configure node instances
+- name: Configure containerized nodes
hosts: oo_containerized_master_nodes
serial: 1
vars:
@@ -60,12 +60,12 @@
when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
openshift_generate_no_proxy_hosts | default(True) | bool }}"
roles:
+ - role: openshift_common
- role: openshift_clock
- role: openshift_docker
- role: openshift_node_certificates
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- - role: openshift_common
- role: openshift_node_dnsmasq
when: openshift.common.use_dnsmasq
- role: os_firewall
@@ -85,7 +85,7 @@
when: openshift.node.use_openshift_sdn | bool
- role: openshift_node
-- name: Configure node instances
+- name: Configure nodes
hosts: oo_nodes_to_config:!oo_containerized_master_nodes
vars:
openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
@@ -99,12 +99,12 @@
when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
openshift_generate_no_proxy_hosts | default(True) | bool }}"
roles:
+ - role: openshift_common
- role: openshift_clock
- role: openshift_docker
- role: openshift_node_certificates
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- - role: openshift_common
- role: openshift_node_dnsmasq
when: openshift.common.use_dnsmasq
- role: os_firewall
@@ -153,7 +153,7 @@
- file: name={{ mktemp.stdout }} state=absent
changed_when: False
-- name: Set schedulability
+- name: Set node schedulability
hosts: oo_first_master
vars:
openshift_nodes: "{{ groups.oo_nodes_to_config | default([]) }}"
@@ -172,6 +172,10 @@
--cacert {{ openshift.common.config_base }}/master/ca.crt
{% endif %}
{{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
register: api_available_output
until: api_available_output.stdout == 'ok'
retries: 120
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-20 05:26:55 +0000