summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/aws/openshift-cluster/config.yml1
-rw-r--r--playbooks/aws/openshift-node/config.yml1
-rw-r--r--playbooks/byo/openshift-node/config.yml4
-rw-r--r--playbooks/common/openshift-master/config.yml4
-rw-r--r--playbooks/common/openshift-node/config.yml80
-rw-r--r--playbooks/gce/openshift-cluster/config.yml1
-rw-r--r--playbooks/gce/openshift-node/config.yml1
-rw-r--r--playbooks/libvirt/openshift-cluster/config.yml1
-rw-r--r--playbooks/openstack/openshift-cluster/config.yml1
9 files changed, 50 insertions, 44 deletions
diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml
index b8961704e..7188312ed 100644
--- a/playbooks/aws/openshift-cluster/config.yml
+++ b/playbooks/aws/openshift-cluster/config.yml
@@ -32,5 +32,6 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ ec2_private_ip_address }}"
openshift_public_hostname: "{{ ec2_ip_address }}"
diff --git a/playbooks/aws/openshift-node/config.yml b/playbooks/aws/openshift-node/config.yml
index fc9b397b4..a993a1e99 100644
--- a/playbooks/aws/openshift-node/config.yml
+++ b/playbooks/aws/openshift-node/config.yml
@@ -21,5 +21,6 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ ec2_private_ip_address }}"
openshift_public_hostname: "{{ ec2_ip_address }}"
diff --git a/playbooks/byo/openshift-node/config.yml b/playbooks/byo/openshift-node/config.yml
index d569827b4..f50903061 100644
--- a/playbooks/byo/openshift-node/config.yml
+++ b/playbooks/byo/openshift-node/config.yml
@@ -10,12 +10,14 @@
with_items: groups.nodes
- name: Evaluate oo_first_master
add_host:
- name: "{{ groups.masters[0] }}"
+ name: "{{ item }}"
groups: oo_first_master
+ with_items: groups.masters.0
- include: ../../common/openshift-node/config.yml
vars:
+ openshift_first_master: "{{ groups.masters.0 }}"
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index a9a4e6afc..052ed14c7 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -1,12 +1,8 @@
---
- name: Configure master instances
hosts: oo_masters_to_config
- vars:
- openshift_sdn_master_url: https://{{ openshift.common.hostname }}:4001
roles:
- openshift_master
- - role: openshift_sdn_master
- when: openshift.common.use_openshift_sdn | bool
- role: fluentd_master
when: openshift.common.use_fluentd | bool
tasks:
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index feaeaab95..a650796c7 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -4,9 +4,9 @@
roles:
- openshift_facts
tasks:
- # Since the master is registering the nodes before they are configured, we
- # need to make sure to set the node properties beforehand if we do not want
- # the defaults
+ # Since the master is generating the node certificates before they are
+ # configured, we need to make sure to set the node properties beforehand if
+ # we do not want the defaults
- openshift_facts:
role: "{{ item.role }}"
local_facts: "{{ item.local_facts }}"
@@ -18,13 +18,26 @@
deployment_type: "{{ openshift_deployment_type }}"
- role: node
local_facts:
- external_id: "{{ openshift_node_external_id | default(None) }}"
resources_cpu: "{{ openshift_node_resources_cpu | default(None) }}"
resources_memory: "{{ openshift_node_resources_memory | default(None) }}"
pod_cidr: "{{ openshift_node_pod_cidr | default(None) }}"
labels: "{{ openshift_node_labels | default(None) }}"
annotations: "{{ openshift_node_annotations | default(None) }}"
-
+ - name: Check status of node certificates
+ stat:
+ path: "{{ item }}"
+ with_items:
+ - "/etc/openshift/node/node.key"
+ - "/etc/openshift/node/node.kubeconfig"
+ - "/etc/openshift/node/ca.crt"
+ - "/etc/openshift/node/server.key"
+ register: stat_result
+ - set_fact:
+ certs_missing: "{{ stat_result.results | map(attribute='stat.exists')
+ | list | intersect([false])}}"
+ node_subdir: node-{{ openshift.common.hostname }}
+ config_dir: /etc/openshift/generated-configs/node-{{ openshift.common.hostname }}
+ node_cert_dir: /etc/openshift/node
- name: Create temp directory for syncing certs
hosts: localhost
@@ -37,66 +50,57 @@
register: mktemp
changed_when: False
-
- name: Register nodes
hosts: oo_first_master
vars:
- openshift_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) }}"
+ nodes_needing_certs: "{{ hostvars
+ | oo_select_keys(groups['oo_nodes_to_config'])
+ | oo_filter_list(filter_attr='certs_missing') }}"
+ openshift_nodes: "{{ hostvars
+ | oo_select_keys(groups['oo_nodes_to_config']) }}"
sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}"
roles:
- openshift_register_nodes
- tasks:
- # TODO: update so that we only sync necessary configs/directories, currently
- # we sync for all nodes in oo_nodes_to_config. We will need to inspect the
- # configs on the nodes to make the determination on whether to sync or not.
- - name: Create the temp directory on the master
- file:
- path: "{{ sync_tmpdir }}"
- owner: "{{ ansible_ssh_user }}"
- mode: 0700
- state: directory
- changed_when: False
-
+ post_tasks:
- name: Create a tarball of the node config directories
- command: tar -czvf {{ sync_tmpdir }}/{{ item.openshift.common.hostname }}.tgz ./
+ command: >
+ tar -czvf {{ item.config_dir }}.tgz ./
+ --transform 's|system:{{ item.node_subdir }}|node|'
+ -C {{ item.config_dir }} .
args:
- chdir: "{{ openshift_generated_configs_dir }}/node-{{ item.openshift.common.hostname }}"
- with_items: openshift_nodes
- changed_when: False
+ creates: "{{ item.config_dir }}.tgz"
+ with_items: nodes_needing_certs
- name: Retrieve the node config tarballs from the master
fetch:
- src: "{{ sync_tmpdir }}/{{ item.openshift.common.hostname }}.tgz"
+ src: "{{ item.config_dir }}.tgz"
dest: "{{ sync_tmpdir }}/"
+ flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: openshift_nodes
- changed_when: False
-
+ with_items: nodes_needing_certs
- name: Configure node instances
hosts: oo_nodes_to_config
- gather_facts: no
vars:
- sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}/{{ groups['oo_first_master'][0] }}/{{ hostvars.localhost.mktemp.stdout }}"
- openshift_sdn_master_url: "https://{{ hostvars[groups['oo_first_master'][0]].openshift.common.hostname }}:4001"
+ sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}"
+ openshift_node_master_api_url: "{{ hostvars[openshift_first_master].openshift.master.api_url }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
- path: "{{ openshift_node_cert_dir }}"
+ path: "{{ node_cert_dir }}"
state: directory
- # TODO: notify restart openshift-node and/or restart openshift-sdn-node,
+ # TODO: notify restart openshift-node
# possibly test service started time against certificate/config file
- # timestamps in openshift-node or openshift-sdn-node to trigger notify
+ # timestamps in openshift-node to trigger notify
- name: Unarchive the tarball on the node
unarchive:
- src: "{{ sync_tmpdir }}/{{ openshift.common.hostname }}.tgz"
- dest: "{{ openshift_node_cert_dir }}"
+ src: "{{ sync_tmpdir }}/{{ node_subdir }}.tgz"
+ dest: "{{ node_cert_dir }}"
+ when: certs_missing
roles:
- openshift_node
- - role: openshift_sdn_node
- when: openshift.common.use_openshift_sdn | bool
- role: fluentd_node
when: openshift.common.use_fluentd | bool
tasks:
@@ -113,7 +117,6 @@
- file: name={{ sync_tmpdir }} state=absent
changed_when: False
-
- name: Delete temporary directory on localhost
hosts: localhost
connection: local
@@ -123,7 +126,6 @@
- file: name={{ mktemp.stdout }} state=absent
changed_when: False
-
# Additional config for online type deployments
- name: Additional instance config
hosts: oo_nodes_deployment_type_online
diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml
index 8b8490246..8c320dbd2 100644
--- a/playbooks/gce/openshift-cluster/config.yml
+++ b/playbooks/gce/openshift-cluster/config.yml
@@ -34,4 +34,5 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ gce_private_ip }}"
diff --git a/playbooks/gce/openshift-node/config.yml b/playbooks/gce/openshift-node/config.yml
index 5b1601176..54b0da2ca 100644
--- a/playbooks/gce/openshift-node/config.yml
+++ b/playbooks/gce/openshift-node/config.yml
@@ -21,4 +21,5 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ gce_private_ip }}"
diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml
index faf278b10..75e2005a2 100644
--- a/playbooks/libvirt/openshift-cluster/config.yml
+++ b/playbooks/libvirt/openshift-cluster/config.yml
@@ -36,3 +36,4 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml
index 1c0644e04..abadaf5ca 100644
--- a/playbooks/openstack/openshift-cluster/config.yml
+++ b/playbooks/openstack/openshift-cluster/config.yml
@@ -31,4 +31,5 @@
openshift_cluster_id: "{{ cluster_id }}"
openshift_debug_level: 4
openshift_deployment_type: "{{ deployment_type }}"
+ openshift_first_master: "{{ groups.oo_first_master.0 }}"
openshift_hostname: "{{ ansible_default_ipv4.address }}"