summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rwxr-xr-xplaybooks/adhoc/sdn_restart/oo-sdn-restart.yml53
-rw-r--r--playbooks/adhoc/uninstall.yml2
-rw-r--r--playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml4
-rw-r--r--playbooks/aws/openshift-cluster/vars.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml2
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml2
-rw-r--r--playbooks/common/openshift-master/config.yml49
-rw-r--r--playbooks/openstack/openshift-cluster/terminate.yml2
8 files changed, 87 insertions, 29 deletions
diff --git a/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml
new file mode 100755
index 000000000..0dc021fbc
--- /dev/null
+++ b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml
@@ -0,0 +1,53 @@
+#!/usr/bin/ansible-playbook
+---
+#example run:
+# ansible-playbook -e "host=ops-node-compute-abcde" oo-sdn-restart.yml
+#
+
+- name: Check vars
+ hosts: localhost
+ gather_facts: false
+
+ pre_tasks:
+ - fail:
+ msg: "Playbook requires host to be set"
+ when: host is not defined or host == ''
+
+- name: Restart openshift/docker (and monitoring containers)
+ hosts: oo_version_3:&oo_name_{{ host }}
+ gather_facts: false
+ user: root
+
+ tasks:
+ - name: stop openshift/docker
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items:
+ - atomic-openshift-node
+ - docker
+
+ - name: restart openvswitch
+ service:
+ name: openvswitch
+ state: restarted
+
+ - name: wait 5 sec
+ pause:
+ seconds: 5
+
+ - name: start openshift/docker
+ service:
+ name: "{{ item }}"
+ state: started
+ with_items:
+ - atomic-openshift-node
+ - docker
+
+ - name: start monitoring containers
+ service:
+ name: "{{ item }}"
+ state: restarted
+ with_items:
+ - oso-f22-host-monitoring
+ - oso-rhel7-zagg-client
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index 55df78a3f..ac20f5f9b 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -40,6 +40,7 @@
- atomic-openshift-master-controllers
- atomic-openshift-node
- etcd
+ - haproxy
- openshift-master
- openshift-master-api
- openshift-master-controllers
@@ -67,6 +68,7 @@
- atomic-openshift-sdn-ovs
- corosync
- etcd
+ - haproxy
- openshift
- openshift-master
- openshift-node
diff --git a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
index 231356798..11026e38d 100644
--- a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
+++ b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
@@ -4,8 +4,8 @@
# ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=online -e cluster_id=<cluster_id>
- include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
vars_files:
- - ../../../../aws/openshift-cluster/vars.yml
- - ../../../../aws/openshift-cluster/cluster_hosts.yml
+ - "{{lookup('file', '../../../../aws/openshift-cluster/vars.yml')}}"
+ - "{{lookup('file', '../../../../aws/openshift-cluster/cluster_hosts.yml')}}"
vars:
g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
g_sudo: "{{ deployment_vars[deployment_type].sudo }}"
diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml
index 452c90d6a..c8ee9bad4 100644
--- a/playbooks/aws/openshift-cluster/vars.yml
+++ b/playbooks/aws/openshift-cluster/vars.yml
@@ -3,7 +3,7 @@ debug_level: 2
deployment_vars:
origin:
# centos-7, requires marketplace
- image: ami-96a818fe
+ image: ami-61bbf104
image_name:
region: us-east-1
ssh_user: centos
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
index 58c04d41d..b52456dcd 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
@@ -1,7 +1,7 @@
---
- include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml
vars_files:
- - ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"
vars:
g_etcd_hosts: "{{ groups.etcd | default([]) }}"
g_master_hosts: "{{ groups.masters | default([]) }}"
diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
index 2f9e8dc7a..e07e2b88e 100644
--- a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
@@ -1,7 +1,7 @@
---
- include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml
vars_files:
- - ../../../../byo/openshift-cluster/cluster_hosts.yml
+ - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"
vars:
g_etcd_hosts: "{{ groups.etcd | default([]) }}"
g_master_hosts: "{{ groups.masters | default([]) }}"
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 759656e63..677c274c4 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -236,29 +236,32 @@
- role: haproxy
when: groups.oo_masters_to_config | length > 1
-- name: Generate master session keys
+- name: Check for cached session secrets
hosts: oo_first_master
+ roles:
+ - role: openshift_facts
+ post_tasks:
+ - openshift_facts:
+ role: master
+ local_facts:
+ session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}"
+ session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}"
+
+- name: Generate master session secrets
+ hosts: oo_first_master
+ vars:
+ g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([]) and openshift.master.session_encryption_secrets | default([])) | length > 0 }}"
+ g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}"
+ g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}"
+ roles:
+ - role: openshift_facts
tasks:
- - fail:
- msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set"
- when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined)
- - fail:
- msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length"
- when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length)
- - name: Install OpenSSL package
- action: "{{ ansible_pkg_mgr }} name=openssl state=present"
- when: not openshift.common.is_atomic | bool
- - name: Generate session authentication key
- command: /usr/bin/openssl rand -base64 24
- register: session_auth_output
- when: openshift_master_session_auth_secrets is undefined
- - name: Generate session encryption key
- command: /usr/bin/openssl rand -base64 24
- register: session_encryption_output
- when: openshift_master_session_encryption_secrets is undefined
- - set_fact:
- session_auth_secret: "{{ openshift_master_session_auth_secrets | default([session_auth_output.stdout]) }}"
- session_encryption_secret: "{{ openshift_master_session_encryption_secrets | default([session_encryption_output.stdout]) }}"
+ - openshift_facts:
+ role: master
+ local_facts:
+ session_auth_secrets: "{{ g_session_auth_secrets }}"
+ session_encryption_secrets: "{{ g_session_encryption_secrets }}"
+ when: not g_session_secrets_present | bool
- name: Parse named certificates
hosts: localhost
@@ -314,8 +317,8 @@
sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}"
openshift_master_count: "{{ groups.oo_masters_to_config | length }}"
- openshift_master_session_auth_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_auth_secret'] }}"
- openshift_master_session_encryption_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_encryption_secret'] }}"
+ openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
+ openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml
index d0abe9fa5..d4ab51fa7 100644
--- a/playbooks/openstack/openshift-cluster/terminate.yml
+++ b/playbooks/openstack/openshift-cluster/terminate.yml
@@ -11,7 +11,7 @@
groups: oo_hosts_to_terminate
ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
- with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | groups['tag_clusterid_' ~ cluster_id ] | default([])
+ with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | intersect(groups['tag_clusterid_' ~ cluster_id ]|default([]))
- name: Unsubscribe VMs
hosts: oo_hosts_to_terminate