summaryrefslogtreecommitdiffstats
path: root/roles/etcd
diff options
context:
space:
mode:
Diffstat (limited to 'roles/etcd')
-rw-r--r--roles/etcd/defaults/main.yaml1
-rw-r--r--roles/etcd/handlers/main.yml5
-rw-r--r--roles/etcd/tasks/main.yml51
-rw-r--r--roles/etcd/templates/etcd.conf.j222
-rw-r--r--roles/etcd/templates/etcd.docker.service13
5 files changed, 66 insertions, 26 deletions
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml
index 0fd3de585..9e7fa59cf 100644
--- a/roles/etcd/defaults/main.yaml
+++ b/roles/etcd/defaults/main.yaml
@@ -1,4 +1,5 @@
---
+etcd_service: "{{ 'etcd' if not openshift.common.is_containerized else 'etcd_container' }}"
etcd_interface: "{{ ansible_default_ipv4.interface }}"
etcd_client_port: 2379
etcd_peer_port: 2380
diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml
index 4c0efb97b..e00e1cac4 100644
--- a/roles/etcd/handlers/main.yml
+++ b/roles/etcd/handlers/main.yml
@@ -1,4 +1,5 @@
---
+
- name: restart etcd
- service: name=etcd state=restarted
- when: not etcd_service_status_changed | default(false)
+ service: name={{ etcd_service }} state=restarted
+ when: not (etcd_service_status_changed | default(false) | bool)
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index efaab5f31..1e97b047b 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -8,27 +8,52 @@
when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4"
- name: Install etcd
- yum: pkg=etcd-2.* state=present
- when: ansible_pkg_mgr == "yum"
+ action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present"
+ when: not openshift.common.is_containerized | bool
-- name: Install etcd
- dnf: pkg=etcd* state=present
- when: ansible_pkg_mgr == "dnf"
+- name: Pull etcd container
+ command: docker pull {{ openshift.etcd.etcd_image }}
+ when: openshift.common.is_containerized | bool
+
+- name: Install etcd container service file
+ template:
+ dest: "/etc/systemd/system/etcd_container.service"
+ src: etcd.docker.service
+ register: install_etcd_result
+ when: openshift.common.is_containerized | bool
+
+- name: Ensure etcd datadir exists
+ when: openshift.common.is_containerized | bool
+ file:
+ path: "{{ etcd_data_dir }}"
+ state: directory
+ mode: 0700
+
+- name: Disable system etcd when containerized
+ when: openshift.common.is_containerized | bool
+ service:
+ name: etcd
+ state: stopped
+ enabled: no
+
+- name: Reload systemd units
+ command: systemctl daemon-reload
+ when: openshift.common.is_containerized and ( install_etcd_result | changed )
- name: Validate permissions on the config dir
file:
path: "{{ etcd_conf_dir }}"
state: directory
- owner: etcd
- group: etcd
+ owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
+ group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
mode: 0700
- name: Validate permissions on certificate files
file:
path: "{{ item }}"
mode: 0600
- group: etcd
- owner: etcd
+ owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
+ group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
when: etcd_url_scheme == 'https'
with_items:
- "{{ etcd_ca_file }}"
@@ -39,8 +64,8 @@
file:
path: "{{ item }}"
mode: 0600
- group: etcd
- owner: etcd
+ owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
+ group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
when: etcd_peer_url_scheme == 'https'
with_items:
- "{{ etcd_peer_ca_file }}"
@@ -57,10 +82,10 @@
- name: Enable etcd
service:
- name: etcd
+ name: "{{ etcd_service }}"
state: started
enabled: yes
register: start_result
- set_fact:
- etcd_service_status_changed = start_result | changed
+ etcd_service_status_changed: "{{ start_result | changed }}"
diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2
index 32577c96c..28816fd87 100644
--- a/roles/etcd/templates/etcd.conf.j2
+++ b/roles/etcd/templates/etcd.conf.j2
@@ -15,13 +15,13 @@ ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
ETCD_NAME=default
{% endif %}
ETCD_DATA_DIR={{ etcd_data_dir }}
-#ETCD_SNAPSHOT_COUNTER="10000"
-ETCD_HEARTBEAT_INTERVAL="500"
-ETCD_ELECTION_TIMEOUT="2500"
+#ETCD_SNAPSHOT_COUNTER=10000
+ETCD_HEARTBEAT_INTERVAL=500
+ETCD_ELECTION_TIMEOUT=2500
ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
-#ETCD_MAX_SNAPSHOTS="5"
-#ETCD_MAX_WALS="5"
-#ETCD_CORS=""
+#ETCD_MAX_SNAPSHOTS=5
+#ETCD_MAX_WALS=5
+#ETCD_CORS=
{% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %}
#[cluster]
@@ -29,15 +29,15 @@ ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
ETCD_INITIAL_CLUSTER={{ initial_cluster() }}
ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
-#ETCD_DISCOVERY=""
-#ETCD_DISCOVERY_SRV=""
-#ETCD_DISCOVERY_FALLBACK="proxy"
-#ETCD_DISCOVERY_PROXY=""
+#ETCD_DISCOVERY=
+#ETCD_DISCOVERY_SRV=
+#ETCD_DISCOVERY_FALLBACK=proxy
+#ETCD_DISCOVERY_PROXY=
{% endif %}
ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
#[proxy]
-#ETCD_PROXY="off"
+#ETCD_PROXY=off
#[security]
{% if etcd_url_scheme == 'https' -%}
diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service
new file mode 100644
index 000000000..8058fa188
--- /dev/null
+++ b/roles/etcd/templates/etcd.docker.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=The Etcd Server container
+After=docker.service
+
+[Service]
+EnvironmentFile=/etc/etcd/etcd.conf
+ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
+ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
+ExecStop=/usr/bin/docker stop {{ etcd_service }}
+Restart=always
+
+[Install]
+WantedBy=multi-user.target