diff options
Diffstat (limited to 'roles/etcd')
-rw-r--r-- | roles/etcd/defaults/main.yaml | 1 | ||||
-rw-r--r-- | roles/etcd/handlers/main.yml | 5 | ||||
-rw-r--r-- | roles/etcd/tasks/main.yml | 51 | ||||
-rw-r--r-- | roles/etcd/templates/etcd.conf.j2 | 22 | ||||
-rw-r--r-- | roles/etcd/templates/etcd.docker.service | 13 |
5 files changed, 66 insertions, 26 deletions
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index 0fd3de585..9e7fa59cf 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -1,4 +1,5 @@ --- +etcd_service: "{{ 'etcd' if not openshift.common.is_containerized else 'etcd_container' }}" etcd_interface: "{{ ansible_default_ipv4.interface }}" etcd_client_port: 2379 etcd_peer_port: 2380 diff --git a/roles/etcd/handlers/main.yml b/roles/etcd/handlers/main.yml index 4c0efb97b..e00e1cac4 100644 --- a/roles/etcd/handlers/main.yml +++ b/roles/etcd/handlers/main.yml @@ -1,4 +1,5 @@ --- + - name: restart etcd - service: name=etcd state=restarted - when: not etcd_service_status_changed | default(false) + service: name={{ etcd_service }} state=restarted + when: not (etcd_service_status_changed | default(false) | bool) diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index efaab5f31..1e97b047b 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -8,27 +8,52 @@ when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4" - name: Install etcd - yum: pkg=etcd-2.* state=present - when: ansible_pkg_mgr == "yum" + action: "{{ ansible_pkg_mgr }} name=etcd-2.* state=present" + when: not openshift.common.is_containerized | bool -- name: Install etcd - dnf: pkg=etcd* state=present - when: ansible_pkg_mgr == "dnf" +- name: Pull etcd container + command: docker pull {{ openshift.etcd.etcd_image }} + when: openshift.common.is_containerized | bool + +- name: Install etcd container service file + template: + dest: "/etc/systemd/system/etcd_container.service" + src: etcd.docker.service + register: install_etcd_result + when: openshift.common.is_containerized | bool + +- name: Ensure etcd datadir exists + when: openshift.common.is_containerized | bool + file: + path: "{{ etcd_data_dir }}" + state: directory + mode: 0700 + +- name: Disable system etcd when containerized + when: openshift.common.is_containerized | bool + service: + name: etcd + state: stopped + enabled: no + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized and ( install_etcd_result | changed ) - name: Validate permissions on the config dir file: path: "{{ etcd_conf_dir }}" state: directory - owner: etcd - group: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" mode: 0700 - name: Validate permissions on certificate files file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_url_scheme == 'https' with_items: - "{{ etcd_ca_file }}" @@ -39,8 +64,8 @@ file: path: "{{ item }}" mode: 0600 - group: etcd - owner: etcd + owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" + group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}" when: etcd_peer_url_scheme == 'https' with_items: - "{{ etcd_peer_ca_file }}" @@ -57,10 +82,10 @@ - name: Enable etcd service: - name: etcd + name: "{{ etcd_service }}" state: started enabled: yes register: start_result - set_fact: - etcd_service_status_changed = start_result | changed + etcd_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2 index 32577c96c..28816fd87 100644 --- a/roles/etcd/templates/etcd.conf.j2 +++ b/roles/etcd/templates/etcd.conf.j2 @@ -15,13 +15,13 @@ ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }} ETCD_NAME=default {% endif %} ETCD_DATA_DIR={{ etcd_data_dir }} -#ETCD_SNAPSHOT_COUNTER="10000" -ETCD_HEARTBEAT_INTERVAL="500" -ETCD_ELECTION_TIMEOUT="2500" +#ETCD_SNAPSHOT_COUNTER=10000 +ETCD_HEARTBEAT_INTERVAL=500 +ETCD_ELECTION_TIMEOUT=2500 ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }} -#ETCD_MAX_SNAPSHOTS="5" -#ETCD_MAX_WALS="5" -#ETCD_CORS="" +#ETCD_MAX_SNAPSHOTS=5 +#ETCD_MAX_WALS=5 +#ETCD_CORS= {% if groups[etcd_peers_group] and groups[etcd_peers_group] | length > 1 %} #[cluster] @@ -29,15 +29,15 @@ ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }} ETCD_INITIAL_CLUSTER={{ initial_cluster() }} ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }} ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }} -#ETCD_DISCOVERY="" -#ETCD_DISCOVERY_SRV="" -#ETCD_DISCOVERY_FALLBACK="proxy" -#ETCD_DISCOVERY_PROXY="" +#ETCD_DISCOVERY= +#ETCD_DISCOVERY_SRV= +#ETCD_DISCOVERY_FALLBACK=proxy +#ETCD_DISCOVERY_PROXY= {% endif %} ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }} #[proxy] -#ETCD_PROXY="off" +#ETCD_PROXY=off #[security] {% if etcd_url_scheme == 'https' -%} diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service new file mode 100644 index 000000000..8058fa188 --- /dev/null +++ b/roles/etcd/templates/etcd.docker.service @@ -0,0 +1,13 @@ +[Unit] +Description=The Etcd Server container +After=docker.service + +[Service] +EnvironmentFile=/etc/etcd/etcd.conf +ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }} +ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} +ExecStop=/usr/bin/docker stop {{ etcd_service }} +Restart=always + +[Install] +WantedBy=multi-user.target |