diff options
Diffstat (limited to 'roles')
-rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 2 | ||||
-rw-r--r-- | roles/openshift_logging/README.md | 1 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/generate_routes.yaml | 2 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/generate_services.yaml | 6 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/install_curator.yaml | 4 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/install_elasticsearch.yaml | 10 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/install_kibana.yaml | 4 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/install_logging.yaml | 22 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/oc_apply.yaml | 35 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/oc_secret.yaml | 7 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/start_cluster.yaml | 6 | ||||
-rw-r--r-- | roles/openshift_logging/tasks/stop_cluster.yaml | 6 | ||||
-rw-r--r-- | roles/openshift_metrics/tasks/install_support.yaml | 2 |
13 files changed, 80 insertions, 27 deletions
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 7c61da950..e72ab26fc 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -2027,7 +2027,7 @@ class OpenShiftFacts(object): if 'docker' in roles: docker = dict(disable_push_dockerhub=False, - options='--log-driver=json-file --log-opt max-size=50m') + options='--log-driver=journald') # NOTE: This is a workaround for a dnf output racecondition that can occur in # some situations. See https://bugzilla.redhat.com/show_bug.cgi?id=918184 if self.system_facts['ansible_pkg_mgr'] == 'dnf': diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md index 856cfa2b9..8651e06e7 100644 --- a/roles/openshift_logging/README.md +++ b/roles/openshift_logging/README.md @@ -36,6 +36,7 @@ When both `openshift_logging_install_logging` and `openshift_logging_upgrade_log - `openshift_logging_curator_cpu_limit`: The amount of CPU to allocate to Curator. Default is '100m'. - `openshift_logging_curator_memory_limit`: The amount of memory to allocate to Curator. Unset if not specified. - `openshift_logging_curator_nodeselector`: A map of labels (e.g. {"node":"infra","region":"west"} to select the nodes where the curator pod will land. +- `openshift_logging_image_pull_secret`: The name of an existing pull secret to link to the logging service accounts - `openshift_logging_kibana_hostname`: The Kibana hostname. Defaults to 'kibana.example.com'. - `openshift_logging_kibana_cpu_limit`: The amount of CPU to allocate to Kibana or unset if not specified. diff --git a/roles/openshift_logging/tasks/generate_routes.yaml b/roles/openshift_logging/tasks/generate_routes.yaml index 25877ebff..60694f67e 100644 --- a/roles/openshift_logging/tasks/generate_routes.yaml +++ b/roles/openshift_logging/tasks/generate_routes.yaml @@ -17,5 +17,5 @@ - {name: logging-kibana-ops, host: "{{openshift_logging_kibana_ops_hostname}}"} loop_control: loop_var: route_info - when: (route_info.name == 'logging-kibana-ops' and openshift_logging_use_ops) or route_info.name == 'logging-kibana' + when: (route_info.name == 'logging-kibana-ops' and openshift_logging_use_ops | bool) or route_info.name == 'logging-kibana' changed_when: no diff --git a/roles/openshift_logging/tasks/generate_services.yaml b/roles/openshift_logging/tasks/generate_services.yaml index 8eaac76c4..5091c1209 100644 --- a/roles/openshift_logging/tasks/generate_services.yaml +++ b/roles/openshift_logging/tasks/generate_services.yaml @@ -52,7 +52,7 @@ selector: provider: openshift component: es-ops - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool check_mode: no changed_when: no @@ -67,7 +67,7 @@ selector: provider: openshift component: es-ops - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool check_mode: no changed_when: no @@ -82,6 +82,6 @@ selector: provider: openshift component: kibana-ops - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_curator.yaml b/roles/openshift_logging/tasks/install_curator.yaml index fcfce4e1e..5b474ff39 100644 --- a/roles/openshift_logging/tasks/install_curator.yaml +++ b/roles/openshift_logging/tasks/install_curator.yaml @@ -15,7 +15,7 @@ register: curator_ops_replica_count when: - not ansible_check_mode - - openshift_logging_use_ops + - openshift_logging_use_ops | bool ignore_errors: yes changed_when: no @@ -48,6 +48,6 @@ curator_memory_limit: "{{openshift_logging_curator_ops_memory_limit }}" replicas: "{{curator_ops_replica_count.stdout | default (0)}}" curator_node_selector: "{{openshift_logging_curator_ops_nodeselector | default({}) }}" - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_elasticsearch.yaml b/roles/openshift_logging/tasks/install_elasticsearch.yaml index 64e983557..1d6e55e44 100644 --- a/roles/openshift_logging/tasks/install_elasticsearch.yaml +++ b/roles/openshift_logging/tasks/install_elasticsearch.yaml @@ -56,7 +56,7 @@ es_dcs: "{{openshift_logging_facts.elasticsearch_ops.deploymentconfigs}}" cluster_size: "{{openshift_logging_es_ops_cluster_size}}" when: - - openshift_logging_use_ops + - openshift_logging_use_ops | bool - "{{es_dcs | length - openshift_logging_es_ops_cluster_size | abs > 1}}" check_mode: no @@ -71,7 +71,7 @@ openshift_logging_es_pvc_dynamic: "{{openshift_logging_es_ops_pvc_dynamic}}" openshift_logging_es_pv_selector: "{{openshift_logging_es_ops_pv_selector}}" when: - - openshift_logging_use_ops + - openshift_logging_use_ops | bool check_mode: no - name: Init pool of DeploymentConfig names for Elasticsearch Ops @@ -80,7 +80,7 @@ loop_control: loop_var: deploy_name when: - - openshift_logging_use_ops + - openshift_logging_use_ops | bool - name: Create new DeploymentConfig names for Elasticsearch Ops set_fact: es_ops_dc_pool={{es_ops_dc_pool | default([]) + [deploy_name]}} @@ -92,7 +92,7 @@ cluster_size: "{{openshift_logging_es_ops_cluster_size}}" with_sequence: count={{ openshift_logging_es_ops_cluster_size | int - openshift_logging_current_es_ops_size | int }} when: - - openshift_logging_use_ops + - openshift_logging_use_ops | bool check_mode: no - name: Generate Elasticsearch DeploymentConfig for Ops @@ -116,6 +116,6 @@ with_indexed_items: - "{{ es_ops_dc_pool | default([]) }}" when: - - openshift_logging_use_ops + - openshift_logging_use_ops | bool check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_kibana.yaml b/roles/openshift_logging/tasks/install_kibana.yaml index f4df7de0c..3aeff2cac 100644 --- a/roles/openshift_logging/tasks/install_kibana.yaml +++ b/roles/openshift_logging/tasks/install_kibana.yaml @@ -15,7 +15,7 @@ register: kibana_ops_replica_count when: - not ansible_check_mode - - openshift_logging_use_ops + - openshift_logging_use_ops | bool ignore_errors: yes changed_when: no @@ -55,6 +55,6 @@ kibana_proxy_memory_limit: "{{openshift_logging_kibana_ops_proxy_memory_limit }}" replicas: "{{kibana_ops_replica_count.stdout | default (0)}}" kibana_node_selector: "{{openshift_logging_kibana_ops_nodeselector | default({}) }}" - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool check_mode: no changed_when: no diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml index 00c79ee5e..d52429f03 100644 --- a/roles/openshift_logging/tasks/install_logging.yaml +++ b/roles/openshift_logging/tasks/install_logging.yaml @@ -57,6 +57,28 @@ loop_var: file when: ansible_check_mode + # TODO replace task with oc_secret module that supports + # linking when available +- name: Link Pull Secrets With Service Accounts + include: oc_secret.yaml + vars: + kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig" + subcommand: link + service_account: "{{sa_account}}" + secret_name: "{{openshift_logging_image_pull_secret}}" + add_args: "--for=pull" + with_items: + - default + - aggregated-logging-elasticsearch + - aggregated-logging-kibana + - aggregated-logging-fluentd + - aggregated-logging-curator + register: link_pull_secret + loop_control: + loop_var: sa_account + when: openshift_logging_image_pull_secret is defined + failed_when: link_pull_secret.rc != 0 + - name: Scaling up cluster include: start_cluster.yaml when: start_cluster | default(true) | bool diff --git a/roles/openshift_logging/tasks/oc_apply.yaml b/roles/openshift_logging/tasks/oc_apply.yaml index c362b7fca..cb9509de1 100644 --- a/roles/openshift_logging/tasks/oc_apply.yaml +++ b/roles/openshift_logging/tasks/oc_apply.yaml @@ -1,12 +1,13 @@ --- - name: Checking generation of {{file_content.kind}} {{file_content.metadata.name}} - shell: > + command: > {{ openshift.common.client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' - -n {{namespace}} || echo 0 + -n {{namespace}} register: generation_init + failed_when: "'not found' not in generation_init.stderr and generation_init.stdout == ''" changed_when: no - name: Applying {{file_name}} @@ -19,11 +20,33 @@ changed_when: no - name: Determine change status of {{file_content.kind}} {{file_content.metadata.name}} - shell: > + command: > {{ openshift.common.client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' - -n {{namespace}} || echo 0 + -n {{namespace}} register: generation_changed - failed_when: "'error' in generation_changed.stderr" - changed_when: generation_changed.stdout | int > generation_init.stdout | int + failed_when: "'not found' not in generation_changed.stderr and generation_changed.stdout == ''" + changed_when: generation_changed.stdout | default (0) | int > generation_init.stdout | default(0) | int + when: + - "'field is immutable' not in generation_apply.stderr" + +- name: Removing previous {{file_name}} + command: > + {{ openshift.common.client_binary }} --config={{ kubeconfig }} + delete -f {{ file_name }} + -n {{ namespace }} + register: generation_delete + failed_when: "'error' in generation_delete.stderr" + changed_when: generation_delete.rc == 0 + when: "'field is immutable' in generation_apply.stderr" + +- name: Recreating {{file_name}} + command: > + {{ openshift.common.client_binary }} --config={{ kubeconfig }} + apply -f {{ file_name }} + -n {{ namespace }} + register: generation_apply + failed_when: "'error' in generation_apply.stderr" + changed_when: generation_apply.rc == 0 + when: "'field is immutable' in generation_apply.stderr" diff --git a/roles/openshift_logging/tasks/oc_secret.yaml b/roles/openshift_logging/tasks/oc_secret.yaml new file mode 100644 index 000000000..de37e4f6d --- /dev/null +++ b/roles/openshift_logging/tasks/oc_secret.yaml @@ -0,0 +1,7 @@ +--- +- command: > + {{ openshift.common.client_binary }} + --config={{ kubeconfig }} + secret {{subcommand}} {{service_account}} {{secret_name}} + {{add_args}} + -n {{openshift_logging_namespace}} diff --git a/roles/openshift_logging/tasks/start_cluster.yaml b/roles/openshift_logging/tasks/start_cluster.yaml index 07489ae79..69d2b2b6b 100644 --- a/roles/openshift_logging/tasks/start_cluster.yaml +++ b/roles/openshift_logging/tasks/start_cluster.yaml @@ -86,7 +86,7 @@ with_items: "{{es_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool - command: > {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get dc -l component=kibana-ops -o name -n {{openshift_logging_namespace}} @@ -104,7 +104,7 @@ with_items: "{{kibana_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool - command: > {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get dc -l component=curator-ops -o name -n {{openshift_logging_namespace}} @@ -122,4 +122,4 @@ with_items: "{{curator_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool diff --git a/roles/openshift_logging/tasks/stop_cluster.yaml b/roles/openshift_logging/tasks/stop_cluster.yaml index 8e0df8344..7826efabe 100644 --- a/roles/openshift_logging/tasks/stop_cluster.yaml +++ b/roles/openshift_logging/tasks/stop_cluster.yaml @@ -81,7 +81,7 @@ with_items: "{{es_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool - command: > {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get dc -l component=kibana-ops -o name -n {{openshift_logging_namespace}} @@ -98,7 +98,7 @@ with_items: "{{kibana_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool - command: > {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get dc -l component=curator-ops -o name -n {{openshift_logging_namespace}} @@ -115,4 +115,4 @@ with_items: "{{curator_dc.stdout_lines}}" loop_control: loop_var: object - when: openshift_logging_use_ops + when: openshift_logging_use_ops | bool diff --git a/roles/openshift_metrics/tasks/install_support.yaml b/roles/openshift_metrics/tasks/install_support.yaml index cc5acc6e5..5cefb273d 100644 --- a/roles/openshift_metrics/tasks/install_support.yaml +++ b/roles/openshift_metrics/tasks/install_support.yaml @@ -9,7 +9,7 @@ when: htpasswd_check.rc == 1 - name: Check control node to see if keytool is installed - local_action: command which htpasswd + local_action: command which keytool register: keytool_check failed_when: no changed_when: no |