summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/dns/README.md2
-rw-r--r--roles/dns/defaults/main.yml2
-rw-r--r--roles/dns/meta/main.yml3
-rw-r--r--roles/dns/tasks/main.yml34
-rw-r--r--roles/dns/templates/Dockerfile11
-rw-r--r--roles/dns/templates/named.service.j215
-rw-r--r--roles/docker/tasks/main.yml2
-rw-r--r--roles/openshift_builddefaults/tasks/main.yml4
-rw-r--r--roles/openshift_cloud_provider/tasks/main.yml4
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py4
-rw-r--r--roles/openshift_hosted_facts/tasks/main.yml4
-rw-r--r--roles/openshift_master/defaults/main.yml8
12 files changed, 80 insertions, 13 deletions
diff --git a/roles/dns/README.md b/roles/dns/README.md
index e238fb92e..7e0140772 100644
--- a/roles/dns/README.md
+++ b/roles/dns/README.md
@@ -16,6 +16,7 @@ Role Variables
| `dns_zones` | Mandatory | DNS zones in which we must find the hosts |
| `dns_forwarders` | If not set, the DNS will be a recursive non-forwarding DNS server | DNS forwarders to delegate the requests for hosts outside of `dns_zones` |
| `dns_all_hosts` | Mandatory | Exhaustive list of hosts |
+| `base_docker_image` | Optional | Base docker image to build Bind image from, used only in containerized deployments |
Dependencies
------------
@@ -31,6 +32,7 @@ Example Playbook
dns_forwarders: [ '8.8.8.8', '8.8.4.4' ]
dns_zones: [ novalocal, openstacklocal ]
dns_all_hosts: "{{ g_all_hosts }}"
+ base_docker_image: 'centos:centos7'
License
-------
diff --git a/roles/dns/defaults/main.yml b/roles/dns/defaults/main.yml
new file mode 100644
index 000000000..82055c8cd
--- /dev/null
+++ b/roles/dns/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+base_docker_image: "{{ 'centos:centos7' if openshift.common.deployment_type == 'origin' else 'rhel7' }}"
diff --git a/roles/dns/meta/main.yml b/roles/dns/meta/main.yml
index b6e9d9ad0..048274c49 100644
--- a/roles/dns/meta/main.yml
+++ b/roles/dns/meta/main.yml
@@ -4,4 +4,5 @@ galaxy_info:
description: Deploy and configure a DNS server
company: Amadeus SAS
license: ASL 2.0
-dependencies: []
+dependencies:
+- { role: openshift_facts }
diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml
index af728585d..57a7e6269 100644
--- a/roles/dns/tasks/main.yml
+++ b/roles/dns/tasks/main.yml
@@ -1,18 +1,46 @@
- name: Install Bind
action: "{{ ansible_pkg_mgr }} name=bind"
+ when: not openshift.common.is_containerized | bool
+
+- name: Create docker build dir
+ file: path=/tmp/dockerbuild state=directory
+ when: openshift.common.is_containerized | bool
+
+- name: Install dockerfile
+ template:
+ dest: "/tmp/dockerbuild/Dockerfile"
+ src: Dockerfile
+ register: install_result
+ when: openshift.common.is_containerized | bool
+
+- name: Build Bind image
+ docker_image: path="/tmp/dockerbuild" name="bind" state=present
+ when: openshift.common.is_containerized | bool
+
+- name: Install bind service file
+ template:
+ dest: "/etc/systemd/system/named.service"
+ src: named.service.j2
+ register: install_result
+ when: openshift.common.is_containerized | bool
+
+- name: reload systemd
+ command: /usr/bin/systemctl --system daemon-reload
+ when: openshift.common.is_containerized | bool and install_result | changed
+
+- name: Create bind zone dir
+ file: path=/var/named state=directory
+ when: openshift.common.is_containerized | bool
- name: Configure Bind
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
- validate: "{{ item.validate }}"
with_items:
- src: openshift-cluster.zone
dest: /var/named/openshift-cluster.zone
- validate: "named-checkzone {{ dns_zones[0] }} %s"
- src: named.conf
dest: /etc/named.conf
- validate: "named-checkconf %s"
notify: restart bind
- name: Enable Bind
diff --git a/roles/dns/templates/Dockerfile b/roles/dns/templates/Dockerfile
new file mode 100644
index 000000000..cdff0a228
--- /dev/null
+++ b/roles/dns/templates/Dockerfile
@@ -0,0 +1,11 @@
+FROM {{ base_docker_image }}
+MAINTAINER Jan Provaznik <jprovazn@redhat.com>
+
+# install main packages:
+RUN yum -y update; yum clean all;
+RUN yum -y install bind-utils bind
+
+EXPOSE 53
+
+# start services:
+CMD ["/usr/sbin/named", "-f"]
diff --git a/roles/dns/templates/named.service.j2 b/roles/dns/templates/named.service.j2
new file mode 100644
index 000000000..566739f25
--- /dev/null
+++ b/roles/dns/templates/named.service.j2
@@ -0,0 +1,15 @@
+[Unit]
+Requires=docker.service
+After=docker.service
+PartOf=docker.service
+
+[Service]
+Type=simple
+TimeoutStartSec=5m
+ExecStartPre=/usr/bin/docker run --rm -v /etc/named.conf:/etc/named.conf -v /var/named:/var/named:z bind named-checkconf -z /etc/named.conf
+ExecStartPre=-/usr/bin/docker rm -f bind
+ExecStart=/usr/bin/docker run --name bind -p 53:53/udp -v /var/log:/var/log -v /etc/named.conf:/etc/named.conf -v /var/named:/var/named:z bind
+ExecStop=/usr/bin/docker stop bind
+
+[Install]
+WantedBy=docker.service
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index e4a31c692..3fd2ef50c 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -69,7 +69,7 @@
reg_flag: --insecure-registry
notify:
- restart docker
-
+
- name: Set Proxy Settings
lineinfile:
dest: /etc/sysconfig/docker
diff --git a/roles/openshift_builddefaults/tasks/main.yml b/roles/openshift_builddefaults/tasks/main.yml
index c82aebe72..6a4e919e8 100644
--- a/roles/openshift_builddefaults/tasks/main.yml
+++ b/roles/openshift_builddefaults/tasks/main.yml
@@ -4,8 +4,8 @@
role: builddefaults
# TODO: add ability to define builddefaults env vars sort of like this
# may need to move the config generation to a filter however.
- # openshift_env: "{{ hostvars[inventory_hostname]
- # | oo_merge_dicts(hostvars)
+ # openshift_env: "{{ hostvars
+ # | oo_merge_hostvars(vars, inventory_hostname)
# | oo_openshift_env }}"
# openshift_env_structures:
# - 'openshift.builddefaults.env.*'
diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml
index d7442924f..6111d1207 100644
--- a/roles/openshift_cloud_provider/tasks/main.yml
+++ b/roles/openshift_cloud_provider/tasks/main.yml
@@ -2,8 +2,8 @@
- name: Set cloud provider facts
openshift_facts:
role: cloudprovider
- openshift_env: "{{ hostvars[inventory_hostname]
- | oo_merge_dicts(hostvars)
+ openshift_env: "{{ hostvars
+ | oo_merge_hostvars(vars, inventory_hostname)
| oo_openshift_env }}"
openshift_env_structures:
- 'openshift.cloudprovider.aws.*'
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 643984982..bfd09676f 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -499,12 +499,12 @@ def set_dnsmasq_facts_if_unset(facts):
"""
if 'common' in facts:
- if 'use_dnsmasq' not in facts['common'] and facts['common']['version_gte_3_2_or_1_2']:
+ if 'use_dnsmasq' not in facts['common'] and safe_get_bool(facts['common']['version_gte_3_2_or_1_2']):
facts['common']['use_dnsmasq'] = True
else:
facts['common']['use_dnsmasq'] = False
if 'master' in facts and 'dns_port' not in facts['master']:
- if facts['common']['use_dnsmasq']:
+ if safe_get_bool(facts['common']['use_dnsmasq']):
facts['master']['dns_port'] = 8053
else:
facts['master']['dns_port'] = 53
diff --git a/roles/openshift_hosted_facts/tasks/main.yml b/roles/openshift_hosted_facts/tasks/main.yml
index f595e1e81..2a11e6cbd 100644
--- a/roles/openshift_hosted_facts/tasks/main.yml
+++ b/roles/openshift_hosted_facts/tasks/main.yml
@@ -2,6 +2,6 @@
- name: Set hosted facts
openshift_facts:
role: hosted
- openshift_env: "{{ hostvars[inventory_hostname]
- | oo_merge_dicts(hostvars)
+ openshift_env: "{{ hostvars
+ | oo_merge_hostvars(vars, inventory_hostname)
| oo_openshift_env }}"
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 09bde6002..16df984f9 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -13,6 +13,14 @@ os_firewall_allow:
port: "{{ openshift.master.dns_port }}/tcp"
- service: skydns udp
port: "{{ openshift.master.dns_port }}/udp"
+# On HA masters version_gte facts are not properly set so open port 53
+# whenever we're not certain of the need
+- service: legacy skydns tcp
+ port: "53/tcp"
+ when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
+- service: legacy skydns udp
+ port: "53/udp"
+ when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
- service: Fluentd td-agent tcp
port: 24224/tcp
- service: Fluentd td-agent udp
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 09:34:55 +0000