summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/etcd/tasks/system_container.yml72
-rw-r--r--roles/lib_openshift/library/oc_adm_registry.py9
-rw-r--r--roles/lib_openshift/library/oc_atomic_container.py203
-rw-r--r--roles/lib_openshift/src/ansible/oc_atomic_container.py137
-rw-r--r--roles/lib_openshift/src/doc/atomic_container36
-rw-r--r--roles/lib_openshift/src/lib/volume.py9
-rw-r--r--roles/lib_openshift/src/sources.yml6
-rw-r--r--roles/openshift_excluder/tasks/status.yml2
-rw-r--r--roles/openshift_hosted/tasks/registry/registry.yml5
-rw-r--r--roles/openshift_logging/files/fluent.conf2
-rw-r--r--roles/openshift_master/tasks/system_container.yml79
-rw-r--r--roles/openshift_master/vars/main.yml1
-rw-r--r--roles/openshift_node/tasks/node_system_container.yml38
-rw-r--r--roles/openshift_node/tasks/openvswitch_system_container.yml38
-rw-r--r--roles/openshift_node/vars/main.yml2
15 files changed, 464 insertions, 175 deletions
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml
index 241180e2c..3b80164cc 100644
--- a/roles/etcd/tasks/system_container.yml
+++ b/roles/etcd/tasks/system_container.yml
@@ -1,17 +1,16 @@
---
+- name: Load lib_openshift modules
+ include_role:
+ name: lib_openshift
+
- name: Pull etcd system container
command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
-- name: Check etcd system container package
- command: >
- atomic containers list --no-trunc -a -f container=etcd
- register: result
-
- name: Set initial Etcd cluster
set_fact:
- etcd_initial_cluster: >
+ etcd_initial_cluster: >-
{% for host in etcd_peers | default([]) -%}
{% if loop.last -%}
{{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }}
@@ -20,44 +19,23 @@
{%- endif -%}
{% endfor -%}
-- name: Update Etcd system container package
- command: >
- atomic containers update
- --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
- --set ETCD_NAME={{ etcd_hostname }}
- --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
- --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
- --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
- --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
- --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
- --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
- --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
- --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
- --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
- --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
- etcd
- when:
- - ("etcd" in result.stdout)
-
-- name: Install Etcd system container package
- command: >
- atomic install --system --name=etcd
- --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
- --set ETCD_NAME={{ etcd_hostname }}
- --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
- --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
- --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
- --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
- --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
- --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
- --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
- --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
- --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
- --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
- --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
- {{ openshift.etcd.etcd_image }}
- when:
- - ("etcd" not in result.stdout)
+- name: Install or Update Etcd system container package
+ oc_atomic_container:
+ name: etcd
+ image: "{{ openshift.etcd.etcd_image }}"
+ state: latest
+ values:
+ - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
+ - ETCD_NAME={{ etcd_hostname }}
+ - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }}
+ - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
+ - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
+ - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
+ - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
+ - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
+ - ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+ - ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
+ - ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
+ - ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+ - ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
+ - ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py
index b6b1f4a04..62018d758 100644
--- a/roles/lib_openshift/library/oc_adm_registry.py
+++ b/roles/lib_openshift/library/oc_adm_registry.py
@@ -2068,20 +2068,21 @@ class Volume(object):
''' return a properly structured volume '''
volume_mount = None
volume = {'name': volume_info['name']}
- if volume_info['type'] == 'secret':
+ volume_type = volume_info['type'].lower()
+ if volume_type == 'secret':
volume['secret'] = {}
volume[volume_info['type']] = {'secretName': volume_info['secret_name']}
volume_mount = {'mountPath': volume_info['path'],
'name': volume_info['name']}
- elif volume_info['type'] == 'emptydir':
+ elif volume_type == 'emptydir':
volume['emptyDir'] = {}
volume_mount = {'mountPath': volume_info['path'],
'name': volume_info['name']}
- elif volume_info['type'] == 'pvc':
+ elif volume_type == 'pvc' or volume_type == 'persistentvolumeclaim':
volume['persistentVolumeClaim'] = {}
volume['persistentVolumeClaim']['claimName'] = volume_info['claimName']
volume['persistentVolumeClaim']['claimSize'] = volume_info['claimSize']
- elif volume_info['type'] == 'hostpath':
+ elif volume_type == 'hostpath':
volume['hostPath'] = {}
volume['hostPath']['path'] = volume_info['path']
diff --git a/roles/lib_openshift/library/oc_atomic_container.py b/roles/lib_openshift/library/oc_atomic_container.py
new file mode 100644
index 000000000..d2620b4cc
--- /dev/null
+++ b/roles/lib_openshift/library/oc_atomic_container.py
@@ -0,0 +1,203 @@
+#!/usr/bin/env python
+# pylint: disable=missing-docstring
+# flake8: noqa: T001
+# ___ ___ _ _ ___ ___ _ _____ ___ ___
+# / __| __| \| | __| _ \ /_\_ _| __| \
+# | (_ | _|| .` | _|| / / _ \| | | _|| |) |
+# \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
+# | \ / _ \ | \| |/ _ \_ _| | __| \_ _|_ _|
+# | |) | (_) | | .` | (_) || | | _|| |) | | | |
+# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_|
+#
+# Copyright 2016 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# -*- -*- -*- Begin included fragment: doc/atomic_container -*- -*- -*-
+
+DOCUMENTATION = '''
+---
+module: oc_atomic_container
+short_description: Manage the container images on the atomic host platform
+description:
+ - Manage the container images on the atomic host platform
+ - Allows to execute the commands on the container images
+requirements:
+ - atomic
+ - "python >= 2.6"
+options:
+ name:
+ description:
+ - Name of the container
+ required: True
+ default: null
+ image:
+ description:
+ - The image to use to install the container
+ required: True
+ default: null
+ state:
+ description:
+ - State of the container
+ required: True
+ choices: ["latest", "absent", "latest", "rollback"]
+ default: "latest"
+ values:
+ description:
+ - Values for the installation of the container
+ required: False
+ default: None
+'''
+
+# -*- -*- -*- End included fragment: doc/atomic_container -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: ansible/oc_atomic_container.py -*- -*- -*-
+
+# pylint: disable=wrong-import-position,too-many-branches,invalid-name
+import json
+from ansible.module_utils.basic import AnsibleModule
+
+
+def _install(module, container, image, values_list):
+ ''' install a container using atomic CLI. values_list is the list of --set arguments.
+ container is the name given to the container. image is the image to use for the installation. '''
+ args = ['atomic', 'install', "--system", '--name=%s' % container] + values_list + [image]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ return rc, out, err, False
+ else:
+ changed = "Extracting" in out
+ return rc, out, err, changed
+
+def _uninstall(module, name):
+ ''' uninstall an atomic container by its name. '''
+ args = ['atomic', 'uninstall', name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ return rc, out, err, False
+
+
+def do_install(module, container, image, values_list):
+ ''' install a container and exit the module. '''
+ rc, out, err, changed = _install(module, container, image, values_list)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_uninstall(module, name):
+ ''' uninstall a container and exit the module. '''
+ rc, out, err, changed = _uninstall(module, name)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_update(module, container, old_image, image, values_list):
+ ''' update a container and exit the module. If the container uses a different
+ image than the current installed one, then first uninstall the old one '''
+
+ # the image we want is different than the installed one
+ if old_image != image:
+ rc, out, err, _ = _uninstall(module, container)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ return do_install(module, container, image, values_list)
+
+ # if the image didn't change, use "atomic containers update"
+ args = ['atomic', 'containers', 'update'] + values_list + [container]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ changed = "Extracting" in out
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_rollback(module, name):
+ ''' move to the previous deployment of the container, if present, and exit the module. '''
+ args = ['atomic', 'containers', 'rollback', name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ changed = "Rolling back" in out
+ module.exit_json(msg=out, changed=changed)
+
+
+def core(module):
+ ''' entrypoint for the module. '''
+ name = module.params['name']
+ image = module.params['image']
+ values = module.params['values']
+ state = module.params['state']
+
+ module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
+ out = {}
+ err = {}
+ rc = 0
+
+ values_list = ["--set=%s" % x for x in values] if values else []
+
+ args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ return
+
+ containers = json.loads(out)
+ present = len(containers) > 0
+ old_image = containers[0]["image_name"] if present else None
+
+ if state == 'present' and present:
+ module.exit_json(msg=out, changed=False)
+ elif (state in ['latest', 'present']) and not present:
+ do_install(module, name, image, values_list)
+ elif state == 'latest':
+ do_update(module, name, old_image, image, values_list)
+ elif state == 'absent':
+ if not present:
+ module.exit_json(msg="", changed=False)
+ else:
+ do_uninstall(module, name)
+ elif state == 'rollback':
+ do_rollback(module, name)
+
+
+def main():
+ module = AnsibleModule(
+ argument_spec=dict(
+ name=dict(default=None, required=True),
+ image=dict(default=None, required=True),
+ state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']),
+ values=dict(type='list', default=[]),
+ ),
+ )
+
+ # Verify that the platform supports atomic command
+ rc, _, err = module.run_command('atomic -v', check_rc=False)
+ if rc != 0:
+ module.fail_json(msg="Error in running atomic command", err=err)
+
+ try:
+ core(module)
+ except Exception as e: # pylint: disable=broad-except
+ module.fail_json(msg=str(e))
+
+
+if __name__ == '__main__':
+ main()
+
+# -*- -*- -*- End included fragment: ansible/oc_atomic_container.py -*- -*- -*-
diff --git a/roles/lib_openshift/src/ansible/oc_atomic_container.py b/roles/lib_openshift/src/ansible/oc_atomic_container.py
new file mode 100644
index 000000000..20d75cb63
--- /dev/null
+++ b/roles/lib_openshift/src/ansible/oc_atomic_container.py
@@ -0,0 +1,137 @@
+# pylint: skip-file
+# flake8: noqa
+
+# pylint: disable=wrong-import-position,too-many-branches,invalid-name
+import json
+from ansible.module_utils.basic import AnsibleModule
+
+
+def _install(module, container, image, values_list):
+ ''' install a container using atomic CLI. values_list is the list of --set arguments.
+ container is the name given to the container. image is the image to use for the installation. '''
+ args = ['atomic', 'install', "--system", '--name=%s' % container] + values_list + [image]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ return rc, out, err, False
+ else:
+ changed = "Extracting" in out
+ return rc, out, err, changed
+
+def _uninstall(module, name):
+ ''' uninstall an atomic container by its name. '''
+ args = ['atomic', 'uninstall', name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ return rc, out, err, False
+
+
+def do_install(module, container, image, values_list):
+ ''' install a container and exit the module. '''
+ rc, out, err, changed = _install(module, container, image, values_list)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_uninstall(module, name):
+ ''' uninstall a container and exit the module. '''
+ rc, out, err, changed = _uninstall(module, name)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_update(module, container, old_image, image, values_list):
+ ''' update a container and exit the module. If the container uses a different
+ image than the current installed one, then first uninstall the old one '''
+
+ # the image we want is different than the installed one
+ if old_image != image:
+ rc, out, err, _ = _uninstall(module, container)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ return do_install(module, container, image, values_list)
+
+ # if the image didn't change, use "atomic containers update"
+ args = ['atomic', 'containers', 'update'] + values_list + [container]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ changed = "Extracting" in out
+ module.exit_json(msg=out, changed=changed)
+
+
+def do_rollback(module, name):
+ ''' move to the previous deployment of the container, if present, and exit the module. '''
+ args = ['atomic', 'containers', 'rollback', name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ else:
+ changed = "Rolling back" in out
+ module.exit_json(msg=out, changed=changed)
+
+
+def core(module):
+ ''' entrypoint for the module. '''
+ name = module.params['name']
+ image = module.params['image']
+ values = module.params['values']
+ state = module.params['state']
+
+ module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
+ out = {}
+ err = {}
+ rc = 0
+
+ values_list = ["--set=%s" % x for x in values] if values else []
+
+ args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name]
+ rc, out, err = module.run_command(args, check_rc=False)
+ if rc != 0:
+ module.fail_json(rc=rc, msg=err)
+ return
+
+ containers = json.loads(out)
+ present = len(containers) > 0
+ old_image = containers[0]["image_name"] if present else None
+
+ if state == 'present' and present:
+ module.exit_json(msg=out, changed=False)
+ elif (state in ['latest', 'present']) and not present:
+ do_install(module, name, image, values_list)
+ elif state == 'latest':
+ do_update(module, name, old_image, image, values_list)
+ elif state == 'absent':
+ if not present:
+ module.exit_json(msg="", changed=False)
+ else:
+ do_uninstall(module, name)
+ elif state == 'rollback':
+ do_rollback(module, name)
+
+
+def main():
+ module = AnsibleModule(
+ argument_spec=dict(
+ name=dict(default=None, required=True),
+ image=dict(default=None, required=True),
+ state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']),
+ values=dict(type='list', default=[]),
+ ),
+ )
+
+ # Verify that the platform supports atomic command
+ rc, _, err = module.run_command('atomic -v', check_rc=False)
+ if rc != 0:
+ module.fail_json(msg="Error in running atomic command", err=err)
+
+ try:
+ core(module)
+ except Exception as e: # pylint: disable=broad-except
+ module.fail_json(msg=str(e))
+
+
+if __name__ == '__main__':
+ main()
diff --git a/roles/lib_openshift/src/doc/atomic_container b/roles/lib_openshift/src/doc/atomic_container
new file mode 100644
index 000000000..53fc40f36
--- /dev/null
+++ b/roles/lib_openshift/src/doc/atomic_container
@@ -0,0 +1,36 @@
+# flake8: noqa
+# pylint: skip-file
+
+DOCUMENTATION = '''
+---
+module: oc_atomic_container
+short_description: Manage the container images on the atomic host platform
+description:
+ - Manage the container images on the atomic host platform
+ - Allows to execute the commands on the container images
+requirements:
+ - atomic
+ - "python >= 2.6"
+options:
+ name:
+ description:
+ - Name of the container
+ required: True
+ default: null
+ image:
+ description:
+ - The image to use to install the container
+ required: True
+ default: null
+ state:
+ description:
+ - State of the container
+ required: True
+ choices: ["latest", "absent", "latest", "rollback"]
+ default: "latest"
+ values:
+ description:
+ - Values for the installation of the container
+ required: False
+ default: None
+'''
diff --git a/roles/lib_openshift/src/lib/volume.py b/roles/lib_openshift/src/lib/volume.py
index 84ef1f705..e0abb1d1b 100644
--- a/roles/lib_openshift/src/lib/volume.py
+++ b/roles/lib_openshift/src/lib/volume.py
@@ -17,20 +17,21 @@ class Volume(object):
''' return a properly structured volume '''
volume_mount = None
volume = {'name': volume_info['name']}
- if volume_info['type'] == 'secret':
+ volume_type = volume_info['type'].lower()
+ if volume_type == 'secret':
volume['secret'] = {}
volume[volume_info['type']] = {'secretName': volume_info['secret_name']}
volume_mount = {'mountPath': volume_info['path'],
'name': volume_info['name']}
- elif volume_info['type'] == 'emptydir':
+ elif volume_type == 'emptydir':
volume['emptyDir'] = {}
volume_mount = {'mountPath': volume_info['path'],
'name': volume_info['name']}
- elif volume_info['type'] == 'pvc':
+ elif volume_type == 'pvc' or volume_type == 'persistentvolumeclaim':
volume['persistentVolumeClaim'] = {}
volume['persistentVolumeClaim']['claimName'] = volume_info['claimName']
volume['persistentVolumeClaim']['claimSize'] = volume_info['claimSize']
- elif volume_info['type'] == 'hostpath':
+ elif volume_type == 'hostpath':
volume['hostPath'] = {}
volume['hostPath']['path'] = volume_info['path']
diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml
index 6585b1258..a48fdf0c2 100644
--- a/roles/lib_openshift/src/sources.yml
+++ b/roles/lib_openshift/src/sources.yml
@@ -49,6 +49,12 @@ oc_adm_router.py:
- class/oc_adm_router.py
- ansible/oc_adm_router.py
+oc_atomic_container.py:
+- doc/generated
+- doc/license
+- doc/atomic_container
+- ansible/oc_atomic_container.py
+
oc_edit.py:
- doc/generated
- doc/license
diff --git a/roles/openshift_excluder/tasks/status.yml b/roles/openshift_excluder/tasks/status.yml
index 6ef4af22d..ef118d94c 100644
--- a/roles/openshift_excluder/tasks/status.yml
+++ b/roles/openshift_excluder/tasks/status.yml
@@ -20,6 +20,7 @@
- name: Update to latest excluder packages
package:
name: "{{ openshift.common.service_type }}-excluder"
+ state: latest
when:
- "{{ openshift_excluder_installed.installed_versions | default([]) | length > 0 }}"
- not openshift.common.is_containerized | bool
@@ -27,6 +28,7 @@
- name: Update to the latest docker-excluder packages
package:
name: "{{ openshift.common.service_type }}-docker-excluder"
+ state: latest
when:
- "{{ docker_excluder_installed.installed_versions | default([]) | length > 0 }}"
- not openshift.common.is_containerized | bool
diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml
index d49967837..39e7de230 100644
--- a/roles/openshift_hosted/tasks/registry/registry.yml
+++ b/roles/openshift_hosted/tasks/registry/registry.yml
@@ -80,13 +80,14 @@
when:
- openshift.hosted.registry.storage.kind | default(none) == 'object'
-- name: Set facts for persistent volume
+- name: Update openshift_hosted facts for persistent volumes
set_fact:
+ openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(pvc_volume_mounts) }}"
+ vars:
pvc_volume_mounts:
- name: registry-storage
type: persistentVolumeClaim
claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-claim"
- openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(pvc_volume_mounts) }}"
when:
- openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack']
diff --git a/roles/openshift_logging/files/fluent.conf b/roles/openshift_logging/files/fluent.conf
index c0c1c8a44..aeaa705ee 100644
--- a/roles/openshift_logging/files/fluent.conf
+++ b/roles/openshift_logging/files/fluent.conf
@@ -22,7 +22,7 @@
@include configs.d/openshift/filter-k8s-flatten-hash.conf
@include configs.d/openshift/filter-k8s-record-transform.conf
@include configs.d/openshift/filter-syslog-record-transform.conf
- @include configs.d/openshift/filter-common-data-model.conf
+ @include configs.d/openshift/filter-viaq-data-model.conf
@include configs.d/openshift/filter-post-*.conf
##
diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml
index a0e1ac75e..1b3e0dba1 100644
--- a/roles/openshift_master/tasks/system_container.yml
+++ b/roles/openshift_master/tasks/system_container.yml
@@ -1,4 +1,8 @@
---
+- name: Load lib_openshift modules
+ include_role:
+ name: lib_openshift
+
- name: Pre-pull master system container image
command: >
atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}
@@ -10,68 +14,31 @@
atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-master
register: result
-- name: Update Master system container package
- command: >
- atomic containers update {{ openshift.common.service_type }}-master
- register: update_result
- changed_when: "'Extracting' in update_result.stdout"
- when:
- - ("master" in result.stdout)
- - l_is_same_version
- - not l_is_ha
-
-- name: Uninstall Master system container package
- command: >
- atomic uninstall {{ openshift.common.service_type }}-master
- failed_when: False
- when:
- - ("master" in result.stdout)
- - not l_is_same_version
- - not l_is_ha
-
-- name: Install Master system container package
- command: >
- atomic install --system --name={{ openshift.common.service_type }}-master {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}
+- name: Install or Update master system container
+ oc_atomic_container:
+ name: "{{ openshift.common.service_type }}-master"
+ image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+ state: latest
when:
- - not l_is_same_version or ("master" not in result.stdout) | bool
- not l_is_ha
- notify:
- - restart master
# HA
-- name: Update Master HA system container package
- command: >
- atomic containers update {{ openshift.common.service_type }}-master-{{ item }}
- register: update_result
- changed_when: "'Extracting' in update_result.stdout"
- with_items:
- - api
- - controllers
- when:
- - ("master" in result.stdout)
- - l_is_same_version
- - l_is_ha
-
-- name: Uninstall Master HA system container package
- command: >
- atomic uninstall {{ openshift.common.service_type }}-master-{{ item }}
- failed_when: False
- with_items:
- - api
- - controllers
+- name: Install or Update HA api master system container
+ oc_atomic_container:
+ name: "{{ openshift.common.service_type }}-master-api"
+ image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+ state: latest
+ values:
+ - COMMAND=api
when:
- - ("master" in result.stdout)
- - not l_is_same_version
- l_is_ha
-- name: Install Master HA system container package
- command: >
- atomic install --system --set COMMAND={{ item }} --name={{ openshift.common.service_type }}-master-{{ item }} {{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}
- with_items:
- - api
- - controllers
+- name: Install or Update HA controller master system container
+ oc_atomic_container:
+ name: "{{ openshift.common.service_type }}-master-controllers"
+ image: "{{ openshift.common.system_images_registry }}/{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+ state: latest
+ values:
+ - COMMAND=controllers
when:
- - not l_is_same_version or ("master" not in result.stdout) | bool
- l_is_ha
- notify:
- - restart master
diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml
index 1e157097d..c5ba20409 100644
--- a/roles/openshift_master/vars/main.yml
+++ b/roles/openshift_master/vars/main.yml
@@ -20,4 +20,3 @@ openshift_master_valid_grant_methods:
- deny
l_is_ha: "{{ openshift.master.ha is defined and openshift.master.ha | bool }}"
-l_is_same_version: "{{ (openshift.common.version is defined) and (openshift.common.version == openshift_version) | bool }}"
diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml
index 3ae5c7600..abe139418 100644
--- a/roles/openshift_node/tasks/node_system_container.yml
+++ b/roles/openshift_node/tasks/node_system_container.yml
@@ -1,36 +1,16 @@
---
+- name: Load lib_openshift modules
+ include_role:
+ name: lib_openshift
+
- name: Pre-pull node system container image
command: >
atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
-- name: Check Node system container package
- command: >
- atomic containers list --no-trunc -a -f container={{ openshift.common.service_type }}-node
- register: result
-
-- name: Update Node system container package
- command: >
- atomic containers update {{ openshift.common.service_type }}-node
- register: update_result
- changed_when: "'Extracting' in update_result.stdout"
- when:
- - l_is_same_version
- - ("node" in result.stdout)
-
-- name: Uninstall Node system container package
- command: >
- atomic uninstall {{ openshift.common.service_type }}-node
- failed_when: False
- when:
- - not l_is_same_version
- - ("node" in result.stdout)
-
-- name: Install Node system container package
- command: >
- atomic install --system --name={{ openshift.common.service_type }}-node {{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}
- register: install_node_result
- changed_when: "'Extracting' in pull_result.stdout"
- when:
- - not l_is_same_version or ("node" not in result.stdout) | bool
+- name: Install or Update node system container
+ oc_atomic_container:
+ name: "{{ openshift.common.service_type }}-node"
+ image: "{{ openshift.common.system_images_registry }}/{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}"
+ state: latest
diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml
index 6114230d0..b76ce8797 100644
--- a/roles/openshift_node/tasks/openvswitch_system_container.yml
+++ b/roles/openshift_node/tasks/openvswitch_system_container.yml
@@ -1,36 +1,16 @@
---
+- name: Load lib_openshift modules
+ include_role:
+ name: lib_openshift
+
- name: Pre-pull OpenVSwitch system container image
command: >
atomic pull --storage=ostree {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
-- name: Check OpenvSwitch system container package
- command: >
- atomic containers list --no-trunc -a -f container=openvswitch
- register: result
-
-- name: Update OpenvSwitch system container package
- command: >
- atomic containers update openvswitch
- register: update_result
- changed_when: "'Extracting' in update_result.stdout"
- when:
- - l_is_same_version
- - ("openvswitch" in result.stdout) | bool
-
-- name: Uninstall OpenvSwitch system container package
- command: >
- atomic uninstall openvswitch
- failed_when: False
- when:
- - not l_is_same_version
- - ("openvswitch" in result.stdout) | bool
-
-- name: Install OpenvSwitch system container package
- command: >
- atomic install --system --name=openvswitch {{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}
- when:
- - not l_is_same_version or ("openvswitch" not in result.stdout) | bool
- notify:
- - restart docker
+- name: Install or Update OpenVSwitch system container
+ oc_atomic_container:
+ name: openvswitch
+ image: "{{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}"
+ state: latest
diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml
deleted file mode 100644
index 0c2abf3b9..000000000
--- a/roles/openshift_node/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-l_is_same_version: "{{ (openshift.common.version is defined) and (openshift.common.version == openshift_version) | bool }}"