summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/ansible_tower/tasks/main.yaml3
-rw-r--r--roles/cockpit/defaults/main.yml5
-rw-r--r--roles/cockpit/meta/main.yml15
-rw-r--r--roles/cockpit/tasks/main.yml16
-rw-r--r--roles/etcd/tasks/main.yml1
-rw-r--r--roles/etcd_ca/tasks/main.yml2
-rw-r--r--roles/fluentd_master/tasks/main.yml10
-rw-r--r--roles/lib_zabbix/README.md38
-rw-r--r--roles/lib_zabbix/library/__init__.py3
-rw-r--r--roles/lib_zabbix/library/zbx_action.py538
-rw-r--r--roles/lib_zabbix/library/zbx_application.py (renamed from roles/os_zabbix/library/zbx_item.py)100
-rw-r--r--roles/lib_zabbix/library/zbx_discoveryrule.py205
-rw-r--r--roles/lib_zabbix/library/zbx_host.py (renamed from roles/os_zabbix/library/zbx_host.py)39
-rw-r--r--roles/lib_zabbix/library/zbx_hostgroup.py (renamed from roles/os_zabbix/library/zbx_hostgroup.py)16
-rw-r--r--roles/lib_zabbix/library/zbx_item.py250
-rw-r--r--roles/lib_zabbix/library/zbx_itemprototype.py276
-rw-r--r--roles/lib_zabbix/library/zbx_mediatype.py (renamed from roles/os_zabbix/library/zbx_mediatype.py)37
-rw-r--r--roles/lib_zabbix/library/zbx_template.py (renamed from roles/os_zabbix/library/zbx_template.py)26
-rw-r--r--roles/lib_zabbix/library/zbx_trigger.py231
-rw-r--r--roles/lib_zabbix/library/zbx_triggerprototype.py (renamed from roles/os_zabbix/library/zbx_trigger.py)96
-rw-r--r--roles/lib_zabbix/library/zbx_user.py (renamed from roles/os_zabbix/library/zbx_user.py)84
-rw-r--r--roles/lib_zabbix/library/zbx_user_media.py283
-rw-r--r--roles/lib_zabbix/library/zbx_usergroup.py (renamed from roles/os_zabbix/library/zbx_usergroup.py)94
-rw-r--r--roles/lib_zabbix/tasks/create_template.yml101
-rw-r--r--roles/lib_zabbix/tasks/create_user.yml11
-rw-r--r--roles/nickhammond.logrotate/.travis.yml14
-rw-r--r--roles/nickhammond.logrotate/README.md71
-rw-r--r--roles/nickhammond.logrotate/meta/.galaxy_install_info1
-rw-r--r--roles/nickhammond.logrotate/meta/main.yml15
-rw-r--r--roles/nickhammond.logrotate/tasks/main.yml10
-rw-r--r--roles/nickhammond.logrotate/templates/logrotate.d.j216
-rw-r--r--roles/nickhammond.logrotate/tests/inventory1
-rw-r--r--roles/nickhammond.logrotate/tests/test.yml18
-rw-r--r--roles/openshift_cluster_metrics/README.md36
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml53
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml4
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml30
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml67
-rw-r--r--roles/openshift_cluster_metrics/tasks/main.yml50
-rw-r--r--roles/openshift_common/README.md2
-rw-r--r--roles/openshift_common/defaults/main.yml2
-rw-r--r--roles/openshift_common/tasks/main.yml5
-rw-r--r--roles/openshift_common/vars/main.yml2
-rw-r--r--roles/openshift_examples/defaults/main.yml8
-rwxr-xr-xroles/openshift_examples/examples-sync.sh3
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json21
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json26
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json18
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json23
-rw-r--r--roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json18
-rw-r--r--roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json23
-rw-r--r--roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json36
-rw-r--r--roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json41
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json11
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/cakephp.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json29
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/dancer.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json45
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/django.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json150
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json173
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json35
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/nodejs.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json38
-rw-r--r--roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json4
-rw-r--r--roles/openshift_examples/tasks/main.yml14
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py171
-rw-r--r--roles/openshift_facts/tasks/main.yml4
-rw-r--r--roles/openshift_manage_node/tasks/main.yml18
-rw-r--r--roles/openshift_master/README.md12
-rw-r--r--roles/openshift_master/defaults/main.yml10
-rw-r--r--roles/openshift_master/handlers/main.yml4
-rw-r--r--roles/openshift_master/meta/main.yml2
-rw-r--r--roles/openshift_master/tasks/main.yml70
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j216
-rw-r--r--roles/openshift_master/templates/scheduler.json.j22
-rw-r--r--roles/openshift_master/templates/v1_partials/oauthConfig.j23
-rw-r--r--roles/openshift_master/vars/main.yml3
-rw-r--r--roles/openshift_master_ca/tasks/main.yml4
-rw-r--r--roles/openshift_master_ca/vars/main.yml3
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml2
-rw-r--r--roles/openshift_master_certificates/vars/main.yml4
-rw-r--r--roles/openshift_master_cluster/tasks/configure.yml8
-rw-r--r--roles/openshift_master_cluster/tasks/configure_deferred.yml4
-rw-r--r--roles/openshift_node/README.md20
-rw-r--r--roles/openshift_node/defaults/main.yml9
-rw-r--r--roles/openshift_node/handlers/main.yml7
-rw-r--r--roles/openshift_node/tasks/main.yml87
-rw-r--r--roles/openshift_node/templates/node.yaml.v1.j218
-rw-r--r--roles/openshift_node/templates/partials/kubeletArguments.j25
-rw-r--r--roles/openshift_node/vars/main.yml3
-rw-r--r--roles/openshift_node_certificates/README.md4
-rw-r--r--roles/openshift_node_certificates/vars/main.yml6
-rw-r--r--roles/openshift_registry/README.md3
-rw-r--r--roles/openshift_registry/tasks/main.yml11
-rw-r--r--roles/openshift_registry/vars/main.yml3
-rw-r--r--roles/openshift_repos/vars/main.yml7
-rw-r--r--roles/openshift_router/README.md3
-rw-r--r--roles/openshift_router/tasks/main.yml11
-rw-r--r--roles/openshift_router/vars/main.yml3
-rw-r--r--roles/openshift_serviceaccounts/tasks/main.yml26
-rw-r--r--roles/openshift_serviceaccounts/templates/serviceaccount.j24
-rw-r--r--roles/openshift_storage_nfs_lvm/tasks/main.yml2
-rw-r--r--roles/os_zabbix/README.md40
-rw-r--r--roles/os_zabbix/defaults/main.yml1
-rw-r--r--roles/os_zabbix/handlers/main.yml1
-rw-r--r--roles/os_zabbix/library/__init__.py0
-rw-r--r--roles/os_zabbix/library/test.yml92
-rw-r--r--roles/os_zabbix/meta/main.yml9
-rw-r--r--roles/os_zabbix/tasks/main.yml81
-rw-r--r--roles/os_zabbix/vars/main.yml1
-rw-r--r--roles/os_zabbix/vars/template_app_zabbix_agent.yml23
-rw-r--r--roles/os_zabbix/vars/template_app_zabbix_server.yml412
-rw-r--r--roles/os_zabbix/vars/template_docker.yml89
-rw-r--r--roles/os_zabbix/vars/template_heartbeat.yml13
-rw-r--r--roles/os_zabbix/vars/template_openshift_master.yml58
-rw-r--r--roles/os_zabbix/vars/template_openshift_node.yml44
-rw-r--r--roles/os_zabbix/vars/template_ops_tools.yml23
-rw-r--r--roles/os_zabbix/vars/template_os_linux.yml260
-rw-r--r--roles/rhel_subscribe/tasks/enterprise.yml4
120 files changed, 4713 insertions, 619 deletions
diff --git a/roles/ansible_tower/tasks/main.yaml b/roles/ansible_tower/tasks/main.yaml
index c110a3b70..b7757214d 100644
--- a/roles/ansible_tower/tasks/main.yaml
+++ b/roles/ansible_tower/tasks/main.yaml
@@ -9,6 +9,7 @@
- ansible
- telnet
- ack
+ - pylint
- name: download Tower setup
get_url: url=http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-2.1.1.tar.gz dest=/opt/ force=no
@@ -38,5 +39,3 @@
regexp: "^({{ item.option }})( *)="
line: '\1\2= {{ item.value }}'
with_items: config_changes | default([], true)
-
-
diff --git a/roles/cockpit/defaults/main.yml b/roles/cockpit/defaults/main.yml
new file mode 100644
index 000000000..ffd55f1dd
--- /dev/null
+++ b/roles/cockpit/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+os_firewall_use_firewalld: false
+os_firewall_allow:
+- service: cockpit-ws
+ port: 9090/tcp
diff --git a/roles/cockpit/meta/main.yml b/roles/cockpit/meta/main.yml
new file mode 100644
index 000000000..1e3948b19
--- /dev/null
+++ b/roles/cockpit/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Scott Dodson
+ description: Deploy and Enable cockpit-ws plus optional plugins
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 1.7
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+ - { role: os_firewall }
diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml
new file mode 100644
index 000000000..875cbad21
--- /dev/null
+++ b/roles/cockpit/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+- name: Install cockpit-ws
+ yum:
+ name: "{{ item }}"
+ state: present
+ with_items:
+ - cockpit-ws
+ - cockpit-shell
+ - cockpit-bridge
+ - "{{ cockpit_plugins }}"
+
+- name: Enable cockpit-ws
+ service:
+ name: cockpit.socket
+ enabled: true
+ state: started
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 27bfb7de9..656901409 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -38,6 +38,7 @@
template:
src: etcd.conf.j2
dest: /etc/etcd/etcd.conf
+ backup: true
notify:
- restart etcd
diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml
index ab151fe5b..625756867 100644
--- a/roles/etcd_ca/tasks/main.yml
+++ b/roles/etcd_ca/tasks/main.yml
@@ -18,6 +18,7 @@
- template:
dest: "{{ etcd_ca_dir }}/fragments/openssl_append.cnf"
src: openssl_append.j2
+ backup: true
- assemble:
src: "{{ etcd_ca_dir }}/fragments"
@@ -37,6 +38,7 @@
openssl req -config openssl.cnf -newkey rsa:4096
-keyout ca.key -new -out ca.crt -x509 -extensions etcd_v3_ca_self
-batch -nodes -subj /CN=etcd-signer@{{ ansible_date_time.epoch }}
+ -days 365
args:
chdir: "{{ etcd_ca_dir }}"
creates: "{{ etcd_ca_dir }}/ca.crt"
diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml
index d592dc306..55cd94460 100644
--- a/roles/fluentd_master/tasks/main.yml
+++ b/roles/fluentd_master/tasks/main.yml
@@ -39,12 +39,16 @@
owner: 'td-agent'
mode: 0444
-- name: "Pause before restarting td-agent and openshift-master, depending on the number of nodes."
- pause: seconds={{ ( num_nodes|int < 3 ) | ternary(15, (num_nodes|int * 5)) }}
+- name: wait for etcd to start up
+ wait_for: port=4001 delay=10
+ when: embedded_etcd | bool
+
+- name: wait for etcd peer to start up
+ wait_for: port=7001 delay=10
+ when: embedded_etcd | bool
- name: ensure td-agent is running
service:
name: 'td-agent'
state: started
enabled: yes
-
diff --git a/roles/lib_zabbix/README.md b/roles/lib_zabbix/README.md
new file mode 100644
index 000000000..69debc698
--- /dev/null
+++ b/roles/lib_zabbix/README.md
@@ -0,0 +1,38 @@
+zabbix
+=========
+
+Automate zabbix tasks.
+
+Requirements
+------------
+
+This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now.
+
+Role Variables
+--------------
+
+None
+
+Dependencies
+------------
+
+This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now.
+
+Example Playbook
+----------------
+
+ - zbx_host:
+ server: zab_server
+ user: zab_user
+ password: zab_password
+ name: 'myhost'
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+OpenShift operations, Red Hat, Inc
diff --git a/roles/lib_zabbix/library/__init__.py b/roles/lib_zabbix/library/__init__.py
new file mode 100644
index 000000000..0c7e19e41
--- /dev/null
+++ b/roles/lib_zabbix/library/__init__.py
@@ -0,0 +1,3 @@
+'''
+ZabbixAPI ansible module
+'''
diff --git a/roles/lib_zabbix/library/zbx_action.py b/roles/lib_zabbix/library/zbx_action.py
new file mode 100644
index 000000000..d64cebae1
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_action.py
@@ -0,0 +1,538 @@
+#!/usr/bin/env python
+'''
+ Ansible module for zabbix actions
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Zabbix action ansible module
+#
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection, ZabbixAPIError
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def conditions_equal(zab_conditions, user_conditions):
+ '''Compare two lists of conditions'''
+ c_type = 'conditiontype'
+ _op = 'operator'
+ val = 'value'
+ if len(user_conditions) != len(zab_conditions):
+ return False
+
+ for zab_cond, user_cond in zip(zab_conditions, user_conditions):
+ if zab_cond[c_type] != str(user_cond[c_type]) or zab_cond[_op] != str(user_cond[_op]) or \
+ zab_cond[val] != str(user_cond[val]):
+ return False
+
+ return True
+
+def filter_differences(zabbix_filters, user_filters):
+ '''Determine the differences from user and zabbix for operations'''
+ rval = {}
+ for key, val in user_filters.items():
+
+ if key == 'conditions':
+ if not conditions_equal(zabbix_filters[key], val):
+ rval[key] = val
+
+ elif zabbix_filters[key] != str(val):
+ rval[key] = val
+
+ return rval
+
+# This logic is quite complex. We are comparing two lists of dictionaries.
+# The outer for-loops allow us to descend down into both lists at the same time
+# and then walk over the key,val pairs of the incoming user dict's changes
+# or updates. The if-statements are looking at different sub-object types and
+# comparing them. The other suggestion on how to write this is to write a recursive
+# compare function but for the time constraints and for complexity I decided to go
+# this route.
+# pylint: disable=too-many-branches
+def operation_differences(zabbix_ops, user_ops):
+ '''Determine the differences from user and zabbix for operations'''
+
+ # if they don't match, take the user options
+ if len(zabbix_ops) != len(user_ops):
+ return user_ops
+
+ rval = {}
+ for zab, user in zip(zabbix_ops, user_ops):
+ for key, val in user.items():
+ if key == 'opconditions':
+ for z_cond, u_cond in zip(zab[key], user[key]):
+ if not all([str(u_cond[op_key]) == z_cond[op_key] for op_key in \
+ ['conditiontype', 'operator', 'value']]):
+ rval[key] = val
+ break
+ elif key == 'opmessage':
+ # Verify each passed param matches
+ for op_msg_key, op_msg_val in val.items():
+ if zab[key][op_msg_key] != str(op_msg_val):
+ rval[key] = val
+ break
+
+ elif key == 'opmessage_grp':
+ zab_grp_ids = set([ugrp['usrgrpid'] for ugrp in zab[key]])
+ usr_grp_ids = set([ugrp['usrgrpid'] for ugrp in val])
+ if usr_grp_ids != zab_grp_ids:
+ rval[key] = val
+
+ elif key == 'opmessage_usr':
+ zab_usr_ids = set([usr['userid'] for usr in zab[key]])
+ usr_ids = set([usr['userid'] for usr in val])
+ if usr_ids != zab_usr_ids:
+ rval[key] = val
+
+ elif zab[key] != str(val):
+ rval[key] = val
+ return rval
+
+def get_users(zapi, users):
+ '''get the mediatype id from the mediatype name'''
+ rval_users = []
+
+ for user in users:
+ content = zapi.get_content('user',
+ 'get',
+ {'filter': {'alias': user}})
+ rval_users.append({'userid': content['result'][0]['userid']})
+
+ return rval_users
+
+def get_user_groups(zapi, groups):
+ '''get the mediatype id from the mediatype name'''
+ user_groups = []
+
+ content = zapi.get_content('usergroup',
+ 'get',
+ {'search': {'name': groups}})
+
+ for usr_grp in content['result']:
+ user_groups.append({'usrgrpid': usr_grp['usrgrpid']})
+
+ return user_groups
+
+def get_mediatype_id_by_name(zapi, m_name):
+ '''get the mediatype id from the mediatype name'''
+ content = zapi.get_content('mediatype',
+ 'get',
+ {'filter': {'description': m_name}})
+
+ return content['result'][0]['mediatypeid']
+
+def get_priority(priority):
+ ''' determine priority
+ '''
+ prior = 0
+ if 'info' in priority:
+ prior = 1
+ elif 'warn' in priority:
+ prior = 2
+ elif 'avg' == priority or 'ave' in priority:
+ prior = 3
+ elif 'high' in priority:
+ prior = 4
+ elif 'dis' in priority:
+ prior = 5
+
+ return prior
+
+def get_event_source(from_src):
+ '''Translate even str into value'''
+ choices = ['trigger', 'discovery', 'auto', 'internal']
+ rval = 0
+ try:
+ rval = choices.index(from_src)
+ except ValueError as _:
+ ZabbixAPIError('Value not found for event source [%s]' % from_src)
+
+ return rval
+
+def get_status(inc_status):
+ '''determine status for action'''
+ rval = 1
+ if inc_status == 'enabled':
+ rval = 0
+
+ return rval
+
+def get_condition_operator(inc_operator):
+ ''' determine the condition operator'''
+ vals = {'=': 0,
+ '<>': 1,
+ 'like': 2,
+ 'not like': 3,
+ 'in': 4,
+ '>=': 5,
+ '<=': 6,
+ 'not in': 7,
+ }
+
+ return vals[inc_operator]
+
+def get_host_id_by_name(zapi, host_name):
+ '''Get host id by name'''
+ content = zapi.get_content('host',
+ 'get',
+ {'filter': {'name': host_name}})
+
+ return content['result'][0]['hostid']
+
+def get_trigger_value(inc_trigger):
+ '''determine the proper trigger value'''
+ rval = 1
+ if inc_trigger == 'PROBLEM':
+ rval = 1
+ else:
+ rval = 0
+
+ return rval
+
+def get_template_id_by_name(zapi, t_name):
+ '''get the template id by name'''
+ content = zapi.get_content('template',
+ 'get',
+ {'filter': {'host': t_name}})
+
+ return content['result'][0]['templateid']
+
+
+def get_host_group_id_by_name(zapi, hg_name):
+ '''Get hostgroup id by name'''
+ content = zapi.get_content('hostgroup',
+ 'get',
+ {'filter': {'name': hg_name}})
+
+ return content['result'][0]['groupid']
+
+def get_condition_type(event_source, inc_condition):
+ '''determine the condition type'''
+ c_types = {}
+ if event_source == 'trigger':
+ c_types = {'host group': 0,
+ 'host': 1,
+ 'trigger': 2,
+ 'trigger name': 3,
+ 'trigger severity': 4,
+ 'trigger value': 5,
+ 'time period': 6,
+ 'host template': 13,
+ 'application': 15,
+ 'maintenance status': 16,
+ }
+
+ elif event_source == 'discovery':
+ c_types = {'host IP': 7,
+ 'discovered service type': 8,
+ 'discovered service port': 9,
+ 'discovery status': 10,
+ 'uptime or downtime duration': 11,
+ 'received value': 12,
+ 'discovery rule': 18,
+ 'discovery check': 19,
+ 'proxy': 20,
+ 'discovery object': 21,
+ }
+
+ elif event_source == 'auto':
+ c_types = {'proxy': 20,
+ 'host name': 22,
+ 'host metadata': 24,
+ }
+
+ elif event_source == 'internal':
+ c_types = {'host group': 0,
+ 'host': 1,
+ 'host template': 13,
+ 'application': 15,
+ 'event type': 23,
+ }
+ else:
+ raise ZabbixAPIError('Unkown event source %s' % event_source)
+
+ return c_types[inc_condition]
+
+def get_operation_type(inc_operation):
+ ''' determine the correct operation type'''
+ o_types = {'send message': 0,
+ 'remote command': 1,
+ 'add host': 2,
+ 'remove host': 3,
+ 'add to host group': 4,
+ 'remove from host group': 5,
+ 'link to template': 6,
+ 'unlink from template': 7,
+ 'enable host': 8,
+ 'disable host': 9,
+ }
+
+ return o_types[inc_operation]
+
+def get_action_operations(zapi, inc_operations):
+ '''Convert the operations into syntax for api'''
+ for operation in inc_operations:
+ operation['operationtype'] = get_operation_type(operation['operationtype'])
+ if operation['operationtype'] == 0: # send message. Need to fix the
+ operation['opmessage']['mediatypeid'] = \
+ get_mediatype_id_by_name(zapi, operation['opmessage']['mediatypeid'])
+ operation['opmessage_grp'] = get_user_groups(zapi, operation.get('opmessage_grp', []))
+ operation['opmessage_usr'] = get_users(zapi, operation.get('opmessage_usr', []))
+ if operation['opmessage']['default_msg']:
+ operation['opmessage']['default_msg'] = 1
+ else:
+ operation['opmessage']['default_msg'] = 0
+
+ # NOT supported for remote commands
+ elif operation['operationtype'] == 1:
+ continue
+
+ # Handle Operation conditions:
+ # Currently there is only 1 available which
+ # is 'event acknowledged'. In the future
+ # if there are any added we will need to pass this
+ # option to a function and return the correct conditiontype
+ if operation.has_key('opconditions'):
+ for condition in operation['opconditions']:
+ if condition['conditiontype'] == 'event acknowledged':
+ condition['conditiontype'] = 14
+
+ if condition['operator'] == '=':
+ condition['operator'] = 0
+
+ if condition['value'] == 'acknowledged':
+ condition['operator'] = 1
+ else:
+ condition['operator'] = 0
+
+
+ return inc_operations
+
+def get_operation_evaltype(inc_type):
+ '''get the operation evaltype'''
+ rval = 0
+ if inc_type == 'and/or':
+ rval = 0
+ elif inc_type == 'and':
+ rval = 1
+ elif inc_type == 'or':
+ rval = 2
+ elif inc_type == 'custom':
+ rval = 3
+
+ return rval
+
+def get_action_conditions(zapi, event_source, inc_conditions):
+ '''Convert the conditions into syntax for api'''
+
+ calc_type = inc_conditions.pop('calculation_type')
+ inc_conditions['evaltype'] = get_operation_evaltype(calc_type)
+ for cond in inc_conditions['conditions']:
+
+ cond['operator'] = get_condition_operator(cond['operator'])
+ # Based on conditiontype we need to set the proper value
+ # e.g. conditiontype = hostgroup then the value needs to be a hostgroup id
+ # e.g. conditiontype = host the value needs to be a host id
+ cond['conditiontype'] = get_condition_type(event_source, cond['conditiontype'])
+ if cond['conditiontype'] == 0:
+ cond['value'] = get_host_group_id_by_name(zapi, cond['value'])
+ elif cond['conditiontype'] == 1:
+ cond['value'] = get_host_id_by_name(zapi, cond['value'])
+ elif cond['conditiontype'] == 4:
+ cond['value'] = get_priority(cond['value'])
+
+ elif cond['conditiontype'] == 5:
+ cond['value'] = get_trigger_value(cond['value'])
+ elif cond['conditiontype'] == 13:
+ cond['value'] = get_template_id_by_name(zapi, cond['value'])
+ elif cond['conditiontype'] == 16:
+ cond['value'] = ''
+
+ return inc_conditions
+
+
+def get_send_recovery(send_recovery):
+ '''Get the integer value'''
+ rval = 0
+ if send_recovery:
+ rval = 1
+
+ return rval
+
+# The branches are needed for CRUD and error handling
+# pylint: disable=too-many-branches
+def main():
+ '''
+ ansible zabbix module for zbx_item
+ '''
+
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+
+ name=dict(default=None, type='str'),
+ event_source=dict(default='trigger', choices=['trigger', 'discovery', 'auto', 'internal'], type='str'),
+ action_subject=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}", type='str'),
+ action_message=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}\r\n" +
+ "Last value: {ITEM.LASTVALUE}\r\n\r\n{TRIGGER.URL}", type='str'),
+ reply_subject=dict(default="{TRIGGER.NAME}: {TRIGGER.STATUS}", type='str'),
+ reply_message=dict(default="Trigger: {TRIGGER.NAME}\r\nTrigger status: {TRIGGER.STATUS}\r\n" +
+ "Trigger severity: {TRIGGER.SEVERITY}\r\nTrigger URL: {TRIGGER.URL}\r\n\r\n" +
+ "Item values:\r\n\r\n1. {ITEM.NAME1} ({HOST.NAME1}:{ITEM.KEY1}): " +
+ "{ITEM.VALUE1}\r\n2. {ITEM.NAME2} ({HOST.NAME2}:{ITEM.KEY2}): " +
+ "{ITEM.VALUE2}\r\n3. {ITEM.NAME3} ({HOST.NAME3}:{ITEM.KEY3}): " +
+ "{ITEM.VALUE3}", type='str'),
+ send_recovery=dict(default=False, type='bool'),
+ status=dict(default=None, type='str'),
+ escalation_time=dict(default=60, type='int'),
+ conditions_filter=dict(default=None, type='dict'),
+ operations=dict(default=None, type='list'),
+ state=dict(default='present', type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'action'
+ state = module.params['state']
+
+ content = zapi.get_content(zbx_class_name,
+ 'get',
+ {'search': {'name': module.params['name']},
+ 'selectFilter': 'extend',
+ 'selectOperations': 'extend',
+ })
+
+ #******#
+ # GET
+ #******#
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ #******#
+ # DELETE
+ #******#
+ if state == 'absent':
+ if not exists(content):
+ module.exit_json(changed=False, state="absent")
+
+ content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']])
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+ # Create and Update
+ if state == 'present':
+
+ conditions = get_action_conditions(zapi, module.params['event_source'], module.params['conditions_filter'])
+ operations = get_action_operations(zapi, module.params['operations'])
+ params = {'name': module.params['name'],
+ 'esc_period': module.params['escalation_time'],
+ 'eventsource': get_event_source(module.params['event_source']),
+ 'status': get_status(module.params['status']),
+ 'def_shortdata': module.params['action_subject'],
+ 'def_longdata': module.params['action_message'],
+ 'r_shortdata': module.params['reply_subject'],
+ 'r_longdata': module.params['reply_message'],
+ 'recovery_msg': get_send_recovery(module.params['send_recovery']),
+ 'filter': conditions,
+ 'operations': operations,
+ }
+
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
+ if not exists(content):
+ content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=True, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+
+ ########
+ # UPDATE
+ ########
+ _ = params.pop('hostid', None)
+ differences = {}
+ zab_results = content['result'][0]
+ for key, value in params.items():
+
+ if key == 'operations':
+ ops = operation_differences(zab_results[key], value)
+ if ops:
+ differences[key] = ops
+
+ elif key == 'filter':
+ filters = filter_differences(zab_results[key], value)
+ if filters:
+ differences[key] = filters
+
+ elif zab_results[key] != value and zab_results[key] != str(value):
+ differences[key] = value
+
+ if not differences:
+ module.exit_json(changed=False, results=zab_results, state="present")
+
+ # We have differences and need to update.
+ # action update requires an id, filters, and operations
+ differences['actionid'] = zab_results['actionid']
+ differences['operations'] = params['operations']
+ differences['filter'] = params['filter']
+ content = zapi.get_content(zbx_class_name, 'update', differences)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/os_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_application.py
index 57ec06463..21e3d91f4 100644
--- a/roles/os_zabbix/library/zbx_item.py
+++ b/roles/lib_zabbix/library/zbx_application.py
@@ -1,10 +1,10 @@
#!/usr/bin/env python
'''
- Ansible module for zabbix items
+Ansible module for application
'''
# vim: expandtab:tabstop=4:shiftwidth=4
#
-# Zabbix item ansible module
+# Zabbix application ansible module
#
#
# Copyright 2015 Red Hat Inc.
@@ -41,72 +41,52 @@ def exists(content, key='result'):
return True
-def get_value_type(value_type):
+def get_template_ids(zapi, template_name):
'''
- Possible values:
- 0 - numeric float;
- 1 - character;
- 2 - log;
- 3 - numeric unsigned;
- 4 - text
+ get related templates
'''
- vtype = 0
- if 'int' in value_type:
- vtype = 3
- elif 'char' in value_type:
- vtype = 1
- elif 'str' in value_type:
- vtype = 4
-
- return vtype
+ template_ids = []
+ # Fetch templates by name
+ content = zapi.get_content('template',
+ 'get',
+ {'search': {'host': template_name}})
+ if content.has_key('result'):
+ template_ids.append(content['result'][0]['templateid'])
+ return template_ids
def main():
- '''
- ansible zabbix module for zbx_item
+ ''' Ansible module for application
'''
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
- name=dict(default=None, type='str'),
- key=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str', required=True),
template_name=dict(default=None, type='str'),
- zabbix_type=dict(default=2, type='int'),
- value_type=dict(default='int', type='str'),
- applications=dict(default=[], type='list'),
- debug=dict(default=False, type='bool'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
- #Set the instance and the template for the rest of the calls
- zbx_class_name = 'item'
- idname = "itemid"
+ #Set the instance and the application for the rest of the calls
+ zbx_class_name = 'application'
+ idname = 'applicationid'
+ aname = module.params['name']
state = module.params['state']
- key = module.params['key']
- template_name = module.params['template_name']
-
- content = zapi.get_content('template', 'get', {'search': {'host': template_name}})
- templateid = None
- if content['result']:
- templateid = content['result'][0]['templateid']
- else:
- module.exit_json(changed=False,
- results='Error: Could find template with name %s for item.' % template_name,
- state="Unkown")
-
+ # get a applicationid, see if it exists
+ tids = get_template_ids(zapi, module.params['template_name'])
content = zapi.get_content(zbx_class_name,
'get',
- {'search': {'key_': key},
- 'selectApplications': 'applicationid',
+ {'search': {'name': aname},
+ 'templateids': tids[0],
})
if state == 'list':
module.exit_json(changed=False, results=content['result'], state="list")
@@ -119,12 +99,8 @@ def main():
module.exit_json(changed=True, results=content['result'], state="absent")
if state == 'present':
- params = {'name': module.params.get('name', module.params['key']),
- 'key_': key,
- 'hostid': templateid,
- 'type': module.params['zabbix_type'],
- 'value_type': get_value_type(module.params['value_type']),
- 'applications': module.params['applications'],
+ params = {'hostid': tids[0],
+ 'name': aname,
}
if not exists(content):
@@ -136,16 +112,22 @@ def main():
differences = {}
zab_results = content['result'][0]
for key, value in params.items():
-
- if zab_results[key] != value and zab_results[key] != str(value):
+ if key == 'templates' and zab_results.has_key('parentTemplates'):
+ if zab_results['parentTemplates'] != value:
+ differences[key] = value
+ elif zab_results[key] != str(value) and zab_results[key] != value:
differences[key] = value
if not differences:
- module.exit_json(changed=False, results=zab_results, state="present")
+ module.exit_json(changed=False, results=content['result'], state="present")
# We have differences and need to update
differences[idname] = zab_results[idname]
content = zapi.get_content(zbx_class_name, 'update', differences)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
module.exit_json(changed=True, results=content['result'], state="present")
module.exit_json(failed=True,
diff --git a/roles/lib_zabbix/library/zbx_discoveryrule.py b/roles/lib_zabbix/library/zbx_discoveryrule.py
new file mode 100644
index 000000000..f52f350a5
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_discoveryrule.py
@@ -0,0 +1,205 @@
+#!/usr/bin/env python
+'''
+Zabbix discovery rule ansible module
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def get_template(zapi, template_name):
+ '''get a template by name
+ '''
+ content = zapi.get_content('template',
+ 'get',
+ {'search': {'host': template_name},
+ 'output': 'extend',
+ 'selectInterfaces': 'interfaceid',
+ })
+ if not content['result']:
+ return None
+ return content['result'][0]
+
+def get_type(vtype):
+ '''
+ Determine which type of discoverrule this is
+ '''
+ _types = {'agent': 0,
+ 'SNMPv1': 1,
+ 'trapper': 2,
+ 'simple': 3,
+ 'SNMPv2': 4,
+ 'internal': 5,
+ 'SNMPv3': 6,
+ 'active': 7,
+ 'external': 10,
+ 'database monitor': 11,
+ 'ipmi': 12,
+ 'ssh': 13,
+ 'telnet': 14,
+ 'JMX': 16,
+ }
+
+ for typ in _types.keys():
+ if vtype in typ or vtype == typ:
+ _vtype = _types[typ]
+ break
+ else:
+ _vtype = 2
+
+ return _vtype
+
+def main():
+ '''
+ Ansible module for zabbix discovery rules
+ '''
+
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
+ key=dict(default=None, type='str'),
+ description=dict(default=None, type='str'),
+ interfaceid=dict(default=None, type='int'),
+ ztype=dict(default='trapper', type='str'),
+ delay=dict(default=60, type='int'),
+ lifetime=dict(default=30, type='int'),
+ template_name=dict(default=[], type='list'),
+ state=dict(default='present', type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'discoveryrule'
+ idname = "itemid"
+ dname = module.params['name']
+ state = module.params['state']
+ template = get_template(zapi, module.params['template_name'])
+
+ # selectInterfaces doesn't appear to be working but is needed.
+ content = zapi.get_content(zbx_class_name,
+ 'get',
+ {'search': {'name': dname},
+ 'templateids': template['templateid'],
+ #'selectDServices': 'extend',
+ #'selectDChecks': 'extend',
+ #'selectDhosts': 'dhostid',
+ })
+
+ #******#
+ # GET
+ #******#
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ #******#
+ # DELETE
+ #******#
+ if state == 'absent':
+ if not exists(content):
+ module.exit_json(changed=False, state="absent")
+
+ content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+
+ # Create and Update
+ if state == 'present':
+ params = {'name': dname,
+ 'key_': module.params['key'],
+ 'hostid': template['templateid'],
+ 'interfaceid': module.params['interfaceid'],
+ 'lifetime': module.params['lifetime'],
+ 'type': get_type(module.params['ztype']),
+ 'description': module.params['description'],
+ }
+ if params['type'] in [2, 5, 7, 11]:
+ params.pop('interfaceid')
+
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
+ if not exists(content):
+ content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=True, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+ ########
+ # UPDATE
+ ########
+ differences = {}
+ zab_results = content['result'][0]
+ for key, value in params.items():
+
+ if zab_results[key] != value and zab_results[key] != str(value):
+ differences[key] = value
+
+ if not differences:
+ module.exit_json(changed=False, results=zab_results, state="present")
+
+ # We have differences and need to update
+ differences[idname] = zab_results[idname]
+ content = zapi.get_content(zbx_class_name, 'update', differences)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/os_zabbix/library/zbx_host.py b/roles/lib_zabbix/library/zbx_host.py
index d75dfdea1..e26c9caf3 100644
--- a/roles/os_zabbix/library/zbx_host.py
+++ b/roles/lib_zabbix/library/zbx_host.py
@@ -60,7 +60,7 @@ def get_template_ids(zapi, template_names):
for template_name in template_names:
content = zapi.get_content('template', 'get', {'search': {'host': template_name}})
if content.has_key('result'):
- template_ids.append({'templateid': content['results'][0]['templateid']})
+ template_ids.append({'templateid': content['result'][0]['templateid']})
return template_ids
def main():
@@ -70,23 +70,23 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
name=dict(default=None, type='str'),
hostgroup_names=dict(default=[], type='list'),
template_names=dict(default=[], type='list'),
- debug=dict(default=False, type='bool'),
state=dict(default='present', type='str'),
- interfaces=dict(default=[], type='list'),
+ interfaces=dict(default=None, type='list'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
#Set the instance and the template for the rest of the calls
zbx_class_name = 'host'
@@ -113,16 +113,17 @@ def main():
module.exit_json(changed=True, results=content['result'], state="absent")
if state == 'present':
+ ifs = module.params['interfaces'] or [{'type': 1, # interface type, 1 = agent
+ 'main': 1, # default interface? 1 = true
+ 'useip': 1, # default interface? 1 = true
+ 'ip': '127.0.0.1', # default interface? 1 = true
+ 'dns': '', # dns for host
+ 'port': '10050', # port for interface? 10050
+ }]
params = {'host': hname,
- 'groups': get_group_ids(zapi, module.params('hostgroup_names')),
- 'templates': get_template_ids(zapi, module.params('template_names')),
- 'interfaces': module.params.get('interfaces', [{'type': 1, # interface type, 1 = agent
- 'main': 1, # default interface? 1 = true
- 'useip': 1, # default interface? 1 = true
- 'ip': '127.0.0.1', # default interface? 1 = true
- 'dns': '', # dns for host
- 'port': '10050', # port for interface? 10050
- }])
+ 'groups': get_group_ids(zapi, module.params['hostgroup_names']),
+ 'templates': get_template_ids(zapi, module.params['template_names']),
+ 'interfaces': ifs,
}
if not exists(content):
diff --git a/roles/os_zabbix/library/zbx_hostgroup.py b/roles/lib_zabbix/library/zbx_hostgroup.py
index a1eb875d4..7f080af24 100644
--- a/roles/os_zabbix/library/zbx_hostgroup.py
+++ b/roles/lib_zabbix/library/zbx_hostgroup.py
@@ -46,20 +46,20 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
name=dict(default=None, type='str'),
- debug=dict(default=False, type='bool'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
#Set the instance and the template for the rest of the calls
zbx_class_name = 'hostgroup'
diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py
new file mode 100644
index 000000000..2cd00dd27
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_item.py
@@ -0,0 +1,250 @@
+#!/usr/bin/env python
+'''
+ Ansible module for zabbix items
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Zabbix item ansible module
+#
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def get_value_type(value_type):
+ '''
+ Possible values:
+ 0 - numeric float;
+ 1 - character;
+ 2 - log;
+ 3 - numeric unsigned;
+ 4 - text
+ '''
+ vtype = 0
+ if 'int' in value_type:
+ vtype = 3
+ elif 'log' in value_type:
+ vtype = 2
+ elif 'char' in value_type:
+ vtype = 1
+ elif 'str' in value_type:
+ vtype = 4
+
+ return vtype
+
+def get_app_ids(application_names, app_name_ids):
+ ''' get application ids from names
+ '''
+ applications = []
+ if application_names:
+ for app in application_names:
+ applications.append(app_name_ids[app])
+
+ return applications
+
+def get_template_id(zapi, template_name):
+ '''
+ get related templates
+ '''
+ template_ids = []
+ app_ids = {}
+ # Fetch templates by name
+ content = zapi.get_content('template',
+ 'get',
+ {'search': {'host': template_name},
+ 'selectApplications': ['applicationid', 'name']})
+ if content.has_key('result'):
+ template_ids.append(content['result'][0]['templateid'])
+ for app in content['result'][0]['applications']:
+ app_ids[app['name']] = app['applicationid']
+
+ return template_ids, app_ids
+
+def get_multiplier(inval):
+ ''' Determine the multiplier
+ '''
+ if inval == None or inval == '':
+ return None, 0
+
+ rval = None
+ try:
+ rval = int(inval)
+ except ValueError:
+ pass
+
+ if rval:
+ return rval, 1
+
+ return rval, 0
+
+# The branches are needed for CRUD and error handling
+# pylint: disable=too-many-branches
+def main():
+ '''
+ ansible zabbix module for zbx_item
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
+ key=dict(default=None, type='str'),
+ template_name=dict(default=None, type='str'),
+ zabbix_type=dict(default=2, type='int'),
+ value_type=dict(default='int', type='str'),
+ interval=dict(default=60, type='int'),
+ delta=dict(default=0, type='int'),
+ multiplier=dict(default=None, type='str'),
+ description=dict(default=None, type='str'),
+ units=dict(default=None, type='str'),
+ applications=dict(default=None, type='list'),
+ state=dict(default='present', type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'item'
+ state = module.params['state']
+
+ templateid, app_name_ids = get_template_id(zapi, module.params['template_name'])
+
+ # Fail if a template was not found matching the name
+ if not templateid:
+ module.exit_json(failed=True,
+ changed=False,
+ results='Error: Could find template with name %s for item.' % module.params['template_name'],
+ state="Unkown")
+
+ content = zapi.get_content(zbx_class_name,
+ 'get',
+ {'search': {'key_': module.params['key']},
+ 'selectApplications': 'applicationid',
+ 'templateids': templateid,
+ })
+
+ #******#
+ # GET
+ #******#
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ #******#
+ # DELETE
+ #******#
+ if state == 'absent':
+ if not exists(content):
+ module.exit_json(changed=False, state="absent")
+
+ content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']])
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+ # Create and Update
+ if state == 'present':
+
+ formula, use_multiplier = get_multiplier(module.params['multiplier'])
+ params = {'name': module.params.get('name', module.params['key']),
+ 'key_': module.params['key'],
+ 'hostid': templateid[0],
+ 'type': module.params['zabbix_type'],
+ 'value_type': get_value_type(module.params['value_type']),
+ 'applications': get_app_ids(module.params['applications'], app_name_ids),
+ 'formula': formula,
+ 'multiplier': use_multiplier,
+ 'description': module.params['description'],
+ 'units': module.params['units'],
+ 'delay': module.params['interval'],
+ 'delta': module.params['delta'],
+ }
+
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
+ if not exists(content):
+ content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=True, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+
+ ########
+ # UPDATE
+ ########
+ _ = params.pop('hostid', None)
+ differences = {}
+ zab_results = content['result'][0]
+ for key, value in params.items():
+
+ if key == 'applications':
+ app_ids = [item['applicationid'] for item in zab_results[key]]
+ if set(app_ids) != set(value):
+ differences[key] = value
+
+ elif zab_results[key] != value and zab_results[key] != str(value):
+ differences[key] = value
+
+ if not differences:
+ module.exit_json(changed=False, results=zab_results, state="present")
+
+ # We have differences and need to update
+ differences['itemid'] = zab_results['itemid']
+ content = zapi.get_content(zbx_class_name, 'update', differences)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py
new file mode 100644
index 000000000..e7fd6fa21
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_itemprototype.py
@@ -0,0 +1,276 @@
+#!/usr/bin/env python
+'''
+Zabbix discovery rule ansible module
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def get_rule_id(zapi, discoveryrule_key, templateid):
+ '''get a discoveryrule by name
+ '''
+ content = zapi.get_content('discoveryrule',
+ 'get',
+ {'search': {'key_': discoveryrule_key},
+ 'output': 'extend',
+ 'templateids': templateid,
+ })
+ if not content['result']:
+ return None
+ return content['result'][0]['itemid']
+
+def get_template(zapi, template_name):
+ '''get a template by name
+ '''
+ if not template_name:
+ return None
+
+ content = zapi.get_content('template',
+ 'get',
+ {'search': {'host': template_name},
+ 'output': 'extend',
+ 'selectInterfaces': 'interfaceid',
+ })
+ if not content['result']:
+ return None
+ return content['result'][0]
+
+def get_type(ztype):
+ '''
+ Determine which type of discoverrule this is
+ '''
+ _types = {'agent': 0,
+ 'SNMPv1': 1,
+ 'trapper': 2,
+ 'simple': 3,
+ 'SNMPv2': 4,
+ 'internal': 5,
+ 'SNMPv3': 6,
+ 'active': 7,
+ 'aggregate': 8,
+ 'external': 10,
+ 'database monitor': 11,
+ 'ipmi': 12,
+ 'ssh': 13,
+ 'telnet': 14,
+ 'calculated': 15,
+ 'JMX': 16,
+ }
+
+ for typ in _types.keys():
+ if ztype in typ or ztype == typ:
+ _vtype = _types[typ]
+ break
+ else:
+ _vtype = 2
+
+ return _vtype
+
+def get_value_type(value_type):
+ '''
+ Possible values:
+ 0 - numeric float;
+ 1 - character;
+ 2 - log;
+ 3 - numeric unsigned;
+ 4 - text
+ '''
+ vtype = 0
+ if 'int' in value_type:
+ vtype = 3
+ elif 'char' in value_type:
+ vtype = 1
+ elif 'str' in value_type:
+ vtype = 4
+
+ return vtype
+
+def get_status(status):
+ ''' Determine status
+ '''
+ _status = 0
+ if status == 'disabled':
+ _status = 1
+ elif status == 'unsupported':
+ _status = 3
+
+ return _status
+
+def get_app_ids(zapi, application_names, templateid):
+ ''' get application ids from names
+ '''
+ app_ids = []
+ for app_name in application_names:
+ content = zapi.get_content('application', 'get', {'filter': {'name': app_name}, 'templateids': templateid})
+ if content.has_key('result'):
+ app_ids.append(content['result'][0]['applicationid'])
+ return app_ids
+
+# pylint: disable=too-many-branches
+def main():
+ '''
+ Ansible module for zabbix discovery rules
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
+ key=dict(default=None, type='str'),
+ description=dict(default=None, type='str'),
+ interfaceid=dict(default=None, type='int'),
+ ztype=dict(default='trapper', type='str'),
+ value_type=dict(default='float', type='str'),
+ delay=dict(default=60, type='int'),
+ lifetime=dict(default=30, type='int'),
+ state=dict(default='present', type='str'),
+ status=dict(default='enabled', type='str'),
+ applications=dict(default=[], type='list'),
+ template_name=dict(default=None, type='str'),
+ discoveryrule_key=dict(default=None, type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'itemprototype'
+ idname = "itemid"
+ state = module.params['state']
+ template = get_template(zapi, module.params['template_name'])
+
+ # selectInterfaces doesn't appear to be working but is needed.
+ content = zapi.get_content(zbx_class_name,
+ 'get',
+ {'search': {'key_': module.params['key']},
+ 'selectApplications': 'applicationid',
+ 'selectDiscoveryRule': 'itemid',
+ 'templated': True,
+ })
+
+ #******#
+ # GET
+ #******#
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ #******#
+ # DELETE
+ #******#
+ if state == 'absent':
+ if not exists(content):
+ module.exit_json(changed=False, state="absent")
+
+ content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+ # Create and Update
+ if state == 'present':
+ params = {'name': module.params['name'],
+ 'key_': module.params['key'],
+ 'hostid': template['templateid'],
+ 'interfaceid': module.params['interfaceid'],
+ 'ruleid': get_rule_id(zapi, module.params['discoveryrule_key'], template['templateid']),
+ 'type': get_type(module.params['ztype']),
+ 'value_type': get_value_type(module.params['value_type']),
+ 'applications': get_app_ids(zapi, module.params['applications'], template['templateid']),
+ 'description': module.params['description'],
+ }
+
+ if params['type'] in [2, 5, 7, 8, 11, 15]:
+ params.pop('interfaceid')
+
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
+ if not exists(content):
+ content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+ #******#
+ # UPDATE
+ #******#
+ differences = {}
+ zab_results = content['result'][0]
+ for key, value in params.items():
+
+ if key == 'ruleid':
+ if value != zab_results['discoveryRule']['itemid']:
+ differences[key] = value
+
+ elif key == 'applications':
+ app_ids = [app['applicationid'] for app in zab_results[key]]
+ if set(app_ids) - set(value):
+ differences[key] = value
+
+ elif zab_results[key] != value and zab_results[key] != str(value):
+ differences[key] = value
+
+ if not differences:
+ module.exit_json(changed=False, results=zab_results, state="present")
+
+ # We have differences and need to update
+ differences[idname] = zab_results[idname]
+ content = zapi.get_content(zbx_class_name, 'update', differences)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/os_zabbix/library/zbx_mediatype.py b/roles/lib_zabbix/library/zbx_mediatype.py
index a49aecd0f..3be232ecf 100644
--- a/roles/os_zabbix/library/zbx_mediatype.py
+++ b/roles/lib_zabbix/library/zbx_mediatype.py
@@ -40,6 +40,7 @@ def exists(content, key='result'):
return False
return True
+
def get_mtype(mtype):
'''
Transport used by the media type.
@@ -72,24 +73,28 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
description=dict(default=None, type='str'),
mtype=dict(default=None, type='str'),
smtp_server=dict(default=None, type='str'),
smtp_helo=dict(default=None, type='str'),
smtp_email=dict(default=None, type='str'),
- debug=dict(default=False, type='bool'),
+ passwd=dict(default=None, type='str'),
+ path=dict(default=None, type='str'),
+ username=dict(default=None, type='str'),
+ status=dict(default='enabled', type='str'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
#Set the instance and the template for the rest of the calls
zbx_class_name = 'mediatype'
@@ -109,16 +114,30 @@ def main():
module.exit_json(changed=True, results=content['result'], state="absent")
if state == 'present':
+ status = 1
+ if module.params['status']:
+ status = 0
params = {'description': description,
- 'type': get_mtype(module.params['media_type']),
+ 'type': get_mtype(module.params['mtype']),
'smtp_server': module.params['smtp_server'],
'smtp_helo': module.params['smtp_helo'],
'smtp_email': module.params['smtp_email'],
+ 'passwd': module.params['passwd'],
+ 'exec_path': module.params['path'],
+ 'username': module.params['username'],
+ 'status': status,
}
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
if not exists(content):
# if we didn't find it, create it
content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
module.exit_json(changed=True, results=content['result'], state='present')
# already exists, we need to update it
# let's compare properties
diff --git a/roles/os_zabbix/library/zbx_template.py b/roles/lib_zabbix/library/zbx_template.py
index 676fa7e49..ff5714bdc 100644
--- a/roles/os_zabbix/library/zbx_template.py
+++ b/roles/lib_zabbix/library/zbx_template.py
@@ -47,21 +47,20 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
name=dict(default=None, type='str'),
- debug=dict(default=False, type='bool'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zbc = ZabbixConnection(module.params['server'], user, passwd, module.params['debug'])
- zapi = ZabbixAPI(zbc)
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
#Set the instance and the template for the rest of the calls
zbx_class_name = 'template'
@@ -74,7 +73,8 @@ def main():
{'search': {'host': tname},
'selectParentTemplates': 'templateid',
'selectGroups': 'groupid',
- #'selectApplications': extend,
+ 'selectApplications': 'applicationid',
+ 'selectDiscoveries': 'extend',
})
if state == 'list':
module.exit_json(changed=False, results=content['result'], state="list")
@@ -83,6 +83,12 @@ def main():
if not exists(content):
module.exit_json(changed=False, state="absent")
+ if not tname:
+ module.exit_json(failed=True,
+ changed=False,
+ results='Must specifiy a template name.',
+ state="absent")
+
content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
module.exit_json(changed=True, results=content['result'], state="absent")
diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py
new file mode 100644
index 000000000..ab7731faa
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_trigger.py
@@ -0,0 +1,231 @@
+#!/usr/bin/env python
+'''
+ansible module for zabbix triggers
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Zabbix trigger ansible module
+#
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def get_priority(priority):
+ ''' determine priority
+ '''
+ prior = 0
+ if 'info' in priority:
+ prior = 1
+ elif 'warn' in priority:
+ prior = 2
+ elif 'avg' == priority or 'ave' in priority:
+ prior = 3
+ elif 'high' in priority:
+ prior = 4
+ elif 'dis' in priority:
+ prior = 5
+
+ return prior
+
+def get_deps(zapi, deps):
+ ''' get trigger dependencies
+ '''
+ results = []
+ for desc in deps:
+ content = zapi.get_content('trigger',
+ 'get',
+ {'filter': {'description': desc},
+ 'expandExpression': True,
+ 'selectDependencies': 'triggerid',
+ })
+ if content.has_key('result'):
+ results.append({'triggerid': content['result'][0]['triggerid']})
+
+ return results
+
+
+def get_trigger_status(inc_status):
+ ''' Determine the trigger's status
+ 0 is enabled
+ 1 is disabled
+ '''
+ r_status = 0
+ if inc_status == 'disabled':
+ r_status = 1
+
+ return r_status
+
+def get_template_id(zapi, template_name):
+ '''
+ get related templates
+ '''
+ template_ids = []
+ app_ids = {}
+ # Fetch templates by name
+ content = zapi.get_content('template',
+ 'get',
+ {'search': {'host': template_name},
+ 'selectApplications': ['applicationid', 'name']})
+ if content.has_key('result'):
+ template_ids.append(content['result'][0]['templateid'])
+ for app in content['result'][0]['applications']:
+ app_ids[app['name']] = app['applicationid']
+
+ return template_ids, app_ids
+
+def main():
+ '''
+ Create a trigger in zabbix
+
+ Example:
+ "params": {
+ "description": "Processor load is too high on {HOST.NAME}",
+ "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5",
+ "dependencies": [
+ {
+ "triggerid": "14062"
+ }
+ ]
+ },
+
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ expression=dict(default=None, type='str'),
+ name=dict(default=None, type='str'),
+ description=dict(default=None, type='str'),
+ dependencies=dict(default=[], type='list'),
+ priority=dict(default='avg', type='str'),
+ url=dict(default=None, type='str'),
+ status=dict(default=None, type='str'),
+ state=dict(default='present', type='str'),
+ template_name=dict(default=None, type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'trigger'
+ idname = "triggerid"
+ state = module.params['state']
+ tname = module.params['name']
+
+ templateid = None
+ if module.params['template_name']:
+ templateid, _ = get_template_id(zapi, module.params['template_name'])
+
+ content = zapi.get_content(zbx_class_name,
+ 'get',
+ {'filter': {'description': tname},
+ 'expandExpression': True,
+ 'selectDependencies': 'triggerid',
+ 'templateids': templateid,
+ })
+
+ # Get
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ # Delete
+ if state == 'absent':
+ if not exists(content):
+ module.exit_json(changed=False, state="absent")
+ content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+ # Create and Update
+ if state == 'present':
+ params = {'description': tname,
+ 'comments': module.params['description'],
+ 'expression': module.params['expression'],
+ 'dependencies': get_deps(zapi, module.params['dependencies']),
+ 'priority': get_priority(module.params['priority']),
+ 'url': module.params['url'],
+ 'status': get_trigger_status(module.params['status']),
+ }
+
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
+ if not exists(content):
+ # if we didn't find it, create it
+ content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=True, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+ ########
+ # UPDATE
+ ########
+ differences = {}
+ zab_results = content['result'][0]
+ for key, value in params.items():
+
+ if zab_results[key] != value and zab_results[key] != str(value):
+ differences[key] = value
+
+ if not differences:
+ module.exit_json(changed=False, results=zab_results, state="present")
+
+ # We have differences and need to update
+ differences[idname] = zab_results[idname]
+ content = zapi.get_content(zbx_class_name, 'update', differences)
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/os_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_triggerprototype.py
index 7cc9356c8..c1224b268 100644
--- a/roles/os_zabbix/library/zbx_trigger.py
+++ b/roles/lib_zabbix/library/zbx_triggerprototype.py
@@ -1,10 +1,10 @@
#!/usr/bin/env python
'''
-ansible module for zabbix triggers
+ansible module for zabbix triggerprototypes
'''
# vim: expandtab:tabstop=4:shiftwidth=4
#
-# Zabbix trigger ansible module
+# Zabbix triggerprototypes ansible module
#
#
# Copyright 2015 Red Hat Inc.
@@ -41,7 +41,6 @@ def exists(content, key='result'):
return True
-
def get_priority(priority):
''' determine priority
'''
@@ -59,94 +58,97 @@ def get_priority(priority):
return prior
-def get_deps(zapi, deps):
- ''' get trigger dependencies
+def get_trigger_status(inc_status):
+ ''' Determine the trigger's status
+ 0 is enabled
+ 1 is disabled
'''
- results = []
- for desc in deps:
- content = zapi.get_content('trigger',
- 'get',
- {'search': {'description': desc},
- 'expandExpression': True,
- 'selectDependencies': 'triggerid',
- })
- if content.has_key('result'):
- results.append({'triggerid': content['result'][0]['triggerid']})
-
- return results
+ r_status = 0
+ if inc_status == 'disabled':
+ r_status = 1
+
+ return r_status
+
def main():
'''
- Create a trigger in zabbix
-
- Example:
- "params": {
- "description": "Processor load is too high on {HOST.NAME}",
- "expression": "{Linux server:system.cpu.load[percpu,avg1].last()}>5",
- "dependencies": [
- {
- "triggerid": "14062"
- }
- ]
- },
-
+ Create a triggerprototype in zabbix
'''
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
expression=dict(default=None, type='str'),
description=dict(default=None, type='str'),
- dependencies=dict(default=[], type='list'),
priority=dict(default='avg', type='str'),
- debug=dict(default=False, type='bool'),
+ url=dict(default=None, type='str'),
+ status=dict(default=None, type='str'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
#Set the instance and the template for the rest of the calls
- zbx_class_name = 'trigger'
+ zbx_class_name = 'triggerprototype'
idname = "triggerid"
state = module.params['state']
- description = module.params['description']
+ tname = module.params['name']
content = zapi.get_content(zbx_class_name,
'get',
- {'search': {'description': description},
+ {'filter': {'description': tname},
'expandExpression': True,
'selectDependencies': 'triggerid',
})
+
+ # Get
if state == 'list':
module.exit_json(changed=False, results=content['result'], state="list")
+ # Delete
if state == 'absent':
if not exists(content):
module.exit_json(changed=False, state="absent")
content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
module.exit_json(changed=True, results=content['result'], state="absent")
+ # Create and Update
if state == 'present':
- params = {'description': description,
+ params = {'description': tname,
+ 'comments': module.params['description'],
'expression': module.params['expression'],
- 'dependencies': get_deps(zapi, module.params['dependencies']),
'priority': get_priority(module.params['priority']),
+ 'url': module.params['url'],
+ 'status': get_trigger_status(module.params['status']),
}
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
+ #******#
+ # CREATE
+ #******#
if not exists(content):
# if we didn't find it, create it
content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=True, results=content['error'], state="present")
+
module.exit_json(changed=True, results=content['result'], state='present')
- # already exists, we need to update it
- # let's compare properties
+
+ ########
+ # UPDATE
+ ########
differences = {}
zab_results = content['result'][0]
for key, value in params.items():
diff --git a/roles/os_zabbix/library/zbx_user.py b/roles/lib_zabbix/library/zbx_user.py
index 489023407..62c85c1bf 100644
--- a/roles/os_zabbix/library/zbx_user.py
+++ b/roles/lib_zabbix/library/zbx_user.py
@@ -54,7 +54,30 @@ def get_usergroups(zapi, usergroups):
if content['result']:
ugroups.append({'usrgrpid': content['result'][0]['usrgrpid']})
- return ugroups
+ return ugroups or None
+
+def get_passwd(passwd):
+ '''Determine if password is set, if not, return 'zabbix'
+ '''
+ if passwd:
+ return passwd
+
+ return 'zabbix'
+
+def get_usertype(user_type):
+ '''
+ Determine zabbix user account type
+ '''
+ if not user_type:
+ return None
+
+ utype = 1
+ if 'super' in user_type:
+ utype = 3
+ elif 'admin' in user_type or user_type == 'admin':
+ utype = 2
+
+ return utype
def main():
'''
@@ -65,63 +88,84 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ login=dict(default=None, type='str'),
+ first_name=dict(default=None, type='str'),
+ last_name=dict(default=None, type='str'),
+ user_type=dict(default=None, type='str'),
password=dict(default=None, type='str'),
- alias=dict(default=None, type='str'),
- passwd=dict(default=None, type='str'),
- usergroups=dict(default=None, type='list'),
- debug=dict(default=False, type='bool'),
+ update_password=dict(default=False, type='bool'),
+ user_groups=dict(default=[], type='list'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- password = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zbc = ZabbixConnection(module.params['server'], user, password, module.params['debug'])
- zapi = ZabbixAPI(zbc)
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
## before we can create a user media and users with media types we need media
zbx_class_name = 'user'
idname = "userid"
- alias = module.params['alias']
state = module.params['state']
content = zapi.get_content(zbx_class_name,
'get',
{'output': 'extend',
- 'search': {'alias': alias},
+ 'search': {'alias': module.params['login']},
"selectUsrgrps": 'usergrpid',
})
if state == 'list':
module.exit_json(changed=False, results=content['result'], state="list")
if state == 'absent':
- if not exists(content):
+ if not exists(content) or len(content['result']) == 0:
module.exit_json(changed=False, state="absent")
content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
module.exit_json(changed=True, results=content['result'], state="absent")
if state == 'present':
- params = {'alias': alias,
- 'passwd': module.params['passwd'],
- 'usrgrps': get_usergroups(zapi, module.params['usergroups']),
+
+ params = {'alias': module.params['login'],
+ 'passwd': get_passwd(module.params['password']),
+ 'usrgrps': get_usergroups(zapi, module.params['user_groups']),
+ 'name': module.params['first_name'],
+ 'surname': module.params['last_name'],
+ 'type': get_usertype(module.params['user_type']),
}
+ # Remove any None valued params
+ _ = [params.pop(key, None) for key in params.keys() if params[key] is None]
+
if not exists(content):
# if we didn't find it, create it
content = zapi.get_content(zbx_class_name, 'create', params)
+
+ if content.has_key('Error'):
+ module.exit_json(failed=True, changed=False, results=content, state='present')
+
module.exit_json(changed=True, results=content['result'], state='present')
# already exists, we need to update it
# let's compare properties
differences = {}
+
+ # Update password
+ if not module.params['update_password']:
+ params.pop('passwd', None)
+
zab_results = content['result'][0]
for key, value in params.items():
- if key == 'passwd':
- differences[key] = value
+
+ if key == 'usrgrps':
+ # this must be done as a list of ordered dictionaries fails comparison
+ if not all([_ in value for _ in zab_results[key]]):
+ differences[key] = value
elif zab_results[key] != value and zab_results[key] != str(value):
differences[key] = value
diff --git a/roles/lib_zabbix/library/zbx_user_media.py b/roles/lib_zabbix/library/zbx_user_media.py
new file mode 100644
index 000000000..8895c78c3
--- /dev/null
+++ b/roles/lib_zabbix/library/zbx_user_media.py
@@ -0,0 +1,283 @@
+#!/usr/bin/env python
+'''
+ Ansible module for user media
+'''
+# vim: expandtab:tabstop=4:shiftwidth=4
+#
+# Zabbix user media ansible module
+#
+#
+# Copyright 2015 Red Hat Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# This is in place because each module looks similar to each other.
+# These need duplicate code as their behavior is very similar
+# but different for each zabbix class.
+# pylint: disable=duplicate-code
+
+# pylint: disable=import-error
+from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection
+
+def exists(content, key='result'):
+ ''' Check if key exists in content or the size of content[key] > 0
+ '''
+ if not content.has_key(key):
+ return False
+
+ if not content[key]:
+ return False
+
+ return True
+
+def get_mtype(zapi, mtype):
+ '''Get mediatype
+
+ If passed an int, return it as the mediatypeid
+ if its a string, then try to fetch through a description
+ '''
+ if isinstance(mtype, int):
+ return mtype
+ try:
+ return int(mtype)
+ except ValueError:
+ pass
+
+ content = zapi.get_content('mediatype', 'get', {'filter': {'description': mtype}})
+ if content.has_key('result') and content['result']:
+ return content['result'][0]['mediatypeid']
+
+ return None
+
+def get_user(zapi, user):
+ ''' Get userids from user aliases
+ '''
+ content = zapi.get_content('user', 'get', {'filter': {'alias': user}})
+ if content['result']:
+ return content['result'][0]
+
+ return None
+
+def get_severity(severity):
+ ''' determine severity
+ '''
+ if isinstance(severity, int) or \
+ isinstance(severity, str):
+ return severity
+
+ val = 0
+ sev_map = {
+ 'not': 2**0,
+ 'inf': 2**1,
+ 'war': 2**2,
+ 'ave': 2**3,
+ 'avg': 2**3,
+ 'hig': 2**4,
+ 'dis': 2**5,
+ }
+ for level in severity:
+ val |= sev_map[level[:3].lower()]
+ return val
+
+def get_zbx_user_query_data(zapi, user_name):
+ ''' If name exists, retrieve it, and build query params.
+ '''
+ query = {}
+ if user_name:
+ zbx_user = get_user(zapi, user_name)
+ query = {'userid': zbx_user['userid']}
+
+ return query
+
+def find_media(medias, user_media):
+ ''' Find the user media in the list of medias
+ '''
+ for media in medias:
+ if all([media[key] == str(user_media[key]) for key in user_media.keys()]):
+ return media
+ return None
+
+def get_active(is_active):
+ '''Determine active value
+ 0 - enabled
+ 1 - disabled
+ '''
+ active = 1
+ if is_active:
+ active = 0
+
+ return active
+
+def get_mediatype(zapi, mediatype, mediatype_desc):
+ ''' Determine mediatypeid
+ '''
+ mtypeid = None
+ if mediatype:
+ mtypeid = get_mtype(zapi, mediatype)
+ elif mediatype_desc:
+ mtypeid = get_mtype(zapi, mediatype_desc)
+
+ return mtypeid
+
+def preprocess_medias(zapi, medias):
+ ''' Insert the correct information when processing medias '''
+ for media in medias:
+ # Fetch the mediatypeid from the media desc (name)
+ if media.has_key('mediatype'):
+ media['mediatypeid'] = get_mediatype(zapi, mediatype=None, mediatype_desc=media.pop('mediatype'))
+
+ media['active'] = get_active(media.get('active'))
+ media['severity'] = int(get_severity(media['severity']))
+
+ return medias
+
+# Disabling branching as the logic requires branches.
+# I've also added a few safeguards which required more branches.
+# pylint: disable=too-many-branches
+def main():
+ '''
+ Ansible zabbix module for mediatype
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ login=dict(default=None, type='str'),
+ active=dict(default=False, type='bool'),
+ medias=dict(default=None, type='list'),
+ mediaid=dict(default=None, type='int'),
+ mediatype=dict(default=None, type='str'),
+ mediatype_desc=dict(default=None, type='str'),
+ #d-d,hh:mm-hh:mm;d-d,hh:mm-hh:mm...
+ period=dict(default=None, type='str'),
+ sendto=dict(default=None, type='str'),
+ severity=dict(default=None, type='str'),
+ state=dict(default='present', type='str'),
+ ),
+ #supports_check_mode=True
+ )
+
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
+
+ #Set the instance and the template for the rest of the calls
+ zbx_class_name = 'user'
+ idname = "mediaid"
+ state = module.params['state']
+
+ # User media is fetched through the usermedia.get
+ zbx_user_query = get_zbx_user_query_data(zapi, module.params['login'])
+ content = zapi.get_content('usermedia', 'get',
+ {'userids': [uid for user, uid in zbx_user_query.items()]})
+ #####
+ # Get
+ #####
+ if state == 'list':
+ module.exit_json(changed=False, results=content['result'], state="list")
+
+ ########
+ # Delete
+ ########
+ if state == 'absent':
+ if not exists(content) or len(content['result']) == 0:
+ module.exit_json(changed=False, state="absent")
+
+ if not module.params['login']:
+ module.exit_json(failed=True, changed=False, results='Must specifiy a user login.', state="absent")
+
+ content = zapi.get_content(zbx_class_name, 'deletemedia', [res[idname] for res in content['result']])
+
+ if content.has_key('error'):
+ module.exit_json(changed=False, results=content['error'], state="absent")
+
+ module.exit_json(changed=True, results=content['result'], state="absent")
+
+ # Create and Update
+ if state == 'present':
+ active = get_active(module.params['active'])
+ mtypeid = get_mediatype(zapi, module.params['mediatype'], module.params['mediatype_desc'])
+
+ medias = module.params['medias']
+ if medias == None:
+ medias = [{'mediatypeid': mtypeid,
+ 'sendto': module.params['sendto'],
+ 'active': active,
+ 'severity': int(get_severity(module.params['severity'])),
+ 'period': module.params['period'],
+ }]
+ else:
+ medias = preprocess_medias(zapi, medias)
+
+ params = {'users': [zbx_user_query],
+ 'medias': medias,
+ 'output': 'extend',
+ }
+
+ ########
+ # Create
+ ########
+ if not exists(content):
+ if not params['medias']:
+ module.exit_json(changed=False, results=content['result'], state='present')
+
+ # if we didn't find it, create it
+ content = zapi.get_content(zbx_class_name, 'addmedia', params)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state='present')
+
+ # mediaid signifies an update
+ # If user params exists, check to see if they already exist in zabbix
+ # if they exist, then return as no update
+ # elif they do not exist, then take user params only
+ ########
+ # Update
+ ########
+ diff = {'medias': [], 'users': {}}
+ _ = [diff['medias'].append(media) for media in params['medias'] if not find_media(content['result'], media)]
+
+ if not diff['medias']:
+ module.exit_json(changed=False, results=content['result'], state="present")
+
+ for user in params['users']:
+ diff['users']['userid'] = user['userid']
+
+ # Medias have no real unique key so therefore we need to make it like the incoming user's request
+ diff['medias'] = medias
+
+ # We have differences and need to update
+ content = zapi.get_content(zbx_class_name, 'updatemedia', diff)
+
+ if content.has_key('error'):
+ module.exit_json(failed=True, changed=False, results=content['error'], state="present")
+
+ module.exit_json(changed=True, results=content['result'], state="present")
+
+ module.exit_json(failed=True,
+ changed=False,
+ results='Unknown state passed. %s' % state,
+ state="unknown")
+
+# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
+# import module snippets. This are required
+from ansible.module_utils.basic import *
+
+main()
diff --git a/roles/os_zabbix/library/zbx_usergroup.py b/roles/lib_zabbix/library/zbx_usergroup.py
index ede4c9df1..297d8ef91 100644
--- a/roles/os_zabbix/library/zbx_usergroup.py
+++ b/roles/lib_zabbix/library/zbx_usergroup.py
@@ -44,6 +44,9 @@ def exists(content, key='result'):
def get_rights(zapi, rights):
'''Get rights
'''
+ if rights == None:
+ return None
+
perms = []
for right in rights:
hstgrp = right.keys()[0]
@@ -59,16 +62,49 @@ def get_rights(zapi, rights):
'permission': permission})
return perms
-def get_userids(zapi, users):
- ''' Get userids from user aliases
+def get_gui_access(access):
+ ''' Return the gui_access for a usergroup
'''
- userids = []
- for alias in users:
- content = zapi.get_content('user', 'get', {'search': {'alias': alias}})
- if content['result']:
- userids.append(content['result'][0]['userid'])
+ access = access.lower()
+ if access == 'internal':
+ return 1
+ elif access == 'disabled':
+ return 2
+
+ return 0
+
+def get_debug_mode(mode):
+ ''' Return the debug_mode for a usergroup
+ '''
+ mode = mode.lower()
+ if mode == 'enabled':
+ return 1
+
+ return 0
+
+def get_user_status(status):
+ ''' Return the user_status for a usergroup
+ '''
+ status = status.lower()
+ if status == 'enabled':
+ return 0
- return userids
+ return 1
+
+
+#def get_userids(zapi, users):
+# ''' Get userids from user aliases
+# '''
+# if not users:
+# return None
+#
+# userids = []
+# for alias in users:
+# content = zapi.get_content('user', 'get', {'search': {'alias': alias}})
+# if content['result']:
+# userids.append(content['result'][0]['userid'])
+#
+# return userids
def main():
''' Ansible module for usergroup
@@ -78,22 +114,25 @@ def main():
module = AnsibleModule(
argument_spec=dict(
- server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
- user=dict(default=None, type='str'),
- password=dict(default=None, type='str'),
- name=dict(default=None, type='str'),
- rights=dict(default=[], type='list'),
- users=dict(default=[], type='list'),
- debug=dict(default=False, type='bool'),
+ zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'),
+ zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'),
+ zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'),
+ zbx_debug=dict(default=False, type='bool'),
+ debug_mode=dict(default='disabled', type='str'),
+ gui_access=dict(default='default', type='str'),
+ status=dict(default='enabled', type='str'),
+ name=dict(default=None, type='str', required=True),
+ rights=dict(default=None, type='list'),
+ #users=dict(default=None, type='list'),
state=dict(default='present', type='str'),
),
#supports_check_mode=True
)
- user = module.params.get('user', os.environ['ZABBIX_USER'])
- passwd = module.params.get('password', os.environ['ZABBIX_PASSWORD'])
-
- zapi = ZabbixAPI(ZabbixConnection(module.params['server'], user, passwd, module.params['debug']))
+ zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'],
+ module.params['zbx_user'],
+ module.params['zbx_password'],
+ module.params['zbx_debug']))
zbx_class_name = 'usergroup'
idname = "usrgrpid"
@@ -112,15 +151,24 @@ def main():
if not exists(content):
module.exit_json(changed=False, state="absent")
+ if not uname:
+ module.exit_json(failed=True, changed=False, results='Need to pass in a user.', state="error")
+
content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0][idname]])
module.exit_json(changed=True, results=content['result'], state="absent")
if state == 'present':
+
params = {'name': uname,
'rights': get_rights(zapi, module.params['rights']),
- 'userids': get_userids(zapi, module.params['users']),
+ 'users_status': get_user_status(module.params['status']),
+ 'gui_access': get_gui_access(module.params['gui_access']),
+ 'debug_mode': get_debug_mode(module.params['debug_mode']),
+ #'userids': get_userids(zapi, module.params['users']),
}
+ _ = [params.pop(key, None) for key in params.keys() if params[key] == None]
+
if not exists(content):
# if we didn't find it, create it
content = zapi.get_content(zbx_class_name, 'create', params)
@@ -133,9 +181,9 @@ def main():
if key == 'rights':
differences['rights'] = value
- elif key == 'userids' and zab_results.has_key('users'):
- if zab_results['users'] != value:
- differences['userids'] = value
+ #elif key == 'userids' and zab_results.has_key('users'):
+ #if zab_results['users'] != value:
+ #differences['userids'] = value
elif zab_results[key] != value and zab_results[key] != str(value):
differences[key] = value
diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml
new file mode 100644
index 000000000..d5168a9f4
--- /dev/null
+++ b/roles/lib_zabbix/tasks/create_template.yml
@@ -0,0 +1,101 @@
+---
+- name: Template Create Template
+ zbx_template:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ template.name }}"
+ register: created_template
+
+
+- set_fact:
+ lzbx_item_applications: "{{ template.zitems | default([], True) | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}"
+ lzbx_itemprototype_applications: "{{ template.zitemprototypes | default([], True) | oo_select_keys_from_list(['applications']) | oo_flatten | unique }}"
+
+- name: Create Application
+ zbx_application:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ item }}"
+ template_name: "{{ template.name }}"
+ with_items:
+ - "{{ lzbx_item_applications }}"
+ - "{{ lzbx_itemprototype_applications }}"
+ register: created_application
+ when: template.zitems is defined or template.zitemprototypes is defined
+
+- name: Create Items
+ zbx_item:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ key: "{{ item.key }}"
+ name: "{{ item.name | default(item.key, true) }}"
+ value_type: "{{ item.value_type | default('int') }}"
+ description: "{{ item.description | default('', True) }}"
+ multiplier: "{{ item.multiplier | default('', True) }}"
+ units: "{{ item.units | default('', True) }}"
+ template_name: "{{ template.name }}"
+ applications: "{{ item.applications }}"
+ zabbix_type: "{{ item.zabbix_type | default(2, True) }}"
+ interval: "{{ item.interval | default(60, True) }}"
+ delta: "{{ item.delta | default(0, True) }}"
+ with_items: template.zitems
+ register: created_items
+ when: template.zitems is defined
+
+- name: Create Triggers
+ zbx_trigger:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ item.name }}"
+ description: "{{ item.description | default('', True) }}"
+ dependencies: "{{ item.dependencies | default([], True) }}"
+ expression: "{{ item.expression }}"
+ priority: "{{ item.priority }}"
+ url: "{{ item.url | default(None, True) }}"
+ with_items: template.ztriggers
+ when: template.ztriggers is defined
+
+- name: Create Discoveryrules
+ zbx_discoveryrule:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ item.name }}"
+ key: "{{ item.key }}"
+ lifetime: "{{ item.lifetime }}"
+ template_name: "{{ template.name }}"
+ description: "{{ item.description | default('', True) }}"
+ with_items: template.zdiscoveryrules
+ when: template.zdiscoveryrules is defined
+
+- name: Create Item Prototypes
+ zbx_itemprototype:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ item.name }}"
+ key: "{{ item.key }}"
+ discoveryrule_key: "{{ item.discoveryrule_key }}"
+ value_type: "{{ item.value_type }}"
+ template_name: "{{ template.name }}"
+ applications: "{{ item.applications }}"
+ description: "{{ item.description | default('', True) }}"
+ with_items: template.zitemprototypes
+ when: template.zitemprototypes is defined
+
+- name: Create Trigger Prototypes
+ zbx_triggerprototype:
+ zbx_server: "{{ server }}"
+ zbx_user: "{{ user }}"
+ zbx_password: "{{ password }}"
+ name: "{{ item.name }}"
+ expression: "{{ item.expression }}"
+ url: "{{ item.url | default('', True) }}"
+ priority: "{{ item.priority | default('average', True) }}"
+ description: "{{ item.description | default('', True) }}"
+ with_items: template.ztriggerprototypes
+ when: template.ztriggerprototypes is defined
diff --git a/roles/lib_zabbix/tasks/create_user.yml b/roles/lib_zabbix/tasks/create_user.yml
new file mode 100644
index 000000000..1f752a9e1
--- /dev/null
+++ b/roles/lib_zabbix/tasks/create_user.yml
@@ -0,0 +1,11 @@
+---
+- name: Update zabbix credentialss for a user
+ zbx_user:
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+ alias: "{{ ozb_username }}"
+ passwd: "{{ ozb_new_password | default(ozb_password, true) }}"
+ register: user
+
+- debug: var=user.results
diff --git a/roles/nickhammond.logrotate/.travis.yml b/roles/nickhammond.logrotate/.travis.yml
new file mode 100644
index 000000000..161023def
--- /dev/null
+++ b/roles/nickhammond.logrotate/.travis.yml
@@ -0,0 +1,14 @@
+---
+language: python
+python: "2.7"
+before_install:
+ - sudo apt-get update -qq
+ - sudo apt-get install -qq python-apt python-pycurl
+install:
+ - pip install ansible
+script:
+ - "printf '[defaults]\nroles_path = ../' > ansible.cfg"
+ - ansible-playbook -i tests/inventory --syntax-check tests/test.yml
+ - ansible-playbook -i tests/inventory --connection=local --sudo -vvvv tests/test.yml
+notifications:
+ email: false
diff --git a/roles/nickhammond.logrotate/README.md b/roles/nickhammond.logrotate/README.md
new file mode 100644
index 000000000..602b5ef6c
--- /dev/null
+++ b/roles/nickhammond.logrotate/README.md
@@ -0,0 +1,71 @@
+[![Build Status](https://travis-ci.org/nickhammond/ansible-logrotate.svg?branch=master)](https://travis-ci.org/nickhammond/ansible-logrotate)
+
+Role Name
+========
+
+Installs logrotate and provides an easy way to setup additional logrotate scripts by specifying a list of directives.
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+**logrotate_scripts**: A list of logrotate scripts and the directives to use for the rotation.
+
+* name - The name of the script that goes into /etc/logrotate.d/
+* path - Path to point logrotate to for the log rotation
+* options - List of directives for logrotate, view the logrotate man page for specifics
+* scripts - Dict of scripts for logrotate (see Example below)
+
+```
+logrotate_scripts:
+ - name: rails
+ path: "/srv/current/log/*.log"
+ options:
+ - weekly
+ - size 25M
+ - missingok
+ - compress
+ - delaycompress
+ - copytruncate
+```
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+-------------------------
+
+Setting up logrotate for additional Nginx logs, with postrotate script.
+
+```
+logrotate_scripts:
+ - name: nginx
+ path: /var/log/nginx/*.log
+ options:
+ - weekly
+ - size 25M
+ - rotate 7
+ - missingok
+ - compress
+ - delaycompress
+ - copytruncate
+ scripts:
+ postrotate: "[ -s /run/nginx.pid ] && kill USR1 `cat /run/nginx.pid`"
+
+```
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Find [Nick Hammond]( http://www.nickhammond.com ) on [Twitter](http://twitter.com/nickhammond).
diff --git a/roles/nickhammond.logrotate/meta/.galaxy_install_info b/roles/nickhammond.logrotate/meta/.galaxy_install_info
new file mode 100644
index 000000000..0d76708c9
--- /dev/null
+++ b/roles/nickhammond.logrotate/meta/.galaxy_install_info
@@ -0,0 +1 @@
+{install_date: 'Thu Aug 27 15:26:31 2015', version: master}
diff --git a/roles/nickhammond.logrotate/meta/main.yml b/roles/nickhammond.logrotate/meta/main.yml
new file mode 100644
index 000000000..1717b6d3d
--- /dev/null
+++ b/roles/nickhammond.logrotate/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Nick Hammond
+ description: Role to configure logrotate scripts
+ license: BSD
+ min_ansible_version: 1.5
+ platforms:
+ - name: Ubuntu
+ versions:
+ - lucid
+ - precise
+ - trusty
+ categories:
+ - system
+dependencies: []
diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml
new file mode 100644
index 000000000..fda23e05e
--- /dev/null
+++ b/roles/nickhammond.logrotate/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: nickhammond.logrotate | Install logrotate
+ action: "{{ansible_pkg_mgr}} pkg=logrotate state=present"
+
+- name: nickhammond.logrotate | Setup logrotate.d scripts
+ template:
+ src: logrotate.d.j2
+ dest: /etc/logrotate.d/{{ item.name }}
+ with_items: logrotate_scripts
+ when: logrotate_scripts is defined
diff --git a/roles/nickhammond.logrotate/templates/logrotate.d.j2 b/roles/nickhammond.logrotate/templates/logrotate.d.j2
new file mode 100644
index 000000000..6453be6b2
--- /dev/null
+++ b/roles/nickhammond.logrotate/templates/logrotate.d.j2
@@ -0,0 +1,16 @@
+# {{ ansible_managed }}
+
+{{ item.path }} {
+ {% if item.options is defined -%}
+ {% for option in item.options -%}
+ {{ option }}
+ {% endfor -%}
+ {% endif %}
+ {%- if item.scripts is defined -%}
+ {%- for name, script in item.scripts.iteritems() -%}
+ {{ name }}
+ {{ script }}
+ endscript
+ {% endfor -%}
+ {% endif -%}
+}
diff --git a/roles/nickhammond.logrotate/tests/inventory b/roles/nickhammond.logrotate/tests/inventory
new file mode 100644
index 000000000..2fbb50c4a
--- /dev/null
+++ b/roles/nickhammond.logrotate/tests/inventory
@@ -0,0 +1 @@
+localhost
diff --git a/roles/nickhammond.logrotate/tests/test.yml b/roles/nickhammond.logrotate/tests/test.yml
new file mode 100644
index 000000000..e806b0a02
--- /dev/null
+++ b/roles/nickhammond.logrotate/tests/test.yml
@@ -0,0 +1,18 @@
+---
+- hosts: all
+ sudo: True
+ roles:
+ - ansible-logrotate
+ - role: ansible-logrotate
+ logrotate_scripts:
+ - name: nginx-options
+ path: /var/log/nginx/options.log
+ options:
+ - daily
+
+ - role: ansible-logrotate
+ logrotate_scripts:
+ - name: nginx-scripts
+ path: /var/log/nginx/scripts.log
+ scripts:
+ postrotate: "echo test"
diff --git a/roles/openshift_cluster_metrics/README.md b/roles/openshift_cluster_metrics/README.md
new file mode 100644
index 000000000..9fdfab8e3
--- /dev/null
+++ b/roles/openshift_cluster_metrics/README.md
@@ -0,0 +1,36 @@
+#openshift_cluster_metrics
+
+This role configures Cluster wide metrics. It does setting up three services:
+* Metrics are stored in InfluxDB for querying.
+* Heapster reads all nodes and pods from the master, then connects to eachs node's kubelet to retrieve pod metrics.
+* Grafan allows users to create dashboards of metrics from InfluxDB
+
+## Requirements
+
+Running OpenShift cluster
+
+## Role Variables
+
+```
+# Enable cluster metrics
+use_cluster_metrics=true
+```
+
+## Dependencies
+
+None
+
+## Example Playbook
+
+TODO
+
+## Security Note
+Opening up the read-only port exposes information about the running pods (such as namespace, pod name, labels, etc.) to unauthenticated clients. The requirement to open up this read-only port will be fixed in future versions.
+
+##License
+
+Apache License, Version 2.0
+
+## Author Information
+
+Diego Castro (diego.castro@getupcloud.com)
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml
new file mode 100644
index 000000000..bff422efc
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml
@@ -0,0 +1,53 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "Service"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ name: "grafana"
+ spec:
+ ports:
+ -
+ port: 80
+ targetPort: "http"
+ selector:
+ provider: "fabric8"
+ component: "grafana"
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ name: "grafana"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "grafana"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ spec:
+ containers:
+ -
+ env:
+ -
+ name: "INFLUXDB_SERVICE_NAME"
+ value: "INFLUXDB_MONITORING"
+ -
+ name: "GRAFANA_DEFAULT_DASHBOARD"
+ value: "/dashboard/file/kubernetes.json"
+ image: "fabric8/grafana:1.9.1_2"
+ name: "grafana"
+ ports:
+ -
+ containerPort: 3000
+ name: "http" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml
new file mode 100644
index 000000000..1de2ad699
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: heapster \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml
new file mode 100644
index 000000000..83e314074
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml
@@ -0,0 +1,30 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "heapster"
+ name: "heapster"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "heapster"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "heapster"
+ spec:
+ containers:
+ -
+ args:
+ - "-source=kubernetes:https://kubernetes.default.svc.cluster.local?auth=&insecure=true&useServiceAccount=true"
+ - "-sink=influxdb:http://influxdb-monitoring.default.svc.cluster.local:8086"
+ image: "kubernetes/heapster:V0.14.2"
+ name: "heapster"
+ serviceAccount: "heapster" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml
new file mode 100644
index 000000000..6f67c3d7c
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml
@@ -0,0 +1,67 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "Service"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ name: "influxdb-monitoring"
+ spec:
+ ports:
+ -
+ port: 8086
+ targetPort: "http"
+ selector:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ name: "influxdb-monitoring"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ spec:
+ containers:
+ -
+ env:
+ -
+ name: "PRE_CREATE_DB"
+ value: "k8s;grafana"
+ image: "fabric8/influxdb:0.8.8"
+ name: "influxdb"
+ ports:
+ -
+ containerPort: 8090
+ name: "raft"
+ -
+ containerPort: 8099
+ name: "protobuf"
+ -
+ containerPort: 8083
+ name: "admin"
+ -
+ containerPort: 8086
+ name: "http"
+ volumeMounts:
+ -
+ mountPath: "/data"
+ name: "influxdb-data"
+ volumes:
+ -
+ emptyDir:
+ name: "influxdb-data" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/tasks/main.yml b/roles/openshift_cluster_metrics/tasks/main.yml
new file mode 100644
index 000000000..3938aba4c
--- /dev/null
+++ b/roles/openshift_cluster_metrics/tasks/main.yml
@@ -0,0 +1,50 @@
+---
+
+- name: Install cluster metrics templates
+ copy:
+ src: cluster-metrics
+ dest: /etc/openshift/
+
+- name: Create InfluxDB Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/influxdb.yaml
+ register: oex_influxdb_services
+ failed_when: "'already exists' not in oex_influxdb_services.stderr and oex_influxdb_services.rc != 0"
+ changed_when: false
+
+- name: Create Heapster Service Account
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/heapster-serviceaccount.yaml
+ register: oex_heapster_serviceaccount
+ failed_when: "'already exists' not in oex_heapster_serviceaccount.stderr and oex_heapster_serviceaccount.rc != 0"
+ changed_when: false
+
+- name: Add cluster-reader role to Heapster
+ command: >
+ {{ openshift.common.admin_binary }} policy
+ add-cluster-role-to-user
+ cluster-reader
+ system:serviceaccount:default:heapster
+ register: oex_cluster_header_role
+ register: oex_cluster_header_role
+ failed_when: "'already exists' not in oex_cluster_header_role.stderr and oex_cluster_header_role.rc != 0"
+ changed_when: false
+
+- name: Create Heapster Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/heapster.yaml
+ register: oex_heapster_services
+ failed_when: "'already exists' not in oex_heapster_services.stderr and oex_heapster_services.rc != 0"
+ changed_when: false
+
+- name: Create Grafana Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/grafana.yaml
+ register: oex_grafana_services
+ failed_when: "'already exists' not in oex_grafana_services.stderr and oex_grafana_services.rc != 0"
+ changed_when: false
+
diff --git a/roles/openshift_common/README.md b/roles/openshift_common/README.md
index 1eb04626f..87306d4a6 100644
--- a/roles/openshift_common/README.md
+++ b/roles/openshift_common/README.md
@@ -15,7 +15,7 @@ Role Variables
| Name | Default value | |
|---------------------------|-------------------|---------------------------------------------|
| openshift_cluster_id | default | Cluster name if multiple OpenShift clusters |
-| openshift_debug_level | 0 | Global openshift debug log verbosity |
+| openshift_debug_level | 2 | Global openshift debug log verbosity |
| openshift_hostname | UNDEF | Internal hostname to use for this host (this value will set the hostname on the system) |
| openshift_ip | UNDEF | Internal IP address to use for this host |
| openshift_public_hostname | UNDEF | Public hostname to use for this host |
diff --git a/roles/openshift_common/defaults/main.yml b/roles/openshift_common/defaults/main.yml
index 4d3e0fe9e..267c03605 100644
--- a/roles/openshift_common/defaults/main.yml
+++ b/roles/openshift_common/defaults/main.yml
@@ -1,3 +1,3 @@
---
openshift_cluster_id: 'default'
-openshift_debug_level: 0
+openshift_debug_level: 2
diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml
index a7c565067..73bd28630 100644
--- a/roles/openshift_common/tasks/main.yml
+++ b/roles/openshift_common/tasks/main.yml
@@ -1,10 +1,10 @@
---
-- name: Set common OpenShift facts
+- name: Set common Cluster facts
openshift_facts:
role: common
local_facts:
cluster_id: "{{ openshift_cluster_id | default('default') }}"
- debug_level: "{{ openshift_debug_level | default(0) }}"
+ debug_level: "{{ openshift_debug_level | default(2) }}"
hostname: "{{ openshift_hostname | default(None) }}"
ip: "{{ openshift_ip | default(None) }}"
public_hostname: "{{ openshift_public_hostname | default(None) }}"
@@ -12,6 +12,7 @@
use_openshift_sdn: "{{ openshift_use_openshift_sdn | default(None) }}"
sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}"
deployment_type: "{{ openshift_deployment_type }}"
+ use_fluentd: "{{ openshift_use_fluentd | default(None) }}"
- name: Set hostname
hostname: name={{ openshift.common.hostname }}
diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml
index 8e7d71154..50816d319 100644
--- a/roles/openshift_common/vars/main.yml
+++ b/roles/openshift_common/vars/main.yml
@@ -5,5 +5,3 @@
# chains with the public zone (or the zone associated with the correct
# interfaces)
os_firewall_use_firewalld: False
-
-openshift_data_dir: /var/lib/openshift
diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml
index 3246790aa..2043985ec 100644
--- a/roles/openshift_examples/defaults/main.yml
+++ b/roles/openshift_examples/defaults/main.yml
@@ -1,9 +1,9 @@
---
# By default install rhel and xpaas streams on enterprise installs
-openshift_examples_load_centos: "{{ openshift_deployment_type != 'enterprise' }}"
-openshift_examples_load_rhel: "{{ openshift_deployment_type == 'enterprise' }}"
+openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}"
+openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}"
openshift_examples_load_db_templates: true
-openshift_examples_load_xpaas: "{{ openshift_deployment_type == 'enterprise' }}"
+openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}"
openshift_examples_load_quickstarts: true
examples_base: /usr/share/openshift/examples
@@ -14,3 +14,5 @@ db_templates_base: "{{ examples_base }}/db-templates"
xpaas_image_streams: "{{ examples_base }}/xpaas-streams/jboss-image-streams.json"
xpaas_templates_base: "{{ examples_base }}/xpaas-templates"
quickstarts_base: "{{ examples_base }}/quickstart-templates"
+
+openshift_examples_import_command: "create"
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index 12d3bc263..21137e31b 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -15,7 +15,7 @@ wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master
wget https://github.com/openshift/nodejs-ex/archive/master.zip -O nodejs-ex-master.zip
wget https://github.com/openshift/dancer-ex/archive/master.zip -O dancer-ex-master.zip
wget https://github.com/openshift/cakephp-ex/archive/master.zip -O cakephp-ex-master.zip
-wget https://github.com/jboss-openshift/application-templates/archive/master.zip -O application-templates-master.zip
+wget https://github.com/jboss-openshift/application-templates/archive/ose-v1.0.2.zip -O application-templates-master.zip
unzip origin-master.zip
unzip django-ex-master.zip
unzip rails-ex-master.zip
@@ -24,6 +24,7 @@ unzip dancer-ex-master.zip
unzip cakephp-ex-master.zip
unzip application-templates-master.zip
cp origin-master/examples/db-templates/* ${EXAMPLES_BASE}/db-templates/
+cp origin-master/examples/jenkins/jenkins-*template.json ${EXAMPLES_BASE}/quickstart-templates/
cp origin-master/examples/image-streams/* ${EXAMPLES_BASE}/image-streams/
cp django-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
cp rails-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
index 6252da2ec..6b90fa54e 100644
--- a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -147,30 +147,35 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mongodb"
+ "value": "mongodb",
+ "required": true
},
{
"name": "MONGODB_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MONGODB_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MONGODB_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "MONGODB_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
index c05e81e56..97b315600 100644
--- a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -164,35 +164,41 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mongodb"
+ "value": "mongodb",
+ "required": true
},
{
"name": "MONGODB_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MONGODB_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MONGODB_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "MONGODB_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
index 697a4ad68..b384a5992 100644
--- a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -143,24 +143,28 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mysql"
+ "value": "mysql",
+ "required": true
},
{
"name": "MYSQL_USER",
"description": "Username for MySQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MYSQL_PASSWORD",
"description": "Password for the MySQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MYSQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
index 33e1cebb1..6e19f48f5 100644
--- a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -160,29 +160,34 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mysql"
+ "value": "mysql",
+ "required": true
},
{
"name": "MYSQL_USER",
"description": "Username for MySQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MYSQL_PASSWORD",
"description": "Password for the MySQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MYSQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
index faf626475..60d6b8519 100644
--- a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -143,24 +143,28 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "postgresql"
+ "value": "postgresql",
+ "required": true
},
{
"name": "POSTGRESQL_USER",
"description": "Username for PostgreSQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "POSTGRESQL_PASSWORD",
"description": "Password for the PostgreSQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "POSTGRESQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
index 398e288bf..91cd7453e 100644
--- a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -160,29 +160,34 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "postgresql"
+ "value": "postgresql",
+ "required": true
},
{
"name": "POSTGRESQL_USER",
"description": "Username for PostgreSQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "POSTGRESQL_PASSWORD",
"description": "Password for the PostgreSQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "POSTGRESQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
index 459b841c1..f213d99ca 100644
--- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
@@ -1,11 +1,11 @@
{
"kind": "ImageStreamList",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {},
"items": [
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "ruby",
"creationTimestamp": null
@@ -35,7 +35,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "nodejs",
"creationTimestamp": null
@@ -65,7 +65,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "perl",
"creationTimestamp": null
@@ -95,7 +95,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "php",
"creationTimestamp": null
@@ -125,7 +125,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "python",
"creationTimestamp": null
@@ -155,25 +155,25 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "wildfly",
"creationTimestamp": null
},
"spec": {
- "dockerImageRepository": "openshift/wildfly-8-centos",
+ "dockerImageRepository": "openshift/wildfly-81-centos7",
"tags": [
{
"name": "latest"
},
{
- "name": "8",
+ "name": "8.1",
"annotations": {
- "description": "Build and run Java applications on Wildfly 8",
+ "description": "Build and run Java applications on Wildfly 8.1",
"iconClass": "icon-wildfly",
"tags": "builder,wildfly,java",
- "supports":"wildfly:8,jee,java",
- "version": "8"
+ "supports":"wildfly:8.1,jee,java",
+ "version": "8.1"
},
"from": {
"Kind": "ImageStreamTag",
@@ -185,7 +185,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql",
"creationTimestamp": null
@@ -208,7 +208,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql",
"creationTimestamp": null
@@ -231,7 +231,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb",
"creationTimestamp": null
@@ -254,19 +254,19 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "jenkins",
"creationTimestamp": null
},
"spec": {
- "dockerImageRepository": "openshift/jenkins-16-centos7",
+ "dockerImageRepository": "openshift/jenkins-1-centos7",
"tags": [
{
"name": "latest"
},
{
- "name": "1.6",
+ "name": "1",
"from": {
"Kind": "ImageStreamTag",
"Name": "latest"
diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
index a5d2e9d9f..8c125f76a 100644
--- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
@@ -1,11 +1,11 @@
{
"kind": "ImageStreamList",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {},
"items": [
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "ruby",
"creationTimestamp": null
@@ -35,7 +35,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "nodejs",
"creationTimestamp": null
@@ -65,7 +65,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "perl",
"creationTimestamp": null
@@ -95,7 +95,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "php",
"creationTimestamp": null
@@ -125,7 +125,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "python",
"creationTimestamp": null
@@ -155,7 +155,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql",
"creationTimestamp": null
@@ -178,7 +178,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql",
"creationTimestamp": null
@@ -201,7 +201,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb",
"creationTimestamp": null
@@ -221,6 +221,29 @@
}
]
}
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7",
+ "tags": [
+ {
+ "name": "latest"
+ },
+ {
+ "name": "1",
+ "from": {
+ "Kind": "ImageStreamTag",
+ "Name": "latest"
+ }
+ }
+ ]
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
index b722a05ae..deac2010f 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
@@ -264,7 +264,7 @@
"containers": [
{
"name": "mysql",
- "image": "openshift/mysql-55-centos7",
+ "image": "${MYSQL_IMAGE}",
"ports": [
{
"containerPort": 3306
@@ -307,8 +307,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the CakePHP service",
- "value": "cakephp-mysql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -343,6 +343,11 @@
"from": "[a-zA-Z0-9]{16}"
},
{
+ "name": "MYSQL_IMAGE",
+ "description": "Image to use for mysql",
+ "value": "openshift/mysql-55-centos7"
+ },
+ {
"name": "CAKEPHP_SECRET_TOKEN",
"description": "Set this to a long random string",
"generate": "expression",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
index 532b9bd2b..ec556ea13 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
@@ -215,8 +215,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the CakePHP service",
- "value": "cakephp-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
index b46abfbb5..2cbcc0889 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
@@ -162,15 +162,15 @@
},
{
"name": "MYSQL_USER",
- "value": "${MYSQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MYSQL_PASSWORD",
- "value": "${MYSQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MYSQL_DATABASE",
- "value": "${MYSQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "SECRET_KEY_BASE",
@@ -238,7 +238,7 @@
"containers": [
{
"name": "mysql",
- "image": "openshift/mysql-55-centos7",
+ "image": "${MYSQL_IMAGE}",
"ports": [
{
"containerPort": 3306
@@ -247,15 +247,15 @@
"env": [
{
"name": "MYSQL_USER",
- "value": "${MYSQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MYSQL_PASSWORD",
- "value": "${MYSQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MYSQL_DATABASE",
- "value": "${MYSQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
}
]
}
@@ -281,8 +281,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Dancer service",
- "value": "dancer-mysql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -308,23 +308,28 @@
"value": "database"
},
{
- "name": "MYSQL_USER",
+ "name": "DATABASE_USER",
"description": "database username",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "MYSQL_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "database password",
"generate": "expression",
"from": "[a-zA-Z0-9]{8}"
},
{
- "name": "MYSQL_DATABASE",
+ "name": "DATABASE_NAME",
"description": "database name",
"value": "sampledb"
},
{
+ "name": "MYSQL_IMAGE",
+ "description": "Image to use for mysql",
+ "value": "openshift/mysql-55-centos7"
+ },
+ {
"name": "SECRET_KEY_BASE",
"description": "Your secret key for verifying the integrity of signed cookies",
"generate": "expression",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
index 6f49a7d64..43271dfc5 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
@@ -181,8 +181,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Dancer service",
- "value": "dancer-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
index 64522ce76..749064e98 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
@@ -2,7 +2,7 @@
"kind": "Template",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "An example Django application with a PostgreSQL database",
"tags": "instant-app,python,django,postgresql",
@@ -10,14 +10,14 @@
}
},
"labels": {
- "template": "django-postgresql-example"
+ "template": "django-psql-example"
},
"objects": [
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Exposes and load balances the application pods"
}
@@ -31,7 +31,7 @@
}
],
"selector": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
}
},
@@ -39,13 +39,13 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
"to": {
"kind": "Service",
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
}
},
@@ -53,7 +53,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Keeps track of changes in the application image"
}
@@ -63,7 +63,7 @@
"kind": "BuildConfig",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Defines how to build the application"
}
@@ -90,7 +90,7 @@
"output": {
"to": {
"kind": "ImageStreamTag",
- "name": "django-postgresql-example:latest"
+ "name": "django-psql-example:latest"
}
},
"triggers": [
@@ -110,7 +110,7 @@
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Defines how to deploy the application server"
}
@@ -125,11 +125,11 @@
"imageChangeParams": {
"automatic": true,
"containerNames": [
- "django-postgresql-example"
+ "django-psql-example"
],
"from": {
"kind": "ImageStreamTag",
- "name": "django-postgresql-example:latest"
+ "name": "django-psql-example:latest"
}
}
},
@@ -139,20 +139,20 @@
],
"replicas": 1,
"selector": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
},
"template": {
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"labels": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
},
"spec": {
"containers": [
{
- "name": "django-postgresql-example",
- "image": "django-postgresql-example",
+ "name": "django-psql-example",
+ "image": "django-psql-example",
"ports": [
{
"containerPort": 8080
@@ -249,7 +249,7 @@
"containers": [
{
"name": "postgresql",
- "image": "openshift/postgresql-92-centos7",
+ "image": "${POSTGRESQL_IMAGE}",
"ports": [
{
"containerPort": 5432
@@ -292,8 +292,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Django service",
- "value": "django-postgresql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -328,6 +328,11 @@
"from": "[a-zA-Z0-9]{16}"
},
{
+ "name": "POSTGRESQL_IMAGE",
+ "description": "Image to use for postgresql",
+ "value": "openshift/postgresql-92-centos7"
+ },
+ {
"name": "APP_CONFIG",
"description": "Relative path to Gunicorn configuration file (optional)"
},
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django.json b/roles/openshift_examples/files/examples/quickstart-templates/django.json
index 1794d196c..143a942ab 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/django.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/django.json
@@ -211,8 +211,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Django service",
- "value": "django-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json
new file mode 100644
index 000000000..14bd032af
--- /dev/null
+++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json
@@ -0,0 +1,150 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-ephemeral",
+ "creationTimestamp": null,
+ "annotations": {
+ "description": "Jenkins service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-jenkins",
+ "tags": "database,jenkins"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 8080,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "portalIP": "",
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----",
+ "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----",
+ "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": "${JENKINS_IMAGE}",
+ "env": [
+ {
+ "name": "JENKINS_PASSWORD",
+ "value": "${JENKINS_PASSWORD}"
+ }
+ ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "description": "Jenkins service name",
+ "value": "jenkins"
+ },
+ {
+ "name": "JENKINS_IMAGE",
+ "description": "Jenkins Docker image to use",
+ "value": "openshift/jenkins-1-centos7"
+ },
+ {
+ "name": "JENKINS_PASSWORD",
+ "description": "Password for the Jenkins user",
+ "generate": "expression",
+ "value": "password"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-ephemeral-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json
new file mode 100644
index 000000000..fa31de486
--- /dev/null
+++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json
@@ -0,0 +1,173 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-persistent",
+ "creationTimestamp": null,
+ "annotations": {
+ "description": "Jenkins service, with persistent storage.",
+ "iconClass": "icon-jenkins",
+ "tags": "database,jenkins"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 8080,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "portalIP": "",
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----",
+ "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----",
+ "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": "${JENKINS_IMAGE}",
+ "env": [
+ {
+ "name": "JENKINS_PASSWORD",
+ "value": "${JENKINS_PASSWORD}"
+ }
+ ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${JENKINS_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "description": "Jenkins service name",
+ "value": "jenkins"
+ },
+ {
+ "name": "JENKINS_PASSWORD",
+ "description": "Password for the Jenkins user",
+ "generate": "expression",
+ "value": "password"
+ },
+ {
+ "name": "JENKINS_IMAGE",
+ "description": "Jenkins Docker image to use",
+ "value": "openshift/jenkins-1-centos7"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "512Mi",
+ "required": true
+ }
+ ],
+ "labels": {
+ "template": "jenkins-persistent-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
index e281feecf..017b5be19 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
@@ -165,19 +165,19 @@
},
{
"name": "MONGODB_USER",
- "value": "${MONGODB_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MONGODB_PASSWORD",
- "value": "${MONGODB_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MONGODB_DATABASE",
- "value": "${MONGODB_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "MONGODB_ADMIN_PASSWORD",
- "value": "${MONGODB_ADMIN_PASSWORD}"
+ "value": "${DATABASE_ADMIN_PASSWORD}"
}
]
}
@@ -241,7 +241,7 @@
"containers": [
{
"name": "mongodb",
- "image": "openshift/mongodb-24-centos7",
+ "image": "${MONGODB_IMAGE}",
"ports": [
{
"containerPort": 27017
@@ -250,19 +250,19 @@
"env": [
{
"name": "MONGODB_USER",
- "value": "${MONGODB_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MONGODB_PASSWORD",
- "value": "${MONGODB_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MONGODB_DATABASE",
- "value": "${MONGODB_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "MONGODB_ADMIN_PASSWORD",
- "value": "${MONGODB_ADMIN_PASSWORD}"
+ "value": "${DATABASE_ADMIN_PASSWORD}"
}
]
}
@@ -288,8 +288,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Node.js service",
- "value": "nodejs-mongodb-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -303,27 +303,32 @@
"value": "mongodb"
},
{
- "name": "MONGODB_USER",
+ "name": "DATABASE_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "MONGODB_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
},
{
- "name": "MONGODB_DATABASE",
+ "name": "DATABASE_NAME",
"description": "Database name",
"value": "sampledb"
},
{
- "name": "MONGODB_ADMIN_PASSWORD",
+ "name": "DATABASE_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "MONGODB_IMAGE",
+ "description": "Image to use for mongodb",
+ "value": "openshift/mongodb-24-centos7"
}
]
}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
index dd38571eb..55488ab41 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
@@ -203,8 +203,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Node.js service",
- "value": "nodejs-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
index 3b83d3f5b..b98282528 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
@@ -176,15 +176,15 @@
},
{
"name": "POSTGRESQL_USER",
- "value": "${POSTGRESQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "POSTGRESQL_PASSWORD",
- "value": "${POSTGRESQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "POSTGRESQL_DATABASE",
- "value": "${POSTGRESQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "SECRET_KEY_BASE",
@@ -213,6 +213,10 @@
{
"name": "APPLICATION_PASSWORD",
"value": "${APPLICATION_PASSWORD}"
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
}
]
}
@@ -276,7 +280,7 @@
"containers": [
{
"name": "postgresql",
- "image": "openshift/postgresql-92-centos7",
+ "image": "${POSTGRESQL_IMAGE}",
"ports": [
{
"containerPort": 5432
@@ -285,15 +289,15 @@
"env": [
{
"name": "POSTGRESQL_USER",
- "value": "${POSTGRESQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "POSTGRESQL_PASSWORD",
- "value": "${POSTGRESQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "POSTGRESQL_DATABASE",
- "value": "${POSTGRESQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "POSTGRESQL_MAX_CONNECTIONS",
@@ -327,8 +331,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Rails service",
- "value": "rails-postgresql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -353,28 +357,38 @@
"value": "secret"
},
{
+ "name": "RAILS_ENV",
+ "description": "Environment under which the sample application will run. Could be set to production, development or test",
+ "value": "production"
+ },
+ {
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
"value": "postgresql"
},
{
- "name": "POSTGRESQL_USER",
+ "name": "DATABASE_USER",
"description": "database username",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "POSTGRESQL_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "database password",
"generate": "expression",
"from": "[a-zA-Z0-9]{8}"
},
{
- "name": "POSTGRESQL_DATABASE",
+ "name": "DATABASE_NAME",
"description": "database name",
"value": "root"
},
{
+ "name": "POSTGRESQL_IMAGE",
+ "description": "Image to use for postgresql",
+ "value": "openshift/postgresql-92-centos7"
+ },
+ {
"name": "POSTGRESQL_MAX_CONNECTIONS",
"description": "database max connections",
"value": "10"
diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json
index 0497e6824..5df36ccc2 100644
--- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json
+++ b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json
@@ -6,10 +6,10 @@
"iconClass" : "icon-jboss",
"description": "Application template for EAP 6 applications built using STI."
},
- "name": "eap6-basic-sti"
+ "name": "eap6-https-sti"
},
"labels": {
- "template": "eap6-basic-sti"
+ "template": "eap6-https-sti"
},
"parameters": [
{
diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml
index bfc6dfb0a..40b7a5d6e 100644
--- a/roles/openshift_examples/tasks/main.yml
+++ b/roles/openshift_examples/tasks/main.yml
@@ -7,7 +7,7 @@
# RHEL and Centos image streams are mutually exclusive
- name: Import RHEL streams
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ rhel_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ rhel_image_streams }}
when: openshift_examples_load_rhel
register: oex_import_rhel_streams
failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0"
@@ -15,7 +15,7 @@
- name: Import Centos Image streams
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ centos_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ centos_image_streams }}
when: openshift_examples_load_centos | bool
register: oex_import_centos_streams
failed_when: "'already exists' not in oex_import_centos_streams.stderr and oex_import_centos_streams.rc != 0"
@@ -23,7 +23,7 @@
- name: Import db templates
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ db_templates_base }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ db_templates_base }}
when: openshift_examples_load_db_templates | bool
register: oex_import_db_templates
failed_when: "'already exists' not in oex_import_db_templates.stderr and oex_import_db_templates.rc != 0"
@@ -31,8 +31,8 @@
- name: Import quickstart-templates
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ quickstarts_base }}
- when: openshift_examples_load_quickstarts
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ quickstarts_base }}
+ when: openshift_examples_load_quickstarts | bool
register: oex_import_quickstarts
failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0"
changed_when: false
@@ -40,7 +40,7 @@
- name: Import xPaas image streams
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ xpaas_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_image_streams }}
when: openshift_examples_load_xpaas | bool
register: oex_import_xpaas_streams
failed_when: "'already exists' not in oex_import_xpaas_streams.stderr and oex_import_xpaas_streams.rc != 0"
@@ -48,7 +48,7 @@
- name: Import xPaas templates
command: >
- {{ openshift.common.client_binary }} create -n openshift -f {{ xpaas_templates_base }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_templates_base }}
when: openshift_examples_load_xpaas | bool
register: oex_import_xpaas_templates
failed_when: "'already exists' not in oex_import_xpaas_templates.stderr and oex_import_xpaas_templates.rc != 0"
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 97a839e8e..fff42be8a 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1,12 +1,16 @@
#!/usr/bin/python
+# pylint: disable=too-many-lines
# -*- coding: utf-8 -*-
# vim: expandtab:tabstop=4:shiftwidth=4
+# Reason: Disable pylint too-many-lines because we don't want to split up this file.
+# Status: Permanently disabled to keep this module as self-contained as possible.
+
"""Ansible module for retrieving and setting openshift related facts"""
DOCUMENTATION = '''
---
module: openshift_facts
-short_description: OpenShift Facts
+short_description: Cluster Facts
author: Jason DeTiberus
requirements: [ ]
'''
@@ -16,6 +20,7 @@ EXAMPLES = '''
import ConfigParser
import copy
import os
+from distutils.util import strtobool
def hostname_valid(hostname):
@@ -283,44 +288,78 @@ def normalize_provider_facts(provider, metadata):
facts = normalize_openstack_facts(metadata, facts)
return facts
-def set_registry_url_if_unset(facts):
- """ Set registry_url fact if not already present in facts dict
+def set_fluentd_facts_if_unset(facts):
+ """ Set fluentd facts if not already present in facts dict
+ dict: the facts dict updated with the generated fluentd facts if
+ missing
+ Args:
+ facts (dict): existing facts
+ Returns:
+ dict: the facts dict updated with the generated fluentd
+ facts if they were not already present
+
+ """
+ if 'common' in facts:
+ if 'use_fluentd' not in facts['common']:
+ use_fluentd = False
+ facts['common']['use_fluentd'] = use_fluentd
+ return facts
+
+def set_node_schedulability(facts):
+ """ Set schedulable facts if not already present in facts dict
+ Args:
+ facts (dict): existing facts
+ Returns:
+ dict: the facts dict updated with the generated schedulable
+ facts if they were not already present
+
+ """
+ if 'node' in facts:
+ if 'schedulable' not in facts['node']:
+ if 'master' in facts:
+ facts['node']['schedulable'] = False
+ else:
+ facts['node']['schedulable'] = True
+ return facts
+def set_master_selectors(facts):
+ """ Set selectors facts if not already present in facts dict
Args:
facts (dict): existing facts
Returns:
- dict: the facts dict updated with the generated identity providers
+ dict: the facts dict updated with the generated selectors
facts if they were not already present
+
"""
- for role in ('master', 'node'):
- if role in facts:
+ if 'master' in facts:
+ if 'infra_nodes' in facts['master']:
deployment_type = facts['common']['deployment_type']
- if 'registry_url' not in facts[role]:
- registry_url = "openshift/origin-${component}:${version}"
- if deployment_type == 'enterprise':
- registry_url = "openshift3/ose-${component}:${version}"
- elif deployment_type == 'online':
- registry_url = ("openshift3/ose-${component}:${version}")
- facts[role]['registry_url'] = registry_url
+ if deployment_type == 'online':
+ selector = "type=infra"
+ else:
+ selector = "region=infra"
+ if 'router_selector' not in facts['master']:
+ facts['master']['router_selector'] = selector
+ if 'registry_selector' not in facts['master']:
+ facts['master']['registry_selector'] = selector
return facts
-def set_fluentd_facts_if_unset(facts):
- """ Set fluentd facts if not already present in facts dict
- dict: the facts dict updated with the generated fluentd facts if
+def set_metrics_facts_if_unset(facts):
+ """ Set cluster metrics facts if not already present in facts dict
+ dict: the facts dict updated with the generated cluster metrics facts if
missing
Args:
facts (dict): existing facts
Returns:
- dict: the facts dict updated with the generated fluentd
+ dict: the facts dict updated with the generated cluster metrics
facts if they were not already present
"""
if 'common' in facts:
- deployment_type = facts['common']['deployment_type']
- if 'use_fluentd' not in facts['common']:
- use_fluentd = True if deployment_type == 'online' else False
- facts['common']['use_fluentd'] = use_fluentd
+ if 'use_cluster_metrics' not in facts['common']:
+ use_cluster_metrics = False
+ facts['common']['use_cluster_metrics'] = use_cluster_metrics
return facts
def set_project_config_facts_if_unset(facts):
@@ -457,6 +496,54 @@ def set_aggregate_facts(facts):
return facts
+def set_deployment_facts_if_unset(facts):
+ """ Set Facts that vary based on deployment_type. This currently
+ includes common.service_type, common.config_base, master.registry_url,
+ node.registry_url
+
+ Args:
+ facts (dict): existing facts
+ Returns:
+ dict: the facts dict updated with the generated deployment_type
+ facts
+ """
+ # Perhaps re-factor this as a map?
+ # pylint: disable=too-many-branches
+ if 'common' in facts:
+ deployment_type = facts['common']['deployment_type']
+ if 'service_type' not in facts['common']:
+ service_type = 'atomic-openshift'
+ if deployment_type == 'origin':
+ service_type = 'origin'
+ elif deployment_type in ['enterprise', 'online']:
+ service_type = 'openshift'
+ facts['common']['service_type'] = service_type
+ if 'config_base' not in facts['common']:
+ config_base = '/etc/origin'
+ if deployment_type in ['enterprise', 'online']:
+ config_base = '/etc/openshift'
+ facts['common']['config_base'] = config_base
+ if 'data_dir' not in facts['common']:
+ data_dir = '/var/lib/origin'
+ if deployment_type in ['enterprise', 'online']:
+ data_dir = '/var/lib/openshift'
+ facts['common']['data_dir'] = data_dir
+ facts['common']['version'] = get_openshift_version()
+
+ for role in ('master', 'node'):
+ if role in facts:
+ deployment_type = facts['common']['deployment_type']
+ if 'registry_url' not in facts[role]:
+ registry_url = 'openshift/origin-${component}:${version}'
+ if deployment_type in ['enterprise', 'online', 'openshift-enterprise']:
+ registry_url = 'openshift3/ose-${component}:${version}'
+ elif deployment_type == 'atomic-enterprise':
+ registry_url = 'aep3/aep-${component}:${version}'
+ facts[role]['registry_url'] = registry_url
+
+ return facts
+
+
def set_sdn_facts_if_unset(facts):
""" Set sdn facts if not already present in facts dict
@@ -467,8 +554,10 @@ def set_sdn_facts_if_unset(facts):
were not already present
"""
if 'common' in facts:
+ use_sdn = facts['common']['use_openshift_sdn']
+ if not (use_sdn == '' or isinstance(use_sdn, bool)):
+ facts['common']['use_openshift_sdn'] = bool(strtobool(str(use_sdn)))
if 'sdn_network_plugin_name' not in facts['common']:
- use_sdn = facts['common']['use_openshift_sdn']
plugin = 'redhat/openshift-ovs-subnet' if use_sdn else ''
facts['common']['sdn_network_plugin_name'] = plugin
@@ -478,6 +567,10 @@ def set_sdn_facts_if_unset(facts):
if 'sdn_host_subnet_length' not in facts['master']:
facts['master']['sdn_host_subnet_length'] = '8'
+ if 'node' in facts:
+ if 'sdn_mtu' not in facts['node']:
+ facts['node']['sdn_mtu'] = '1450'
+
return facts
def format_url(use_ssl, hostname, port, path=''):
@@ -519,7 +612,7 @@ def get_current_config(facts):
# anything from working properly as far as I can tell, perhaps because
# we override the kubeconfig path everywhere we use it?
# Query kubeconfig settings
- kubeconfig_dir = '/var/lib/openshift/openshift.local.certificates'
+ kubeconfig_dir = '/var/lib/origin/openshift.local.certificates'
if role == 'node':
kubeconfig_dir = os.path.join(
kubeconfig_dir, "node-%s" % facts['common']['hostname']
@@ -560,6 +653,21 @@ def get_current_config(facts):
return current_config
+def get_openshift_version():
+ """ Get current version of openshift on the host
+
+ Returns:
+ version: the current openshift version
+ """
+ version = ''
+
+ if os.path.isfile('/usr/bin/openshift'):
+ _, output, _ = module.run_command(['/usr/bin/openshift', 'version'])
+ versions = dict(e.split(' v') for e in output.splitlines())
+ version = versions.get('openshift', '')
+
+ #TODO: acknowledge the possility of a containerized install
+ return version
def apply_provider_facts(facts, provider_facts):
""" Apply provider facts to supplied facts dict
@@ -605,7 +713,7 @@ def merge_facts(orig, new):
facts = dict()
for key, value in orig.iteritems():
if key in new:
- if isinstance(value, dict):
+ if isinstance(value, dict) and isinstance(new[key], dict):
facts[key] = merge_facts(value, new[key])
else:
facts[key] = copy.copy(new[key])
@@ -666,25 +774,25 @@ def get_local_facts_from_file(filename):
class OpenShiftFactsUnsupportedRoleError(Exception):
- """OpenShift Facts Unsupported Role Error"""
+ """Origin Facts Unsupported Role Error"""
pass
class OpenShiftFactsFileWriteError(Exception):
- """OpenShift Facts File Write Error"""
+ """Origin Facts File Write Error"""
pass
class OpenShiftFactsMetadataUnavailableError(Exception):
- """OpenShift Facts Metadata Unavailable Error"""
+ """Origin Facts Metadata Unavailable Error"""
pass
class OpenShiftFacts(object):
- """ OpenShift Facts
+ """ Origin Facts
Attributes:
- facts (dict): OpenShift facts for the host
+ facts (dict): facts for the host
Args:
role (str): role for setting local facts
@@ -728,9 +836,12 @@ class OpenShiftFacts(object):
facts = set_url_facts_if_unset(facts)
facts = set_project_config_facts_if_unset(facts)
facts = set_fluentd_facts_if_unset(facts)
+ facts = set_node_schedulability(facts)
+ facts = set_master_selectors(facts)
+ facts = set_metrics_facts_if_unset(facts)
facts = set_identity_providers_if_unset(facts)
- facts = set_registry_url_if_unset(facts)
facts = set_sdn_facts_if_unset(facts)
+ facts = set_deployment_facts_if_unset(facts)
facts = set_aggregate_facts(facts)
return dict(openshift=facts)
diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml
index b2cda3a85..6301d4fc0 100644
--- a/roles/openshift_facts/tasks/main.yml
+++ b/roles/openshift_facts/tasks/main.yml
@@ -1,10 +1,10 @@
---
-- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0
+- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1
assert:
that:
- ansible_version | version_compare('1.8.0', 'ge')
- ansible_version | version_compare('1.9.0', 'ne')
- ansible_version | version_compare('1.9.0.1', 'ne')
-- name: Gather OpenShift facts
+- name: Gather Cluster facts
openshift_facts:
diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml
index 74e702248..637e494ea 100644
--- a/roles/openshift_manage_node/tasks/main.yml
+++ b/roles/openshift_manage_node/tasks/main.yml
@@ -1,25 +1,21 @@
- name: Wait for Node Registration
command: >
- {{ openshift.common.client_binary }} get node {{ item }}
+ {{ openshift.common.client_binary }} get node {{ item | lower }}
register: omd_get_node
until: omd_get_node.rc == 0
- retries: 10
+ retries: 20
delay: 5
with_items: openshift_nodes
-- name: Handle unscheduleable node
+- name: Set node schedulability
command: >
- {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=false
- with_items: openshift_unscheduleable_nodes
-
-- name: Handle scheduleable node
- command: >
- {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=true
- with_items: openshift_scheduleable_nodes
+ {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname | lower }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }}
+ with_items:
+ - "{{ openshift_node_vars }}"
- name: Label nodes
command: >
- {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname }} {{ item.openshift.node.labels | oo_combine_dict }}
+ {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname | lower }} {{ item.openshift.node.labels | oo_combine_dict }}
with_items:
- "{{ openshift_node_vars }}"
when: "'labels' in item.openshift.node and item.openshift.node.labels != {}"
diff --git a/roles/openshift_master/README.md b/roles/openshift_master/README.md
index 19f77d145..155bdb58b 100644
--- a/roles/openshift_master/README.md
+++ b/roles/openshift_master/README.md
@@ -1,7 +1,7 @@
-OpenShift Master
-================
+OpenShift/Atomic Enterprise Master
+==================================
-OpenShift Master service installation
+Master service installation
Requirements
------------
@@ -15,8 +15,8 @@ Role Variables
From this role:
| Name | Default value | |
|-------------------------------------|-----------------------|--------------------------------------------------|
-| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for openshift-master |
-| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when openshift-master starts up |
+| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for master |
+| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when master starts up |
| oreg_url | UNDEF | Default docker registry to use |
| openshift_master_api_port | UNDEF | |
| openshift_master_console_port | UNDEF | |
@@ -28,7 +28,7 @@ From this role:
From openshift_common:
| Name | Default Value | |
|-------------------------------|----------------|----------------------------------------|
-| openshift_debug_level | 0 | Global openshift debug log verbosity |
+| openshift_debug_level | 2 | Global openshift debug log verbosity |
| openshift_public_ip | UNDEF | Public IP address to use for this host |
| openshift_hostname | UNDEF | hostname to use for this instance |
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index ca8860099..9766d01ae 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -5,11 +5,11 @@ openshift_node_ips: []
os_firewall_allow:
- service: etcd embedded
port: 4001/tcp
-- service: OpenShift api https
+- service: api server https
port: 8443/tcp
-- service: OpenShift dns tcp
+- service: dns tcp
port: 53/tcp
-- service: OpenShift dns udp
+- service: dns udp
port: 53/udp
- service: Fluentd td-agent tcp
port: 24224/tcp
@@ -22,9 +22,9 @@ os_firewall_allow:
- service: Corosync UDP
port: 5405/udp
os_firewall_deny:
-- service: OpenShift api http
+- service: api server http
port: 8080/tcp
-- service: former OpenShift web console port
+- service: former web console port
port: 8444/tcp
- service: former etcd peer port
port: 7001/tcp
diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml
index f1e7e1ab3..2981979e0 100644
--- a/roles/openshift_master/handlers/main.yml
+++ b/roles/openshift_master/handlers/main.yml
@@ -1,4 +1,4 @@
---
-- name: restart openshift-master
- service: name=openshift-master state=restarted
+- name: restart master
+ service: name={{ openshift.common.service_type }}-master state=restarted
when: not openshift_master_ha | bool
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index 41a183c3b..c125cb5d0 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -1,7 +1,7 @@
---
galaxy_info:
author: Jhon Honce
- description: OpenShift Master
+ description: Master
company: Red Hat, Inc.
license: Apache License, Version 2.0
min_ansible_version: 1.7
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 8ecc553cd..21aa76883 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -12,11 +12,7 @@
msg: "openshift_master_cluster_password must be set for multi-master installations"
when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
-- name: Install OpenShift Master package
- yum: pkg=openshift-master state=present
- register: install_result
-
-- name: Set master OpenShift facts
+- name: Set master facts
openshift_facts:
role: master
local_facts:
@@ -61,15 +57,36 @@
mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}"
mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}"
uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}"
+ router_selector: "{{ openshift_router_selector | default(None) }}"
+ registry_selector: "{{ openshift_registry_selector | default(None) }}"
api_server_args: "{{ osm_api_server_args | default(None) }}"
controller_args: "{{ osm_controller_args | default(None) }}"
+ infra_nodes: "{{ num_infra | default(None) }}"
+
+- name: Install Master package
+ yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present
+ register: install_result
+
+- name: Check for RPM generated config marker file /etc/origin/.config_managed
+ stat: path=/etc/origin/.rpmgenerated
+ register: rpmgenerated_config
+
+- name: Remove RPM generated config files
+ file:
+ path: "{{ item }}"
+ state: absent
+ when: openshift.common.service_type in ['atomic-enterprise','openshift-enterprise'] and rpmgenerated_config.stat.exists == true
+ with_items:
+ - "{{ openshift.common.config_base }}/master"
+ - "{{ openshift.common.config_base }}/node"
+ - "{{ openshift.common.config_base }}/.rpmgenerated"
# TODO: These values need to be configurable
-- name: Set dns OpenShift facts
+- name: Set dns facts
openshift_facts:
role: dns
local_facts:
- ip: "{{ openshift.common.ip }}"
+ ip: "{{ openshift_master_cluster_vip | default(openshift.common.ip, true) | default(None) }}"
domain: cluster.local
when: openshift.master.embedded_dns
@@ -85,20 +102,28 @@
args:
creates: "{{ openshift_master_policy }}"
notify:
- - restart openshift-master
+ - restart master
- name: Create the scheduler config
template:
dest: "{{ openshift_master_scheduler_conf }}"
src: scheduler.json.j2
+ backup: true
notify:
- - restart openshift-master
+ - restart master
- name: Install httpd-tools if needed
yum: pkg=httpd-tools state=present
when: item.kind == 'HTPasswdPasswordIdentityProvider'
with_items: openshift.master.identity_providers
+- name: Ensure htpasswd directory exists
+ file:
+ path: "{{ item.filename | dirname }}"
+ state: directory
+ when: item.kind == 'HTPasswdPasswordIdentityProvider'
+ with_items: openshift.master.identity_providers
+
- name: Create the htpasswd file if needed
copy:
dest: "{{ item.filename }}"
@@ -113,12 +138,13 @@
template:
dest: "{{ openshift_master_config_file }}"
src: master.yaml.v1.j2
+ backup: true
notify:
- - restart openshift-master
+ - restart master
-- name: Configure OpenShift settings
+- name: Configure master settings
lineinfile:
- dest: /etc/sysconfig/openshift-master
+ dest: /etc/sysconfig/{{ openshift.common.service_type }}-master
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
with_items:
@@ -127,10 +153,10 @@
- regex: '^CONFIG_FILE='
line: "CONFIG_FILE={{ openshift_master_config_file }}"
notify:
- - restart openshift-master
+ - restart master
-- name: Start and enable openshift-master
- service: name=openshift-master enabled=yes state=started
+- name: Start and enable master
+ service: name={{ openshift.common.service_type }}-master enabled=yes state=started
when: not openshift_master_ha | bool
register: start_result
@@ -151,20 +177,24 @@
shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
when: install_result | changed
-- name: Create the OpenShift client config dir(s)
+- name: Lookup default group for ansible_ssh_user
+ command: "/usr/bin/id -g {{ ansible_ssh_user }}"
+ register: _ansible_ssh_user_gid
+
+- name: Create the client config dir(s)
file:
path: "~{{ item }}/.kube"
state: directory
mode: 0700
owner: "{{ item }}"
- group: "{{ item }}"
+ group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
with_items:
- root
- "{{ ansible_ssh_user }}"
# TODO: Update this file if the contents of the source file are not present in
# the dest file, will need to make sure to ignore things that could be added
-- name: Copy the OpenShift admin client config(s)
+- name: Copy the admin client config(s)
command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config
args:
creates: ~{{ item }}/.kube/config
@@ -172,13 +202,13 @@
- root
- "{{ ansible_ssh_user }}"
-- name: Update the permissions on the OpenShift admin client config(s)
+- name: Update the permissions on the admin client config(s)
file:
path: "~{{ item }}/.kube/config"
state: file
mode: 0700
owner: "{{ item }}"
- group: "{{ item }}"
+ group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}"
with_items:
- root
- "{{ ansible_ssh_user }}"
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 7a8ab5c00..d66f9e15d 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -2,9 +2,6 @@ apiLevels:
- v1beta3
- v1
apiVersion: v1
-{% if api_server_args is defined and api_server_args %}
-apiServerArguments: {{ api_server_args }}
-{% endif %}
assetConfig:
logoutURL: ""
masterPublicURL: {{ openshift.master.public_api_url }}
@@ -16,9 +13,6 @@ assetConfig:
keyFile: master.server.key
maxRequestsInFlight: 0
requestTimeoutSeconds: 0
-{% if controller_args is defined and controller_args %}
-controllerArguments: {{ controller_args }}
-{% endif %}
corsAllowedOrigins:
{% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %}
- {{ origin }}
@@ -52,7 +46,7 @@ etcdConfig:
certFile: etcd.server.crt
clientCA: ca.crt
keyFile: etcd.server.key
- storageDirectory: {{ openshift_data_dir }}/openshift.local.etcd
+ storageDirectory: {{ openshift.common.data_dir }}/openshift.local.etcd
{% endif %}
etcdStorageConfig:
kubernetesStoragePrefix: kubernetes.io
@@ -74,8 +68,8 @@ kubernetesMasterConfig:
apiLevels:
- v1beta3
- v1
- apiServerArguments: null
- controllerArguments: null
+ apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }}
+ controllerArguments: {{ controller_args if controller_args is defined else 'null' }}
{# TODO: support overriding masterCount #}
masterCount: 1
masterIP: ""
@@ -93,7 +87,11 @@ masterPublicURL: {{ openshift.master.public_api_url }}
networkConfig:
clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }}
hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }}
+{% if openshift.common.use_openshift_sdn %}
networkPluginName: {{ openshift.common.sdn_network_plugin_name }}
+{% endif %}
+# serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet
+ serviceNetworkCIDR: {{ openshift.master.portal_net }}
{% include 'v1_partials/oauthConfig.j2' %}
policyConfig:
bootstrapPolicyFile: {{ openshift_master_policy }}
diff --git a/roles/openshift_master/templates/scheduler.json.j2 b/roles/openshift_master/templates/scheduler.json.j2
index 835f2383e..cb5f43bb2 100644
--- a/roles/openshift_master/templates/scheduler.json.j2
+++ b/roles/openshift_master/templates/scheduler.json.j2
@@ -1,4 +1,6 @@
{
+ "kind": "Policy",
+ "apiVersion": "v1",
"predicates": [
{"name": "MatchNodeSelector"},
{"name": "PodFitsResources"},
diff --git a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 b/roles/openshift_master/templates/v1_partials/oauthConfig.j2
index 4ca644876..8a4f5a746 100644
--- a/roles/openshift_master/templates/v1_partials/oauthConfig.j2
+++ b/roles/openshift_master/templates/v1_partials/oauthConfig.j2
@@ -7,7 +7,7 @@
url: {{ identity_provider.url }}
{% for key in ('ca', 'certFile', 'keyFile') %}
{% if key in identity_provider %}
- {{ key }}: {{ identity_provider[key] }}"
+ {{ key }}: "{{ identity_provider[key] }}"
{% endif %}
{% endfor %}
{% elif identity_provider.kind == 'LDAPPasswordIdentityProvider' %}
@@ -80,6 +80,7 @@ oauthConfig:
provider:
{{ identity_provider_config(identity_provider) }}
{%- endfor %}
+ masterCA: ca.crt
masterPublicURL: {{ openshift.master.public_api_url }}
masterURL: {{ openshift.master.api_url }}
sessionConfig:
diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml
index f6f69966a..ecdb4f883 100644
--- a/roles/openshift_master/vars/main.yml
+++ b/roles/openshift_master/vars/main.yml
@@ -1,8 +1,9 @@
---
-openshift_master_config_dir: /etc/openshift/master
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml"
openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json"
openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
+openshift_version: "{{ openshift_pkg_version | default('') }}"
openshift_master_valid_grant_methods:
- auto
diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml
index 03eb7e15f..5c9639ea5 100644
--- a/roles/openshift_master_ca/tasks/main.yml
+++ b/roles/openshift_master_ca/tasks/main.yml
@@ -1,6 +1,6 @@
---
-- name: Install the OpenShift package for admin tooling
- yum: pkg=openshift state=present
+- name: Install the base package for admin tooling
+ yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=present
register: install_result
- name: Reload generated facts
diff --git a/roles/openshift_master_ca/vars/main.yml b/roles/openshift_master_ca/vars/main.yml
index 2925680bb..b35339b18 100644
--- a/roles/openshift_master_ca/vars/main.yml
+++ b/roles/openshift_master_ca/vars/main.yml
@@ -1,5 +1,6 @@
---
-openshift_master_config_dir: /etc/openshift/master
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt"
openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key"
openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
+openshift_version: "{{ openshift_pkg_version | default('') }}"
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index bb23cf4f4..0d75a9eb3 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -44,5 +44,3 @@
args:
creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt"
with_items: masters_needing_certs
-
-
diff --git a/roles/openshift_master_certificates/vars/main.yml b/roles/openshift_master_certificates/vars/main.yml
index 6214f7918..3f18ddc79 100644
--- a/roles/openshift_master_certificates/vars/main.yml
+++ b/roles/openshift_master_certificates/vars/main.yml
@@ -1,3 +1,3 @@
---
-openshift_generated_configs_dir: /etc/openshift/generated-configs
-openshift_master_config_dir: /etc/openshift/master
+openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs"
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
diff --git a/roles/openshift_master_cluster/tasks/configure.yml b/roles/openshift_master_cluster/tasks/configure.yml
index 8ddc8bfda..7ab9afb51 100644
--- a/roles/openshift_master_cluster/tasks/configure.yml
+++ b/roles/openshift_master_cluster/tasks/configure.yml
@@ -22,14 +22,14 @@
command: pcs resource defaults resource-stickiness=100
- name: Add the cluster VIP resource
- command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_vip }} --group openshift-master
+ command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_vip }} --group {{ openshift.common.service_type }}-master
- name: Add the cluster public VIP resource
- command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_public_vip }} --group openshift-master
+ command: pcs resource create virtual-ip IPaddr2 ip={{ openshift_master_cluster_public_vip }} --group {{ openshift.common.service_type }}-master
when: openshift_master_cluster_public_vip != openshift_master_cluster_vip
-- name: Add the cluster openshift-master service resource
- command: pcs resource create master systemd:openshift-master op start timeout=90s stop timeout=90s --group openshift-master
+- name: Add the cluster master service resource
+ command: pcs resource create master systemd:{{ openshift.common.service_type }}-master op start timeout=90s stop timeout=90s --group {{ openshift.common.service_type }}-master
- name: Disable stonith
command: pcs property set stonith-enabled=false
diff --git a/roles/openshift_master_cluster/tasks/configure_deferred.yml b/roles/openshift_master_cluster/tasks/configure_deferred.yml
index a80b6c5b4..3b416005b 100644
--- a/roles/openshift_master_cluster/tasks/configure_deferred.yml
+++ b/roles/openshift_master_cluster/tasks/configure_deferred.yml
@@ -1,8 +1,8 @@
---
- debug: msg="Deferring config"
-- name: Start and enable openshift-master
+- name: Start and enable the master
service:
- name: openshift-master
+ name: "{{ openshift.common.service_type }}-master"
state: started
enabled: yes
diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md
index 300e6b495..3aff81274 100644
--- a/roles/openshift_node/README.md
+++ b/roles/openshift_node/README.md
@@ -1,12 +1,12 @@
-OpenShift Node
-==============
+OpenShift/Atomic Enterprise Node
+================================
-OpenShift Node service installation
+Node service installation
Requirements
------------
-One or more OpenShift Master servers.
+One or more Master servers.
A RHEL 7.1 host pre-configured with access to the rhel-7-server-rpms,
rhel-7-server-extras-rpms, and rhel-7-server-ose-3.0-rpms repos.
@@ -14,15 +14,15 @@ rhel-7-server-extras-rpms, and rhel-7-server-ose-3.0-rpms repos.
Role Variables
--------------
From this role:
-| Name | Default value | |
-|------------------------------------------|-----------------------|----------------------------------------|
-| openshift_node_debug_level | openshift_debug_level | Verbosity of the debug logs for openshift-node |
-| oreg_url | UNDEF (Optional) | Default docker registry to use |
+| Name | Default value | |
+|------------------------------------------|-----------------------|--------------------------------------------------------|
+| openshift_node_debug_level | openshift_debug_level | Verbosity of the debug logs for node |
+| oreg_url | UNDEF (Optional) | Default docker registry to use |
From openshift_common:
-| Name | Default Value | |
+| Name | Default Value | |
|-------------------------------|---------------------|---------------------|
-| openshift_debug_level | 0 | Global openshift debug log verbosity |
+| openshift_debug_level | 2 | Global openshift debug log verbosity |
| openshift_public_ip | UNDEF (Required) | Public IP address to use for this host |
| openshift_hostname | UNDEF (Required) | hostname to use for this instance |
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index be51195f2..fffbf2994 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -1,8 +1,15 @@
---
os_firewall_allow:
-- service: OpenShift kubelet
+- service: Kubernetes kubelet
port: 10250/tcp
- service: http
port: 80/tcp
- service: https
port: 443/tcp
+- service: Openshift kubelet ReadOnlyPort
+ port: 10255/tcp
+- service: Openshift kubelet ReadOnlyPort udp
+ port: 10255/udp
+- service: OpenShift OVS sdn
+ port: 4789/udp
+ when: openshift.node.use_openshift_sdn | bool
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index 953a1421b..633f3ed13 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -1,3 +1,6 @@
---
-- name: restart openshift-node
- service: name=openshift-node state=restarted
+- name: restart node
+ service: name={{ openshift.common.service_type }}-node state=restarted
+
+- name: restart docker
+ service: name=docker state=restarted
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index adffca252..d45dd8073 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -10,16 +10,7 @@
msg: "SELinux is disabled, This deployment type requires that SELinux is enabled."
when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online']
-- name: Install OpenShift Node package
- yum: pkg=openshift-node state=present
- register: node_install_result
-
-- name: Install openshift-sdn-ovs
- yum: pkg=openshift-sdn-ovs state=present
- register: sdn_install_result
- when: openshift.common.use_openshift_sdn
-
-- name: Set node OpenShift facts
+- name: Set node facts
openshift_facts:
role: "{{ item.role }}"
local_facts: "{{ item.local_facts }}"
@@ -31,24 +22,38 @@
deployment_type: "{{ openshift_deployment_type }}"
- role: node
local_facts:
- labels: "{{ openshift_node_labels | default(none) }}"
+ labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}"
annotations: "{{ openshift_node_annotations | default(none) }}"
registry_url: "{{ oreg_url | default(none) }}"
debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}"
portal_net: "{{ openshift_master_portal_net | default(None) }}"
kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}"
+ sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}"
+ schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}"
+
+# We have to add tuned-profiles in the same transaction otherwise we run into depsolving
+# problems because the rpms don't pin the version properly.
+- name: Install Node package
+ yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_version }} state=present
+ register: node_install_result
+
+- name: Install sdn-ovs package
+ yum: pkg={{ openshift.common.service_type }}-sdn-ovs{{ openshift_version }} state=present
+ register: sdn_install_result
+ when: openshift.common.use_openshift_sdn
# TODO: add the validate parameter when there is a validation command to run
- name: Create the Node config
template:
dest: "{{ openshift_node_config_file }}"
src: node.yaml.v1.j2
+ backup: true
notify:
- - restart openshift-node
+ - restart node
-- name: Configure OpenShift Node settings
+- name: Configure Node settings
lineinfile:
- dest: /etc/sysconfig/openshift-node
+ dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
with_items:
@@ -57,26 +62,70 @@
- regex: '^CONFIG_FILE='
line: "CONFIG_FILE={{ openshift_node_config_file }}"
notify:
- - restart openshift-node
+ - restart node
- stat: path=/etc/sysconfig/docker
register: docker_check
# TODO: Enable secure registry when code available in origin
-- name: Secure OpenShift Registry
+- name: Secure Registry
lineinfile:
dest: /etc/sysconfig/docker
- regexp: '^OPTIONS=.*'
+ regexp: '^OPTIONS=.*$'
line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \
{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'"
when: docker_check.stat.isreg
+ notify:
+ - restart docker
+
+- set_fact:
+ docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries')
+ | oo_split() | union(['registry.access.redhat.com'])
+ | difference(['']) }}"
+ when: openshift.common.deployment_type == 'enterprise'
+- set_fact:
+ docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries')
+ | oo_split() | difference(['']) }}"
+ when: openshift.common.deployment_type != 'enterprise'
+
+- name: Add personal registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^ADD_REGISTRY=.*$'
+ line: "ADD_REGISTRY='{{ docker_additional_registries
+ | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and docker_additional_registries
+ notify:
+ - restart docker
+
+- name: Block registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^BLOCK_REGISTRY=.*$'
+ line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split()
+ | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and
+ lookup('oo_option', 'docker_blocked_registries') != ''
+ notify:
+ - restart docker
+
+- name: Grant access to additional insecure registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^INSECURE_REGISTRY=.*'
+ line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split()
+ | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and
+ lookup('oo_option', 'docker_insecure_registries') != ''
+ notify:
+ - restart docker
- name: Allow NFS access for VMs
seboolean: name=virt_use_nfs state=yes persistent=yes
when: ansible_selinux and ansible_selinux.status == "enabled"
-- name: Start and enable openshift-node
- service: name=openshift-node enabled=yes state=started
+- name: Start and enable node
+ service: name={{ openshift.common.service_type }}-node enabled=yes state=started
register: start_result
- name: pause to prevent service restart from interfering with bootstrapping
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index e6f75a4c0..4931d127e 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -8,16 +8,26 @@ imageConfig:
format: {{ openshift.node.registry_url }}
latest: false
kind: NodeConfig
-{% if openshift.common.kubelet_args is defined and openshift.common.kubelet_args %}
-kubeletArguments: {{ kubelet_args }}
+{% if openshift.node.kubelet_args is defined and openshift.node.kubelet_args %}
+kubeletArguments: {{ openshift.node.kubelet_args | to_json }}
{% endif %}
masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig
+{% if openshift.common.use_openshift_sdn %}
networkPluginName: {{ openshift.common.sdn_network_plugin_name }}
-nodeName: {{ openshift.common.hostname }}
+{% endif %}
+# networkConfig struct introduced in origin 1.0.6 and OSE 3.0.2 which
+# deprecates networkPluginName above. The two should match.
+networkConfig:
+ mtu: {{ openshift.node.sdn_mtu }}
+{% if openshift.common.use_openshift_sdn %}
+ networkPluginName: {{ openshift.common.sdn_network_plugin_name }}
+{% endif %}
+nodeName: {{ openshift.common.hostname | lower }}
podManifestConfig:
servingInfo:
bindAddress: 0.0.0.0:10250
certFile: server.crt
clientCA: ca.crt
keyFile: server.key
-volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes
+volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes
+{% include 'partials/kubeletArguments.j2' %}
diff --git a/roles/openshift_node/templates/partials/kubeletArguments.j2 b/roles/openshift_node/templates/partials/kubeletArguments.j2
new file mode 100644
index 000000000..6c3bd04c5
--- /dev/null
+++ b/roles/openshift_node/templates/partials/kubeletArguments.j2
@@ -0,0 +1,5 @@
+{% if openshift.common.use_cluster_metrics | bool %}
+kubeletArguments:
+ "read-only-port":
+ - "10255"
+{% endif %} \ No newline at end of file
diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml
index cf47f8354..43dc50ca8 100644
--- a/roles/openshift_node/vars/main.yml
+++ b/roles/openshift_node/vars/main.yml
@@ -1,3 +1,4 @@
---
-openshift_node_config_dir: /etc/openshift/node
+openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml"
+openshift_version: "{{ openshift_pkg_version | default('') }}"
diff --git a/roles/openshift_node_certificates/README.md b/roles/openshift_node_certificates/README.md
index c6304e4b0..6264d253a 100644
--- a/roles/openshift_node_certificates/README.md
+++ b/roles/openshift_node_certificates/README.md
@@ -1,5 +1,5 @@
-OpenShift Node Certificates
-========================
+OpenShift/Atomic Enterprise Node Certificates
+=============================================
TODO
diff --git a/roles/openshift_node_certificates/vars/main.yml b/roles/openshift_node_certificates/vars/main.yml
index a018bb0f9..61fbb1e51 100644
--- a/roles/openshift_node_certificates/vars/main.yml
+++ b/roles/openshift_node_certificates/vars/main.yml
@@ -1,7 +1,7 @@
---
-openshift_node_config_dir: /etc/openshift/node
-openshift_master_config_dir: /etc/openshift/master
-openshift_generated_configs_dir: /etc/openshift/generated-configs
+openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
+openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs"
openshift_master_ca_cert: "{{ openshift_master_config_dir }}/ca.crt"
openshift_master_ca_key: "{{ openshift_master_config_dir }}/ca.key"
openshift_master_ca_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
diff --git a/roles/openshift_registry/README.md b/roles/openshift_registry/README.md
index ec3b4a10b..8e66c483b 100644
--- a/roles/openshift_registry/README.md
+++ b/roles/openshift_registry/README.md
@@ -21,7 +21,7 @@ From openshift_common:
| Name | Default value | |
|-----------------------|---------------|--------------------------------------|
-| openshift_debug_level | 0 | Global openshift debug log verbosity |
+| openshift_debug_level | 2 | Global openshift debug log verbosity |
Dependencies
@@ -41,4 +41,3 @@ Author Information
------------------
Red Hat openshift@redhat.com
-
diff --git a/roles/openshift_registry/tasks/main.yml b/roles/openshift_registry/tasks/main.yml
index 29387d7d5..749eea5c0 100644
--- a/roles/openshift_registry/tasks/main.yml
+++ b/roles/openshift_registry/tasks/main.yml
@@ -1,11 +1,14 @@
---
-- set_fact: _oreg_images="--images={{ oreg_url|quote }}"
- when: oreg_url is defined
+# This role is unused until we add options for configuring the backend storage
+
+- set_fact: _oreg_images="--images='{{ openshift.master.registry_url }}'"
+
+- set_fact: _oreg_selector="--selector='{{ openshift.master.registry_selector }}'"
- name: Deploy OpenShift Registry
command: >
{{ openshift.common.admin_binary }} registry
- --create
- --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images|default() }}
+ --create --service-account=registry {{ _oreg_selector }}
+ --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images }}
register: _oreg_results
changed_when: "'service exists' not in _oreg_results.stdout"
diff --git a/roles/openshift_registry/vars/main.yml b/roles/openshift_registry/vars/main.yml
index 9fb501e85..9967e26f4 100644
--- a/roles/openshift_registry/vars/main.yml
+++ b/roles/openshift_registry/vars/main.yml
@@ -1,3 +1,2 @@
---
-openshift_master_config_dir: /etc/openshift/master
-
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
diff --git a/roles/openshift_repos/vars/main.yml b/roles/openshift_repos/vars/main.yml
index bbb4c77e7..319611a0b 100644
--- a/roles/openshift_repos/vars/main.yml
+++ b/roles/openshift_repos/vars/main.yml
@@ -1,2 +1,7 @@
---
-known_openshift_deployment_types: ['origin', 'online', 'enterprise']
+# origin uses community packages named 'origin'
+# online currently uses 'openshift' packages
+# enterprise is used for OSE 3.0 < 3.1 which uses packages named 'openshift'
+# atomic-enterprise uses Red Hat packages named 'atomic-openshift'
+# openshift-enterprise uses Red Hat packages named 'atomic-openshift' starting with OSE 3.1
+known_openshift_deployment_types: ['origin', 'online', 'enterprise','atomic-enterprise','openshift-enterprise']
diff --git a/roles/openshift_router/README.md b/roles/openshift_router/README.md
index 6d8ee25c6..836efc443 100644
--- a/roles/openshift_router/README.md
+++ b/roles/openshift_router/README.md
@@ -19,7 +19,7 @@ From this role:
From openshift_common:
| Name | Default value | |
|-----------------------|---------------|--------------------------------------|
-| openshift_debug_level | 0 | Global openshift debug log verbosity |
+| openshift_debug_level | 2 | Global openshift debug log verbosity |
Dependencies
------------
@@ -38,4 +38,3 @@ Author Information
------------------
Red Hat openshift@redhat.com
-
diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml
index 929177262..498a65127 100644
--- a/roles/openshift_router/tasks/main.yml
+++ b/roles/openshift_router/tasks/main.yml
@@ -1,11 +1,14 @@
---
-- set_fact: _ortr_images="--images={{ oreg_url|quote }}"
- when: oreg_url is defined
+
+- set_fact: _ortr_images="--images='{{ openshift.master.registry_url }}'"
+
+- set_fact: _ortr_selector="--selector='{{ openshift.master.router_selector }}'"
- name: Deploy OpenShift Router
command: >
{{ openshift.common.admin_binary }} router
- --create
- --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images|default() }}
+ --create --replicas={{ openshift.master.infra_nodes }}
+ --service-account=router {{ _ortr_selector }}
+ --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images }}
register: _ortr_results
changed_when: "'service exists' not in _ortr_results.stdout"
diff --git a/roles/openshift_router/vars/main.yml b/roles/openshift_router/vars/main.yml
index 9fb501e85..9967e26f4 100644
--- a/roles/openshift_router/vars/main.yml
+++ b/roles/openshift_router/vars/main.yml
@@ -1,3 +1,2 @@
---
-openshift_master_config_dir: /etc/openshift/master
-
+openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml
new file mode 100644
index 000000000..d93a25a21
--- /dev/null
+++ b/roles/openshift_serviceaccounts/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: Create service account configs
+ template:
+ src: serviceaccount.j2
+ dest: "/tmp/{{ item }}-serviceaccount.yaml"
+ with_items: accounts
+
+- name: Create {{ item }} service account
+ command: >
+ {{ openshift.common.client_binary }} create -f "/tmp/{{ item }}-serviceaccount.yaml"
+ with_items: accounts
+ register: _sa_result
+ failed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc != 0"
+ changed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc == 0"
+
+- name: Get current security context constraints
+ shell: "{{ openshift.common.client_binary }} get scc privileged -o yaml > /tmp/scc.yaml"
+
+- name: Add security context constraint for {{ item }}
+ lineinfile:
+ dest: /tmp/scc.yaml
+ line: "- system:serviceaccount:default:{{ item }}"
+ insertafter: "^users:$"
+ with_items: accounts
+
+- name: Apply new scc rules for service accounts
+ command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml"
diff --git a/roles/openshift_serviceaccounts/templates/serviceaccount.j2 b/roles/openshift_serviceaccounts/templates/serviceaccount.j2
new file mode 100644
index 000000000..931e249f9
--- /dev/null
+++ b/roles/openshift_serviceaccounts/templates/serviceaccount.j2
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ item }}
diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml
index e9f5814bb..ead81b876 100644
--- a/roles/openshift_storage_nfs_lvm/tasks/main.yml
+++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml
@@ -21,4 +21,4 @@
template: src=../templates/nfs.json.j2 dest=/root/persistent-volume.{{ item }}.json
with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d
-# TODO - Get the json files to an openshift-master, and load them. \ No newline at end of file
+# TODO - Get the json files to a master, and load them.
diff --git a/roles/os_zabbix/README.md b/roles/os_zabbix/README.md
new file mode 100644
index 000000000..ac3dc2833
--- /dev/null
+++ b/roles/os_zabbix/README.md
@@ -0,0 +1,40 @@
+os_zabbix
+=========
+
+Automate zabbix tasks.
+
+Requirements
+------------
+
+This requires the openshift_tools rpm be installed for the zbxapi.py library. It can be found here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now.
+
+Role Variables
+--------------
+
+zab_server
+zab_username
+zab_password
+
+Dependencies
+------------
+
+This depeonds on the zbxapi.py library located here: https://github.com/openshift/openshift-tools under openshift_tools/monitoring/zbxapi.py for now.
+
+Example Playbook
+----------------
+
+ - zbx_host:
+ server: zab_server
+ user: zab_user
+ password: zab_password
+ name: 'myhost'
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+OpenShift operations, Red Hat, Inc
diff --git a/roles/os_zabbix/defaults/main.yml b/roles/os_zabbix/defaults/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/os_zabbix/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/os_zabbix/handlers/main.yml b/roles/os_zabbix/handlers/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/os_zabbix/handlers/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/os_zabbix/library/__init__.py b/roles/os_zabbix/library/__init__.py
deleted file mode 100644
index e69de29bb..000000000
--- a/roles/os_zabbix/library/__init__.py
+++ /dev/null
diff --git a/roles/os_zabbix/library/test.yml b/roles/os_zabbix/library/test.yml
deleted file mode 100644
index f585bcbb2..000000000
--- a/roles/os_zabbix/library/test.yml
+++ /dev/null
@@ -1,92 +0,0 @@
----
-# This is a test playbook to create one of each of the zabbix ansible modules.
-# ensure that the zbxapi module is installed
-# ansible-playbook test.yml
-- name: Test zabbix ansible module
- hosts: localhost
- gather_facts: no
- vars:
- zbx_server: http://localhost/zabbix/api_jsonrpc.php
- zbx_user: Admin
- zbx_password: zabbix
-
- pre_tasks:
- - name: Create a template
- zbx_template:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- name: 'test template'
- register: template_output
-
- - debug: var=template_output
-
- - name: Create an item
- zbx_item:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- name: 'test item'
- key: 'kenny.item.1'
- template_name: "{{ template_output.results[0].host }}"
- register: item_output
-
- - debug: var=item_output
-
- - name: Create an trigger
- zbx_trigger:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- expression: '{test template:kenny.item.1.last()}>2'
- desc: 'Kenny desc'
- register: trigger_output
-
- - debug: var=trigger_output
-
- - name: Create a hostgroup
- zbx_hostgroup:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- name: 'kenny hostgroup'
- register: hostgroup_output
-
- - debug: var=hostgroup_output
-
- - name: Create a host
- zbx_host:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- name: 'kenny host'
- hostgroups:
- - 'kenny hostgroup'
- register: host_output
-
- - debug: var=host_output
-
- - name: Create a usergroup
- zbx_usergroup:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- name: kenny usergroup
- rights:
- - 'kenny hostgroup': rw
- register: usergroup_output
-
- - debug: var=usergroup_output
-
- - name: Create a user
- zbx_user:
- server: "{{ zbx_server }}"
- user: "{{ zbx_user }}"
- password: "{{ zbx_password }}"
- alias: kenny user
- passwd: zabbix
- usergroups:
- - kenny usergroup
- register: user_output
-
- - debug: var=user_output
diff --git a/roles/os_zabbix/meta/main.yml b/roles/os_zabbix/meta/main.yml
new file mode 100644
index 000000000..360f5aad2
--- /dev/null
+++ b/roles/os_zabbix/meta/main.yml
@@ -0,0 +1,9 @@
+---
+galaxy_info:
+ author: OpenShift
+ description: ZabbixAPI
+ company: Red Hat, Inc
+ license: ASL 2.0
+ min_ansible_version: 1.2
+dependencies:
+- lib_zabbix
diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml
new file mode 100644
index 000000000..a503b24d7
--- /dev/null
+++ b/roles/os_zabbix/tasks/main.yml
@@ -0,0 +1,81 @@
+---
+- name: Main List all templates
+ zbx_template:
+ zbx_server: "{{ ozb_server }}"
+ zbx_user: "{{ ozb_user }}"
+ zbx_password: "{{ ozb_password }}"
+ state: list
+ register: templates
+
+- include_vars: template_heartbeat.yml
+- include_vars: template_os_linux.yml
+- include_vars: template_docker.yml
+- include_vars: template_openshift_master.yml
+- include_vars: template_openshift_node.yml
+- include_vars: template_ops_tools.yml
+- include_vars: template_app_zabbix_server.yml
+- include_vars: template_app_zabbix_agent.yml
+
+- name: Include Template Heartbeat
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_heartbeat }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template os_linux
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_os_linux }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template docker
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_docker }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template Openshift Master
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_openshift_master }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template Openshift Node
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_openshift_node }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template Ops Tools
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_ops_tools }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template App Zabbix Server
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_app_zabbix_server }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
+
+- name: Include Template App Zabbix Agent
+ include: ../../lib_zabbix/tasks/create_template.yml
+ vars:
+ template: "{{ g_template_app_zabbix_agent }}"
+ server: "{{ ozb_server }}"
+ user: "{{ ozb_user }}"
+ password: "{{ ozb_password }}"
diff --git a/roles/os_zabbix/vars/main.yml b/roles/os_zabbix/vars/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/os_zabbix/vars/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/os_zabbix/vars/template_app_zabbix_agent.yml b/roles/os_zabbix/vars/template_app_zabbix_agent.yml
new file mode 100644
index 000000000..6349b6384
--- /dev/null
+++ b/roles/os_zabbix/vars/template_app_zabbix_agent.yml
@@ -0,0 +1,23 @@
+---
+g_template_app_zabbix_agent:
+ name: Template App Zabbix Agent
+ zitems:
+ - key: agent.hostname
+ applications:
+ - Zabbix agent
+ value_type: character
+ zabbix_type: 0
+
+ - key: agent.ping
+ applications:
+ - Zabbix agent
+ description: The agent always returns 1 for this item. It could be used in combination with nodata() for availability check.
+ value_type: int
+ zabbix_type: 0
+
+ ztriggers:
+ - name: '[Reboot] Zabbix agent on {HOST.NAME} is unreachable for 15 minutes'
+ description: Zabbix agent is unreachable for 15 minutes.
+ expression: '{Template App Zabbix Agent:agent.ping.nodata(15m)}=1'
+ priority: high
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_ping.asciidoc
diff --git a/roles/os_zabbix/vars/template_app_zabbix_server.yml b/roles/os_zabbix/vars/template_app_zabbix_server.yml
new file mode 100644
index 000000000..aeec16254
--- /dev/null
+++ b/roles/os_zabbix/vars/template_app_zabbix_server.yml
@@ -0,0 +1,412 @@
+---
+g_template_app_zabbix_server:
+ name: Template App Zabbix Server
+ zitems:
+ - key: housekeeper_creates
+ applications:
+ - Zabbix server
+ description: A simple count of the number of partition creates output by the housekeeper script.
+ units: ''
+ value_type: int
+ zabbix_type: 5
+
+ - key: housekeeper_drops
+ applications:
+ - Zabbix server
+ description: A simple count of the number of partition drops output by the housekeeper script.
+ units: ''
+ value_type: int
+ zabbix_type: 5
+
+ - key: housekeeper_errors
+ applications:
+ - Zabbix server
+ description: A simple count of the number of errors output by the housekeeper script.
+ units: ''
+ value_type: int
+ zabbix_type: 5
+
+ - key: housekeeper_total
+ applications:
+ - Zabbix server
+ description: A simple count of the total number of lines output by the housekeeper
+ script.
+ units: ''
+ value_type: int
+ zabbix_type: 5
+
+ - key: zabbix[process,alerter,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,configuration syncer,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,db watchdog,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,discoverer,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,escalator,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,history syncer,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,housekeeper,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,http poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,icmp pinger,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,ipmi poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,java poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,node watcher,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,proxy poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,self-monitoring,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,snmp trapper,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,timer,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,trapper,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[process,unreachable poller,avg,busy]
+ applications:
+ - Zabbix server
+ description: ''
+ units: '%'
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[queue,10m]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: int
+ zabbix_type: 5
+ interval: 600
+
+ - key: zabbix[queue]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: int
+ zabbix_type: 5
+ interval: 600
+
+ - key: zabbix[rcache,buffer,pfree]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[wcache,history,pfree]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[wcache,text,pfree]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[wcache,trend,pfree]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: float
+ zabbix_type: 5
+
+ - key: zabbix[wcache,values]
+ applications:
+ - Zabbix server
+ description: ''
+ units: ''
+ value_type: float
+ zabbix_type: 5
+ delta: 1 # speed per second
+
+ ztriggers:
+ - description: "There has been unexpected output while running the housekeeping script\
+ \ on the Zabbix. There are only three kinds of lines we expect to see in the output,\
+ \ and we've gotten something enw.\r\n\r\nCheck the script's output in /var/lib/zabbix/state\
+ \ for more details."
+ expression: '{Template App Zabbix Server:housekeeper_errors.last(0)}+{Template App Zabbix Server:housekeeper_creates.last(0)}+{Template App Zabbix Server:housekeeper_drops.last(0)}<>{Template App Zabbix Server:housekeeper_total.last(0)}'
+ name: Unexpected output in Zabbix DB Housekeeping
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_DB_Housekeeping.asciidoc
+
+ - description: An error has occurred during running the housekeeping script on the Zabbix. Check the script's output in /var/lib/zabbix/state for more details.
+ expression: '{Template App Zabbix Server:housekeeper_errors.last(0)}>0'
+ name: Errors during Zabbix DB Housekeeping
+ priority: high
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,alerter,avg,busy].min(600)}>75'
+ name: Zabbix alerter processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,configuration syncer,avg,busy].min(600)}>75'
+ name: Zabbix configuration syncer processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,db watchdog,avg,busy].min(600)}>75'
+ name: Zabbix db watchdog processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,discoverer,avg,busy].min(600)}>75'
+ name: Zabbix discoverer processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,escalator,avg,busy].min(600)}>75'
+ name: Zabbix escalator processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,history syncer,avg,busy].min(600)}>75'
+ name: Zabbix history syncer processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,housekeeper,avg,busy].min(1800)}>75'
+ name: Zabbix housekeeper processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,http poller,avg,busy].min(600)}>75'
+ name: Zabbix http poller processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,icmp pinger,avg,busy].min(600)}>75'
+ name: Zabbix icmp pinger processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,ipmi poller,avg,busy].min(600)}>75'
+ name: Zabbix ipmi poller processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,java poller,avg,busy].min(600)}>75'
+ name: Zabbix java poller processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,node watcher,avg,busy].min(600)}>75'
+ name: Zabbix node watcher processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,poller,avg,busy].min(600)}>75'
+ name: Zabbix poller processes more than 75% busy
+ priority: high
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,proxy poller,avg,busy].min(600)}>75'
+ name: Zabbix proxy poller processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,self-monitoring,avg,busy].min(600)}>75'
+ name: Zabbix self-monitoring processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,snmp trapper,avg,busy].min(600)}>75'
+ name: Zabbix snmp trapper processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: Timer processes usually are busy because they have to process time
+ based trigger functions
+ expression: '{Template App Zabbix Server:zabbix[process,timer,avg,busy].min(600)}>75'
+ name: Zabbix timer processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,trapper,avg,busy].min(600)}>75'
+ name: Zabbix trapper processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[process,unreachable poller,avg,busy].min(600)}>75'
+ name: Zabbix unreachable poller processes more than 75% busy
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/Zabbix_state_check.asciidoc
+
+ - description: "This alert generally indicates a performance problem or a problem\
+ \ with the zabbix-server or proxy.\r\n\r\nThe first place to check for issues\
+ \ is Administration > Queue. Be sure to check the general view and the per-proxy\
+ \ view."
+ expression: '{Template App Zabbix Server:zabbix[queue,10m].min(600)}>1000'
+ name: More than 1000 items having missing data for more than 10 minutes
+ priority: high
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/data_lost_overview_plugin.asciidoc
+
+ - description: Consider increasing CacheSize in the zabbix_server.conf configuration
+ file
+ expression: '{Template App Zabbix Server:zabbix[rcache,buffer,pfree].min(600)}<5'
+ name: Less than 5% free in the configuration cache
+ priority: info
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[wcache,history,pfree].min(600)}<25'
+ name: Less than 25% free in the history cache
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[wcache,text,pfree].min(600)}<25'
+ name: Less than 25% free in the text history cache
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc
+
+ - description: ''
+ expression: '{Template App Zabbix Server:zabbix[wcache,trend,pfree].min(600)}<25'
+ name: Less than 25% free in the trends cache
+ priority: avg
+ url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_cache.asciidoc
diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml
new file mode 100644
index 000000000..395e054de
--- /dev/null
+++ b/roles/os_zabbix/vars/template_docker.yml
@@ -0,0 +1,89 @@
+---
+g_template_docker:
+ name: Template Docker
+ zitems:
+ - key: docker.ping
+ applications:
+ - Docker Daemon
+ value_type: int
+
+ - key: docker.storage.is_loopback
+ applications:
+ - Docker Storage
+ value_type: int
+
+ - key: docker.storage.data.space.total
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.data.space.used
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.data.space.available
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.data.space.percent_available
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.metadata.space.total
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.metadata.space.used
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.metadata.space.available
+ applications:
+ - Docker Storage
+ value_type: float
+
+ - key: docker.storage.metadata.space.percent_available
+ applications:
+ - Docker Storage
+ value_type: float
+ ztriggers:
+ - name: 'docker.ping failed on {HOST.NAME}'
+ expression: '{Template Docker:docker.ping.max(#3)}<1'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_ping.asciidoc'
+ priority: high
+
+ - name: 'Docker storage is using LOOPBACK on {HOST.NAME}'
+ expression: '{Template Docker:docker.storage.is_loopback.last()}<>0'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_loopback.asciidoc'
+ priority: high
+
+ - name: 'Critically low docker storage data space on {HOST.NAME}'
+ expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.data.space.available.max(#3)}<5' # < 5% or < 5GB
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc'
+ priority: high
+
+ - name: 'Critically low docker storage metadata space on {HOST.NAME}'
+ expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<5 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.005' # < 5% or < 5MB
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc'
+ priority: high
+
+ # Put triggers that depend on other triggers here (deps must be created first)
+ - name: 'Low docker storage data space on {HOST.NAME}'
+ expression: '{Template Docker:docker.storage.data.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.data.space.available.max(#3)}<10' # < 10% or < 10GB
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc'
+ dependencies:
+ - 'Critically low docker storage data space on {HOST.NAME}'
+ priority: average
+
+ - name: 'Low docker storage metadata space on {HOST.NAME}'
+ expression: '{Template Docker:docker.storage.metadata.space.percent_available.max(#3)}<10 or {Template Docker:docker.storage.metadata.space.available.max(#3)}<0.01' # < 10% or < 10MB
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_docker_storage.asciidoc'
+ dependencies:
+ - 'Critically low docker storage metadata space on {HOST.NAME}'
+ priority: average
+
diff --git a/roles/os_zabbix/vars/template_heartbeat.yml b/roles/os_zabbix/vars/template_heartbeat.yml
new file mode 100644
index 000000000..8dbe0d0d6
--- /dev/null
+++ b/roles/os_zabbix/vars/template_heartbeat.yml
@@ -0,0 +1,13 @@
+---
+g_template_heartbeat:
+ name: Template Heartbeat
+ zitems:
+ - name: Heartbeat Ping
+ applications:
+ - Heartbeat
+ key: heartbeat.ping
+ ztriggers:
+ - name: 'Heartbeat.ping has failed on {HOST.NAME}'
+ expression: '{Template Heartbeat:heartbeat.ping.nodata(20m)}=1'
+ priority: avg
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_node_heartbeat.asciidoc'
diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml
new file mode 100644
index 000000000..1de4fefbb
--- /dev/null
+++ b/roles/os_zabbix/vars/template_openshift_master.yml
@@ -0,0 +1,58 @@
+---
+g_template_openshift_master:
+ name: Template Openshift Master
+ zitems:
+ - name: create_app
+ applications:
+ - Openshift Master
+ key: create_app
+
+ - key: openshift.master.process.count
+ description: Shows number of master processes running
+ type: int
+ applications:
+ - Openshift Master
+
+ - key: openshift.master.user.count
+ description: Shows number of users in a cluster
+ type: int
+ applications:
+ - Openshift Master
+
+ - key: openshift.master.pod.running.count
+ description: Shows number of pods running
+ type: int
+ applications:
+ - Openshift Master
+
+ - key: openshift.project.counter
+ description: Shows number of projects on a cluster
+ type: int
+ applications:
+ - Openshift Master
+
+ ztriggers:
+ - name: 'Application creation has failed on {HOST.NAME}'
+ expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc'
+ priority: avg
+
+ - name: 'Openshift Master process not running on {HOST.NAME}'
+ expression: '{Template Openshift Master:openshift.master.process.count.max(#3)}<1'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc'
+ priority: high
+
+ - name: 'Too many Openshift Master processes running on {HOST.NAME}'
+ expression: '{Template Openshift Master:openshift.master.process.count.min(#3)}>1'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc'
+ priority: high
+
+ - name: 'Number of users for Openshift Master on {HOST.NAME}'
+ expression: '{Template Openshift Master:openshift.master.user.count.last()}=0'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc'
+ priority: info
+
+ - name: 'There are no projects running on {HOST.NAME}'
+ expression: '{Template Openshift Master:openshift.project.counter.last()}=0'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc'
+ priority: info
diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml
new file mode 100644
index 000000000..ce28b1048
--- /dev/null
+++ b/roles/os_zabbix/vars/template_openshift_node.yml
@@ -0,0 +1,44 @@
+---
+g_template_openshift_node:
+ name: Template Openshift Node
+ zitems:
+ - key: openshift.node.process.count
+ description: Shows number of OpenShift Node processes running
+ type: int
+ applications:
+ - Openshift Node
+
+ - key: openshift.node.ovs.pids.count
+ description: Shows number of ovs process ids running
+ type: int
+ applications:
+ - Openshift Node
+
+ - key: openshift.node.ovs.ports.count
+ description: Shows number of OVS ports defined
+ type: int
+ applications:
+ - Openshift Node
+
+ ztriggers:
+ - name: 'Openshift Node process not running on {HOST.NAME}'
+ expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1'
+ url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc'
+ priority: high
+
+ - name: 'Too many Openshift Node processes running on {HOST.NAME}'
+ expression: '{Template Openshift Node:openshift.node.process.count.min(#3)}>1'
+ url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc'
+ priority: high
+
+ - name: 'OVS may not be running on {HOST.NAME}'
+ expression: '{Template Openshift Node:openshift.node.ovs.pids.count.last()}<>4'
+ url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc'
+ priority: high
+
+ - name: 'Number of OVS ports is 0 on {HOST.NAME}'
+ expression: '{Template Openshift Node:openshift.node.ovs.ports.count.last()}=0'
+ url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc'
+ priority: high
+
+
diff --git a/roles/os_zabbix/vars/template_ops_tools.yml b/roles/os_zabbix/vars/template_ops_tools.yml
new file mode 100644
index 000000000..d1b8a2514
--- /dev/null
+++ b/roles/os_zabbix/vars/template_ops_tools.yml
@@ -0,0 +1,23 @@
+---
+g_template_ops_tools:
+ name: Template Operations Tools
+ zdiscoveryrules:
+ - name: disc.ops.runner
+ key: disc.ops.runner
+ lifetime: 1
+ description: "Dynamically register operations runner items"
+
+ zitemprototypes:
+ - discoveryrule_key: disc.ops.runner
+ name: "Exit code of ops-runner[{#OSO_COMMAND}]"
+ key: "disc.ops.runner.command.exitcode[{#OSO_COMMAND}]"
+ value_type: int
+ description: "The exit code of the command run from ops-runner"
+ applications:
+ - Ops Runner
+
+ ztriggerprototypes:
+ - name: 'ops-runner[{#OSO_COMMAND}]: non-zero exit code on {HOST.NAME}'
+ expression: '{Template Operations Tools:disc.ops.runner.command.exitcode[{#OSO_COMMAND}].last()}<>0'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_ops_runner_command.asciidoc'
+ priority: average
diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml
new file mode 100644
index 000000000..3ae1500bc
--- /dev/null
+++ b/roles/os_zabbix/vars/template_os_linux.yml
@@ -0,0 +1,260 @@
+---
+g_template_os_linux:
+ name: Template OS Linux
+ zitems:
+ - key: kernel.uname.sysname
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: kernel.all.cpu.wait.total
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.cpu.irq.hard
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.cpu.idle
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.uname.distro
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: kernel.uname.nodename
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: kernel.all.cpu.irq.soft
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.load.15_minute
+ applications:
+ - Kernel
+ value_type: float
+
+ - key: kernel.all.cpu.sys
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.load.5_minute
+ applications:
+ - Kernel
+ value_type: float
+
+ - key: kernel.all.cpu.nice
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.load.1_minute
+ applications:
+ - Kernel
+ value_type: float
+
+ - key: kernel.uname.version
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: kernel.all.uptime
+ applications:
+ - Kernel
+ value_type: int
+
+ - key: kernel.all.cpu.user
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.uname.machine
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: hinv.ncpu
+ applications:
+ - Kernel
+ value_type: int
+
+ - key: kernel.all.cpu.steal
+ applications:
+ - Kernel
+ value_type: float
+ units: '%'
+
+ - key: kernel.all.pswitch
+ applications:
+ - Kernel
+ value_type: int
+
+ - key: kernel.uname.release
+ applications:
+ - Kernel
+ value_type: string
+
+ - key: proc.nprocs
+ applications:
+ - Kernel
+ value_type: int
+
+ # Memory Items
+ - key: mem.freemem
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: free system memory metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: mem.util.bufmem
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: Memory allocated for buffer_heads.; I/O buffers metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: swap.used
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: swap used metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: swap.length
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: total swap available metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: mem.physmem
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: The value of this metric corresponds to the \"MemTotal\" field reported by /proc/meminfo. Note that this does not necessarily correspond to actual installed physical memory - there may be areas of the physical address space mapped as ROM in various peripheral devices and the bios may be mirroring certain ROMs in RAM."
+ multiplier: 1024
+ units: B
+
+ - key: swap.free
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: swap free metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: mem.util.available
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: The amount of memory that is available for a new workload, without pushing the system into swap. Estimated from MemFree, Active(file), Inactive(file), and SReclaimable, as well as the \"low\" watermarks from /proc/zoneinfo.; available memory from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: mem.util.used
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: Used memory is the difference between mem.physmem and mem.freemem; used memory metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ - key: mem.util.cached
+ applications:
+ - Memory
+ value_type: int
+ description: "PCP: Memory used by the page cache, including buffered file data. This is in-memory cache for files read from the disk (the pagecache) but doesn't include SwapCached.; page cache metric from /proc/meminfo"
+ multiplier: 1024
+ units: B
+
+ zdiscoveryrules:
+ - name: disc.filesys
+ key: disc.filesys
+ lifetime: 1
+ description: "Dynamically register the filesystems"
+
+ zitemprototypes:
+ - discoveryrule_key: disc.filesys
+ name: "disc.filesys.full.{#OSO_FILESYS}"
+ key: "disc.filesys.full[{#OSO_FILESYS}]"
+ value_type: float
+ description: "PCP filesys.full option. This is the percent full returned from pcp filesys.full"
+ applications:
+ - Disk
+
+ - discoveryrule_key: disc.filesys
+ name: "Percentage of used inodes on {#OSO_FILESYS}"
+ key: "disc.filesys.inodes.pused[{#OSO_FILESYS}]"
+ value_type: float
+ description: "PCP derived value of percentage of used inodes on a filesystem."
+ applications:
+ - Disk
+
+ ztriggerprototypes:
+ - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}'
+ expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc'
+ priority: warn
+
+ - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free disk space on {HOST.NAME}'
+ expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc'
+ priority: high
+
+ - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free inodes on {HOST.NAME}'
+ expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>90'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc'
+ priority: warn
+
+ - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free inodes on {HOST.NAME}'
+ expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>95'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc'
+ priority: high
+
+ ztriggers:
+ - name: 'Too many TOTAL processes on {HOST.NAME}'
+ expression: '{Template OS Linux:proc.nprocs.last()}>5000'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_proc.asciidoc'
+ priority: warn
+
+ - name: 'Lack of available memory on {HOST.NAME}'
+ expression: '{Template OS Linux:mem.freemem.last()}<30720000'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_memory.asciidoc'
+ priority: warn
+ description: 'Alert on less than 30MegaBytes. This is 30 Million Bytes. 30000 KB x 1024'
+
+ # CPU Utilization #
+ - name: 'CPU idle less than 5% on {HOST.NAME}'
+ expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<5 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<5'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc'
+ priority: average
+ description: 'CPU is less than 5% idle'
+
+ - name: 'CPU idle less than 10% on {HOST.NAME}'
+ expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<10 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<10'
+ url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc'
+ priority: warn
+ description: 'CPU is less than 10% idle'
+ dependencies:
+ - 'CPU idle less than 5% on {HOST.NAME}'
diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml
index fc4d44745..e9e6e4bd4 100644
--- a/roles/rhel_subscribe/tasks/enterprise.yml
+++ b/roles/rhel_subscribe/tasks/enterprise.yml
@@ -1,5 +1,9 @@
---
+- name: Disable all repositories
+ command: subscription-manager repos --disable="*"
+
- name: Enable RHEL repositories
command: subscription-manager repos \
--enable="rhel-7-server-rpms" \
+ --enable="rhel-7-server-extras-rpms" \
--enable="rhel-7-server-ose-3.0-rpms"