From 7a351a8bf87e6678e273d94ec7d003e1baa9fe90 Mon Sep 17 00:00:00 2001
From: Jeff Cantrill <jcantril@redhat.com>
Date: Tue, 29 Nov 2016 15:12:48 -0500
Subject: rename openshift_metrics to openshift_hosted_metrics
---
.../common/openshift-cluster/openshift_hosted.yml | 2 +-
roles/openshift_hosted_metrics/README.md | 54 +++++++++
roles/openshift_hosted_metrics/defaults/main.yml | 2 +
roles/openshift_hosted_metrics/handlers/main.yml | 35 ++++++
roles/openshift_hosted_metrics/meta/main.yaml | 18 +++
roles/openshift_hosted_metrics/tasks/install.yml | 132 +++++++++++++++++++++
roles/openshift_hosted_metrics/tasks/main.yaml | 75 ++++++++++++
roles/openshift_hosted_metrics/vars/main.yaml | 21 ++++
roles/openshift_metrics/README.md | 54 ---------
roles/openshift_metrics/defaults/main.yml | 2 -
roles/openshift_metrics/handlers/main.yml | 35 ------
roles/openshift_metrics/meta/main.yaml | 18 ---
roles/openshift_metrics/tasks/install.yml | 132 ---------------------
roles/openshift_metrics/tasks/main.yaml | 75 ------------
roles/openshift_metrics/vars/main.yaml | 21 ----
15 files changed, 338 insertions(+), 338 deletions(-)
create mode 100644 roles/openshift_hosted_metrics/README.md
create mode 100644 roles/openshift_hosted_metrics/defaults/main.yml
create mode 100644 roles/openshift_hosted_metrics/handlers/main.yml
create mode 100644 roles/openshift_hosted_metrics/meta/main.yaml
create mode 100644 roles/openshift_hosted_metrics/tasks/install.yml
create mode 100644 roles/openshift_hosted_metrics/tasks/main.yaml
create mode 100644 roles/openshift_hosted_metrics/vars/main.yaml
delete mode 100644 roles/openshift_metrics/README.md
delete mode 100644 roles/openshift_metrics/defaults/main.yml
delete mode 100644 roles/openshift_metrics/handlers/main.yml
delete mode 100644 roles/openshift_metrics/meta/main.yaml
delete mode 100644 roles/openshift_metrics/tasks/install.yml
delete mode 100644 roles/openshift_metrics/tasks/main.yaml
delete mode 100644 roles/openshift_metrics/vars/main.yaml
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
index 7839b85e8..ec5b18389 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted.yml
+++ b/playbooks/common/openshift-cluster/openshift_hosted.yml
@@ -27,7 +27,7 @@
logging_elasticsearch_ops_cluster_size: "{{ openshift_hosted_logging_elasticsearch_ops_cluster_size | default(1) }}"
roles:
- role: openshift_hosted
- - role: openshift_metrics
+ - role: openshift_hosted_metrics
when: openshift_hosted_metrics_deploy | default(false) | bool
- role: openshift_hosted_logging
when: openshift_hosted_logging_deploy | default(false) | bool
diff --git a/roles/openshift_hosted_metrics/README.md b/roles/openshift_hosted_metrics/README.md
new file mode 100644
index 000000000..c2af3c494
--- /dev/null
+++ b/roles/openshift_hosted_metrics/README.md
@@ -0,0 +1,54 @@
+OpenShift Metrics with Hawkular
+====================
+
+OpenShift Metrics Installation
+
+Requirements
+------------
+
+* Ansible 2.2
+* It requires subdomain fqdn to be set.
+* If persistence is enabled, then it also requires NFS.
+
+Role Variables
+--------------
+
+From this role:
+
+| Name | Default value | |
+|-------------------------------------------------|-----------------------|-------------------------------------------------------------|
+| openshift_hosted_metrics_deploy | `False` | If metrics should be deployed |
+| openshift_hosted_metrics_public_url | null | Hawkular metrics public url |
+| openshift_hosted_metrics_storage_nfs_directory | `/exports` | Root export directory. |
+| openshift_hosted_metrics_storage_volume_name | `metrics` | Metrics volume within openshift_hosted_metrics_volume_dir |
+| openshift_hosted_metrics_storage_volume_size | `10Gi` | Metrics volume size |
+| openshift_hosted_metrics_storage_nfs_options | `*(rw,root_squash)` | NFS options for configured exports. |
+| openshift_hosted_metrics_duration | `7` | Metrics query duration |
+| openshift_hosted_metrics_resolution | `10s` | Metrics resolution |
+
+
+Dependencies
+------------
+openshift_facts
+openshift_examples
+openshift_master_facts
+
+Example Playbook
+----------------
+
+```
+- name: Configure openshift-metrics
+ hosts: oo_first_master
+ roles:
+ - role: openshift_hosted_metrics
+```
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Jose David Martín (j.david.nieto@gmail.com)
diff --git a/roles/openshift_hosted_metrics/defaults/main.yml b/roles/openshift_hosted_metrics/defaults/main.yml
new file mode 100644
index 000000000..a01f24df8
--- /dev/null
+++ b/roles/openshift_hosted_metrics/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
diff --git a/roles/openshift_hosted_metrics/handlers/main.yml b/roles/openshift_hosted_metrics/handlers/main.yml
new file mode 100644
index 000000000..69c5a1663
--- /dev/null
+++ b/roles/openshift_hosted_metrics/handlers/main.yml
@@ -0,0 +1,35 @@
+---
+- name: restart master
+ systemd: name={{ openshift.common.service_type }}-master state=restarted
+ when: (openshift.master.ha is not defined or not openshift.master.ha | bool) and (not (master_service_status_changed | default(false) | bool))
+ notify: Verify API Server
+
+- name: restart master api
+ systemd: name={{ openshift.common.service_type }}-master-api state=restarted
+ when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+ notify: Verify API Server
+
+- name: restart master controllers
+ systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
+ when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
+
+- name: Verify API Server
+ # Using curl here since the uri module requires python-httplib2 and
+ # wait_for port doesn't provide health information.
+ command: >
+ curl --silent --tlsv1.2
+ {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
+ {% else %}
+ --cacert {{ openshift.common.config_base }}/master/ca.crt
+ {% endif %}
+ {{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_available_output
+ until: api_available_output.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
diff --git a/roles/openshift_hosted_metrics/meta/main.yaml b/roles/openshift_hosted_metrics/meta/main.yaml
new file mode 100644
index 000000000..debca3ca6
--- /dev/null
+++ b/roles/openshift_hosted_metrics/meta/main.yaml
@@ -0,0 +1,18 @@
+---
+galaxy_info:
+ author: David Martín
+ description:
+ company:
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+ - system
+dependencies:
+- { role: openshift_examples }
+- { role: openshift_facts }
+- { role: openshift_master_facts }
diff --git a/roles/openshift_hosted_metrics/tasks/install.yml b/roles/openshift_hosted_metrics/tasks/install.yml
new file mode 100644
index 000000000..2c839996e
--- /dev/null
+++ b/roles/openshift_hosted_metrics/tasks/install.yml
@@ -0,0 +1,132 @@
+---
+
+- name: Test if metrics-deployer service account exists
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace=openshift-infra
+ get serviceaccount metrics-deployer -o json
+ register: serviceaccount
+ changed_when: false
+ failed_when: false
+
+- name: Create metrics-deployer Service Account
+ shell: >
+ echo {{ metrics_deployer_sa | to_json | quote }} |
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ create -f -
+ when: serviceaccount.rc == 1
+
+- name: Test edit permissions
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ get rolebindings -o jsonpath='{.items[?(@.metadata.name == "edit")].userNames}'
+ register: edit_rolebindings
+ changed_when: false
+
+- name: Add edit permission to the openshift-infra project to metrics-deployer SA
+ command: >
+ {{ openshift.common.client_binary }} adm
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ policy add-role-to-user edit
+ system:serviceaccount:openshift-infra:metrics-deployer
+ when: "'system:serviceaccount:openshift-infra:metrics-deployer' not in edit_rolebindings.stdout"
+
+- name: Test hawkular view permissions
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ get rolebindings -o jsonpath='{.items[?(@.metadata.name == "view")].userNames}'
+ register: view_rolebindings
+ changed_when: false
+
+- name: Add view permissions to hawkular SA
+ command: >
+ {{ openshift.common.client_binary }} adm
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ policy add-role-to-user view
+ system:serviceaccount:openshift-infra:hawkular
+ when: "'system:serviceaccount:openshift-infra:hawkular' not in view_rolebindings"
+
+- name: Test cluster-reader permissions
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ get clusterrolebindings -o jsonpath='{.items[?(@.metadata.name == "cluster-reader")].userNames}'
+ register: cluster_reader_clusterrolebindings
+ changed_when: false
+
+- name: Add cluster-reader permission to the openshift-infra project to heapster SA
+ command: >
+ {{ openshift.common.client_binary }} adm
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ policy add-cluster-role-to-user cluster-reader
+ system:serviceaccount:openshift-infra:heapster
+ when: "'system:serviceaccount:openshift-infra:heapster' not in cluster_reader_clusterrolebindings.stdout"
+
+- name: Create metrics-deployer secret
+ command: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ secrets new metrics-deployer nothing=/dev/null
+ register: metrics_deployer_secret
+ changed_when: metrics_deployer_secret.rc == 0
+ failed_when: "metrics_deployer_secret.rc == 1 and 'already exists' not in metrics_deployer_secret.stderr"
+
+# TODO: extend this to allow user passed in certs or generating cert with
+# OpenShift CA
+- name: Build metrics deployer command
+ set_fact:
+ deployer_cmd: "{{ openshift.common.client_binary }} process -f \
+ {{ hosted_base }}/metrics-deployer.yaml -v \
+ HAWKULAR_METRICS_HOSTNAME={{ g_metrics_hostname }} \
+ -v USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }} \
+ -v DYNAMICALLY_PROVISION_STORAGE={{metrics_dynamic_vol | string | lower }} \
+ -v METRIC_DURATION={{ openshift.hosted.metrics.duration }} \
+ -v METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }}
+ {{ image_prefix }} \
+ {{ image_version }} \
+ -v MODE={{ deployment_mode }} \
+ | {{ openshift.common.client_binary }} --namespace openshift-infra \
+ --config={{ openshift_hosted_metrics_kubeconfig }} \
+ create -o name -f -"
+
+- name: Deploy Metrics
+ shell: "{{ deployer_cmd }}"
+ register: deploy_metrics
+ failed_when: "'already exists' not in deploy_metrics.stderr and deploy_metrics.rc != 0"
+ changed_when: deploy_metrics.rc == 0
+
+- set_fact:
+ deployer_pod: "{{ deploy_metrics.stdout[1:2] }}"
+
+# TODO: re-enable this once the metrics deployer validation issue is fixed
+# when using dynamically provisioned volumes
+- name: "Wait for image pull and deployer pod"
+ shell: >
+ {{ openshift.common.client_binary }}
+ --namespace openshift-infra
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ get {{ deploy_metrics.stdout }}
+ register: deploy_result
+ until: "{{ 'Completed' in deploy_result.stdout }}"
+ failed_when: False
+ retries: 60
+ delay: 10
+
+- name: Configure master for metrics
+ modify_yaml:
+ dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ yaml_key: assetConfig.metricsPublicURL
+ yaml_value: "{{ openshift_hosted_metrics_public_url }}"
+ notify: restart master
diff --git a/roles/openshift_hosted_metrics/tasks/main.yaml b/roles/openshift_hosted_metrics/tasks/main.yaml
new file mode 100644
index 000000000..5ce8aa92b
--- /dev/null
+++ b/roles/openshift_hosted_metrics/tasks/main.yaml
@@ -0,0 +1,75 @@
+---
+- name: Create temp directory for kubeconfig
+ command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: mktemp
+ changed_when: False
+
+- name: Record kubeconfig tmp dir
+ set_fact:
+ openshift_hosted_metrics_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
+
+- name: Copy the admin client config(s)
+ command: >
+ cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ openshift_hosted_metrics_kubeconfig }}
+ changed_when: False
+
+- name: Set hosted metrics facts
+ openshift_facts:
+ role: hosted
+ openshift_env: "{{ hostvars
+ | oo_merge_hostvars(vars, inventory_hostname)
+ | oo_openshift_env }}"
+ openshift_env_structures:
+ - 'openshift.hosted.metrics.*'
+
+- set_fact:
+ metrics_persistence: "{{ openshift.hosted.metrics.storage_kind | default(none) is not none }}"
+ metrics_dynamic_vol: "{{ openshift.hosted.metrics.storage_kind | default(none) == 'dynamic' }}"
+ metrics_template_dir: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples/infrastructure-templates/{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
+ image_prefix: "{{ '-v IMAGE_PREFIX=' ~ openshift.hosted.metrics.deployer.prefix if 'prefix' in openshift.hosted.metrics.deployer else '' }}"
+ image_version: "{{ '-v IMAGE_VERSION=' ~ openshift.hosted.metrics.deployer.version if 'version' in openshift.hosted.metrics.deployer else '' }}"
+
+
+- name: Check for existing metrics pods
+ shell: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ get pods -l {{ item }} | grep -q Running
+ register: metrics_pods_status
+ with_items:
+ - metrics-infra=hawkular-metrics
+ - metrics-infra=heapster
+ - metrics-infra=hawkular-cassandra
+ failed_when: false
+ changed_when: false
+
+- name: Check for previous deployer
+ shell: >
+ {{ openshift.common.client_binary }}
+ --config={{ openshift_hosted_metrics_kubeconfig }}
+ --namespace openshift-infra
+ get pods -l metrics-infra=deployer --sort-by='{.metadata.creationTimestamp}' | tail -1 | grep metrics-deployer-
+ register: metrics_deployer_status
+ failed_when: false
+ changed_when: false
+
+- name: Record current deployment status
+ set_fact:
+ greenfield: "{{ not metrics_deployer_status.rc == 0 }}"
+ failed_error: "{{ True if 'Error' in metrics_deployer_status.stdout else False }}"
+ metrics_running: "{{ metrics_pods_status.results | oo_collect(attribute='rc') == [0,0,0] }}"
+
+- name: Set deployment mode
+ set_fact:
+ deployment_mode: "{{ 'refresh' if (failed_error | bool or metrics_upgrade | bool) else 'deploy' }}"
+
+# TODO: handle non greenfield deployments in the future
+- include: install.yml
+ when: greenfield
+
+- name: Delete temp directory
+ file:
+ name: "{{ mktemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/roles/openshift_hosted_metrics/vars/main.yaml b/roles/openshift_hosted_metrics/vars/main.yaml
new file mode 100644
index 000000000..6c207d6ac
--- /dev/null
+++ b/roles/openshift_hosted_metrics/vars/main.yaml
@@ -0,0 +1,21 @@
+---
+hawkular_permission_oc_commands:
+ - policy add-role-to-user edit system:serviceaccount:openshift-infra:metrics-deployer -n openshift-infra
+ - policy add-cluster-role-to-user cluster-admin system:serviceaccount:openshift-infra:heapster
+
+metrics_deployer_sa:
+ apiVersion: v1
+ kind: ServiceAccount
+ metadata:
+ name: metrics-deployer
+ secrets:
+ - name: metrics-deployer
+
+
+hawkular_tmp_conf: /tmp/hawkular_admin.kubeconfig
+
+hawkular_persistence: "{% if openshift.hosted.metrics.storage.kind != None %}true{% else %}false{% endif %}"
+
+hawkular_type: "{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
+
+metrics_upgrade: openshift.hosted.metrics.upgrade | default(False)
diff --git a/roles/openshift_metrics/README.md b/roles/openshift_metrics/README.md
deleted file mode 100644
index 015a673a8..000000000
--- a/roles/openshift_metrics/README.md
+++ /dev/null
@@ -1,54 +0,0 @@
-OpenShift Metrics with Hawkular
-====================
-
-OpenShift Metrics Installation
-
-Requirements
-------------
-
-* Ansible 2.2
-* It requires subdomain fqdn to be set.
-* If persistence is enabled, then it also requires NFS.
-
-Role Variables
---------------
-
-From this role:
-
-| Name | Default value | |
-|-------------------------------------------------|-----------------------|-------------------------------------------------------------|
-| openshift_hosted_metrics_deploy | `False` | If metrics should be deployed |
-| openshift_hosted_metrics_public_url | null | Hawkular metrics public url |
-| openshift_hosted_metrics_storage_nfs_directory | `/exports` | Root export directory. |
-| openshift_hosted_metrics_storage_volume_name | `metrics` | Metrics volume within openshift_hosted_metrics_volume_dir |
-| openshift_hosted_metrics_storage_volume_size | `10Gi` | Metrics volume size |
-| openshift_hosted_metrics_storage_nfs_options | `*(rw,root_squash)` | NFS options for configured exports. |
-| openshift_hosted_metrics_duration | `7` | Metrics query duration |
-| openshift_hosted_metrics_resolution | `10s` | Metrics resolution |
-
-
-Dependencies
-------------
-openshift_facts
-openshift_examples
-openshift_master_facts
-
-Example Playbook
-----------------
-
-```
-- name: Configure openshift-metrics
- hosts: oo_first_master
- roles:
- - role: openshift_metrics
-```
-
-License
--------
-
-Apache License, Version 2.0
-
-Author Information
-------------------
-
-Jose David Martín (j.david.nieto@gmail.com)
diff --git a/roles/openshift_metrics/defaults/main.yml b/roles/openshift_metrics/defaults/main.yml
deleted file mode 100644
index a01f24df8..000000000
--- a/roles/openshift_metrics/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
diff --git a/roles/openshift_metrics/handlers/main.yml b/roles/openshift_metrics/handlers/main.yml
deleted file mode 100644
index 69c5a1663..000000000
--- a/roles/openshift_metrics/handlers/main.yml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-- name: restart master
- systemd: name={{ openshift.common.service_type }}-master state=restarted
- when: (openshift.master.ha is not defined or not openshift.master.ha | bool) and (not (master_service_status_changed | default(false) | bool))
- notify: Verify API Server
-
-- name: restart master api
- systemd: name={{ openshift.common.service_type }}-master-api state=restarted
- when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_api_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
- notify: Verify API Server
-
-- name: restart master controllers
- systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
- when: (openshift.master.ha is defined and openshift.master.ha | bool) and (not (master_controllers_service_status_changed | default(false) | bool)) and openshift.master.cluster_method == 'native'
-
-- name: Verify API Server
- # Using curl here since the uri module requires python-httplib2 and
- # wait_for port doesn't provide health information.
- command: >
- curl --silent --tlsv1.2
- {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
- --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
- {% else %}
- --cacert {{ openshift.common.config_base }}/master/ca.crt
- {% endif %}
- {{ openshift.master.api_url }}/healthz/ready
- args:
- # Disables the following warning:
- # Consider using get_url or uri module rather than running curl
- warn: no
- register: api_available_output
- until: api_available_output.stdout == 'ok'
- retries: 120
- delay: 1
- changed_when: false
diff --git a/roles/openshift_metrics/meta/main.yaml b/roles/openshift_metrics/meta/main.yaml
deleted file mode 100644
index debca3ca6..000000000
--- a/roles/openshift_metrics/meta/main.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-galaxy_info:
- author: David Martín
- description:
- company:
- license: Apache License, Version 2.0
- min_ansible_version: 2.2
- platforms:
- - name: EL
- versions:
- - 7
- categories:
- - cloud
- - system
-dependencies:
-- { role: openshift_examples }
-- { role: openshift_facts }
-- { role: openshift_master_facts }
diff --git a/roles/openshift_metrics/tasks/install.yml b/roles/openshift_metrics/tasks/install.yml
deleted file mode 100644
index 0f520e685..000000000
--- a/roles/openshift_metrics/tasks/install.yml
+++ /dev/null
@@ -1,132 +0,0 @@
----
-
-- name: Test if metrics-deployer service account exists
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace=openshift-infra
- get serviceaccount metrics-deployer -o json
- register: serviceaccount
- changed_when: false
- failed_when: false
-
-- name: Create metrics-deployer Service Account
- shell: >
- echo {{ metrics_deployer_sa | to_json | quote }} |
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- create -f -
- when: serviceaccount.rc == 1
-
-- name: Test edit permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- get rolebindings -o jsonpath='{.items[?(@.metadata.name == "edit")].userNames}'
- register: edit_rolebindings
- changed_when: false
-
-- name: Add edit permission to the openshift-infra project to metrics-deployer SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-role-to-user edit
- system:serviceaccount:openshift-infra:metrics-deployer
- when: "'system:serviceaccount:openshift-infra:metrics-deployer' not in edit_rolebindings.stdout"
-
-- name: Test hawkular view permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- get rolebindings -o jsonpath='{.items[?(@.metadata.name == "view")].userNames}'
- register: view_rolebindings
- changed_when: false
-
-- name: Add view permissions to hawkular SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-role-to-user view
- system:serviceaccount:openshift-infra:hawkular
- when: "'system:serviceaccount:openshift-infra:hawkular' not in view_rolebindings"
-
-- name: Test cluster-reader permissions
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- get clusterrolebindings -o jsonpath='{.items[?(@.metadata.name == "cluster-reader")].userNames}'
- register: cluster_reader_clusterrolebindings
- changed_when: false
-
-- name: Add cluster-reader permission to the openshift-infra project to heapster SA
- command: >
- {{ openshift.common.client_binary }} adm
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- policy add-cluster-role-to-user cluster-reader
- system:serviceaccount:openshift-infra:heapster
- when: "'system:serviceaccount:openshift-infra:heapster' not in cluster_reader_clusterrolebindings.stdout"
-
-- name: Create metrics-deployer secret
- command: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- secrets new metrics-deployer nothing=/dev/null
- register: metrics_deployer_secret
- changed_when: metrics_deployer_secret.rc == 0
- failed_when: "metrics_deployer_secret.rc == 1 and 'already exists' not in metrics_deployer_secret.stderr"
-
-# TODO: extend this to allow user passed in certs or generating cert with
-# OpenShift CA
-- name: Build metrics deployer command
- set_fact:
- deployer_cmd: "{{ openshift.common.client_binary }} process -f \
- {{ hosted_base }}/metrics-deployer.yaml -v \
- HAWKULAR_METRICS_HOSTNAME={{ g_metrics_hostname }} \
- -v USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }} \
- -v DYNAMICALLY_PROVISION_STORAGE={{metrics_dynamic_vol | string | lower }} \
- -v METRIC_DURATION={{ openshift.hosted.metrics.duration }} \
- -v METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }}
- {{ image_prefix }} \
- {{ image_version }} \
- -v MODE={{ deployment_mode }} \
- | {{ openshift.common.client_binary }} --namespace openshift-infra \
- --config={{ openshift_metrics_kubeconfig }} \
- create -o name -f -"
-
-- name: Deploy Metrics
- shell: "{{ deployer_cmd }}"
- register: deploy_metrics
- failed_when: "'already exists' not in deploy_metrics.stderr and deploy_metrics.rc != 0"
- changed_when: deploy_metrics.rc == 0
-
-- set_fact:
- deployer_pod: "{{ deploy_metrics.stdout[1:2] }}"
-
-# TODO: re-enable this once the metrics deployer validation issue is fixed
-# when using dynamically provisioned volumes
-- name: "Wait for image pull and deployer pod"
- shell: >
- {{ openshift.common.client_binary }}
- --namespace openshift-infra
- --config={{ openshift_metrics_kubeconfig }}
- get {{ deploy_metrics.stdout }}
- register: deploy_result
- until: "{{ 'Completed' in deploy_result.stdout }}"
- failed_when: False
- retries: 60
- delay: 10
-
-- name: Configure master for metrics
- modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: assetConfig.metricsPublicURL
- yaml_value: "{{ openshift_hosted_metrics_public_url }}"
- notify: restart master
diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml
deleted file mode 100644
index 68e4a48b9..000000000
--- a/roles/openshift_metrics/tasks/main.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
----
-- name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: mktemp
- changed_when: False
-
-- name: Record kubeconfig tmp dir
- set_fact:
- openshift_metrics_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
-
-- name: Copy the admin client config(s)
- command: >
- cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ openshift_metrics_kubeconfig }}
- changed_when: False
-
-- name: Set hosted metrics facts
- openshift_facts:
- role: hosted
- openshift_env: "{{ hostvars
- | oo_merge_hostvars(vars, inventory_hostname)
- | oo_openshift_env }}"
- openshift_env_structures:
- - 'openshift.hosted.metrics.*'
-
-- set_fact:
- metrics_persistence: "{{ openshift.hosted.metrics.storage_kind | default(none) is not none }}"
- metrics_dynamic_vol: "{{ openshift.hosted.metrics.storage_kind | default(none) == 'dynamic' }}"
- metrics_template_dir: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples/infrastructure-templates/{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
- image_prefix: "{{ '-v IMAGE_PREFIX=' ~ openshift.hosted.metrics.deployer.prefix if 'prefix' in openshift.hosted.metrics.deployer else '' }}"
- image_version: "{{ '-v IMAGE_VERSION=' ~ openshift.hosted.metrics.deployer.version if 'version' in openshift.hosted.metrics.deployer else '' }}"
-
-
-- name: Check for existing metrics pods
- shell: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- get pods -l {{ item }} | grep -q Running
- register: metrics_pods_status
- with_items:
- - metrics-infra=hawkular-metrics
- - metrics-infra=heapster
- - metrics-infra=hawkular-cassandra
- failed_when: false
- changed_when: false
-
-- name: Check for previous deployer
- shell: >
- {{ openshift.common.client_binary }}
- --config={{ openshift_metrics_kubeconfig }}
- --namespace openshift-infra
- get pods -l metrics-infra=deployer --sort-by='{.metadata.creationTimestamp}' | tail -1 | grep metrics-deployer-
- register: metrics_deployer_status
- failed_when: false
- changed_when: false
-
-- name: Record current deployment status
- set_fact:
- greenfield: "{{ not metrics_deployer_status.rc == 0 }}"
- failed_error: "{{ True if 'Error' in metrics_deployer_status.stdout else False }}"
- metrics_running: "{{ metrics_pods_status.results | oo_collect(attribute='rc') == [0,0,0] }}"
-
-- name: Set deployment mode
- set_fact:
- deployment_mode: "{{ 'refresh' if (failed_error | bool or metrics_upgrade | bool) else 'deploy' }}"
-
-# TODO: handle non greenfield deployments in the future
-- include: install.yml
- when: greenfield
-
-- name: Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- changed_when: False
diff --git a/roles/openshift_metrics/vars/main.yaml b/roles/openshift_metrics/vars/main.yaml
deleted file mode 100644
index 6c207d6ac..000000000
--- a/roles/openshift_metrics/vars/main.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-hawkular_permission_oc_commands:
- - policy add-role-to-user edit system:serviceaccount:openshift-infra:metrics-deployer -n openshift-infra
- - policy add-cluster-role-to-user cluster-admin system:serviceaccount:openshift-infra:heapster
-
-metrics_deployer_sa:
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: metrics-deployer
- secrets:
- - name: metrics-deployer
-
-
-hawkular_tmp_conf: /tmp/hawkular_admin.kubeconfig
-
-hawkular_persistence: "{% if openshift.hosted.metrics.storage.kind != None %}true{% else %}false{% endif %}"
-
-hawkular_type: "{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}"
-
-metrics_upgrade: openshift.hosted.metrics.upgrade | default(False)
--
cgit v1.2.3