From 2a7131b9403a4b22ebc55606814f604f723dc826 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 13 Oct 2015 16:36:01 +0200 Subject: Add flannel support Signed-off-by: Sylvain Baubeau --- roles/flannel/README.md | 37 +++++++++++++++++++++++++++++++++ roles/flannel/defaults/main.yaml | 8 ++++++++ roles/flannel/handlers/main.yml | 8 ++++++++ roles/flannel/meta/main.yml | 16 +++++++++++++++ roles/flannel/tasks/main.yml | 44 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 113 insertions(+) create mode 100644 roles/flannel/README.md create mode 100644 roles/flannel/defaults/main.yaml create mode 100644 roles/flannel/handlers/main.yml create mode 100644 roles/flannel/meta/main.yml create mode 100644 roles/flannel/tasks/main.yml (limited to 'roles/flannel') diff --git a/roles/flannel/README.md b/roles/flannel/README.md new file mode 100644 index 000000000..94cf15254 --- /dev/null +++ b/roles/flannel/README.md @@ -0,0 +1,37 @@ +Role Name +========= + +Configure flannel on openshift nodes + +Requirements +------------ + +This role assumes it's being deployed on a RHEL/Fedora based host with package +named 'flannel' available via yum, in version superior to 0.3. + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +openshift_facts + +Example Playbook +---------------- + + - hosts: openshift_node + roles: + - { flannel } + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Sylvain Baubeau diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml new file mode 100644 index 000000000..a9acab634 --- /dev/null +++ b/roles/flannel/defaults/main.yaml @@ -0,0 +1,8 @@ +--- +flannel_interface: "{{ ansible_default_ipv4.interface }}" +flannel_etcd_key: /openshift.com/network +etcd_hosts: "{{ etcd_urls }}" +etcd_conf_dir: "{{ openshift.common.config_base }}/node" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.key" diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml new file mode 100644 index 000000000..f9b9ae7f1 --- /dev/null +++ b/roles/flannel/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: restart flanneld + sudo: true + service: name=flanneld state=restarted + +- name: restart docker + sudo: true + service: name=docker state=restarted diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml new file mode 100644 index 000000000..a64934b3c --- /dev/null +++ b/roles/flannel/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Sylvain + description: etcd management + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.2 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud + - system +dependencies: +- { role: openshift_facts } diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml new file mode 100644 index 000000000..8a871efb2 --- /dev/null +++ b/roles/flannel/tasks/main.yml @@ -0,0 +1,44 @@ +--- +- name: Install flannel + sudo: true + yum: pkg=flannel state=present + +- name: Set flannel etcd url + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^(FLANNEL_ETCD=)" + line: '\1{{ etcd_hosts|join(",") }}' + +- name: Set flannel etcd key + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^(FLANNEL_ETCD_KEY=)" + line: '\1{{ flannel_etcd_key }}' + notify: + +- name: Set flannel options + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^#?(FLANNEL_OPTIONS=)" + line: '\1--iface {{ flannel_interface }} --etcd-cafile={{ etcd_peer_ca_file }} --etcd-keyfile={{ etcd_peer_key_file }} --etcd-certfile={{ etcd_peer_cert_file }}' + +- name: Enable flanneld + sudo: true + service: + name: flanneld + state: started + enabled: yes + register: start_result + +- name: Remove docker bridge ip + sudo: true + shell: ip a del `ip a show docker0 | grep inet | awk '{print $2}'` dev docker0 + notify: + - restart docker + - restart node -- cgit v1.2.3 From fc9392d0b6bcf80b5dafa03e5f4c2b812cb0a57c Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 10:53:15 +0200 Subject: Only remove IPv4 address from docker bridge --- roles/flannel/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/flannel') diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 8a871efb2..57e322836 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -38,7 +38,7 @@ - name: Remove docker bridge ip sudo: true - shell: ip a del `ip a show docker0 | grep inet | awk '{print $2}'` dev docker0 + shell: ip a del `ip a show docker0 | grep "inet[[:space:]]" | awk '{print $2}'` dev docker0 notify: - restart docker - restart node -- cgit v1.2.3 From 2d084a816d4af52f7cffe3ddb913e2b4555b7d23 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 14:41:35 +0200 Subject: Add flannel modules documentation --- roles/flannel/README.md | 12 ++++++++++-- roles/flannel/meta/main.yml | 2 +- 2 files changed, 11 insertions(+), 3 deletions(-) (limited to 'roles/flannel') diff --git a/roles/flannel/README.md b/roles/flannel/README.md index 94cf15254..b8aa830ac 100644 --- a/roles/flannel/README.md +++ b/roles/flannel/README.md @@ -12,7 +12,15 @@ named 'flannel' available via yum, in version superior to 0.3. Role Variables -------------- -TODO +| Name | Default value | Description | +|---------------------|-----------------------------------------|-----------------------------------------------| +| flannel_interface | ansible_default_ipv4.interface | interface to use for inter-host communication | +| flannel_etcd_key | /openshift.com/network | etcd prefix | +| etcd_hosts | etcd_urls | a list of etcd endpoints | +| etcd_conf_dir | {{ openshift.common.config_base }}/node | SSL certificates directory | +| etcd_peer_ca_file | {{ etcd_conf_dir }}/ca.crt | SSL CA to use for etcd | +| etcd_peer_cert_file | Openshift SSL cert | SSL cert to use for etcd | +| etcd_peer_key_file | Openshift SSL key | SSL key to use for etcd | Dependencies ------------ @@ -24,7 +32,7 @@ Example Playbook - hosts: openshift_node roles: - - { flannel } + - { role: flannel, etcd_urls: ['https://127.0.0.1:2379'] } License ------- diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml index a64934b3c..909bdbfa4 100644 --- a/roles/flannel/meta/main.yml +++ b/roles/flannel/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Sylvain - description: etcd management + description: flannel management company: Red Hat, Inc. license: Apache License, Version 2.0 min_ansible_version: 1.2 -- cgit v1.2.3 From bb30f53935399fee9dcaf42664fe8678dd157ee1 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Mon, 19 Oct 2015 15:50:07 +0200 Subject: Generate etcd certificats for flannel when is not embedded --- roles/flannel/defaults/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'roles/flannel') diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml index a9acab634..34cebda9c 100644 --- a/roles/flannel/defaults/main.yaml +++ b/roles/flannel/defaults/main.yaml @@ -3,6 +3,6 @@ flannel_interface: "{{ ansible_default_ipv4.interface }}" flannel_etcd_key: /openshift.com/network etcd_hosts: "{{ etcd_urls }}" etcd_conf_dir: "{{ openshift.common.config_base }}/node" -etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" -etcd_peer_cert_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.crt" -etcd_peer_key_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.key" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/{{ 'ca' if (embedded_etcd | bool) else 'node.etcd-ca' }}.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'node.etcd-client' }}.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'node.etcd-client' }}.key" -- cgit v1.2.3 From b0d050eaffd99598dff73ecba04ad343172fd465 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 28 Oct 2015 14:59:30 +0100 Subject: Remove empty notify section --- roles/flannel/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) (limited to 'roles/flannel') diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 57e322836..acfb009ec 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -18,7 +18,6 @@ backrefs: yes regexp: "^(FLANNEL_ETCD_KEY=)" line: '\1{{ flannel_etcd_key }}' - notify: - name: Set flannel options sudo: true -- cgit v1.2.3