From f3741a05097f1848d2b3e9a01f03e76a33487e01 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Mon, 9 Oct 2017 16:14:38 -0400 Subject: Management Cleanup and Provider Integration * Add container provider integration * General cleanup * Poll until service fully starts * Add notes on multiple-provider additions --- .../tasks/add_container_provider.yml | 65 ++++++++++++++++++++++ .../tasks/add_many_container_providers.yml | 27 +++++++++ roles/openshift_management/tasks/main.yml | 25 +++++++-- .../tasks/storage/create_nfs_pvs.yml | 8 +-- roles/openshift_management/tasks/template.yml | 26 ++++----- 5 files changed, 128 insertions(+), 23 deletions(-) create mode 100644 roles/openshift_management/tasks/add_container_provider.yml create mode 100644 roles/openshift_management/tasks/add_many_container_providers.yml (limited to 'roles/openshift_management/tasks') diff --git a/roles/openshift_management/tasks/add_container_provider.yml b/roles/openshift_management/tasks/add_container_provider.yml new file mode 100644 index 000000000..383e6edb5 --- /dev/null +++ b/roles/openshift_management/tasks/add_container_provider.yml @@ -0,0 +1,65 @@ +--- +- name: Ensure lib_openshift modules are available + include_role: + role: lib_openshift + +- name: Ensure OpenShift facts module is available + include_role: + role: openshift_facts + +- name: Ensure OpenShift facts are loaded + openshift_facts: + +- name: Ensure the management SA Secrets are read + oc_serviceaccount_secret: + state: list + service_account: management-admin + namespace: management-infra + register: sa + +- name: Ensure the management SA bearer token is identified + set_fact: + management_token: "{{ sa.results | oo_filter_sa_secrets }}" + +- name: Ensure the SA bearer token value is read + oc_secret: + state: list + name: "{{ management_token }}" + namespace: management-infra + decode: true + no_log: True + register: sa_secret + +- name: Ensure the SA bearer token value is saved + set_fact: + management_bearer_token: "{{ sa_secret.results.decoded.token }}" + +- name: Ensure we have the public route to the management service + oc_route: + state: list + name: httpd + namespace: openshift-management + register: route + +- name: Ensure the management service route is saved + set_fact: + management_route: "{{ route.results.0.spec.host }}" + +- name: Ensure this cluster is a container provider + uri: + url: "https://{{ management_route }}/api/providers" + body_format: json + method: POST + user: "{{ openshift_management_username }}" + password: "{{ openshift_management_password }}" + validate_certs: no + # Docs on formatting the BODY of the POST request: + # http://manageiq.org/docs/reference/latest/api/reference/providers.html#specifying-connection-configurations + body: + connection_configurations: + - authentication: {auth_key: "{{ management_bearer_token }}", authtype: bearer, type: AuthToken} + endpoint: {role: default, security_protocol: ssl-without-validation, verify_ssl: 0} + hostname: "{{ openshift.master.cluster_public_hostname }}" + name: "{{ openshift_management_project }}" + port: "{{ openshift.master.api_port }}" + type: "ManageIQ::Providers::Openshift::ContainerManager" diff --git a/roles/openshift_management/tasks/add_many_container_providers.yml b/roles/openshift_management/tasks/add_many_container_providers.yml new file mode 100644 index 000000000..f92c81277 --- /dev/null +++ b/roles/openshift_management/tasks/add_many_container_providers.yml @@ -0,0 +1,27 @@ +--- +- hosts: "{{ groups['masters'][0] }}" + tasks: + - name: Include providers/management configuration + include_vars: + file: "{{ openshift_management_many_container_providers_config }}" + + - name: Ensure this cluster is a container provider + uri: + url: "https://{{ management_server['hostname'] }}/api/providers" + body_format: json + method: POST + user: "{{ management_server['user'] }}" + password: "{{ management_server['password'] }}" + validate_certs: no + # Docs on formatting the BODY of the POST request: + # http://manageiq.org/docs/reference/latest/api/reference/providers.html#specifying-connection-configurations + body: "{{ item }}" + failed_when: false + with_items: "{{ container_providers }}" + register: results + + - name: Ensure failed additions are reported for each container provider + debug: + msg: | + FLOOP {{ item.item.hostname }} + with_items: "{{ results.results }}" diff --git a/roles/openshift_management/tasks/main.yml b/roles/openshift_management/tasks/main.yml index 86c4d0010..88290c44d 100644 --- a/roles/openshift_management/tasks/main.yml +++ b/roles/openshift_management/tasks/main.yml @@ -2,23 +2,29 @@ ######################################################################) # Users, projects, and privileges -- name: Run pre-install CFME validation checks +- name: Run pre-install Management validation checks include: validate.yml -- name: "Ensure the CFME '{{ openshift_management_project }}' namespace exists" +# This creates a service account allowing Container Provider +# integration (managing OCP/Origin via MIQ/Management) +- name: Enable Container Provider Integration + include_role: + role: openshift_manageiq + +- name: "Ensure the Management '{{ openshift_management_project }}' namespace exists" oc_project: state: present name: "{{ openshift_management_project }}" display_name: "{{ openshift_management_project_description }}" -- name: Create and Authorize CFME Accounts +- name: Create and Authorize Management Accounts include: accounts.yml ###################################################################### # STORAGE - Initialize basic storage class #--------------------------------------------------------------------- # * nfs - set up NFS shares on the first master for a proof of concept -- name: Create required NFS exports for CFME app storage +- name: Create required NFS exports for Management app storage include: storage/nfs.yml when: openshift_management_storage_class == 'nfs' @@ -45,7 +51,7 @@ ###################################################################### # APPLICATION TEMPLATE -- name: Install the CFME app and PV templates +- name: Install the Management app and PV templates include: template.yml ###################################################################### @@ -71,9 +77,16 @@ when: - openshift_management_app_template in ['miq-template', 'cfme-template'] -- name: Ensure the CFME App is created +- name: Ensure the Management App is created oc_process: namespace: "{{ openshift_management_project }}" template_name: "{{ openshift_management_template_name }}" create: True params: "{{ openshift_management_template_parameters }}" + +- name: Wait for the app to come up. May take several minutes, 30s check intervals, 10m max + command: "oc logs {{ openshift_management_flavor }}-0 -n {{ openshift_management_project }}" + register: app_seeding_logs + until: app_seeding_logs.stdout.find('Server starting complete') != -1 + delay: 30 + retries: 20 diff --git a/roles/openshift_management/tasks/storage/create_nfs_pvs.yml b/roles/openshift_management/tasks/storage/create_nfs_pvs.yml index 31c845725..d1b9a8d5c 100644 --- a/roles/openshift_management/tasks/storage/create_nfs_pvs.yml +++ b/roles/openshift_management/tasks/storage/create_nfs_pvs.yml @@ -26,7 +26,7 @@ when: - openshift_management_template_parameters.DATABASE_VOLUME_CAPACITY is not defined -- name: Check if the CFME App PV has been created +- name: Check if the Management App PV has been created oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -34,7 +34,7 @@ name: "{{ openshift_management_flavor_short }}-app" register: miq_app_pv_check -- name: Check if the CFME DB PV has been created +- name: Check if the Management DB PV has been created oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -44,7 +44,7 @@ when: - openshift_management_app_template in ['miq-template', 'cfme-template'] -- name: Ensure the CFME App PV is created +- name: Ensure the Management App PV is created oc_process: namespace: "{{ openshift_management_project }}" template_name: "{{ openshift_management_flavor }}-app-pv" @@ -55,7 +55,7 @@ NFS_HOST: "{{ openshift_management_nfs_server }}" when: miq_app_pv_check.results.results == [{}] -- name: Ensure the CFME DB PV is created +- name: Ensure the Management DB PV is created oc_process: namespace: "{{ openshift_management_project }}" template_name: "{{ openshift_management_flavor }}-db-pv" diff --git a/roles/openshift_management/tasks/template.yml b/roles/openshift_management/tasks/template.yml index 299158ac4..9f97cdcb9 100644 --- a/roles/openshift_management/tasks/template.yml +++ b/roles/openshift_management/tasks/template.yml @@ -15,7 +15,7 @@ # STANDARD PODIFIED DATABASE TEMPLATE - when: openshift_management_app_template in ['miq-template', 'cfme-template'] block: - - name: Check if the CFME Server template has been created already + - name: Check if the Management Server template has been created already oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -25,12 +25,12 @@ - when: miq_server_check.results.results == [{}] block: - - name: Copy over CFME Server template + - name: Copy over Management Server template copy: src: "templates/{{ openshift_management_flavor }}/{{ openshift_management_flavor_short }}-template.yaml" dest: "{{ template_dir }}/" - - name: Ensure CFME Server Template is created + - name: Ensure Management Server Template is created oc_obj: namespace: "{{ openshift_management_project }}" name: "{{ openshift_management_flavor }}" @@ -41,9 +41,9 @@ ###################################################################### # EXTERNAL DATABASE TEMPLATE -- when: openshift_management_app_template in ['miq-template-ext-db', 'cfme-template'] +- when: openshift_management_app_template in ['miq-template-ext-db', 'cfme-template-ext-db'] block: - - name: Check if the CFME Ext-DB Server template has been created already + - name: Check if the Management Ext-DB Server template has been created already oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -53,12 +53,12 @@ - when: miq_ext_db_server_check.results.results == [{}] block: - - name: Copy over CFME Ext-DB Server template + - name: Copy over Management Ext-DB Server template copy: src: "templates/{{ openshift_management_flavor }}/{{openshift_management_flavor_short}}-template-ext-db.yaml" dest: "{{ template_dir }}/" - - name: Ensure CFME Ext-DB Server Template is created + - name: Ensure Management Ext-DB Server Template is created oc_obj: namespace: "{{ openshift_management_project }}" name: "{{ openshift_management_flavor }}-ext-db" @@ -74,7 +74,7 @@ # Begin conditional PV template creations # Required for the application server -- name: Check if the CFME App PV template has been created already +- name: Check if the Management App PV template has been created already oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -84,12 +84,12 @@ - when: miq_app_pv_check.results.results == [{}] block: - - name: Copy over CFME App PV template + - name: Copy over Management App PV template copy: src: "templates/{{ openshift_management_flavor }}/{{ openshift_management_flavor_short }}-pv-server-example.yaml" dest: "{{ template_dir }}/" - - name: Ensure CFME App PV Template is created + - name: Ensure Management App PV Template is created oc_obj: namespace: "{{ openshift_management_project }}" name: "{{ openshift_management_flavor }}-app-pv" @@ -103,7 +103,7 @@ # Required for database if the installation is fully podified - when: openshift_management_app_template in ['miq-template', 'cfme-template'] block: - - name: Check if the CFME DB PV template has been created already + - name: Check if the Management DB PV template has been created already oc_obj: namespace: "{{ openshift_management_project }}" state: list @@ -113,12 +113,12 @@ - when: miq_db_pv_check.results.results == [{}] block: - - name: Copy over CFME DB PV template + - name: Copy over Management DB PV template copy: src: "templates/{{ openshift_management_flavor }}/{{ openshift_management_flavor_short }}-pv-db-example.yaml" dest: "{{ template_dir }}/" - - name: Ensure CFME DB PV Template is created + - name: Ensure Management DB PV Template is created oc_obj: namespace: "{{ openshift_management_project }}" name: "{{ openshift_management_flavor }}-db-pv" -- cgit v1.2.3 From 7d88f8dada9f19dd6b49af9bb539e43aaa15f138 Mon Sep 17 00:00:00 2001 From: Tim Bielawa Date: Thu, 19 Oct 2017 16:28:53 -0400 Subject: Refactor adding multiple container providers --- .../tasks/add_many_container_providers.yml | 26 +++++++++++++----- roles/openshift_management/tasks/main.yml | 4 +++ roles/openshift_management/tasks/storage/nfs.yml | 31 ---------------------- .../tasks/storage/nfs_server.yml | 31 ++++++++++++++++++++++ 4 files changed, 55 insertions(+), 37 deletions(-) create mode 100644 roles/openshift_management/tasks/storage/nfs_server.yml (limited to 'roles/openshift_management/tasks') diff --git a/roles/openshift_management/tasks/add_many_container_providers.yml b/roles/openshift_management/tasks/add_many_container_providers.yml index f92c81277..10a1f4c83 100644 --- a/roles/openshift_management/tasks/add_many_container_providers.yml +++ b/roles/openshift_management/tasks/add_many_container_providers.yml @@ -1,9 +1,15 @@ --- -- hosts: "{{ groups['masters'][0] }}" +- hosts: localhost tasks: + - name: Ensure the container provider configuration is defined + assert: + that: container_providers_config is defined + msg: | + Error: Must provide providers config path. Fix: Add '-e container_providers_config=/path/to/your/config' to the ansible-playbook command + - name: Include providers/management configuration include_vars: - file: "{{ openshift_management_many_container_providers_config }}" + file: "{{ container_providers_config }}" - name: Ensure this cluster is a container provider uri: @@ -20,8 +26,16 @@ with_items: "{{ container_providers }}" register: results - - name: Ensure failed additions are reported for each container provider + # TODO: Make this prettier and easier to read + - name: Save results + copy: + dest: /tmp/results.json + content: "{{ results.results | to_nice_json }}" + # state: present + # debug: + # var: item.item + # with_items: "{{ results.results }}" + + - name: print each result debug: - msg: | - FLOOP {{ item.item.hostname }} - with_items: "{{ results.results }}" + msg: "{{ results.results | oo_filter_container_providers }}" diff --git a/roles/openshift_management/tasks/main.yml b/roles/openshift_management/tasks/main.yml index 88290c44d..9be923a57 100644 --- a/roles/openshift_management/tasks/main.yml +++ b/roles/openshift_management/tasks/main.yml @@ -22,6 +22,10 @@ ###################################################################### # STORAGE - Initialize basic storage class +- name: Determine the correct NFS host if required + include: storage/nfs_server.yml + when: openshift_management_storage_class in ['nfs', 'nfs_external'] + #--------------------------------------------------------------------- # * nfs - set up NFS shares on the first master for a proof of concept - name: Create required NFS exports for Management app storage diff --git a/roles/openshift_management/tasks/storage/nfs.yml b/roles/openshift_management/tasks/storage/nfs.yml index 696808328..94e11137c 100644 --- a/roles/openshift_management/tasks/storage/nfs.yml +++ b/roles/openshift_management/tasks/storage/nfs.yml @@ -2,37 +2,6 @@ # Tasks to statically provision NFS volumes # Include if not using dynamic volume provisioning -- name: Ensure we save the local NFS server if one is provided - set_fact: - openshift_management_nfs_server: "{{ openshift_management_storage_nfs_local_hostname }}" - when: - - openshift_management_storage_nfs_local_hostname is defined - - openshift_management_storage_nfs_local_hostname != False - - openshift_management_storage_class == "nfs" - -- name: Ensure we save the local NFS server - set_fact: - openshift_management_nfs_server: "{{ groups['oo_nfs_to_config'].0 }}" - when: - - openshift_management_nfs_server is not defined - - openshift_management_storage_class == "nfs" - -- name: Ensure we save the external NFS server - set_fact: - openshift_management_nfs_server: "{{ openshift_management_storage_nfs_external_hostname }}" - when: - - openshift_management_storage_class == "nfs_external" - -- name: Failed NFS server detection - assert: - that: - - openshift_management_nfs_server is defined - msg: | - "Unable to detect an NFS server. The 'nfs_external' - openshift_management_storage_class option requires that you set - openshift_management_storage_nfs_external_hostname. NFS hosts detected - for local nfs services: {{ groups['oo_nfs_to_config'] | join(', ') }}" - - name: Setting up NFS storage block: - name: Include the NFS Setup role tasks diff --git a/roles/openshift_management/tasks/storage/nfs_server.yml b/roles/openshift_management/tasks/storage/nfs_server.yml new file mode 100644 index 000000000..96a742c83 --- /dev/null +++ b/roles/openshift_management/tasks/storage/nfs_server.yml @@ -0,0 +1,31 @@ +--- +- name: Ensure we save the local NFS server if one is provided + set_fact: + openshift_management_nfs_server: "{{ openshift_management_storage_nfs_local_hostname }}" + when: + - openshift_management_storage_nfs_local_hostname is defined + - openshift_management_storage_nfs_local_hostname != False + - openshift_management_storage_class == "nfs" + +- name: Ensure we save the local NFS server + set_fact: + openshift_management_nfs_server: "{{ groups['oo_nfs_to_config'].0 }}" + when: + - openshift_management_nfs_server is not defined + - openshift_management_storage_class == "nfs" + +- name: Ensure we save the external NFS server + set_fact: + openshift_management_nfs_server: "{{ openshift_management_storage_nfs_external_hostname }}" + when: + - openshift_management_storage_class == "nfs_external" + +- name: Failed NFS server detection + assert: + that: + - openshift_management_nfs_server is defined + msg: | + "Unable to detect an NFS server. The 'nfs_external' + openshift_management_storage_class option requires that you set + openshift_management_storage_nfs_external_hostname. NFS hosts detected + for local nfs services: {{ groups['oo_nfs_to_config'] | join(', ') }}" -- cgit v1.2.3 From 6c3a0373e1a48f730e9a279a255c0f1a58613cc7 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Fri, 20 Oct 2017 15:44:11 -0400 Subject: Move add_many_container_providers.yml to playbooks/byo/openshift-management with a noop task include to load filter plugins. --- .../tasks/add_many_container_providers.yml | 41 ---------------------- roles/openshift_management/tasks/noop.yml | 1 + 2 files changed, 1 insertion(+), 41 deletions(-) delete mode 100644 roles/openshift_management/tasks/add_many_container_providers.yml create mode 100644 roles/openshift_management/tasks/noop.yml (limited to 'roles/openshift_management/tasks') diff --git a/roles/openshift_management/tasks/add_many_container_providers.yml b/roles/openshift_management/tasks/add_many_container_providers.yml deleted file mode 100644 index 10a1f4c83..000000000 --- a/roles/openshift_management/tasks/add_many_container_providers.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -- hosts: localhost - tasks: - - name: Ensure the container provider configuration is defined - assert: - that: container_providers_config is defined - msg: | - Error: Must provide providers config path. Fix: Add '-e container_providers_config=/path/to/your/config' to the ansible-playbook command - - - name: Include providers/management configuration - include_vars: - file: "{{ container_providers_config }}" - - - name: Ensure this cluster is a container provider - uri: - url: "https://{{ management_server['hostname'] }}/api/providers" - body_format: json - method: POST - user: "{{ management_server['user'] }}" - password: "{{ management_server['password'] }}" - validate_certs: no - # Docs on formatting the BODY of the POST request: - # http://manageiq.org/docs/reference/latest/api/reference/providers.html#specifying-connection-configurations - body: "{{ item }}" - failed_when: false - with_items: "{{ container_providers }}" - register: results - - # TODO: Make this prettier and easier to read - - name: Save results - copy: - dest: /tmp/results.json - content: "{{ results.results | to_nice_json }}" - # state: present - # debug: - # var: item.item - # with_items: "{{ results.results }}" - - - name: print each result - debug: - msg: "{{ results.results | oo_filter_container_providers }}" diff --git a/roles/openshift_management/tasks/noop.yml b/roles/openshift_management/tasks/noop.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/roles/openshift_management/tasks/noop.yml @@ -0,0 +1 @@ +--- -- cgit v1.2.3