From 4ac06057c9a77626bb181c22a5f1adc8014b13d2 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Tue, 17 Feb 2015 22:33:33 -0500
Subject: create openshift_common role

- move common openshift logic into openshift_common
- set openshift_common as a dependency for openshift_node and openshift_master
- rename role variables to openshift_* to be more descriptive
- start recording local_facts on the openshift hosts
- clean up firewalld config to be a bit more dry
- Update firewall ports for https, make sure http rules are removed
- Replace references to ansible_eth0.ipv4.address with
  ansible_default_ipv4.address
---
 roles/openshift_node/tasks/main.yml | 48 ++++++++++++++++++-------------------
 1 file changed, 23 insertions(+), 25 deletions(-)

(limited to 'roles/openshift_node/tasks')

diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 8a0694905..e103daa83 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -1,45 +1,43 @@
 ---
-
-# tasks file for openshift_node
-- name: Install OpenShift
+- name: Install OpenShift Node package
   yum: pkg=openshift-node state=installed
 
-  # fixme: Once openshift stops resolving hostnames for node queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
-  hostname: name={{ oo_bind_ip }}
+- name: Set OpenShift node facts
+  include: "{{ role_path | dirname }}/openshift_common/tasks/set_facts.yml"
+  facts:
+  - { section: node, option: debug_level, value: "{{ openshift_node_debug_level }}" }
 
 - local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
   register: mktemp
 
 - name: Retrieve OpenShift Master credentials
-  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ oo_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ {{ mktemp.stdout }}
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ openshift_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ {{ mktemp.stdout }}
   ignore_errors: yes
 
 - file: path=/var/lib/openshift/openshift.local.certificates/admin state=directory
 
 - name: Store OpenShift Master credentials
-  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' {{ mktemp.stdout }}/ root@{{ oo_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' {{ mktemp.stdout }}/ root@{{ openshift_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
   ignore_errors: yes
+  # fixme: Once the openshift_cluster playbook is published state should be started
+  # Always bounce service to pick up new credentials
+  notify: restart openshift-node
+
+- local_action: file name={{ mktemp.stdout }} state=absent
+
+- name: Configure firewall for OpenShift Node
+  include: "{{ role_path | dirname }}/openshift_common/tasks/firewall.yml"
+  allow:
+  - { service: OpenShift kubelet, port: 10250/tcp }
 
 - name: Configure OpenShift Node settings
   lineinfile:
     dest: /etc/sysconfig/openshift-node
-    regexp: "{{ item.regex }}"
-    line: "{{ item.line }}"
-  with_items:
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=https://{{ oo_master_ips[0] }}:8443  --loglevel=5\"' }
+    regexp: '^OPTIONS='
+    line: "OPTIONS=\"--master=http://{{ openshift_master_ips[0] }}:8080 --loglevel={{ openshift_node_debug_level }}\""
   notify:
-    - restart openshift-node
+  - restart openshift-node
 
-- name: Open firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=false state=enabled
-
-- name: Save firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=true state=enabled
-
-  # fixme: Once the openshift_cluster playbook is published state should be started
-  # Always bounce service to pick up new credentials
-- name: Enable OpenShift
-  service: name=openshift-node enabled=yes state=restarted
-
-- local_action: file name={{ mktemp.stdout }} state=absent
+- name: Start and enable openshift-node
+  service: name=openshift-node enabled=yes state=started
+  when: not openshift_node_manage_service_externally
-- 
cgit v1.2.3