From 94a77cb1d81b6e4e316ae679890df4994816532f Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 22 May 2015 13:13:17 -0400 Subject: Templatize configs and 0.5.2 changes - Templatize node config - Templatize master config - Integrated sdn changes - Updates for openshift_facts - Added support for node, master and sdn related changes - registry_url - added identity provider facts - Removed openshift_sdn_* roles - Install httpd-tools if configuring htpasswd auth - Remove references to external_id - Setting external_id interferes with nodes associating with the generated node object when pre-registering nodes. - osc/oc and osadm/oadm binary detection in openshift_facts Misc Changes: - make non-errata puddle default for byo example - comment out master in list of nodes in inventory/byo/hosts - remove non-error errors from fluentd_* roles - Use admin kubeconfig instead of openshift-client --- roles/openshift_node/defaults/main.yml | 4 ++ roles/openshift_node/handlers/main.yml | 1 - roles/openshift_node/tasks/main.yml | 67 +++++++++++++++----------- roles/openshift_node/templates/node.yaml.v1.j2 | 18 +++++++ roles/openshift_node/vars/main.yml | 3 +- 5 files changed, 62 insertions(+), 31 deletions(-) create mode 100644 roles/openshift_node/templates/node.yaml.v1.j2 (limited to 'roles/openshift_node') diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index df7ec41b6..be51195f2 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -2,3 +2,7 @@ os_firewall_allow: - service: OpenShift kubelet port: 10250/tcp +- service: http + port: 80/tcp +- service: https + port: 443/tcp diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index ca2992637..953a1421b 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,4 +1,3 @@ --- - name: restart openshift-node service: name=openshift-node state=restarted - when: not openshift.common.use_openshift_sdn|bool diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index dc2b491aa..338ef055b 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -1,44 +1,58 @@ --- # TODO: allow for overriding default ports where possible -# TODO: trigger the external service when restart is needed -# TODO: work with upstream to fix naming of 'master-client.crt/master-client.key' - name: Set node OpenShift facts openshift_facts: - role: 'node' + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: common + local_facts: + hostname: "{{ openshift_hostname | default(none) }}" + public_hostname: "{{ openshift_public_hostname | default(none) }}" + deployment_type: "{{ openshift_deployment_type }}" + - role: node local_facts: + resources_cpu: "{{ openshift_node_resources_cpu | default(none) }}" + resources_memory: "{{ openshift_node_resources_memory | default(none) }}" + pod_cidr: "{{ openshift_node_pod_cidr | default(none) }}" + labels: "{{ openshift_node_labels | default(none) }}" + annotations: "{{ openshift_node_annotations | default(none) }}" + registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" -- name: Test if node certs and config exist - stat: path={{ item }} - failed_when: not result.stat.exists - register: result - with_items: - - "{{ openshift_node_cert_dir }}" - - "{{ openshift_node_cert_dir }}/ca.crt" - - "{{ openshift_node_cert_dir }}/master-client.crt" - - "{{ openshift_node_cert_dir }}/master-client.key" - - "{{ openshift_node_cert_dir }}/node.kubeconfig" - - "{{ openshift_node_cert_dir }}/node-config.yaml" - - "{{ openshift_node_cert_dir }}/server.crt" - - "{{ openshift_node_cert_dir }}/server.key" - - name: Install OpenShift Node package yum: pkg=openshift-node state=installed - register: install_result + register: node_install_result + +- name: Install openshift-sdn-ovs + yum: pkg=openshift-sdn-ovs state=installed + register: sdn_install_result + when: openshift.common.use_openshift_sdn - name: Reload systemd units command: systemctl daemon-reload - when: install_result | changed + when: (node_install_result | changed or (openshift.common.use_openshift_sdn + and sdn_install_result | changed)) + +# TODO: add the validate parameter when there is a validation command to run +- name: Create the Node config + template: + dest: "{{ openshift_node_config_file }}" + src: node.yaml.v1.j2 + notify: + - restart openshift-node -# --create-certs=false is a temporary workaround until -# https://github.com/openshift/origin/pull/1361 is merged upstream and it is -# the default for nodes - name: Configure OpenShift Node settings lineinfile: dest: /etc/sysconfig/openshift-node - regexp: '^OPTIONS=' - line: "OPTIONS=\"--loglevel={{ openshift.node.debug_level }} --config={{ openshift_node_cert_dir }}/node-config.yaml\"" + regexp: "{{ item.regex }}" + line: "{{ item.line }}" + with_items: + - regex: '^OPTIONS=' + line: "OPTIONS=--loglevel={{ openshift.node.debug_level }}" + - regex: '^CONFIG_FILE=' + line: "CONFIG_FILE={{ openshift_node_config_file }}" notify: - restart openshift-node @@ -47,8 +61,3 @@ - name: Start and enable openshift-node service: name=openshift-node enabled=yes state=started - when: not openshift.common.use_openshift_sdn|bool - -- name: Disable openshift-node if openshift-node is managed externally - service: name=openshift-node enabled=false - when: openshift.common.use_openshift_sdn|bool diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 new file mode 100644 index 000000000..cab75cd49 --- /dev/null +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -0,0 +1,18 @@ +allowDisabledDocker: false +apiVersion: v1 +dnsDomain: {{ hostvars[openshift_first_master].openshift.dns.domain }} +dnsIP: {{ hostvars[openshift_first_master].openshift.dns.ip }} +imageConfig: + format: {{ openshift.node.registry_url }} + latest: false +kind: NodeConfig +masterKubeConfig: node.kubeconfig +networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +nodeName: {{ openshift.common.hostname }} +podManifestConfig: null +servingInfo: + bindAddress: 0.0.0.0:10250 + certFile: server.crt + clientCA: ca.crt + keyFile: server.key +volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes diff --git a/roles/openshift_node/vars/main.yml b/roles/openshift_node/vars/main.yml index c6be83139..cf47f8354 100644 --- a/roles/openshift_node/vars/main.yml +++ b/roles/openshift_node/vars/main.yml @@ -1,2 +1,3 @@ --- -openshift_node_cert_dir: /etc/openshift/node +openshift_node_config_dir: /etc/openshift/node +openshift_node_config_file: "{{ openshift_node_config_dir }}/node-config.yaml" -- cgit v1.2.3