diff options
| author | Brenton Leanhardt <bleanhar@redhat.com> | 2015-11-06 16:37:05 -0500 |
|---|---|---|
| committer | Brenton Leanhardt <bleanhar@redhat.com> | 2015-11-06 16:37:05 -0500 |
| commit | 0fe63e0ed8af3aec27ef4aa7eeaa5866f6ebce08 (patch) | |
| tree | 65621b66033088d69cfa155e7319f780bd550ea8 /playbooks | |
| parent | 21caa21c84b8f5a8bec415107bb7a6b6a2082790 (diff) | |
| parent | e7b200a24816daf05da374ccfce3a4d5db66e291 (diff) | |
| download | openshift-0fe63e0ed8af3aec27ef4aa7eeaa5866f6ebce08.tar.gz openshift-0fe63e0ed8af3aec27ef4aa7eeaa5866f6ebce08.tar.bz2 openshift-0fe63e0ed8af3aec27ef4aa7eeaa5866f6ebce08.tar.xz openshift-0fe63e0ed8af3aec27ef4aa7eeaa5866f6ebce08.zip | |
Merge pull request #698 from lebauce/flannel
Add support for flannel
Diffstat (limited to 'playbooks')
| -rw-r--r-- | playbooks/common/openshift-master/config.yml | 8 | ||||
| -rw-r--r-- | playbooks/common/openshift-node/config.yml | 73 |
2 files changed, 81 insertions, 0 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 64376040f..b1da85d5d 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -338,6 +338,14 @@ when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and (osm_use_cockpit | bool or osm_use_cockpit is undefined ) +- name: Configure flannel + hosts: oo_first_master + vars: + etcd_urls: "{{ openshift.master.etcd_urls }}" + roles: + - role: flannel_register + when: openshift.common.use_flannel | bool + # Additional instance config for online deployments - name: Additional instance config hosts: oo_masters_deployment_type_online diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index a14ca8e11..ba96b4a78 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -38,6 +38,21 @@ node_subdir: node-{{ openshift.common.hostname }} config_dir: "{{ openshift.common.config_base }}/generated-configs/node-{{ openshift.common.hostname }}" node_cert_dir: "{{ openshift.common.config_base }}/node" + - name: Check status of flannel external etcd certificates + stat: + path: "{{ openshift.common.config_base }}/node/{{ item }}" + with_items: + - node.etcd-client.crt + - node.etcd-ca.crt + register: g_external_etcd_flannel_cert_stat_result + - set_fact: + etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results + | map(attribute='stat.exists') + | list | intersect([false])}}" + etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} + etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" + etcd_cert_prefix: node.etcd- + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - name: Create temp directory for syncing certs hosts: localhost @@ -50,6 +65,60 @@ register: mktemp changed_when: False +- name: Configure flannel etcd certificates + hosts: oo_first_etcd + vars: + etcd_generated_certs_dir: /etc/etcd/generated_certs + etcd_needing_client_certs: "{{ hostvars + | oo_select_keys(groups['oo_nodes_to_config']) + | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') }}" + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + pre_tasks: + roles: + - role: etcd_certificates + post_tasks: + - name: Create a tarball of the etcd flannel certs + command: > + tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz + -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . + args: + creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + with_items: etcd_needing_client_certs + - name: Retrieve the etcd cert tarballs + fetch: + src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: etcd_needing_client_certs + +- name: Copy the external etcd flannel certs to the nodes + hosts: oo_nodes_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + tasks: + - name: Ensure certificate directory exists + file: + path: "{{ openshift.common.config_base }}/node" + state: directory + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" + dest: "{{ etcd_cert_config_dir }}" + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - file: + path: "{{ etcd_cert_config_dir }}/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - node.etcd-client.crt + - node.etcd-client.key + - node.etcd-ca.crt + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Create node certificates hosts: oo_first_master vars: @@ -84,6 +153,8 @@ vars: sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" + etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -100,6 +171,8 @@ when: certs_missing roles: - openshift_node + - role: flannel + when: openshift.common.use_flannel | bool - role: nickhammond.logrotate - role: fluentd_node when: openshift.common.use_fluentd | bool |