Merge branch 'master' into mbruzek-openshift-openstack

author: Matt Bruzek <mbruzek@gmail.com> 2018-01-18 15:27:13 -0600
committer: Matt Bruzek <mbruzek@gmail.com> 2018-01-18 15:27:13 -0600
commit: cb581bfb67a53f887c4705d45fc7b0024a6816f9 (patch)
tree: 9c351ddd9282f5d3d37c1189af0ac2ad444c0125 /roles/etcd/tasks
parent: c7a1c448cbd64de98e1f097d14b58ee9f6ccf511 (diff)
parent: 1a2a895356df638756d2117e3d324710167737db (diff)
download: openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.gz
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.bz2
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.xz
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.zip
6 files changed, 21 insertions, 37 deletions
diff --git a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
index ccfd9da14..881a8c270 100644
--- a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
+++ b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml
@@ -1,7 +1,7 @@
 ---
 - name: Install etcd for etcdctl
   package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
-  when: not openshift.common.is_atomic | bool
+  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 
diff --git a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
index 119071a72..ce295d2f5 100644
--- a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
+++ b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml
@@ -28,7 +28,7 @@
     etcd_client_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool
                                    else (False in (g_external_etcd_cert_stat_result.results
                                                    | default({})
-                                                   | oo_collect(attribute='stat.exists')
+                                                   | lib_utils_oo_collect(attribute='stat.exists')
                                                    | list)) }}"
 
 - name: Ensure generated_certs directory present
@@ -57,6 +57,7 @@
 
 # Certificates must be signed serially in order to avoid competing
 # for the serial file.
+# delegated_serial_command is a custom module in lib_utils
 - name: Sign and create the client crt
   delegated_serial_command:
     command: >
@@ -79,13 +80,6 @@
   when: etcd_client_certs_missing | bool
   delegate_to: "{{ etcd_ca_host }}"
 
-- name: Create local temp directory for syncing certs
-  local_action: command mktemp -d /tmp/etcd_certificates-XXXXXXX
-  register: g_etcd_client_mktemp
-  changed_when: False
-  when: etcd_client_certs_missing | bool
-  become: no
-
 - name: Create a tarball of the etcd certs
   command: >
     tar -czvf {{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz
@@ -101,8 +95,7 @@
 - name: Retrieve the etcd cert tarballs
   fetch:
     src: "{{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz"
-    dest: "{{ g_etcd_client_mktemp.stdout }}/"
-    flat: yes
+    dest: "/tmp"
     fail_on_missing: yes
     validate_checksum: yes
   when: etcd_client_certs_missing | bool
@@ -116,10 +109,15 @@
 
 - name: Unarchive etcd cert tarballs
   unarchive:
-    src: "{{ g_etcd_client_mktemp.stdout }}/{{ etcd_cert_subdir }}.tgz"
+    src: "/tmp/{{ inventory_hostname }}/{{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz"
     dest: "{{ etcd_cert_config_dir }}"
   when: etcd_client_certs_missing | bool
 
+- name: Delete temporary directory
+  local_action: file path="/tmp/{{ inventory_hostname }}" state=absent
+  changed_when: False
+  when: etcd_client_certs_missing | bool
+
 - file:
     path: "{{ etcd_cert_config_dir }}/{{ item }}"
     owner: root
@@ -130,9 +128,3 @@
   - "{{ etcd_cert_prefix }}client.key"
   - "{{ etcd_cert_prefix }}ca.crt"
   when: etcd_client_certs_missing | bool
-
-- name: Delete temporary directory
-  local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent
-  changed_when: False
-  when: etcd_client_certs_missing | bool
-  become: no
diff --git a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
index deb2301d7..7c8b87d99 100644
--- a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
+++ b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml
@@ -21,7 +21,7 @@
     etcd_server_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool
                                    else (False in (g_etcd_server_cert_stat_result.results
                                                    | default({})
-                                                   | oo_collect(attribute='stat.exists')
+                                                   | lib_utils_oo_collect(attribute='stat.exists')
                                                    | list)) }}"
 
 - name: Ensure generated_certs directory present
@@ -50,6 +50,7 @@
 
 # Certificates must be signed serially in order to avoid competing
 # for the serial file.
+# delegated_serial_command is a custom module in lib_utils
 - name: Sign and create the server crt
   delegated_serial_command:
     command: >
@@ -83,6 +84,7 @@
 
 # Certificates must be signed serially in order to avoid competing
 # for the serial file.
+# delegated_serial_command is a custom module in lib_utils
 - name: Sign and create the peer crt
   delegated_serial_command:
     command: >
@@ -105,13 +107,6 @@
   when: etcd_server_certs_missing | bool
   delegate_to: "{{ etcd_ca_host }}"
 
-- name: Create local temp directory for syncing certs
-  local_action: command mktemp -d /tmp/etcd_certificates-XXXXXXX
-  become: no
-  register: g_etcd_server_mktemp
-  changed_when: False
-  when: etcd_server_certs_missing | bool
-
 - name: Create a tarball of the etcd certs
   command: >
     tar -czvf {{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz
@@ -127,8 +122,7 @@
 - name: Retrieve etcd cert tarball
   fetch:
     src: "{{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz"
-    dest: "{{ g_etcd_server_mktemp.stdout }}/"
-    flat: yes
+    dest: "/tmp"
     fail_on_missing: yes
     validate_checksum: yes
   when: etcd_server_certs_missing | bool
@@ -144,7 +138,7 @@
 
 - name: Unarchive cert tarball
   unarchive:
-    src: "{{ g_etcd_server_mktemp.stdout }}/{{ etcd_cert_subdir }}.tgz"
+    src: "/tmp/{{ inventory_hostname }}/{{ etcd_generated_certs_dir }}/{{ etcd_cert_subdir }}.tgz"
     dest: "{{ etcd_cert_config_dir }}"
   when: etcd_server_certs_missing | bool
 
@@ -161,8 +155,7 @@
 - name: Retrieve etcd ca cert tarball
   fetch:
     src: "{{ etcd_generated_certs_dir }}/{{ etcd_ca_name }}.tgz"
-    dest: "{{ g_etcd_server_mktemp.stdout }}/"
-    flat: yes
+    dest: "/tmp"
     fail_on_missing: yes
     validate_checksum: yes
   when: etcd_server_certs_missing | bool
@@ -177,8 +170,7 @@
   when: etcd_server_certs_missing | bool
 
 - name: Delete temporary directory
-  local_action: file path="{{ g_etcd_server_mktemp.stdout }}" state=absent
-  become: no
+  local_action: file path="/tmp/{{ inventory_hostname }}" state=absent
   changed_when: False
   when: etcd_server_certs_missing | bool
 
diff --git a/roles/etcd/tasks/migration/add_ttls.yml b/roles/etcd/tasks/migration/add_ttls.yml
index a4b0ff31d..3d945344c 100644
--- a/roles/etcd/tasks/migration/add_ttls.yml
+++ b/roles/etcd/tasks/migration/add_ttls.yml
@@ -11,7 +11,7 @@
 
 - name: Re-introduce leases (as a replacement for key TTLs)
   command: >
-    {{ openshift.common.client_binary }} adm migrate etcd-ttl \
+    {{ openshift_client_binary }} adm migrate etcd-ttl \
     --cert {{ r_etcd_common_master_peer_cert_file }} \
     --key {{ r_etcd_common_master_peer_key_file }} \
     --cacert {{ r_etcd_common_master_peer_ca_file }} \
diff --git a/roles/etcd/tasks/migration/migrate.yml b/roles/etcd/tasks/migration/migrate.yml
index 54a9c74ff..630640ab1 100644
--- a/roles/etcd/tasks/migration/migrate.yml
+++ b/roles/etcd/tasks/migration/migrate.yml
@@ -1,7 +1,7 @@
 ---
 # Should this be run in a serial manner?
 - set_fact:
-    l_etcd_service: "{{ 'etcd_container' if openshift.common.is_containerized else 'etcd' }}"
+    l_etcd_service: "{{ 'etcd_container' if (openshift_is_containerized | bool) else 'etcd' }}"
 
 - name: Migrate etcd data
   command: >
diff --git a/roles/etcd/tasks/version_detect.yml b/roles/etcd/tasks/version_detect.yml
index fe1e418d8..ab3626cec 100644
--- a/roles/etcd/tasks/version_detect.yml
+++ b/roles/etcd/tasks/version_detect.yml
@@ -12,7 +12,7 @@
   - debug:
       msg: "Etcd rpm version {{ etcd_rpm_version.stdout }} detected"
   when:
-  - not openshift.common.is_containerized | bool
+  - not openshift_is_containerized | bool
 
 - block:
   - name: Record containerized etcd version (docker)
@@ -52,4 +52,4 @@
   - debug:
       msg: "Etcd containerized version {{ etcd_container_version }} detected"
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
author	Matt Bruzek <mbruzek@gmail.com>	2018-01-18 15:27:13 -0600
committer	Matt Bruzek <mbruzek@gmail.com>	2018-01-18 15:27:13 -0600
commit	cb581bfb67a53f887c4705d45fc7b0024a6816f9 (patch)
tree	9c351ddd9282f5d3d37c1189af0ac2ad444c0125 /roles/etcd/tasks
parent	c7a1c448cbd64de98e1f097d14b58ee9f6ccf511 (diff)
parent	1a2a895356df638756d2117e3d324710167737db (diff)
download	openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.gz openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.bz2 openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.xz openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.zip