diff options
author | Andrew Butcher <abutcher@redhat.com> | 2016-06-30 13:20:10 -0400 |
---|---|---|
committer | Andrew Butcher <abutcher@redhat.com> | 2016-07-07 13:31:12 -0400 |
commit | 57dfae185d3d0e02ebe515263c54867bee37b45e (patch) | |
tree | fce310bd381bb38145aed3dc10424484feaf96c6 /roles/openshift_hosted/tasks/router | |
parent | 1a2c22a060b8b6f0e64d452fdfc13012d3c067ed (diff) | |
download | openshift-57dfae185d3d0e02ebe515263c54867bee37b45e.tar.gz openshift-57dfae185d3d0e02ebe515263c54867bee37b45e.tar.bz2 openshift-57dfae185d3d0e02ebe515263c54867bee37b45e.tar.xz openshift-57dfae185d3d0e02ebe515263c54867bee37b45e.zip |
Various hosted component improvements
* [openshift_projects] Add openshift_projects role
* [openshift_hosted] hosted deployments use openshift_hosted_infra_selector if openshift_hosted_<component>_selector is not defined
* [openshift_hosted] move openshift_projects, openshift_serviceaccounts and openshift_metrics to dependencies of openshift_hosted
* [router] improve router deployment
- add router option to force subdomain
- add CA to router certificate options
* [registry] move registry config into openshift_hosted role
- additional registry fixes/tweaks
- add s3 storage support for registry
* [serviceaccount] fix up serviceaccount creation
Diffstat (limited to 'roles/openshift_hosted/tasks/router')
-rw-r--r-- | roles/openshift_hosted/tasks/router/router.yml | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml new file mode 100644 index 000000000..c011db762 --- /dev/null +++ b/roles/openshift_hosted/tasks/router/router.yml @@ -0,0 +1,70 @@ +--- +- fail: + msg: "'certfile', 'keyfile' and 'cafile' keys must be specified when supplying the openshift_hosted_router_certificate variable." + when: openshift_hosted_router_certificate is defined and ('certfile' not in openshift_hosted_router_certificate or 'keyfile' not in openshift_hosted_router_certificate or 'cafile' not in openshift_hosted_router_certificate) + +- name: Read router certificate and key + become: no + local_action: + module: slurp + src: "{{ item }}" + register: openshift_router_certificate_output + with_items: + - "{{ openshift_hosted_router_certificate.certfile }}" + - "{{ openshift_hosted_router_certificate.keyfile }}" + - "{{ openshift_hosted_router_certificate.cafile }}" + when: openshift_hosted_router_certificate is defined + +- name: Persist certificate contents + openshift_facts: + role: hosted + openshift_env: + openshift_hosted_router_certificate_contents: "{% for certificate in openshift_router_certificate_output.results -%}{{ certificate.content | b64decode }}{% endfor -%}" + when: openshift_hosted_router_certificate is defined + +- name: Create PEM certificate + copy: + content: "{{ openshift.hosted.router.certificate.contents }}" + dest: "{{ openshift_master_config_dir }}/openshift-router.pem" + mode: 0600 + when: openshift.hosted.router.certificate | default(none) is not none + +- name: Retrieve list of openshift nodes matching router selector + command: > + {{ openshift.common.client_binary }} --api-version='v1' -o json + get nodes -n default --config={{ openshift_hosted_kubeconfig }} + --selector={{ openshift.hosted.router.selector | default('') }} + register: openshift_hosted_router_nodes_json + changed_when: false + when: openshift.hosted.router.replicas | default(none) is none + +- set_fact: + replicas: "{{ openshift.hosted.router.replicas | default((openshift_hosted_router_nodes_json.stdout | from_json)['items'] | length) }}" + +- name: Create OpenShift router + command: > + {{ openshift.common.admin_binary }} router --create + --config={{ openshift_hosted_kubeconfig }} + {% if replicas > 1 -%} + --replicas={{ replicas }} + {% endif -%} + {% if openshift.hosted.router.certificate | default(none) is not none -%} + --default-cert={{ openshift_master_config_dir }}/openshift-router.pem + {% endif -%} + --namespace={{ openshift.hosted.router.namespace | default('default') }} + {% if openshift.hosted.router.force_subdomain | default(none) is not none %} + --force-subdomain={{ openshift.hosted.router.force_subdomain }} + {% endif %} + --service-account=router + {% if openshift.hosted.router.selector | default(none) is not none -%} + --selector='{{ openshift.hosted.router.selector }}' + {% endif -%} + {% if not openshift.common.version_gte_3_2_or_1_2 | bool -%} + --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig + {% endif -%} + {% if openshift.hosted.router.registryurl | default(none) is not none -%} + --images='{{ openshift.hosted.router.registryurl }}' + {% endif -%} + register: openshift_hosted_router_results + changed_when: "'service exists' not in openshift_hosted_router_results.stdout" + failed_when: "openshift_hosted_router_results.rc != 0 and 'service exists' not in openshift_hosted_router_results.stdout and 'deployment_config' not in openshift_hosted_router_results.stderr and 'service' not in openshift_hosted_router_results.stderr" |