diff options
321 files changed, 1104 insertions, 1486 deletions
diff --git a/.papr.inventory b/.papr.inventory index aa4324c21..c678e76aa 100644 --- a/.papr.inventory +++ b/.papr.inventory @@ -6,7 +6,7 @@ etcd [OSEv3:vars] ansible_ssh_user=root ansible_python_interpreter=/usr/bin/python3 -deployment_type=origin +openshift_deployment_type=origin openshift_image_tag="{{ lookup('env', 'OPENSHIFT_IMAGE_TAG') }}" openshift_master_default_subdomain="{{ lookup('env', 'RHCI_ocp_node1_IP') }}.xip.io" openshift_check_min_host_disk_gb=1.5 diff --git a/ansible.cfg b/ansible.cfg index e4d72553e..c1c76a496 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -10,10 +10,6 @@ #log_path = /tmp/ansible.log # Additional default options for OpenShift Ansible -callback_plugins = callback_plugins/ -filter_plugins = filter_plugins/ -lookup_plugins = lookup_plugins/ -library = library/ forks = 20 host_key_checking = False retry_files_enabled = False diff --git a/filter_plugins/openshift_version.py b/filter_plugins/openshift_version.py deleted file mode 100644 index 7a70b158b..000000000 --- a/filter_plugins/openshift_version.py +++ /dev/null @@ -1,69 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -""" -Custom version comparison filters for use in openshift-ansible -""" - -# pylint can't locate distutils.version within virtualenv -# https://github.com/PyCQA/pylint/issues/73 -# pylint: disable=no-name-in-module, import-error -from distutils.version import LooseVersion - - -def gte_function_builder(name, gte_version): - """ - Build and return a version comparison function. - - Ex: name = 'oo_version_gte_3_6' - version = '3.6' - - returns oo_version_gte_3_6, a function which based on the - version will return true if the provided version is greater - than or equal to the function's version - """ - def _gte_function(version): - """ - Dynamic function created by gte_function_builder. - - Ex: version = '3.1' - returns True/False - """ - version_gte = False - if str(version) >= LooseVersion(gte_version): - version_gte = True - return version_gte - _gte_function.__name__ = name - return _gte_function - - -# pylint: disable=too-few-public-methods -class FilterModule(object): - """ - Filters for version checking. - """ - # Each element of versions is composed of (major, minor_start, minor_end) - # Origin began versioning 3.x with 3.6, so begin 3.x with 3.6. - versions = [(3, 6, 10)] - - def __init__(self): - """ - Creates a new FilterModule for ose version checking. - """ - self._filters = {} - - # For each set of (major, minor, minor_iterations) - for major, minor_start, minor_end in self.versions: - # For each minor version in the range - for minor in range(minor_start, minor_end): - # Create the function name - func_name = 'oo_version_gte_{}_{}'.format(major, minor) - # Create the function with the builder - func = gte_function_builder(func_name, "{}.{}.0".format(major, minor)) - # Add the function to the mapping - self._filters[func_name] = func - - def filters(self): - """ - Return the filters mapping. - """ - return self._filters diff --git a/images/installer/Dockerfile b/images/installer/Dockerfile index 0d977d48f..db362bd65 100644 --- a/images/installer/Dockerfile +++ b/images/installer/Dockerfile @@ -10,7 +10,7 @@ COPY images/installer/origin-extra-root / # install ansible and deps RUN INSTALL_PKGS="python-lxml pyOpenSSL python2-cryptography openssl java-1.8.0-openjdk-headless python2-passlib httpd-tools openssh-clients origin-clients" \ && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS \ - && EPEL_PKGS="ansible python2-boto" \ + && EPEL_PKGS="ansible python2-boto google-cloud-sdk-183.0.0 which" \ && yum install -y epel-release \ && yum install -y --setopt=tsflags=nodocs $EPEL_PKGS \ && rpm -V $INSTALL_PKGS $EPEL_PKGS \ diff --git a/images/installer/Dockerfile.rhel7 b/images/installer/Dockerfile.rhel7 index 5245771d0..05df6b43a 100644 --- a/images/installer/Dockerfile.rhel7 +++ b/images/installer/Dockerfile.rhel7 @@ -5,7 +5,7 @@ MAINTAINER OpenShift Team <dev@lists.openshift.redhat.com> USER root # Playbooks, roles, and their dependencies are installed from packages. -RUN INSTALL_PKGS="atomic-openshift-utils atomic-openshift-clients python-boto openssl java-1.8.0-openjdk-headless httpd-tools" \ +RUN INSTALL_PKGS="atomic-openshift-utils atomic-openshift-clients python-boto openssl java-1.8.0-openjdk-headless httpd-tools google-cloud-sdk" \ && yum repolist > /dev/null \ && yum-config-manager --enable rhel-7-server-ose-3.7-rpms \ && yum-config-manager --enable rhel-7-server-rh-common-rpms \ diff --git a/images/installer/origin-extra-root/etc/yum.repos.d/google-cloud-sdk.repo b/images/installer/origin-extra-root/etc/yum.repos.d/google-cloud-sdk.repo new file mode 100644 index 000000000..7bb8502e9 --- /dev/null +++ b/images/installer/origin-extra-root/etc/yum.repos.d/google-cloud-sdk.repo @@ -0,0 +1,8 @@ +[google-cloud-sdk] +name=google-cloud-sdk +baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64 +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg + https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg diff --git a/inventory/hosts.example b/inventory/hosts.example index d857cd1a7..b009b4fc8 100644 --- a/inventory/hosts.example +++ b/inventory/hosts.example @@ -941,7 +941,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5} # Enable origin repos that point at Centos PAAS SIG, defaults to true, only used -# by deployment_type=origin +# by openshift_deployment_type=origin #openshift_enable_origin_repo=false # Validity of the auto-generated OpenShift certificates in days. diff --git a/lookup_plugins/README.md b/lookup_plugins/README.md deleted file mode 100644 index f05d608e5..000000000 --- a/lookup_plugins/README.md +++ /dev/null @@ -1 +0,0 @@ -openshift-ansible lookup plugins. diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 0d5964dda..2be8ebd5b 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -24,9 +24,6 @@ Requires: tar Requires: %{name}-docs = %{version}-%{release} Requires: %{name}-playbooks = %{version}-%{release} Requires: %{name}-roles = %{version}-%{release} -Requires: %{name}-filter-plugins = %{version}-%{release} -Requires: %{name}-lookup-plugins = %{version}-%{release} -Requires: %{name}-callback-plugins = %{version}-%{release} Requires: java-1.8.0-openjdk-headless Requires: httpd-tools Requires: libselinux-python @@ -52,8 +49,6 @@ popd # Base openshift-ansible install mkdir -p %{buildroot}%{_datadir}/%{name} mkdir -p %{buildroot}%{_datadir}/ansible/%{name} -mkdir -p %{buildroot}%{_datadir}/ansible_plugins -cp -rp library %{buildroot}%{_datadir}/ansible/%{name}/ # openshift-ansible-bin install mkdir -p %{buildroot}%{_bindir} @@ -88,31 +83,6 @@ rm -rf %{buildroot}%{_datadir}/ansible/%{name}/roles/contiv/* # touch a file in contiv so that it can be added to SCM's touch %{buildroot}%{_datadir}/ansible/%{name}/roles/contiv/.empty_dir -# openshift_master_facts symlinks filter_plugins/oo_filters.py from ansible_plugins/filter_plugins -pushd %{buildroot}%{_datadir}/ansible/%{name}/roles/openshift_master_facts/filter_plugins -ln -sf ../../../../../ansible_plugins/filter_plugins/oo_filters.py oo_filters.py -popd - -# openshift-ansible-filter-plugins install -cp -rp filter_plugins %{buildroot}%{_datadir}/ansible_plugins/ - -# openshift-ansible-lookup-plugins install -cp -rp lookup_plugins %{buildroot}%{_datadir}/ansible_plugins/ - -# openshift-ansible-callback-plugins install -cp -rp callback_plugins %{buildroot}%{_datadir}/ansible_plugins/ - -# create symlinks from /usr/share/ansible/plugins/lookup -> -# /usr/share/ansible_plugins/lookup_plugins -pushd %{buildroot}%{_datadir} -mkdir -p ansible/plugins -pushd ansible/plugins -ln -s ../../ansible_plugins/lookup_plugins lookup -ln -s ../../ansible_plugins/filter_plugins filter -ln -s ../../ansible_plugins/callback_plugins callback -popd -popd - # atomic-openshift-utils install pushd utils %{__python} setup.py install --skip-build --root %{buildroot} @@ -131,7 +101,6 @@ popd %license LICENSE %dir %{_datadir}/ansible/%{name} %{_datadir}/ansible/%{name}/files -%{_datadir}/ansible/%{name}/library %ghost %{_datadir}/ansible/%{name}/playbooks/common/openshift-master/library.rpmmoved # ---------------------------------------------------------------------------------- @@ -155,9 +124,6 @@ BuildArch: noarch Summary: Openshift and Atomic Enterprise Ansible Playbooks Requires: %{name} = %{version}-%{release} Requires: %{name}-roles = %{version}-%{release} -Requires: %{name}-lookup-plugins = %{version}-%{release} -Requires: %{name}-filter-plugins = %{version}-%{release} -Requires: %{name}-callback-plugins = %{version}-%{release} BuildArch: noarch %description playbooks @@ -198,9 +164,9 @@ end # ---------------------------------------------------------------------------------- Summary: Openshift and Atomic Enterprise Ansible roles Requires: %{name} = %{version}-%{release} -Requires: %{name}-lookup-plugins = %{version}-%{release} -Requires: %{name}-filter-plugins = %{version}-%{release} -Requires: %{name}-callback-plugins = %{version}-%{release} +Obsoletes: %{name}-lookup-plugins +Obsoletes: %{name}-filter-plugins +Obsoletes: %{name}-callback-plugins BuildArch: noarch %description roles @@ -209,55 +175,6 @@ BuildArch: noarch %files roles %{_datadir}/ansible/%{name}/roles - -# ---------------------------------------------------------------------------------- -# openshift-ansible-filter-plugins subpackage -# ---------------------------------------------------------------------------------- -%package filter-plugins -Summary: Openshift and Atomic Enterprise Ansible filter plugins -Requires: %{name} = %{version}-%{release} -BuildArch: noarch -Requires: pyOpenSSL - -%description filter-plugins -%{summary}. - -%files filter-plugins -%{_datadir}/ansible_plugins/filter_plugins -%{_datadir}/ansible/plugins/filter - - -# ---------------------------------------------------------------------------------- -# openshift-ansible-lookup-plugins subpackage -# ---------------------------------------------------------------------------------- -%package lookup-plugins -Summary: Openshift and Atomic Enterprise Ansible lookup plugins -Requires: %{name} = %{version}-%{release} -BuildArch: noarch - -%description lookup-plugins -%{summary}. - -%files lookup-plugins -%{_datadir}/ansible_plugins/lookup_plugins -%{_datadir}/ansible/plugins/lookup - - -# ---------------------------------------------------------------------------------- -# openshift-ansible-callback-plugins subpackage -# ---------------------------------------------------------------------------------- -%package callback-plugins -Summary: Openshift and Atomic Enterprise Ansible callback plugins -Requires: %{name} = %{version}-%{release} -BuildArch: noarch - -%description callback-plugins -%{summary}. - -%files callback-plugins -%{_datadir}/ansible_plugins/callback_plugins -%{_datadir}/ansible/plugins/callback - # ---------------------------------------------------------------------------------- # atomic-openshift-utils subpackage # ---------------------------------------------------------------------------------- diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 584117e6b..0e0e2b425 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -18,9 +18,8 @@ # Since we're not calling openshift_facts we'll do this for now - set_fact: - is_atomic: "{{ ostree_output.rc == 0 }}" - - set_fact: - is_containerized: "{{ is_atomic or containerized | default(false) | bool }}" + openshift_is_atomic: "{{ ostree_output.rc == 0 }}" + openshift_is_containerized: "{{ ostree_output.rc == 0 or containerized | default(false) | bool }}" # Stop services on all hosts prior to removing files. - hosts: nodes @@ -133,7 +132,7 @@ when: openshift_use_flannel | default(false) | bool register: result until: result is succeeded - when: not is_atomic | bool + when: not openshift_is_atomic | bool - shell: systemctl reset-failed changed_when: False @@ -363,7 +362,7 @@ - name: Remove packages package: name={{ item }} state=absent - when: not is_atomic | bool and openshift_remove_all | default(True) | bool + when: not openshift_is_atomic | bool and openshift_remove_all | default(True) | bool with_items: - atomic-openshift - atomic-openshift-clients @@ -487,14 +486,14 @@ - name: Stop additional atomic services service: name={{ item }} state=stopped - when: is_containerized | bool + when: openshift_is_containerized | bool with_items: - etcd_container failed_when: false - name: Remove packages package: name={{ item }} state=absent - when: not is_atomic | bool and openshift_remove_all | default(True) | bool + when: not openshift_is_atomic | bool and openshift_remove_all | default(True) | bool with_items: - etcd - etcd3 @@ -554,7 +553,7 @@ - name: Remove packages package: name={{ item }} state=absent - when: not is_atomic | bool and openshift_remove_all | default(True) | bool + when: not openshift_is_atomic | bool and openshift_remove_all | default(True) | bool with_items: - haproxy register: result diff --git a/playbooks/aws/openshift-cluster/filter_plugins b/playbooks/aws/openshift-cluster/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/aws/openshift-cluster/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/aws/openshift-cluster/lookup_plugins b/playbooks/aws/openshift-cluster/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/aws/openshift-cluster/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/aws/provisioning_vars.yml.example b/playbooks/aws/provisioning_vars.yml.example index 1491fb868..2eb7d23d4 100644 --- a/playbooks/aws/provisioning_vars.yml.example +++ b/playbooks/aws/provisioning_vars.yml.example @@ -46,7 +46,7 @@ openshift_pkg_version: # -3.7.0 # Name of the subnet in the vpc to use. Needs to be set if using a pre-existing # vpc + subnet. -#openshift_aws_subnet_name: +#openshift_aws_subnet_az: # -------------- # # Security Group # diff --git a/playbooks/byo/filter_plugins b/playbooks/byo/filter_plugins deleted file mode 120000 index a4f518f07..000000000 --- a/playbooks/byo/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../filter_plugins
\ No newline at end of file diff --git a/playbooks/byo/lookup_plugins b/playbooks/byo/lookup_plugins deleted file mode 120000 index c528bcd1d..000000000 --- a/playbooks/byo/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/byo/openshift-cluster/filter_plugins b/playbooks/byo/openshift-cluster/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/byo/openshift-cluster/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/byo/openshift-cluster/lookup_plugins b/playbooks/byo/openshift-cluster/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/byo/openshift-cluster/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/byo/rhel_subscribe.yml b/playbooks/byo/rhel_subscribe.yml index dc9d0a139..f70f05bac 100644 --- a/playbooks/byo/rhel_subscribe.yml +++ b/playbooks/byo/rhel_subscribe.yml @@ -6,7 +6,7 @@ roles: - role: rhel_subscribe when: - - deployment_type == 'openshift-enterprise' + - openshift_deployment_type == 'openshift-enterprise' - ansible_distribution == "RedHat" - rhsub_user is defined - rhsub_pass is defined diff --git a/playbooks/common/openshift-cluster/filter_plugins b/playbooks/common/openshift-cluster/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/common/openshift-cluster/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/library b/playbooks/common/openshift-cluster/library deleted file mode 120000 index d0b7393d3..000000000 --- a/playbooks/common/openshift-cluster/library +++ /dev/null @@ -1 +0,0 @@ -../../../library/
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/lookup_plugins b/playbooks/common/openshift-cluster/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/common/openshift-cluster/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml index 23cf8cf76..372a39e74 100644 --- a/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml +++ b/playbooks/common/openshift-cluster/upgrades/create_service_signer_cert.yml @@ -22,7 +22,7 @@ - name: Create service signer certificate command: > - {{ openshift.common.client_binary }} adm ca create-signer-cert + {{ openshift_client_binary }} adm ca create-signer-cert --cert="{{ remote_cert_create_tmpdir.stdout }}/"service-signer.crt --key="{{ remote_cert_create_tmpdir.stdout }}/"service-signer.key --name="{{ remote_cert_create_tmpdir.stdout }}/"openshift-service-serving-signer diff --git a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml index 42cd51bd9..28ddc3ded 100644 --- a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml @@ -12,12 +12,9 @@ roles: - openshift_facts tasks: - - set_fact: - repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}" - - fail: msg: Cannot upgrade Docker on Atomic operating systems. - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - include_role: name: container_runtime @@ -54,7 +51,7 @@ - name: Drain Node for Kubelet upgrade command: > - {{ openshift.common.client_binary }} adm drain {{ openshift.node.nodename }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets + {{ openshift_client_binary }} adm drain {{ openshift.node.nodename }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets delegate_to: "{{ groups.oo_first_master.0 }}" when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_upgrade register: l_docker_upgrade_drain_result diff --git a/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml b/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml index 385a141ea..3b47a11e0 100644 --- a/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml +++ b/playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml @@ -15,7 +15,7 @@ - "{{ openshift_service_type }}-master-controllers" - "{{ openshift_service_type }}-node" failed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Wait for master API to come back online wait_for: diff --git a/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml index b5000d3a1..54eeb2ef5 100644 --- a/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml @@ -10,7 +10,7 @@ - etcd_container - openvswitch failed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Check Docker image count shell: "docker images -aq | wc -l" diff --git a/playbooks/common/openshift-cluster/upgrades/filter_plugins b/playbooks/common/openshift-cluster/upgrades/filter_plugins deleted file mode 120000 index b1213dedb..000000000 --- a/playbooks/common/openshift-cluster/upgrades/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/lookup_plugins deleted file mode 120000 index aff753026..000000000 --- a/playbooks/common/openshift-cluster/upgrades/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml index 50df8a890..1b57521df 100644 --- a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml @@ -27,8 +27,8 @@ - set_fact: haproxy_routers: "{{ all_routers.results.results[0]['items'] | - oo_pods_match_component(openshift_deployment_type, 'haproxy-router') | - oo_select_keys_from_list(['metadata']) }}" + lib_utils_oo_pods_match_component(openshift_deployment_type, 'haproxy-router') | + lib_utils_oo_select_keys_from_list(['metadata']) }}" when: - all_routers.results.returncode == 0 diff --git a/playbooks/common/openshift-cluster/upgrades/pre/config.yml b/playbooks/common/openshift-cluster/upgrades/pre/config.yml index d5b82d9a0..de74c8ab8 100644 --- a/playbooks/common/openshift-cluster/upgrades/pre/config.yml +++ b/playbooks/common/openshift-cluster/upgrades/pre/config.yml @@ -14,10 +14,10 @@ hosts: "{{ l_upgrade_no_proxy_hosts }}" tasks: - set_fact: - openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config'] | union(groups['oo_masters_to_config']) | union(groups['oo_etcd_to_config'] | default([]))) - | oo_collect('openshift.common.hostname') | default([]) | join (',') + | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',') }}" when: - openshift_http_proxy is defined or openshift_https_proxy is defined diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml index 3fc18c9b7..693ab2d96 100644 --- a/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml +++ b/playbooks/common/openshift-cluster/upgrades/pre/verify_cluster.yml @@ -5,11 +5,6 @@ hosts: oo_first_master gather_facts: no tasks: - - fail: - msg: > - This upgrade is only supported for origin and openshift-enterprise - deployment types - when: deployment_type not in ['origin','openshift-enterprise'] # Error out in situations where the user has older versions specified in their # inventory in any of the openshift_release, openshift_image_tag, and @@ -71,7 +66,7 @@ local_facts: ha: "{{ groups.oo_masters_to_config | length > 1 }}" - - when: openshift.common.is_containerized | bool + - when: openshift_is_containerized | bool block: - set_fact: master_services: diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml index 065a9a8ab..b0b5a7e4b 100644 --- a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml +++ b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml @@ -15,9 +15,9 @@ docker pull {{ openshift_cli_image }}:{{ openshift_image_tag }} register: pull_result changed_when: "'Downloaded newer image' in pull_result.stdout" - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool -- when: not openshift.common.is_containerized | bool +- when: not openshift_is_containerized | bool block: - name: Check latest available OpenShift RPM version repoquery: @@ -49,5 +49,5 @@ fail: msg: "This upgrade playbook must be run against OpenShift {{ openshift_upgrade_min }} or later" when: - - deployment_type == 'origin' + - openshift_deployment_type == 'origin' - openshift.common.version is version_compare(openshift_upgrade_min,'<') diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index 44724e979..0263e721d 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -25,7 +25,7 @@ tasks: - name: Upgrade all storage command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig migrate storage --include=* --confirm register: l_pb_upgrade_control_plane_pre_upgrade_storage when: openshift_upgrade_pre_storage_migration_enabled | default(true) | bool @@ -86,7 +86,7 @@ - name: Post master upgrade - Upgrade clusterpolicies storage command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig migrate storage --include=clusterpolicies --confirm register: l_pb_upgrade_control_plane_post_upgrade_storage when: @@ -112,8 +112,8 @@ tasks: - set_fact: master_update_completed: "{{ hostvars - | oo_select_keys(groups.oo_masters_to_config) - | oo_collect('inventory_hostname', {'master_update_complete': true}) }}" + | lib_utils_oo_select_keys(groups.oo_masters_to_config) + | lib_utils_oo_collect('inventory_hostname', {'master_update_complete': true}) }}" - set_fact: master_update_failed: "{{ groups.oo_masters_to_config | difference(master_update_completed) | list }}" - fail: @@ -133,7 +133,7 @@ tasks: - name: Reconcile Cluster Roles command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-roles --additive-only=true --confirm -o name register: reconcile_cluster_role_result when: openshift_version is version_compare('3.7','<') @@ -144,7 +144,7 @@ - name: Reconcile Cluster Role Bindings command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-role-bindings --exclude-groups=system:authenticated --exclude-groups=system:authenticated:oauth @@ -160,7 +160,7 @@ - name: Reconcile Jenkins Pipeline Role Bindings command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-role-bindings system:build-strategy-jenkinspipeline --confirm -o name + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-role-bindings system:build-strategy-jenkinspipeline --confirm -o name run_once: true register: reconcile_jenkins_role_binding_result changed_when: @@ -214,7 +214,7 @@ - name: Reconcile Security Context Constraints command: > - {{ openshift.common.client_binary }} adm policy --config={{ openshift.common.config_base }}/master/admin.kubeconfig reconcile-sccs --confirm --additive-only=true -o name + {{ openshift_client_binary }} adm policy --config={{ openshift.common.config_base }}/master/admin.kubeconfig reconcile-sccs --confirm --additive-only=true -o name register: reconcile_scc_result changed_when: - reconcile_scc_result.stdout != '' @@ -223,7 +223,7 @@ - name: Migrate storage post policy reconciliation command: > - {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig migrate storage --include=* --confirm run_once: true register: l_pb_upgrade_control_plane_post_upgrade_storage @@ -246,8 +246,8 @@ tasks: - set_fact: reconcile_completed: "{{ hostvars - | oo_select_keys(groups.oo_masters_to_config) - | oo_collect('inventory_hostname', {'reconcile_complete': true}) }}" + | lib_utils_oo_select_keys(groups.oo_masters_to_config) + | lib_utils_oo_collect('inventory_hostname', {'reconcile_complete': true}) }}" - set_fact: reconcile_failed: "{{ groups.oo_masters_to_config | difference(reconcile_completed) | list }}" - fail: @@ -262,7 +262,7 @@ - openshift_facts tasks: - include_tasks: docker/tasks/upgrade.yml - when: l_docker_upgrade is defined and l_docker_upgrade | bool and not openshift.common.is_atomic | bool + when: l_docker_upgrade is defined and l_docker_upgrade | bool and not openshift_is_atomic | bool - name: Drain and upgrade master nodes hosts: oo_masters_to_config:&oo_nodes_to_upgrade @@ -291,7 +291,7 @@ - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets delegate_to: "{{ groups.oo_first_master.0 }}" register: l_upgrade_control_plane_drain_result until: not (l_upgrade_control_plane_drain_result is failed) diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml index 956ad0d53..ece69a3d5 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml @@ -35,7 +35,7 @@ - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets delegate_to: "{{ groups.oo_first_master.0 }}" register: l_upgrade_nodes_drain_result until: not (l_upgrade_nodes_drain_result is failed) diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml index e8c0f361a..a90082760 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml @@ -43,7 +43,7 @@ tasks: - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm drain {{ openshift.node.nodename | lower }} + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets --timeout={{ openshift_upgrade_nodes_drain_timeout | default(0) }}s diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins deleted file mode 120000 index 7de3c1dd7..000000000 --- a/playbooks/common/openshift-cluster/upgrades/v3_6/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../../filter_plugins/
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml index a5ad3801d..d520c6aee 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml @@ -13,7 +13,7 @@ tasks: - set_fact: openshift_upgrade_target: '3.6' - openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}" + openshift_upgrade_min: "{{ '1.5' if openshift_deployment_type == 'origin' else '3.5' }}" - import_playbook: ../pre/config.yml vars: diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml index 1498db4c5..a956fdde5 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml @@ -20,7 +20,7 @@ tasks: - set_fact: openshift_upgrade_target: '3.6' - openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}" + openshift_upgrade_min: "{{ '1.5' if openshift_deployment_type == 'origin' else '3.5' }}" - import_playbook: ../pre/config.yml vars: diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml index 6958652d8..4febe76ee 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_nodes.yml @@ -15,7 +15,7 @@ tasks: - set_fact: openshift_upgrade_target: '3.6' - openshift_upgrade_min: "{{ '1.5' if deployment_type == 'origin' else '3.5' }}" + openshift_upgrade_min: "{{ '1.5' if openshift_deployment_type == 'origin' else '3.5' }}" - import_playbook: ../pre/config.yml vars: diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins deleted file mode 120000 index 7de3c1dd7..000000000 --- a/playbooks/common/openshift-cluster/upgrades/v3_7/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../../filter_plugins/
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml index c8c87a9c3..49e691352 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml @@ -14,7 +14,7 @@ # DO NOT DISABLE THIS, YOUR UPGRADE WILL FAIL IF YOU DO SO - name: Confirm OpenShift authorization objects are in sync command: > - {{ openshift.common.client_binary }} adm migrate authorization + {{ openshift_client_binary }} adm migrate authorization when: - openshift_currently_installed_version is version_compare('3.7','<') - openshift_upgrade_pre_authorization_migration_enabled | default(true) | bool diff --git a/playbooks/common/openshift-cluster/upgrades/v3_8/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_8/filter_plugins deleted file mode 120000 index 7de3c1dd7..000000000 --- a/playbooks/common/openshift-cluster/upgrades/v3_8/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../../filter_plugins/
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_9/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_9/filter_plugins deleted file mode 120000 index 7de3c1dd7..000000000 --- a/playbooks/common/openshift-cluster/upgrades/v3_9/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../../../filter_plugins/
\ No newline at end of file diff --git a/playbooks/container-runtime/private/config.yml b/playbooks/container-runtime/private/config.yml index 67445edeb..d8fc93710 100644 --- a/playbooks/container-runtime/private/config.yml +++ b/playbooks/container-runtime/private/config.yml @@ -1,7 +1,7 @@ --- - hosts: "{{ l_containerized_host_groups }}" vars: - l_chg_temp: "{{ openshift_containerized_host_groups | default([]) }}" + l_chg_temp: "{{ hostvars[groups['oo_first_master'][0]]['openshift_containerized_host_groups'] | default([]) }}" l_containerized_host_groups: "{{ (['oo_nodes_to_config'] | union(l_chg_temp)) | join(':') }}" # role: container_runtime is necessary here to bring role default variables # into the play scope. diff --git a/playbooks/container-runtime/private/setup_storage.yml b/playbooks/container-runtime/private/setup_storage.yml new file mode 100644 index 000000000..54fa5ca66 --- /dev/null +++ b/playbooks/container-runtime/private/setup_storage.yml @@ -0,0 +1,16 @@ +--- +- hosts: "{{ l_containerized_host_groups }}" + vars: + l_chg_temp: "{{ hostvars[groups['oo_first_master'][0]]['openshift_containerized_host_groups'] | default([]) }}" + l_containerized_host_groups: "{{ (['oo_nodes_to_config'] | union(l_chg_temp)) | join(':') }}" + # role: container_runtime is necessary here to bring role default variables + # into the play scope. + roles: + - role: container_runtime + tasks: + - include_role: + name: container_runtime + tasks_from: docker_storage_setup_overlay.yml + when: + - container_runtime_docker_storage_type|default('') == "overlay2" + - openshift_docker_is_node_or_master | bool diff --git a/playbooks/container-runtime/setup_storage.yml b/playbooks/container-runtime/setup_storage.yml new file mode 100644 index 000000000..98e876b2c --- /dev/null +++ b/playbooks/container-runtime/setup_storage.yml @@ -0,0 +1,6 @@ +--- +- import_playbook: ../init/main.yml + vars: + skip_verison: True + +- import_playbook: private/setup_storage.yml diff --git a/playbooks/init/base_packages.yml b/playbooks/init/base_packages.yml new file mode 100644 index 000000000..f7007087c --- /dev/null +++ b/playbooks/init/base_packages.yml @@ -0,0 +1,37 @@ +--- +- name: Ensure that all non-node hosts are accessible + hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config + any_errors_fatal: true + tasks: + - when: + - not openshift_is_atomic | bool + block: + - name: Ensure openshift-ansible installer package deps are installed + package: + name: "{{ item }}" + state: present + with_items: + - iproute + - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}" + - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}" + - yum-utils + register: result + until: result is succeeded + + - name: Ensure various deps for running system containers are installed + package: + name: "{{ item }}" + state: present + with_items: + - atomic + - ostree + - runc + when: + - > + (openshift_use_system_containers | default(False)) | bool + or (openshift_use_etcd_system_container | default(False)) | bool + or (openshift_use_openvswitch_system_container | default(False)) | bool + or (openshift_use_node_system_container | default(False)) | bool + or (openshift_use_master_system_container | default(False)) | bool + register: result + until: result is succeeded diff --git a/playbooks/init/facts.yml b/playbooks/init/facts.yml index 4d40e472c..9e411a551 100644 --- a/playbooks/init/facts.yml +++ b/playbooks/init/facts.yml @@ -21,40 +21,24 @@ path: /run/ostree-booted register: ostree_booted - # Locally setup containerized facts for now - - name: initialize_facts set fact l_is_atomic + # TODO(michaelgugino) remove this line once CI is updated. + - name: set openshift_deployment_type if unset set_fact: - l_is_atomic: "{{ ostree_booted.stat.exists }}" - - - name: initialize_facts set fact for containerized and l_is_*_system_container - set_fact: - l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}" - - # TODO: Should this be moved into health checks?? - # Seems as though any check that happens with a corresponding fail should move into health_checks - - name: Validate python version - ans_dist is fedora and python is v3 - fail: - msg: | - openshift-ansible requires Python 3 for {{ ansible_distribution }}; - For information on enabling Python 3 with Ansible, see https://docs.ansible.com/ansible/python_3_support.html + openshift_deployment_type: "{{ deployment_type }}" when: - - ansible_distribution == 'Fedora' - - ansible_python['version']['major'] != 3 + - openshift_deployment_type is undefined + - deployment_type is defined - # TODO: Should this be moved into health checks?? - # Seems as though any check that happens with a corresponding fail should move into health_checks - - name: Validate python version - ans_dist not Fedora and python must be v2 - fail: - msg: "openshift-ansible requires Python 2 for {{ ansible_distribution }}" - when: - - ansible_distribution != 'Fedora' - - ansible_python['version']['major'] != 2 + - name: initialize_facts set fact openshift_is_atomic and openshift_is_containerized + set_fact: + openshift_is_atomic: "{{ ostree_booted.stat.exists }}" + openshift_is_containerized: "{{ ostree_booted.stat.exists or (containerized | default(false) | bool) }}" # TODO: Should this be moved into health checks?? # Seems as though any check that happens with a corresponding fail should move into health_checks # Fail as early as possible if Atomic and old version of Docker - when: - - l_is_atomic | bool + - openshift_is_atomic | bool block: # See https://access.redhat.com/articles/2317361 @@ -72,40 +56,7 @@ - l_atomic_docker_version.stdout | replace('"', '') is version_compare('1.12','>=') msg: Installation on Atomic Host requires Docker 1.12 or later. Please upgrade and restart the Atomic Host. - - when: - - not l_is_atomic | bool - block: - - name: Ensure openshift-ansible installer package deps are installed - package: - name: "{{ item }}" - state: present - with_items: - - iproute - - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}" - - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}" - - yum-utils - register: result - until: result is succeeded - - - name: Ensure various deps for running system containers are installed - package: - name: "{{ item }}" - state: present - with_items: - - atomic - - ostree - - runc - when: - - > - (openshift_use_system_containers | default(False)) | bool - or (openshift_use_etcd_system_container | default(False)) | bool - or (openshift_use_openvswitch_system_container | default(False)) | bool - or (openshift_use_node_system_container | default(False)) | bool - or (openshift_use_master_system_container | default(False)) | bool - register: result - until: result is succeeded - - - name: Gather Cluster facts and set is_containerized if needed + - name: Gather Cluster facts openshift_facts: role: common local_facts: @@ -113,7 +64,6 @@ deployment_subtype: "{{ openshift_deployment_subtype | default(None) }}" hostname: "{{ openshift_hostname | default(None) }}" ip: "{{ openshift_ip | default(None) }}" - is_containerized: "{{ l_is_containerized | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" public_ip: "{{ openshift_public_ip | default(None) }}" portal_net: "{{ openshift_portal_net | default(openshift_master_portal_net) | default(None) }}" @@ -126,10 +76,10 @@ openshift_facts: role: common local_facts: - no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config'] | union(groups['oo_masters_to_config']) | union(groups['oo_etcd_to_config'] | default([]))) - | oo_collect('openshift.common.hostname') | default([]) | join (',') + | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',') }}" when: - openshift_http_proxy is defined or openshift_https_proxy is defined @@ -141,7 +91,12 @@ local_facts: sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" - - name: initialize_facts set_fact repoquery command - set_fact: - repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}" - repoquery_installed: "{{ 'dnf repoquery --latest-limit 1 -d 0 --disableexcludes=all --installed' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins --installed' }}" +- name: Initialize special first-master variables + hosts: oo_first_master + roles: + - role: openshift_facts + tasks: + - set_fact: + # We need to setup openshift_client_binary here for special uses of delegate_to in + # later roles and plays. + first_master_client_binary: "{{ openshift_client_binary }}" diff --git a/playbooks/init/main.yml b/playbooks/init/main.yml index 06e8ba504..20457e508 100644 --- a/playbooks/init/main.yml +++ b/playbooks/init/main.yml @@ -20,9 +20,6 @@ - import_playbook: sanity_checks.yml when: not (skip_sanity_checks | default(False)) -- import_playbook: validate_hostnames.yml - when: not (skip_validate_hostnames | default(False)) - - import_playbook: version.yml when: not (skip_verison | default(False)) diff --git a/playbooks/init/repos.yml b/playbooks/init/repos.yml index 66786a41a..866c889b6 100644 --- a/playbooks/init/repos.yml +++ b/playbooks/init/repos.yml @@ -8,7 +8,7 @@ name: rhel_subscribe when: - ansible_distribution == 'RedHat' - - deployment_type == 'openshift-enterprise' + - openshift_deployment_type == 'openshift-enterprise' - rhsub_user is defined - rhsub_pass is defined - name: initialize openshift repos diff --git a/playbooks/init/sanity_checks.yml b/playbooks/init/sanity_checks.yml index 26716a92d..52bcf42c0 100644 --- a/playbooks/init/sanity_checks.yml +++ b/playbooks/init/sanity_checks.yml @@ -1,51 +1,15 @@ --- - name: Verify Requirements - hosts: oo_all_hosts + hosts: oo_first_master + roles: + - role: lib_utils tasks: - - fail: - msg: Flannel can not be used with openshift sdn, set openshift_use_openshift_sdn=false if you want to use flannel - when: openshift_use_openshift_sdn | default(true) | bool and openshift_use_flannel | default(false) | bool - - - fail: - msg: Nuage sdn can not be used with openshift sdn, set openshift_use_openshift_sdn=false if you want to use nuage - when: openshift_use_openshift_sdn | default(true) | bool and openshift_use_nuage | default(false) | bool - - - fail: - msg: Nuage sdn can not be used with flannel - when: openshift_use_flannel | default(false) | bool and openshift_use_nuage | default(false) | bool - - - fail: - msg: Contiv can not be used with openshift sdn, set openshift_use_openshift_sdn=false if you want to use contiv - when: openshift_use_openshift_sdn | default(true) | bool and openshift_use_contiv | default(false) | bool - - - fail: - msg: Contiv can not be used with flannel - when: openshift_use_flannel | default(false) | bool and openshift_use_contiv | default(false) | bool - - - fail: - msg: Contiv can not be used with nuage - when: openshift_use_nuage | default(false) | bool and openshift_use_contiv | default(false) | bool - - - fail: - msg: Calico can not be used with openshift sdn, set openshift_use_openshift_sdn=false if you want to use Calico - when: openshift_use_openshift_sdn | default(true) | bool and openshift_use_calico | default(false) | bool - - - fail: - msg: The Calico playbook does not yet integrate with the Flannel playbook in Openshift. Set either openshift_use_calico or openshift_use_flannel, but not both. - when: openshift_use_calico | default(false) | bool and openshift_use_flannel | default(false) | bool - - - fail: - msg: Calico can not be used with Nuage in Openshift. Set either openshift_use_calico or openshift_use_nuage, but not both - when: openshift_use_calico | default(false) | bool and openshift_use_nuage | default(false) | bool - - - fail: - msg: Calico can not be used with Contiv in Openshift. Set either openshift_use_calico or openshift_use_contiv, but not both - when: openshift_use_calico | default(false) | bool and openshift_use_contiv | default(false) | bool - - - fail: - msg: openshift_hostname must be 63 characters or less - when: openshift_hostname is defined and openshift_hostname | length > 63 - - - fail: - msg: openshift_public_hostname must be 63 characters or less - when: openshift_public_hostname is defined and openshift_public_hostname | length > 63 + # sanity_checks is a custom action plugin defined in lib_utils. + # This module will loop through all the hostvars for each host + # specified in check_hosts. + # Since sanity_checks is an action_plugin, it executes on the control host. + # Thus, sanity_checks cannot gather new information about any hosts. + - name: Run variable sanity checks + sanity_checks: + check_hosts: "{{ groups['oo_all_hosts'] }}" + run_once: True diff --git a/playbooks/openshift-etcd/private/filter_plugins b/playbooks/openshift-etcd/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-etcd/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-etcd/private/lookup_plugins b/playbooks/openshift-etcd/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-etcd/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-etcd/private/migrate.yml b/playbooks/openshift-etcd/private/migrate.yml index 313ed8bec..cad0ebcaa 100644 --- a/playbooks/openshift-etcd/private/migrate.yml +++ b/playbooks/openshift-etcd/private/migrate.yml @@ -57,8 +57,8 @@ tasks: - set_fact: etcd_backup_completed: "{{ hostvars - | oo_select_keys(groups.oo_etcd_to_migrate) - | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}" + | lib_utils_oo_select_keys(groups.oo_etcd_to_migrate) + | lib_utils_oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}" - set_fact: etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) | list }}" - fail: @@ -118,8 +118,8 @@ tasks: - set_fact: etcd_migration_completed: "{{ hostvars - | oo_select_keys(groups.oo_etcd_to_migrate) - | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}" + | lib_utils_oo_select_keys(groups.oo_etcd_to_migrate) + | lib_utils_oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}" - set_fact: etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) | list }}" diff --git a/playbooks/openshift-etcd/private/redeploy-ca.yml b/playbooks/openshift-etcd/private/redeploy-ca.yml index 158bcb849..0995945cc 100644 --- a/playbooks/openshift-etcd/private/redeploy-ca.yml +++ b/playbooks/openshift-etcd/private/redeploy-ca.yml @@ -47,9 +47,9 @@ - import_playbook: restart.yml # Do not restart etcd when etcd certificates were previously expired. when: ('expired' not in (hostvars - | oo_select_keys(groups['etcd']) - | oo_collect('check_results.check_results.etcd') - | oo_collect('health'))) + | lib_utils_oo_select_keys(groups['etcd']) + | lib_utils_oo_collect('check_results.check_results.etcd') + | lib_utils_oo_collect('health'))) - name: Retrieve etcd CA certificate hosts: oo_first_etcd @@ -87,15 +87,15 @@ when: # masters - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) # etcd - ('expired' not in (hostvars - | oo_select_keys(groups['etcd']) - | oo_collect('check_results.check_results.etcd') - | oo_collect('health'))) + | lib_utils_oo_select_keys(groups['etcd']) + | lib_utils_oo_collect('check_results.check_results.etcd') + | lib_utils_oo_collect('health'))) diff --git a/playbooks/openshift-etcd/private/scaleup.yml b/playbooks/openshift-etcd/private/scaleup.yml index 3ef043ec8..dc667958f 100644 --- a/playbooks/openshift-etcd/private/scaleup.yml +++ b/playbooks/openshift-etcd/private/scaleup.yml @@ -69,8 +69,8 @@ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" openshift_ca_host: "{{ groups.oo_first_master.0 }}" openshift_master_etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) )) - | oo_collect('openshift.common.hostname') + | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) )) + | lib_utils_oo_collect('openshift.common.hostname') | default(none, true) }}" openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}" roles: diff --git a/playbooks/openshift-etcd/private/upgrade_backup.yml b/playbooks/openshift-etcd/private/upgrade_backup.yml index 7dfea07f1..0d8943d93 100644 --- a/playbooks/openshift-etcd/private/upgrade_backup.yml +++ b/playbooks/openshift-etcd/private/upgrade_backup.yml @@ -18,8 +18,8 @@ tasks: - set_fact: etcd_backup_completed: "{{ hostvars - | oo_select_keys(groups.oo_etcd_hosts_to_backup) - | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}" + | lib_utils_oo_select_keys(groups.oo_etcd_hosts_to_backup) + | lib_utils_oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}" - set_fact: etcd_backup_failed: "{{ groups.oo_etcd_hosts_to_backup | difference(etcd_backup_completed) | list }}" - fail: diff --git a/playbooks/openshift-etcd/private/upgrade_image_members.yml b/playbooks/openshift-etcd/private/upgrade_image_members.yml index 339fc6b74..d4386249e 100644 --- a/playbooks/openshift-etcd/private/upgrade_image_members.yml +++ b/playbooks/openshift-etcd/private/upgrade_image_members.yml @@ -1,7 +1,7 @@ --- # INPUT etcd_upgrade_version # INPUT etcd_container_version -# INPUT openshift.common.is_containerized +# INPUT openshift_is_containerized - name: Upgrade containerized hosts to {{ etcd_upgrade_version }} hosts: oo_etcd_hosts_to_upgrade serial: 1 @@ -14,4 +14,4 @@ etcd_peer: "{{ openshift.common.hostname }}" when: - etcd_container_version | default('99') is version_compare(etcd_upgrade_version,'<') - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool diff --git a/playbooks/openshift-etcd/private/upgrade_rpm_members.yml b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml index 327a35b09..f7fe6cd9c 100644 --- a/playbooks/openshift-etcd/private/upgrade_rpm_members.yml +++ b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml @@ -1,7 +1,7 @@ --- # INPUT etcd_upgrade_version # INPUT etcd_rpm_version -# INPUT openshift.common.is_containerized +# INPUT openshift_is_containerized - name: Upgrade to {{ etcd_upgrade_version }} hosts: oo_etcd_hosts_to_upgrade serial: 1 @@ -15,4 +15,4 @@ when: - etcd_rpm_version.stdout | default('99') is version_compare(etcd_upgrade_version, '<') - ansible_distribution == 'RedHat' - - not openshift.common.is_containerized | bool + - not openshift_is_containerized | bool diff --git a/playbooks/openshift-etcd/private/upgrade_step.yml b/playbooks/openshift-etcd/private/upgrade_step.yml index 60127fc68..05c543d62 100644 --- a/playbooks/openshift-etcd/private/upgrade_step.yml +++ b/playbooks/openshift-etcd/private/upgrade_step.yml @@ -61,4 +61,4 @@ etcd_peer: "{{ openshift.common.hostname }}" when: - ansible_distribution == 'Fedora' - - not openshift.common.is_containerized | bool + - not openshift_is_containerized | bool diff --git a/playbooks/openshift-etcd/redeploy-certificates.yml b/playbooks/openshift-etcd/redeploy-certificates.yml index 753878d70..8ea1994f7 100644 --- a/playbooks/openshift-etcd/redeploy-certificates.yml +++ b/playbooks/openshift-etcd/redeploy-certificates.yml @@ -5,6 +5,6 @@ - import_playbook: private/restart.yml vars: - g_etcd_certificates_expired: "{{ ('expired' in (hostvars | oo_select_keys(groups['etcd']) | oo_collect('check_results.check_results.etcd') | oo_collect('health'))) | bool }}" + g_etcd_certificates_expired: "{{ ('expired' in (hostvars | lib_utils_oo_select_keys(groups['etcd']) | lib_utils_oo_collect('check_results.check_results.etcd') | lib_utils_oo_collect('health'))) | bool }}" - import_playbook: ../openshift-master/private/restart.yml diff --git a/playbooks/openshift-glusterfs/README.md b/playbooks/openshift-glusterfs/README.md index 107bbfff6..19c381490 100644 --- a/playbooks/openshift-glusterfs/README.md +++ b/playbooks/openshift-glusterfs/README.md @@ -63,7 +63,7 @@ glusterfs [OSEv3:vars] ansible_ssh_user=root -deployment_type=origin +openshift_deployment_type=origin [masters] master diff --git a/playbooks/openshift-glusterfs/private/filter_plugins b/playbooks/openshift-glusterfs/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-glusterfs/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-glusterfs/private/lookup_plugins b/playbooks/openshift-glusterfs/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-glusterfs/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml b/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml index 7e9363c5f..b817221b8 100644 --- a/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml +++ b/playbooks/openshift-hosted/private/redeploy-registry-certificates.yml @@ -17,7 +17,7 @@ - name: Determine if docker-registry exists command: > - {{ openshift.common.client_binary }} get dc/docker-registry -o json + {{ openshift_client_binary }} get dc/docker-registry -o json --config={{ mktemp.stdout }}/admin.kubeconfig -n default register: l_docker_registry_dc @@ -26,11 +26,11 @@ - set_fact: docker_registry_env_vars: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env'] - | oo_collect('name')) + | lib_utils_oo_collect('name')) | default([]) }}" docker_registry_secrets: "{{ ((l_docker_registry_dc.stdout | from_json)['spec']['template']['spec']['volumes'] - | oo_collect('secret') - | oo_collect('secretName')) + | lib_utils_oo_collect('secret') + | lib_utils_oo_collect('secretName')) | default([]) }}" changed_when: false when: l_docker_registry_dc.rc == 0 @@ -38,7 +38,7 @@ # Replace dc/docker-registry environment variable certificate data if set. - name: Update docker-registry environment variables shell: > - {{ openshift.common.client_binary }} env dc/docker-registry + {{ openshift_client_binary }} env dc/docker-registry OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)" OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-registry.crt)" OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-registry.key)" @@ -62,7 +62,7 @@ - name: Generate registry certificate command: > - {{ openshift.common.client_binary }} adm ca create-server-cert + {{ openshift_client_binary }} adm ca create-server-cert --signer-cert={{ openshift.common.config_base }}/master/ca.crt --signer-key={{ openshift.common.config_base }}/master/ca.key --signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt @@ -88,7 +88,7 @@ - name: Redeploy docker registry command: > - {{ openshift.common.client_binary }} deploy dc/docker-registry + {{ openshift_client_binary }} deploy dc/docker-registry --latest --config={{ mktemp.stdout }}/admin.kubeconfig -n default diff --git a/playbooks/openshift-hosted/private/redeploy-router-certificates.yml b/playbooks/openshift-hosted/private/redeploy-router-certificates.yml index 2116c745c..c19147d41 100644 --- a/playbooks/openshift-hosted/private/redeploy-router-certificates.yml +++ b/playbooks/openshift-hosted/private/redeploy-router-certificates.yml @@ -17,7 +17,7 @@ - name: Determine if router exists command: > - {{ openshift.common.client_binary }} get dc/router -o json + {{ openshift_client_binary }} get dc/router -o json --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig -n default register: l_router_dc @@ -26,7 +26,7 @@ - name: Determine if router service exists command: > - {{ openshift.common.client_binary }} get svc/router -o json + {{ openshift_client_binary }} get svc/router -o json --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig -n default register: l_router_svc @@ -36,11 +36,11 @@ - name: Collect router environment variables and secrets set_fact: router_env_vars: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['containers'][0]['env'] - | oo_collect('name')) + | lib_utils_oo_collect('name')) | default([]) }}" router_secrets: "{{ ((l_router_dc.stdout | from_json)['spec']['template']['spec']['volumes'] - | oo_collect('secret') - | oo_collect('secretName')) + | lib_utils_oo_collect('secret') + | lib_utils_oo_collect('secretName')) | default([]) }}" changed_when: false when: l_router_dc.rc == 0 @@ -52,7 +52,7 @@ - name: Update router environment variables shell: > - {{ openshift.common.client_binary }} env dc/router + {{ openshift_client_binary }} env dc/router OPENSHIFT_CA_DATA="$(cat /etc/origin/master/ca.crt)" OPENSHIFT_CERT_DATA="$(cat /etc/origin/master/openshift-router.crt)" OPENSHIFT_KEY_DATA="$(cat /etc/origin/master/openshift-router.key)" @@ -78,7 +78,7 @@ - name: Remove router service annotations command: > - {{ openshift.common.client_binary }} annotate service/router + {{ openshift_client_binary }} annotate service/router service.alpha.openshift.io/serving-cert-secret-name- service.alpha.openshift.io/serving-cert-signed-by- --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig @@ -86,7 +86,7 @@ - name: Add serving-cert-secret annotation to router service command: > - {{ openshift.common.client_binary }} annotate service/router + {{ openshift_client_binary }} annotate service/router service.alpha.openshift.io/serving-cert-secret-name=router-certs --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig -n default @@ -129,7 +129,7 @@ - name: Redeploy router command: > - {{ openshift.common.client_binary }} deploy dc/router + {{ openshift_client_binary }} deploy dc/router --latest --config={{ router_cert_redeploy_tempdir.stdout }}/admin.kubeconfig -n default diff --git a/playbooks/openshift-loadbalancer/private/config.yml b/playbooks/openshift-loadbalancer/private/config.yml index 2636d857e..54c8483c8 100644 --- a/playbooks/openshift-loadbalancer/private/config.yml +++ b/playbooks/openshift-loadbalancer/private/config.yml @@ -15,12 +15,12 @@ hosts: oo_lb_to_config vars: openshift_loadbalancer_frontends: "{{ (openshift_master_api_port | default(8443) - | oo_openshift_loadbalancer_frontends(hostvars | oo_select_keys(groups['oo_masters']), + | lib_utils_oo_loadbalancer_frontends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']), openshift_use_nuage | default(false), nuage_mon_rest_server_port | default(none))) + openshift_loadbalancer_additional_frontends | default([]) }}" openshift_loadbalancer_backends: "{{ (openshift_master_api_port | default(8443) - | oo_openshift_loadbalancer_backends(hostvars | oo_select_keys(groups['oo_masters']), + | lib_utils_oo_loadbalancer_backends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']), openshift_use_nuage | default(false), nuage_mon_rest_server_port | default(none))) + openshift_loadbalancer_additional_backends | default([]) }}" diff --git a/playbooks/openshift-loadbalancer/private/filter_plugins b/playbooks/openshift-loadbalancer/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-loadbalancer/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-loadbalancer/private/lookup_plugins b/playbooks/openshift-loadbalancer/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-loadbalancer/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-logging/private/filter_plugins b/playbooks/openshift-logging/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-logging/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-logging/private/library b/playbooks/openshift-logging/private/library deleted file mode 120000 index ba40d2f56..000000000 --- a/playbooks/openshift-logging/private/library +++ /dev/null @@ -1 +0,0 @@ -../../../library
\ No newline at end of file diff --git a/playbooks/openshift-logging/private/lookup_plugins b/playbooks/openshift-logging/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-logging/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-management/private/filter_plugins b/playbooks/openshift-management/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-management/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-management/private/library b/playbooks/openshift-management/private/library deleted file mode 120000 index ba40d2f56..000000000 --- a/playbooks/openshift-management/private/library +++ /dev/null @@ -1 +0,0 @@ -../../../library
\ No newline at end of file diff --git a/playbooks/openshift-master/private/additional_config.yml b/playbooks/openshift-master/private/additional_config.yml index a90cd6b22..85be0e600 100644 --- a/playbooks/openshift-master/private/additional_config.yml +++ b/playbooks/openshift-master/private/additional_config.yml @@ -30,8 +30,8 @@ when: openshift_use_manageiq | default(true) | bool - role: cockpit when: - - not openshift.common.is_atomic | bool - - deployment_type == 'openshift-enterprise' + - not openshift_is_atomic | bool + - openshift_deployment_type == 'openshift-enterprise' - osm_use_cockpit is undefined or osm_use_cockpit | bool - openshift.common.deployment_subtype != 'registry' - role: flannel_register diff --git a/playbooks/openshift-master/private/certificates.yml b/playbooks/openshift-master/private/certificates.yml index f6afbc36f..d42d4402b 100644 --- a/playbooks/openshift-master/private/certificates.yml +++ b/playbooks/openshift-master/private/certificates.yml @@ -9,6 +9,6 @@ - role: openshift_ca - role: openshift_master_certificates openshift_master_etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_to_config'] | default([])) - | oo_collect('openshift.common.hostname') + | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([])) + | lib_utils_oo_collect('openshift.common.hostname') | default(none, true) }}" diff --git a/playbooks/openshift-master/private/config.yml b/playbooks/openshift-master/private/config.yml index 15d301ddb..e53a6f093 100644 --- a/playbooks/openshift-master/private/config.yml +++ b/playbooks/openshift-master/private/config.yml @@ -47,7 +47,7 @@ state: absent when: - rpmgenerated_config.stat.exists == true - - deployment_type == 'openshift-enterprise' + - openshift_deployment_type == 'openshift-enterprise' with_items: - master - node @@ -56,9 +56,9 @@ - set_fact: openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}" openshift_master_etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_to_config'] + | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([])) - | oo_collect('openshift.common.hostname') + | lib_utils_oo_collect('openshift.common.hostname') | default(none, true) }}" roles: - openshift_facts @@ -150,8 +150,8 @@ hosts: oo_first_master vars: g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([])) | length > 0 and (openshift.master.session_encryption_secrets | default([])) | length > 0 }}" - g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}" - g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}" + g_session_auth_secrets: "{{ [ 24 | lib_utils_oo_generate_secret ] }}" + g_session_encryption_secrets: "{{ [ 24 | lib_utils_oo_generate_secret ] }}" roles: - role: openshift_facts tasks: @@ -172,11 +172,11 @@ openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}" openshift_ca_host: "{{ groups.oo_first_master.0 }}" openshift_master_etcd_hosts: "{{ hostvars - | oo_select_keys(groups['oo_etcd_to_config'] | default([])) - | oo_collect('openshift.common.hostname') + | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([])) + | lib_utils_oo_collect('openshift.common.hostname') | default(none, true) }}" - openshift_no_proxy_etcd_host_ips: "{{ hostvars | oo_select_keys(groups['oo_etcd_to_config'] | default([])) - | oo_collect('openshift.common.ip') | default([]) | join(',') + openshift_no_proxy_etcd_host_ips: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([])) + | lib_utils_oo_collect('openshift.common.ip') | default([]) | join(',') }}" roles: - role: openshift_master_facts diff --git a/playbooks/openshift-master/private/filter_plugins b/playbooks/openshift-master/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-master/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-master/private/library b/playbooks/openshift-master/private/library deleted file mode 120000 index d0b7393d3..000000000 --- a/playbooks/openshift-master/private/library +++ /dev/null @@ -1 +0,0 @@ -../../../library/
\ No newline at end of file diff --git a/playbooks/openshift-master/private/lookup_plugins b/playbooks/openshift-master/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-master/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-master/private/redeploy-openshift-ca.yml b/playbooks/openshift-master/private/redeploy-openshift-ca.yml index 9f5502141..9d3c12ba1 100644 --- a/playbooks/openshift-master/private/redeploy-openshift-ca.yml +++ b/playbooks/openshift-master/private/redeploy-openshift-ca.yml @@ -212,18 +212,18 @@ when: # masters - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) # etcd - ('expired' not in (hostvars - | oo_select_keys(groups['etcd']) - | oo_collect('check_results.check_results.etcd') - | oo_collect('health'))) + | lib_utils_oo_select_keys(groups['etcd']) + | lib_utils_oo_collect('check_results.check_results.etcd') + | lib_utils_oo_collect('health'))) - name: Distribute OpenShift CA certificate to nodes hosts: oo_nodes_to_config @@ -277,24 +277,24 @@ when: # nodes - ('expired' not in hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/server.crt"})) + | lib_utils_oo_select_keys(groups['oo_nodes_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/server.crt"})) - ('expired' not in hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/ca.crt"})) + | lib_utils_oo_select_keys(groups['oo_nodes_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/ca.crt"})) # masters - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/master.server.crt"})) - ('expired' not in hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect('check_results.check_results.ocp_certs') - | oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect('check_results.check_results.ocp_certs') + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_first_master.0].openshift.common.config_base ~ "/master/ca-bundle.crt"})) # etcd - ('expired' not in (hostvars - | oo_select_keys(groups['etcd']) - | oo_collect('check_results.check_results.etcd') - | oo_collect('health'))) + | lib_utils_oo_select_keys(groups['etcd']) + | lib_utils_oo_collect('check_results.check_results.etcd') + | lib_utils_oo_collect('health'))) diff --git a/playbooks/openshift-master/private/tasks/wire_aggregator.yml b/playbooks/openshift-master/private/tasks/wire_aggregator.yml index 4f55d5c82..59e2b515c 100644 --- a/playbooks/openshift-master/private/tasks/wire_aggregator.yml +++ b/playbooks/openshift-master/private/tasks/wire_aggregator.yml @@ -21,7 +21,7 @@ # TODO: this currently has a bug where hostnames are required - name: Creating First Master Aggregator signer certs command: > - {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm ca create-signer-cert + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm ca create-signer-cert --cert=/etc/origin/master/front-proxy-ca.crt --key=/etc/origin/master/front-proxy-ca.key --serial=/etc/origin/master/ca.serial.txt @@ -84,7 +84,7 @@ - block: - name: Create first master api-client config for Aggregator command: > - {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} adm create-api-client-config + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm create-api-client-config --certificate-authority=/etc/origin/master/front-proxy-ca.crt --signer-cert=/etc/origin/master/front-proxy-ca.crt --signer-key=/etc/origin/master/front-proxy-ca.key diff --git a/playbooks/openshift-metrics/private/library b/playbooks/openshift-metrics/private/library deleted file mode 120000 index ba40d2f56..000000000 --- a/playbooks/openshift-metrics/private/library +++ /dev/null @@ -1 +0,0 @@ -../../../library
\ No newline at end of file diff --git a/playbooks/openshift-nfs/private/filter_plugins b/playbooks/openshift-nfs/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-nfs/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-nfs/private/lookup_plugins b/playbooks/openshift-nfs/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-nfs/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-node/private/configure_nodes.yml b/playbooks/openshift-node/private/configure_nodes.yml index 32b288c8b..548ff7c4f 100644 --- a/playbooks/openshift-node/private/configure_nodes.yml +++ b/playbooks/openshift-node/private/configure_nodes.yml @@ -4,10 +4,10 @@ vars: openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" - openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config'] | union(groups['oo_masters_to_config']) | union(groups['oo_etcd_to_config'] | default([]))) - | oo_collect('openshift.common.hostname') | default([]) | join (',') + | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',') }}" roles: - role: openshift_clock diff --git a/playbooks/openshift-node/private/containerized_nodes.yml b/playbooks/openshift-node/private/containerized_nodes.yml index ef07669cb..dc68d7585 100644 --- a/playbooks/openshift-node/private/containerized_nodes.yml +++ b/playbooks/openshift-node/private/containerized_nodes.yml @@ -5,10 +5,10 @@ vars: openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" - openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + openshift_no_proxy_internal_hostnames: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config'] | union(groups['oo_masters_to_config']) | union(groups['oo_etcd_to_config'] | default([]))) - | oo_collect('openshift.common.hostname') | default([]) | join (',') + | lib_utils_oo_collect('openshift.common.hostname') | default([]) | join (',') }}" roles: diff --git a/playbooks/openshift-node/private/filter_plugins b/playbooks/openshift-node/private/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/openshift-node/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/openshift-node/private/lookup_plugins b/playbooks/openshift-node/private/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/openshift-node/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/openshift-node/private/restart.yml b/playbooks/openshift-node/private/restart.yml index c2092b23c..7249ced70 100644 --- a/playbooks/openshift-node/private/restart.yml +++ b/playbooks/openshift-node/private/restart.yml @@ -28,7 +28,7 @@ - "{{ openshift_service_type }}-master-controllers" - "{{ openshift_service_type }}-node" failed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Wait for master API to come back online wait_for: diff --git a/playbooks/openshift-node/private/setup.yml b/playbooks/openshift-node/private/setup.yml index 541913aef..802dce37e 100644 --- a/playbooks/openshift-node/private/setup.yml +++ b/playbooks/openshift-node/private/setup.yml @@ -21,6 +21,6 @@ when: - hostvars[item].openshift is defined - hostvars[item].openshift.common is defined - - hostvars[item].openshift.common.is_containerized | bool + - hostvars[item].openshift_is_containerized | bool - (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config) changed_when: False diff --git a/playbooks/prerequisites.yml b/playbooks/prerequisites.yml index 5ba62a6d6..7802f83d9 100644 --- a/playbooks/prerequisites.yml +++ b/playbooks/prerequisites.yml @@ -3,12 +3,19 @@ vars: skip_verison: True +- import_playbook: init/validate_hostnames.yml + when: not (skip_validate_hostnames | default(False)) + - import_playbook: init/repos.yml +- import_playbook: init/base_packages.yml + # This is required for container runtime for crio, only needs to run once. - name: Configure os_firewall hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config:oo_nfs_to_config:oo_nodes_to_config roles: - role: os_firewall +- import_playbook: container-runtime/private/setup_storage.yml + - import_playbook: container-runtime/private/config.yml diff --git a/playbooks/redeploy-certificates.yml b/playbooks/redeploy-certificates.yml index b5fcb951d..4e6defd6e 100644 --- a/playbooks/redeploy-certificates.yml +++ b/playbooks/redeploy-certificates.yml @@ -9,7 +9,7 @@ - import_playbook: openshift-etcd/private/restart.yml vars: - g_etcd_certificates_expired: "{{ ('expired' in (hostvars | oo_select_keys(groups['etcd']) | oo_collect('check_results.check_results.etcd') | oo_collect('health'))) | bool }}" + g_etcd_certificates_expired: "{{ ('expired' in (hostvars | lib_utils_oo_select_keys(groups['etcd']) | lib_utils_oo_collect('check_results.check_results.etcd') | lib_utils_oo_collect('health'))) | bool }}" - import_playbook: openshift-master/private/restart.yml diff --git a/roles/ansible_service_broker/meta/main.yml b/roles/ansible_service_broker/meta/main.yml index ec4aafb79..65b736500 100644 --- a/roles/ansible_service_broker/meta/main.yml +++ b/roles/ansible_service_broker/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud dependencies: +- role: lib_utils - role: lib_openshift diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 4ca47d074..ba2f7293b 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -4,7 +4,7 @@ - name: Set default image variables based on deployment type include_vars: "{{ item }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" - name: set ansible_service_broker facts diff --git a/roles/calico/meta/main.yml b/roles/calico/meta/main.yml index 816c81369..e3997911b 100644 --- a/roles/calico/meta/main.yml +++ b/roles/calico/meta/main.yml @@ -13,5 +13,6 @@ galaxy_info: - cloud - system dependencies: +- role: lib_utils - role: openshift_facts - role: openshift_master_facts diff --git a/roles/calico_master/meta/main.yml b/roles/calico_master/meta/main.yml index 4d70c79cf..73c94db4e 100644 --- a/roles/calico_master/meta/main.yml +++ b/roles/calico_master/meta/main.yml @@ -13,5 +13,6 @@ galaxy_info: - cloud - system dependencies: +- role: lib_utils - role: calico - role: openshift_facts diff --git a/roles/calico_master/tasks/main.yml b/roles/calico_master/tasks/main.yml index 16d960d8b..05415a4d6 100644 --- a/roles/calico_master/tasks/main.yml +++ b/roles/calico_master/tasks/main.yml @@ -19,7 +19,7 @@ - name: Calico Master | Launch Calico Policy Controller command: > - {{ openshift.common.client_binary }} create + {{ openshift_client_binary }} create -f {{ mktemp.stdout }}/calico-policy-controller.yml --config={{ openshift.common.config_base }}/master/admin.kubeconfig register: calico_create_output diff --git a/roles/cockpit-ui/meta/main.yml b/roles/cockpit-ui/meta/main.yml index 4d619fff6..372c29c28 100644 --- a/roles/cockpit-ui/meta/main.yml +++ b/roles/cockpit-ui/meta/main.yml @@ -12,4 +12,6 @@ galaxy_info: categories: - cloud dependencies: +- role: lib_utils - role: lib_openshift +- role: openshift_facts diff --git a/roles/cockpit-ui/tasks/main.yml b/roles/cockpit-ui/tasks/main.yml index f60912033..d4174d879 100644 --- a/roles/cockpit-ui/tasks/main.yml +++ b/roles/cockpit-ui/tasks/main.yml @@ -39,7 +39,7 @@ - name: Deploy registry-console command: > - {{ openshift.common.client_binary }} new-app --template=registry-console + {{ openshift_client_binary }} new-app --template=registry-console {% if openshift_cockpit_deployer_prefix is defined %}-p IMAGE_PREFIX="{{ openshift_cockpit_deployer_prefix }}"{% endif %} {% if openshift_cockpit_deployer_basename is defined %}-p IMAGE_BASENAME="{{ openshift_cockpit_deployer_basename }}"{% endif %} {% if openshift_cockpit_deployer_version is defined %}-p IMAGE_VERSION="{{ openshift_cockpit_deployer_version }}"{% endif %} diff --git a/roles/cockpit/meta/main.yml b/roles/cockpit/meta/main.yml index 8c0ed3cb8..07e466f04 100644 --- a/roles/cockpit/meta/main.yml +++ b/roles/cockpit/meta/main.yml @@ -12,4 +12,4 @@ galaxy_info: categories: - cloud dependencies: -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml index fc13afed3..577cd7daf 100644 --- a/roles/cockpit/tasks/main.yml +++ b/roles/cockpit/tasks/main.yml @@ -10,7 +10,7 @@ - cockpit-bridge - cockpit-docker - "{{ cockpit_plugins }}" - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded @@ -19,4 +19,4 @@ name: cockpit.socket enabled: true state: started - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool diff --git a/roles/container_runtime/defaults/main.yml b/roles/container_runtime/defaults/main.yml index dd185cb38..f4e249792 100644 --- a/roles/container_runtime/defaults/main.yml +++ b/roles/container_runtime/defaults/main.yml @@ -2,8 +2,6 @@ docker_cli_auth_config_path: '/root/.docker' openshift_docker_signature_verification: False -repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}" - openshift_docker_alternative_creds: False # oreg_url is defined by user input. @@ -55,11 +53,25 @@ openshift_docker_is_node_or_master: "{{ True if inventory_hostname in (groups['o docker_alt_storage_path: /var/lib/containers/docker docker_default_storage_path: /var/lib/docker +docker_storage_path: "{{ docker_default_storage_path }}" +docker_storage_size: 40G +docker_storage_setup_options: + vg: docker_vg + data_size: 99%VG + storage_driver: overlay2 + root_lv_name: docker-root-lv + root_lv_size: 100%FREE + root_lv_mount_path: "{{ docker_storage_path }}" +docker_storage_extra_options: +- "--storage-opt overlay2.override_kernel_check=true" +- "--storage-opt overlay2.size={{ docker_storage_size }}" +- "--graph={{ docker_storage_path}}" + # Set local versions of facts that must be in json format for container-daemon.json # NOTE: When jinja2.9+ is used the container-daemon.json file can move to using tojson l_docker_log_options: "{{ l2_docker_log_options | to_json }}" -l_docker_log_options_dict: "{{ l2_docker_log_options | oo_list_to_dict | to_json }}" +l_docker_log_options_dict: "{{ l2_docker_log_options | lib_utils_oo_list_to_dict | to_json }}" l_docker_additional_registries: "{{ l2_docker_additional_registries | to_json }}" l_docker_blocked_registries: "{{ l2_docker_blocked_registries | to_json }}" l_docker_insecure_registries: "{{ l2_docker_insecure_registries | to_json }}" diff --git a/roles/container_runtime/meta/main.yml b/roles/container_runtime/meta/main.yml index 02fceb745..3bc2607fb 100644 --- a/roles/container_runtime/meta/main.yml +++ b/roles/container_runtime/meta/main.yml @@ -11,5 +11,5 @@ galaxy_info: - 7 dependencies: - role: lib_openshift -- role: lib_os_firewall - role: lib_utils +- role: openshift_facts diff --git a/roles/container_runtime/tasks/common/syscontainer_packages.yml b/roles/container_runtime/tasks/common/syscontainer_packages.yml index b41122880..d429047e6 100644 --- a/roles/container_runtime/tasks/common/syscontainer_packages.yml +++ b/roles/container_runtime/tasks/common/syscontainer_packages.yml @@ -4,7 +4,7 @@ package: name: container-selinux state: present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded @@ -13,7 +13,7 @@ package: name: atomic state: present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded @@ -23,6 +23,6 @@ package: name: runc state: present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/container_runtime/tasks/docker_storage_setup_overlay.yml b/roles/container_runtime/tasks/docker_storage_setup_overlay.yml new file mode 100644 index 000000000..782c002e3 --- /dev/null +++ b/roles/container_runtime/tasks/docker_storage_setup_overlay.yml @@ -0,0 +1,10 @@ +--- +- name: Setup the docker-storage for overlay + template: + src: docker_storage_setup.j2 + dest: /etc/sysconfig/docker-storage-setup + owner: root + group: root + mode: 0664 + when: + - container_runtime_docker_storage_type == 'overlay2' diff --git a/roles/container_runtime/tasks/docker_upgrade_check.yml b/roles/container_runtime/tasks/docker_upgrade_check.yml index 6731963dd..7831f4c7d 100644 --- a/roles/container_runtime/tasks/docker_upgrade_check.yml +++ b/roles/container_runtime/tasks/docker_upgrade_check.yml @@ -61,14 +61,14 @@ - name: Determine available Docker shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker" register: g_atomic_docker_version_result - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - set_fact: l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}" - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - fail: msg: This playbook requires access to Docker 1.12 or later when: - - openshift.common.is_atomic | bool + - openshift_is_atomic | bool - l_docker_version.avail_version | default(l_docker_version.curr_version, true) is version_compare('1.12','<') diff --git a/roles/container_runtime/tasks/package_docker.yml b/roles/container_runtime/tasks/package_docker.yml index d9d4037dd..d6e7e7fed 100644 --- a/roles/container_runtime/tasks/package_docker.yml +++ b/roles/container_runtime/tasks/package_docker.yml @@ -3,7 +3,7 @@ - name: Get current installed Docker version command: "{{ repoquery_installed }} --qf '%{version}' docker" - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: curr_docker_version retries: 4 until: curr_docker_version is succeeded @@ -20,7 +20,7 @@ name: "docker{{ '-' + docker_version if docker_version is defined else '' }}" state: present when: - - not (openshift.common.is_atomic | bool) + - not (openshift_is_atomic | bool) - not (curr_docker_version is skipped) - not (curr_docker_version.stdout != '') register: result @@ -48,7 +48,7 @@ lineinfile: dest: /etc/sysconfig/docker regexp: '^{{ item.reg_conf_var }}=.*$' - line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" + line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | lib_utils_oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" when: - item.reg_fact_val != [] - docker_check.stat.isreg is defined @@ -101,7 +101,7 @@ line: "OPTIONS='\ {% if ansible_selinux.status | default(None) == 'enabled' and openshift_docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %} \ {% if openshift_docker_log_driver | bool %} --log-driver {{ openshift_docker_log_driver }}{% endif %} \ - {% if l2_docker_log_options != [] %} {{ l2_docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %} \ + {% if l2_docker_log_options != [] %} {{ l2_docker_log_options | lib_utils_oo_split() | lib_utils_oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %} \ {% if openshift_docker_hosted_registry_insecure and (openshift_docker_hosted_registry_network | bool) %} --insecure-registry={{ openshift_docker_hosted_registry_network }} {% endif %} \ {% if docker_options is defined %} {{ docker_options }}{% endif %} \ {% if openshift_docker_options %} {{ openshift_docker_options }}{% endif %} \ diff --git a/roles/container_runtime/tasks/systemcontainer_crio.yml b/roles/container_runtime/tasks/systemcontainer_crio.yml index 61f122f3c..6a195a938 100644 --- a/roles/container_runtime/tasks/systemcontainer_crio.yml +++ b/roles/container_runtime/tasks/systemcontainer_crio.yml @@ -3,7 +3,7 @@ - name: Check we are not using node as a Docker container with CRI-O fail: msg='Cannot use CRI-O with node configured as a Docker container' when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - not l_is_node_system_container | bool - include_tasks: common/pre.yml diff --git a/roles/container_runtime/tasks/systemcontainer_docker.yml b/roles/container_runtime/tasks/systemcontainer_docker.yml index 639585367..dc0452553 100644 --- a/roles/container_runtime/tasks/systemcontainer_docker.yml +++ b/roles/container_runtime/tasks/systemcontainer_docker.yml @@ -18,7 +18,7 @@ # Make sure Docker is installed so we are able to use the client - name: Install Docker so we can use the client package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/container_runtime/templates/docker_storage_setup.j2 b/roles/container_runtime/templates/docker_storage_setup.j2 new file mode 100644 index 000000000..b056087e0 --- /dev/null +++ b/roles/container_runtime/templates/docker_storage_setup.j2 @@ -0,0 +1,12 @@ +# Edit this file to override any configuration options specified in +# /usr/lib/docker-storage-setup/docker-storage-setup. +# +# For more details refer to "man docker-storage-setup" +DEVS={{ container_runtime_docker_storage_setup_device }} +VG={{ docker_storage_setup_options.vg }} +DATA_SIZE={{ docker_storage_setup_options.data_size }} +STORAGE_DRIVER="{{ docker_storage_setup_options.storage_driver }}" +CONTAINER_ROOT_LV_NAME="{{ docker_storage_setup_options.root_lv_name }}" +CONTAINER_ROOT_LV_SIZE="{{ docker_storage_setup_options.root_lv_size }}" +CONTAINER_ROOT_LV_MOUNT_PATH="{{ docker_storage_setup_options.root_lv_mount_path }}" +EXTRA_STORAGE_OPTIONS="{{ docker_storage_extra_options | join(' ') }}" diff --git a/roles/contiv/defaults/main.yml b/roles/contiv/defaults/main.yml index aa976d921..8d06a5e96 100644 --- a/roles/contiv/defaults/main.yml +++ b/roles/contiv/defaults/main.yml @@ -101,7 +101,6 @@ apic_epg_bridge_domain: not_specified apic_configure_default_policy: false apic_default_external_contract: "uni/tn-common/brc-default" apic_default_app_profile: "contiv-infra-app-profile" -is_atomic: False kube_cert_dir: "/data/src/github.com/openshift/origin/openshift.local.config/master" master_name: "{{ groups['masters'][0] }}" contiv_etcd_port: 22379 diff --git a/roles/contiv/meta/main.yml b/roles/contiv/meta/main.yml index 52b9d09dd..67fb23db8 100644 --- a/roles/contiv/meta/main.yml +++ b/roles/contiv/meta/main.yml @@ -13,6 +13,7 @@ galaxy_info: - cloud - system dependencies: +- role: lib_utils - role: contiv_facts - role: etcd etcd_service: contiv-etcd diff --git a/roles/contiv/tasks/packageManagerInstall.yml b/roles/contiv/tasks/packageManagerInstall.yml index d5726476c..3367844a8 100644 --- a/roles/contiv/tasks/packageManagerInstall.yml +++ b/roles/contiv/tasks/packageManagerInstall.yml @@ -5,7 +5,7 @@ - include_tasks: pkgMgrInstallers/centos-install.yml when: (ansible_os_family == "RedHat") and - not is_atomic + not openshift_is_atomic - name: Package Manager | Set fact saying we did CentOS package install set_fact: diff --git a/roles/contiv_facts/tasks/main.yml b/roles/contiv_facts/tasks/main.yml index 3267a4ab0..ced04759d 100644 --- a/roles/contiv_facts/tasks/main.yml +++ b/roles/contiv_facts/tasks/main.yml @@ -1,19 +1,4 @@ --- -- name: Determine if Atomic - stat: path=/run/ostree-booted - register: s - changed_when: false - check_mode: no - -- name: Init the is_atomic fact - set_fact: - is_atomic: false - -- name: Set the is_atomic fact - set_fact: - is_atomic: true - when: s.stat.exists - - name: Determine if CoreOS raw: "grep '^NAME=' /etc/os-release | sed s'/NAME=//'" register: distro @@ -85,4 +70,4 @@ when: has_rpm - include_tasks: fedora-install.yml - when: not is_atomic and ansible_distribution == "Fedora" + when: not openshift_is_atomic and ansible_distribution == "Fedora" diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index 86cea5c46..337727e47 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -5,7 +5,7 @@ r_etcd_common_backup_sufix_name: '' l_is_etcd_system_container: "{{ (openshift_use_etcd_system_container | default(openshift_use_system_containers | default(false)) | bool) }}" # runc, docker, host -r_etcd_common_etcd_runtime: "{{ 'runc' if l_is_etcd_system_container else 'docker' if l_is_containerized else 'host' }}" +r_etcd_common_etcd_runtime: "{{ 'runc' if l_is_etcd_system_container else 'docker' if openshift_is_containerized else 'host' }}" r_etcd_common_embedded_etcd: false osm_etcd_image: 'registry.access.redhat.com/rhel7/etcd' diff --git a/roles/etcd/meta/main.yml b/roles/etcd/meta/main.yml index f2e1fc310..af58eff62 100644 --- a/roles/etcd/meta/main.yml +++ b/roles/etcd/meta/main.yml @@ -17,6 +17,5 @@ galaxy_info: - system dependencies: - role: lib_openshift -- role: lib_os_firewall - role: lib_utils - role: openshift_facts diff --git a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml index ccfd9da14..881a8c270 100644 --- a/roles/etcd/tasks/auxiliary/drop_etcdctl.yml +++ b/roles/etcd/tasks/auxiliary/drop_etcdctl.yml @@ -1,7 +1,7 @@ --- - name: Install etcd for etcdctl package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml index 119071a72..d4518554c 100644 --- a/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml +++ b/roles/etcd/tasks/certificates/fetch_client_certificates_from_ca.yml @@ -28,7 +28,7 @@ etcd_client_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool else (False in (g_external_etcd_cert_stat_result.results | default({}) - | oo_collect(attribute='stat.exists') + | lib_utils_oo_collect(attribute='stat.exists') | list)) }}" - name: Ensure generated_certs directory present diff --git a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml index deb2301d7..59a6b6590 100644 --- a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml +++ b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml @@ -21,7 +21,7 @@ etcd_server_certs_missing: "{{ true if etcd_certificates_redeploy | default(false) | bool else (False in (g_etcd_server_cert_stat_result.results | default({}) - | oo_collect(attribute='stat.exists') + | lib_utils_oo_collect(attribute='stat.exists') | list)) }}" - name: Ensure generated_certs directory present diff --git a/roles/etcd/tasks/migration/add_ttls.yml b/roles/etcd/tasks/migration/add_ttls.yml index a4b0ff31d..3d945344c 100644 --- a/roles/etcd/tasks/migration/add_ttls.yml +++ b/roles/etcd/tasks/migration/add_ttls.yml @@ -11,7 +11,7 @@ - name: Re-introduce leases (as a replacement for key TTLs) command: > - {{ openshift.common.client_binary }} adm migrate etcd-ttl \ + {{ openshift_client_binary }} adm migrate etcd-ttl \ --cert {{ r_etcd_common_master_peer_cert_file }} \ --key {{ r_etcd_common_master_peer_key_file }} \ --cacert {{ r_etcd_common_master_peer_ca_file }} \ diff --git a/roles/etcd/tasks/migration/migrate.yml b/roles/etcd/tasks/migration/migrate.yml index 54a9c74ff..847b1d722 100644 --- a/roles/etcd/tasks/migration/migrate.yml +++ b/roles/etcd/tasks/migration/migrate.yml @@ -1,7 +1,7 @@ --- # Should this be run in a serial manner? - set_fact: - l_etcd_service: "{{ 'etcd_container' if openshift.common.is_containerized else 'etcd' }}" + l_etcd_service: "{{ 'etcd_container' if openshift_is_containerized else 'etcd' }}" - name: Migrate etcd data command: > diff --git a/roles/etcd/tasks/version_detect.yml b/roles/etcd/tasks/version_detect.yml index fe1e418d8..ab3626cec 100644 --- a/roles/etcd/tasks/version_detect.yml +++ b/roles/etcd/tasks/version_detect.yml @@ -12,7 +12,7 @@ - debug: msg: "Etcd rpm version {{ etcd_rpm_version.stdout }} detected" when: - - not openshift.common.is_containerized | bool + - not openshift_is_containerized | bool - block: - name: Record containerized etcd version (docker) @@ -52,4 +52,4 @@ - debug: msg: "Etcd containerized version {{ etcd_container_version }} detected" when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml index 51128dba6..7634b8192 100644 --- a/roles/flannel/meta/main.yml +++ b/roles/flannel/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud - system -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 9b9250f31..4627bf69c 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -2,7 +2,7 @@ - name: Install flannel become: yes package: name=flannel state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/flannel_register/meta/main.yml b/roles/flannel_register/meta/main.yml index 73bddcca4..1e44ff5ba 100644 --- a/roles/flannel_register/meta/main.yml +++ b/roles/flannel_register/meta/main.yml @@ -13,4 +13,5 @@ galaxy_info: - cloud - system dependencies: -- { role: openshift_facts } +- role: openshift_facts +- role: lib_utils diff --git a/roles/kuryr/meta/main.yml b/roles/kuryr/meta/main.yml index 7fd5adf41..7eb8ed781 100644 --- a/roles/kuryr/meta/main.yml +++ b/roles/kuryr/meta/main.yml @@ -13,5 +13,6 @@ galaxy_info: - cloud - system dependencies: -- { role: lib_openshift } -- { role: openshift_facts } +- role: lib_utils +- role: lib_openshift +- role: openshift_facts diff --git a/roles/kuryr/templates/controller-deployment.yaml.j2 b/roles/kuryr/templates/controller-deployment.yaml.j2 index d970270b5..155d1faab 100644 --- a/roles/kuryr/templates/controller-deployment.yaml.j2 +++ b/roles/kuryr/templates/controller-deployment.yaml.j2 @@ -22,6 +22,13 @@ spec: - image: kuryr/controller:latest imagePullPolicy: IfNotPresent name: controller +{% if kuryr_openstack_enable_pools | default(false) %} + readinessProbe: + exec: + command: + - cat + - /tmp/pools_loaded +{% endif %} terminationMessagePath: "/dev/termination-log" # FIXME(dulek): This shouldn't be required, but without it selinux is # complaining about access to kuryr.conf. diff --git a/roles/lib_os_firewall/README.md b/roles/lib_os_firewall/README.md deleted file mode 100644 index ba8c84865..000000000 --- a/roles/lib_os_firewall/README.md +++ /dev/null @@ -1,63 +0,0 @@ -lib_os_firewall -=========== - -lib_os_firewall manages iptables firewall settings for a minimal use -case (Adding/Removing rules based on protocol and port number). - -Note: firewalld is not supported on Atomic Host -https://bugzilla.redhat.com/show_bug.cgi?id=1403331 - -Requirements ------------- - -Ansible 2.2 - -Role Variables --------------- - -| Name | Default | | -|---------------------------|---------|----------------------------------------| -| os_firewall_allow | [] | List of service,port mappings to allow | -| os_firewall_deny | [] | List of service, port mappings to deny | - -Dependencies ------------- - -None. - -Example Playbook ----------------- - -Use iptables and open tcp ports 80 and 443: -``` ---- -- hosts: servers - vars: - os_firewall_use_firewalld: false - os_firewall_allow: - - service: httpd - port: 80/tcp - - service: https - port: 443/tcp - tasks: - - include_role: - name: lib_os_firewall - - - name: set allow rules - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: add - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_allow }}" -``` - - -License -------- - -Apache License, Version 2.0 - -Author Information ------------------- -Jason DeTiberus - jdetiber@redhat.com diff --git a/roles/lib_utils/action_plugins/sanity_checks.py b/roles/lib_utils/action_plugins/sanity_checks.py new file mode 100644 index 000000000..1bf332678 --- /dev/null +++ b/roles/lib_utils/action_plugins/sanity_checks.py @@ -0,0 +1,126 @@ +""" +Ansible action plugin to ensure inventory variables are set +appropriately and no conflicting options have been provided. +""" +from ansible.plugins.action import ActionBase +from ansible import errors + +# Valid values for openshift_deployment_type +VALID_DEPLOYMENT_TYPES = ('origin', 'openshift-enterprise') + +# Tuple of variable names and default values if undefined. +NET_PLUGIN_LIST = (('openshift_use_openshift_sdn', True), + ('openshift_use_flannel', False), + ('openshift_use_nuage', False), + ('openshift_use_contiv', False), + ('openshift_use_calico', False)) + + +def to_bool(var_to_check): + """Determine a boolean value given the multiple + ways bools can be specified in ansible.""" + # http://yaml.org/type/bool.html + yes_list = (True, 1, "True", "1", "true", "TRUE", + "Yes", "yes", "Y", "y", "YES", + "on", "ON", "On") + return var_to_check in yes_list + + +class ActionModule(ActionBase): + """Action plugin to execute sanity checks.""" + def template_var(self, hostvars, host, varname): + """Retrieve a variable from hostvars and template it. + If undefined, return None type.""" + res = hostvars[host].get(varname) + if res is None: + return None + return self._templar.template(res) + + def check_openshift_deployment_type(self, hostvars, host): + """Ensure a valid openshift_deployment_type is set""" + openshift_deployment_type = self.template_var(hostvars, host, + 'openshift_deployment_type') + if openshift_deployment_type not in VALID_DEPLOYMENT_TYPES: + type_strings = ", ".join(VALID_DEPLOYMENT_TYPES) + msg = "openshift_deployment_type must be defined and one of {}".format(type_strings) + raise errors.AnsibleModuleError(msg) + + def check_python_version(self, hostvars, host, distro): + """Ensure python version is 3 for Fedora and python 2 for others""" + ansible_python = self.template_var(hostvars, host, 'ansible_python') + if distro == "Fedora": + if ansible_python['version']['major'] != 3: + msg = "openshift-ansible requires Python 3 for {};".format(distro) + msg += " For information on enabling Python 3 with Ansible," + msg += " see https://docs.ansible.com/ansible/python_3_support.html" + raise errors.AnsibleModuleError(msg) + else: + if ansible_python['version']['major'] != 2: + msg = "openshift-ansible requires Python 2 for {};".format(distro) + + def network_plugin_check(self, hostvars, host): + """Ensure only one type of network plugin is enabled""" + res = [] + # Loop through each possible network plugin boolean, determine the + # actual boolean value, and append results into a list. + for plugin, default_val in NET_PLUGIN_LIST: + res_temp = self.template_var(hostvars, host, plugin) + if res_temp is None: + res_temp = default_val + res.append(to_bool(res_temp)) + + if sum(res) != 1: + plugin_str = list(zip([x[0] for x in NET_PLUGIN_LIST], res)) + + msg = "Host Checked: {} Only one of must be true. Found: {}".format(host, plugin_str) + raise errors.AnsibleModuleError(msg) + + def check_hostname_vars(self, hostvars, host): + """Checks to ensure openshift_hostname + and openshift_public_hostname + conform to the proper length of 63 characters or less""" + for varname in ('openshift_public_hostname', 'openshift_hostname'): + var_value = self.template_var(hostvars, host, varname) + if var_value and len(var_value) > 63: + msg = '{} must be 63 characters or less'.format(varname) + raise errors.AnsibleModuleError(msg) + + def run_checks(self, hostvars, host): + """Execute the hostvars validations against host""" + distro = self.template_var(hostvars, host, 'ansible_distribution') + self.check_openshift_deployment_type(hostvars, host) + self.check_python_version(hostvars, host, distro) + self.network_plugin_check(hostvars, host) + self.check_hostname_vars(hostvars, host) + + def run(self, tmp=None, task_vars=None): + result = super(ActionModule, self).run(tmp, task_vars) + + # self.task_vars holds all in-scope variables. + # Ignore settting self.task_vars outside of init. + # pylint: disable=W0201 + self.task_vars = task_vars or {} + + # self._task.args holds task parameters. + # check_hosts is a parameter to this plugin, and should provide + # a list of hosts. + check_hosts = self._task.args.get('check_hosts') + if not check_hosts: + msg = "check_hosts is required" + raise errors.AnsibleModuleError(msg) + + # We need to access each host's variables + hostvars = self.task_vars.get('hostvars') + if not hostvars: + msg = hostvars + raise errors.AnsibleModuleError(msg) + + # We loop through each host in the provided list check_hosts + for host in check_hosts: + self.run_checks(hostvars, host) + + result["changed"] = False + result["failed"] = False + result["msg"] = "Sanity Checks passed" + + return result diff --git a/callback_plugins/aa_version_requirement.py b/roles/lib_utils/callback_plugins/aa_version_requirement.py index 1093acdae..1093acdae 100644 --- a/callback_plugins/aa_version_requirement.py +++ b/roles/lib_utils/callback_plugins/aa_version_requirement.py diff --git a/callback_plugins/openshift_quick_installer.py b/roles/lib_utils/callback_plugins/openshift_quick_installer.py index c0fdbc650..c0fdbc650 100644 --- a/callback_plugins/openshift_quick_installer.py +++ b/roles/lib_utils/callback_plugins/openshift_quick_installer.py diff --git a/filter_plugins/oo_filters.py b/roles/lib_utils/filter_plugins/oo_filters.py index 07f0f4293..a2ea287cf 100644 --- a/filter_plugins/oo_filters.py +++ b/roles/lib_utils/filter_plugins/oo_filters.py @@ -4,7 +4,6 @@ """ Custom filters for use in openshift-ansible """ -import json import os import pdb import random @@ -15,10 +14,8 @@ from collections import Mapping # pylint no-name-in-module and import-error disabled here because pylint # fails to properly detect the packages when installed in a virtualenv from distutils.util import strtobool # pylint:disable=no-name-in-module,import-error -from distutils.version import LooseVersion # pylint:disable=no-name-in-module,import-error from operator import itemgetter -import pkg_resources import yaml from ansible import errors @@ -40,10 +37,12 @@ except ImportError: pass -def oo_pdb(arg): +# pylint: disable=C0103 + +def lib_utils_oo_pdb(arg): """ This pops you into a pdb instance where arg is the data passed in from the filter. - Ex: "{{ hostvars | oo_pdb }}" + Ex: "{{ hostvars | lib_utils_oo_pdb }}" """ pdb.set_trace() return arg @@ -81,55 +80,7 @@ def oo_flatten(data): return [item for sublist in data for item in sublist] -def oo_merge_dicts(first_dict, second_dict): - """ Merge two dictionaries where second_dict values take precedence. - Ex: first_dict={'a': 1, 'b': 2} - second_dict={'b': 3, 'c': 4} - returns {'a': 1, 'b': 3, 'c': 4} - """ - if not isinstance(first_dict, dict) or not isinstance(second_dict, dict): - raise errors.AnsibleFilterError("|failed expects to merge two dicts") - merged = first_dict.copy() - merged.update(second_dict) - return merged - - -def oo_merge_hostvars(hostvars, variables, inventory_hostname): - """ Merge host and play variables. - - When ansible version is greater than or equal to 2.0.0, - merge hostvars[inventory_hostname] with variables (ansible vars) - otherwise merge hostvars with hostvars['inventory_hostname']. - - Ex: hostvars={'master1.example.com': {'openshift_variable': '3'}, - 'openshift_other_variable': '7'} - variables={'openshift_other_variable': '6'} - inventory_hostname='master1.example.com' - returns {'openshift_variable': '3', 'openshift_other_variable': '7'} - - hostvars=<ansible.vars.hostvars.HostVars object> (Mapping) - variables={'openshift_other_variable': '6'} - inventory_hostname='master1.example.com' - returns {'openshift_variable': '3', 'openshift_other_variable': '6'} - """ - if not isinstance(hostvars, Mapping): - raise errors.AnsibleFilterError("|failed expects hostvars is dictionary or object") - if not isinstance(variables, dict): - raise errors.AnsibleFilterError("|failed expects variables is a dictionary") - if not isinstance(inventory_hostname, string_types): - raise errors.AnsibleFilterError("|failed expects inventory_hostname is a string") - ansible_version = pkg_resources.get_distribution("ansible").version # pylint: disable=maybe-no-member - merged_hostvars = {} - if LooseVersion(ansible_version) >= LooseVersion('2.0.0'): - merged_hostvars = oo_merge_dicts( - hostvars[inventory_hostname], variables) - else: - merged_hostvars = oo_merge_dicts( - hostvars[inventory_hostname], hostvars) - return merged_hostvars - - -def oo_collect(data_list, attribute=None, filters=None): +def lib_utils_oo_collect(data_list, attribute=None, filters=None): """ This takes a list of dict and collects all attributes specified into a list. If filter is specified then we will include all items that match _ALL_ of filters. If a dict entry is missing the key in a @@ -158,24 +109,24 @@ def oo_collect(data_list, attribute=None, filters=None): returns [1, 2, 3, 5] """ if not isinstance(data_list, list): - raise errors.AnsibleFilterError("oo_collect expects to filter on a List") + raise errors.AnsibleFilterError("lib_utils_oo_collect expects to filter on a List") if not attribute: - raise errors.AnsibleFilterError("oo_collect expects attribute to be set") + raise errors.AnsibleFilterError("lib_utils_oo_collect expects attribute to be set") data = [] retval = [] for item in data_list: if isinstance(item, list): - retval.extend(oo_collect(item, attribute, filters)) + retval.extend(lib_utils_oo_collect(item, attribute, filters)) else: data.append(item) if filters is not None: if not isinstance(filters, dict): raise errors.AnsibleFilterError( - "oo_collect expects filter to be a dict") + "lib_utils_oo_collect expects filter to be a dict") retval.extend([get_attr(d, attribute) for d in data if ( all([d.get(key, None) == filters[key] for key in filters]))]) else: @@ -186,7 +137,7 @@ def oo_collect(data_list, attribute=None, filters=None): return retval -def oo_select_keys_from_list(data, keys): +def lib_utils_oo_select_keys_from_list(data, keys): """ This returns a list, which contains the value portions for the keys Ex: data = { 'a':1, 'b':2, 'c':3 } keys = ['a', 'c'] @@ -194,18 +145,18 @@ def oo_select_keys_from_list(data, keys): """ if not isinstance(data, list): - raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects to filter on a list") + raise errors.AnsibleFilterError("|lib_utils_oo_select_keys_from_list failed expects to filter on a list") if not isinstance(keys, list): - raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects first param is a list") + raise errors.AnsibleFilterError("|lib_utils_oo_select_keys_from_list failed expects first param is a list") # Gather up the values for the list of keys passed in - retval = [oo_select_keys(item, keys) for item in data] + retval = [lib_utils_oo_select_keys(item, keys) for item in data] return oo_flatten(retval) -def oo_select_keys(data, keys): +def lib_utils_oo_select_keys(data, keys): """ This returns a list, which contains the value portions for the keys Ex: data = { 'a':1, 'b':2, 'c':3 } keys = ['a', 'c'] @@ -213,10 +164,10 @@ def oo_select_keys(data, keys): """ if not isinstance(data, Mapping): - raise errors.AnsibleFilterError("|oo_select_keys failed expects to filter on a dict or object") + raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects to filter on a dict or object") if not isinstance(keys, list): - raise errors.AnsibleFilterError("|oo_select_keys failed expects first param is a list") + raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects first param is a list") # Gather up the values for the list of keys passed in retval = [data[key] for key in keys if key in data] @@ -224,7 +175,7 @@ def oo_select_keys(data, keys): return retval -def oo_prepend_strings_in_list(data, prepend): +def lib_utils_oo_prepend_strings_in_list(data, prepend): """ This takes a list of strings and prepends a string to each item in the list Ex: data = ['cart', 'tree'] @@ -240,44 +191,7 @@ def oo_prepend_strings_in_list(data, prepend): return retval -def oo_combine_key_value(data, joiner='='): - """Take a list of dict in the form of { 'key': 'value'} and - arrange them as a list of strings ['key=value'] - """ - if not isinstance(data, list): - raise errors.AnsibleFilterError("|failed expects first param is a list") - - rval = [] - for item in data: - rval.append("%s%s%s" % (item['key'], joiner, item['value'])) - - return rval - - -def oo_combine_dict(data, in_joiner='=', out_joiner=' '): - """Take a dict in the form of { 'key': 'value', 'key': 'value' } and - arrange them as a string 'key=value key=value' - """ - if not isinstance(data, dict): - # pylint: disable=line-too-long - raise errors.AnsibleFilterError("|failed expects first param is a dict [oo_combine_dict]. Got %s. Type: %s" % (str(data), str(type(data)))) - - return out_joiner.join([in_joiner.join([k, str(v)]) for k, v in data.items()]) - - -def oo_dict_to_keqv_list(data): - """Take a dict and return a list of k=v pairs - - Input data: - {'a': 1, 'b': 2} - - Return data: - ['a=1', 'b=2'] - """ - return ['='.join(str(e) for e in x) for x in data.items()] - - -def oo_dict_to_list_of_dict(data, key_title='key', value_title='value'): +def lib_utils_oo_dict_to_list_of_dict(data, key_title='key', value_title='value'): """Take a dict and arrange them as a list of dicts Input data: @@ -318,67 +232,7 @@ def oo_ami_selector(data, image_name): return ami['ami_id'] -def oo_ec2_volume_definition(data, host_type, docker_ephemeral=False): - """ This takes a dictionary of volume definitions and returns a valid ec2 - volume definition based on the host_type and the values in the - dictionary. - The dictionary should look similar to this: - { 'master': - { 'root': - { 'volume_size': 10, 'device_type': 'gp2', - 'iops': 500 - }, - 'docker': - { 'volume_size': 40, 'device_type': 'gp2', - 'iops': 500, 'ephemeral': 'true' - } - }, - 'node': - { 'root': - { 'volume_size': 10, 'device_type': 'io1', - 'iops': 1000 - }, - 'docker': - { 'volume_size': 40, 'device_type': 'gp2', - 'iops': 500, 'ephemeral': 'true' - } - } - } - """ - if not isinstance(data, dict): - # pylint: disable=line-too-long - raise errors.AnsibleFilterError("|failed expects first param is a dict [oo_ec2_volume_def]. Got %s. Type: %s" % (str(data), str(type(data)))) - if host_type not in ['master', 'node', 'etcd']: - raise errors.AnsibleFilterError("|failed expects etcd, master or node" - " as the host type") - - root_vol = data[host_type]['root'] - root_vol['device_name'] = '/dev/sda1' - root_vol['delete_on_termination'] = True - if root_vol['device_type'] != 'io1': - root_vol.pop('iops', None) - if host_type in ['master', 'node'] and 'docker' in data[host_type]: - docker_vol = data[host_type]['docker'] - docker_vol['device_name'] = '/dev/xvdb' - docker_vol['delete_on_termination'] = True - if docker_vol['device_type'] != 'io1': - docker_vol.pop('iops', None) - if docker_ephemeral: - docker_vol.pop('device_type', None) - docker_vol.pop('delete_on_termination', None) - docker_vol['ephemeral'] = 'ephemeral0' - return [root_vol, docker_vol] - elif host_type == 'etcd' and 'etcd' in data[host_type]: - etcd_vol = data[host_type]['etcd'] - etcd_vol['device_name'] = '/dev/xvdb' - etcd_vol['delete_on_termination'] = True - if etcd_vol['device_type'] != 'io1': - etcd_vol.pop('iops', None) - return [root_vol, etcd_vol] - return [root_vol] - - -def oo_split(string, separator=','): +def lib_utils_oo_split(string, separator=','): """ This splits the input string into a list. If the input string is already a list we will return it as is. """ @@ -387,14 +241,26 @@ def oo_split(string, separator=','): return string.split(separator) -def oo_list_to_dict(lst, separator='='): +def lib_utils_oo_dict_to_keqv_list(data): + """Take a dict and return a list of k=v pairs + + Input data: + {'a': 1, 'b': 2} + + Return data: + ['a=1', 'b=2'] + """ + return ['='.join(str(e) for e in x) for x in data.items()] + + +def lib_utils_oo_list_to_dict(lst, separator='='): """ This converts a list of ["k=v"] to a dictionary {k: v}. """ kvs = [i.split(separator) for i in lst] return {k: v for k, v in kvs} -def oo_haproxy_backend_masters(hosts, port): +def haproxy_backend_masters(hosts, port): """ This takes an array of dicts and returns an array of dicts to be used as a backend for the haproxy role """ @@ -408,95 +274,8 @@ def oo_haproxy_backend_masters(hosts, port): return servers -def oo_filter_list(data, filter_attr=None): - """ This returns a list, which contains all items where filter_attr - evaluates to true - Ex: data = [ { a: 1, b: True }, - { a: 3, b: False }, - { a: 5, b: True } ] - filter_attr = 'b' - returns [ { a: 1, b: True }, - { a: 5, b: True } ] - """ - if not isinstance(data, list): - raise errors.AnsibleFilterError("|failed expects to filter on a list") - - if not isinstance(filter_attr, string_types): - raise errors.AnsibleFilterError("|failed expects filter_attr is a str or unicode") - - # Gather up the values for the list of keys passed in - return [x for x in data if filter_attr in x and x[filter_attr]] - - -def oo_parse_heat_stack_outputs(data): - """ Formats the HEAT stack output into a usable form - - The goal is to transform something like this: - - +---------------+-------------------------------------------------+ - | Property | Value | - +---------------+-------------------------------------------------+ - | capabilities | [] | | - | creation_time | 2015-06-26T12:26:26Z | | - | description | OpenShift cluster | | - | … | … | - | outputs | [ | - | | { | - | | "output_value": "value_A" | - | | "description": "This is the value of Key_A" | - | | "output_key": "Key_A" | - | | }, | - | | { | - | | "output_value": [ | - | | "value_B1", | - | | "value_B2" | - | | ], | - | | "description": "This is the value of Key_B" | - | | "output_key": "Key_B" | - | | }, | - | | ] | - | parameters | { | - | … | … | - +---------------+-------------------------------------------------+ - - into something like this: - - { - "Key_A": "value_A", - "Key_B": [ - "value_B1", - "value_B2" - ] - } - """ - - # Extract the “outputs” JSON snippet from the pretty-printed array - in_outputs = False - outputs = '' - - line_regex = re.compile(r'\|\s*(.*?)\s*\|\s*(.*?)\s*\|') - for line in data['stdout_lines']: - match = line_regex.match(line) - if match: - if match.group(1) == 'outputs': - in_outputs = True - elif match.group(1) != '': - in_outputs = False - if in_outputs: - outputs += match.group(2) - - outputs = json.loads(outputs) - - # Revamp the “outputs” to put it in the form of a “Key: value” map - revamped_outputs = {} - for output in outputs: - revamped_outputs[output['output_key']] = output['output_value'] - - return revamped_outputs - - # pylint: disable=too-many-branches -def oo_parse_named_certificates(certificates, named_certs_dir, internal_hostnames): +def lib_utils_oo_parse_named_certificates(certificates, named_certs_dir, internal_hostnames): """ Parses names from list of certificate hashes. Ex: certificates = [{ "certfile": "/root/custom1.crt", @@ -564,67 +343,7 @@ def oo_parse_named_certificates(certificates, named_certs_dir, internal_hostname return certificates -def oo_pretty_print_cluster(data, prefix='tag_'): - """ Read a subset of hostvars and build a summary of the cluster - in the following layout: - -"c_id": { -"master": { -"default": [ - { "name": "c_id-master-12345", "public IP": "172.16.0.1", "private IP": "192.168.0.1" } -] -"node": { -"infra": [ - { "name": "c_id-node-infra-23456", "public IP": "172.16.0.2", "private IP": "192.168.0.2" } -], -"compute": [ - { "name": "c_id-node-compute-23456", "public IP": "172.16.0.3", "private IP": "192.168.0.3" }, -... -] -} - """ - - def _get_tag_value(tags, key): - """ Extract values of a map implemented as a set. - Ex: tags = { 'tag_foo_value1', 'tag_bar_value2', 'tag_baz_value3' } - key = 'bar' - returns 'value2' - """ - for tag in tags: - if tag[:len(prefix) + len(key)] == prefix + key: - return tag[len(prefix) + len(key) + 1:] - raise KeyError(key) - - def _add_host(clusters, - clusterid, - host_type, - sub_host_type, - host): - """ Add a new host in the clusters data structure """ - if clusterid not in clusters: - clusters[clusterid] = {} - if host_type not in clusters[clusterid]: - clusters[clusterid][host_type] = {} - if sub_host_type not in clusters[clusterid][host_type]: - clusters[clusterid][host_type][sub_host_type] = [] - clusters[clusterid][host_type][sub_host_type].append(host) - - clusters = {} - for host in data: - try: - _add_host(clusters=clusters, - clusterid=_get_tag_value(host['group_names'], 'clusterid'), - host_type=_get_tag_value(host['group_names'], 'host-type'), - sub_host_type=_get_tag_value(host['group_names'], 'sub-host-type'), - host={'name': host['inventory_hostname'], - 'public IP': host['oo_public_ipv4'], - 'private IP': host['oo_private_ipv4']}) - except KeyError: - pass - return clusters - - -def oo_generate_secret(num_bytes): +def lib_utils_oo_generate_secret(num_bytes): """ generate a session secret """ if not isinstance(num_bytes, int): @@ -633,7 +352,7 @@ def oo_generate_secret(num_bytes): return b64encode(os.urandom(num_bytes)).decode('utf-8') -def to_padded_yaml(data, level=0, indent=2, **kw): +def lib_utils_to_padded_yaml(data, level=0, indent=2, **kw): """ returns a yaml snippet padded to match the indent level you specify """ if data in [None, ""]: return "" @@ -648,31 +367,7 @@ def to_padded_yaml(data, level=0, indent=2, **kw): raise errors.AnsibleFilterError('Failed to convert: %s' % my_e) -def oo_31_rpm_rename_conversion(rpms, openshift_version=None): - """ Filters a list of 3.0 rpms and return the corresponding 3.1 rpms - names with proper version (if provided) - - If 3.1 rpms are passed in they will only be augmented with the - correct version. This is important for hosts that are running both - Masters and Nodes. - """ - if not isinstance(rpms, list): - raise errors.AnsibleFilterError("failed expects to filter on a list") - if openshift_version is not None and not isinstance(openshift_version, string_types): - raise errors.AnsibleFilterError("failed expects openshift_version to be a string") - - rpms_31 = [] - for rpm in rpms: - if 'atomic' not in rpm: - rpm = rpm.replace("openshift", "atomic-openshift") - if openshift_version: - rpm = rpm + openshift_version - rpms_31.append(rpm) - - return rpms_31 - - -def oo_pods_match_component(pods, deployment_type, component): +def lib_utils_oo_pods_match_component(pods, deployment_type, component): """ Filters a list of Pods and returns the ones matching the deployment_type and component """ if not isinstance(pods, list): @@ -697,20 +392,7 @@ def oo_pods_match_component(pods, deployment_type, component): return matching_pods -def oo_get_hosts_from_hostvars(hostvars, hosts): - """ Return a list of hosts from hostvars """ - retval = [] - for host in hosts: - try: - retval.append(hostvars[host]) - except errors.AnsibleError: - # host does not exist - pass - - return retval - - -def oo_image_tag_to_rpm_version(version, include_dash=False): +def lib_utils_oo_image_tag_to_rpm_version(version, include_dash=False): """ Convert an image tag string to an RPM version if necessary Empty strings and strings that are already in rpm version format are ignored. Also remove non semantic version components. @@ -731,7 +413,7 @@ def oo_image_tag_to_rpm_version(version, include_dash=False): return version -def oo_hostname_from_url(url): +def lib_utils_oo_hostname_from_url(url): """ Returns the hostname contained in a URL Ex: https://ose3-master.example.com/v1/api -> ose3-master.example.com @@ -747,7 +429,7 @@ def oo_hostname_from_url(url): # pylint: disable=invalid-name, unused-argument -def oo_openshift_loadbalancer_frontends( +def lib_utils_oo_loadbalancer_frontends( api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None): """TODO: Document me.""" loadbalancer_frontends = [{'name': 'atomic-openshift-api', @@ -765,25 +447,25 @@ def oo_openshift_loadbalancer_frontends( # pylint: disable=invalid-name -def oo_openshift_loadbalancer_backends( +def lib_utils_oo_loadbalancer_backends( api_port, servers_hostvars, use_nuage=False, nuage_rest_port=None): """TODO: Document me.""" loadbalancer_backends = [{'name': 'atomic-openshift-api', 'mode': 'tcp', 'option': 'tcplog', 'balance': 'source', - 'servers': oo_haproxy_backend_masters(servers_hostvars, api_port)}] + 'servers': haproxy_backend_masters(servers_hostvars, api_port)}] if bool(strtobool(str(use_nuage))) and nuage_rest_port is not None: # pylint: disable=line-too-long loadbalancer_backends.append({'name': 'nuage-monitor', 'mode': 'tcp', 'option': 'tcplog', 'balance': 'source', - 'servers': oo_haproxy_backend_masters(servers_hostvars, nuage_rest_port)}) + 'servers': haproxy_backend_masters(servers_hostvars, nuage_rest_port)}) return loadbalancer_backends -def oo_chomp_commit_offset(version): +def lib_utils_oo_chomp_commit_offset(version): """Chomp any "+git.foo" commit offset string from the given `version` and return the modified version string. @@ -803,17 +485,17 @@ Ex: return str(version).split('+')[0] -def oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'): +def lib_utils_oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'): """Generates a random string of given length from a set of alphanumeric characters. The default source uses [a-z][A-Z][0-9] Ex: - - oo_random_word(3) => aB9 - - oo_random_word(4, source='012') => 0123 + - lib_utils_oo_random_word(3) => aB9 + - lib_utils_oo_random_word(4, source='012') => 0123 """ return ''.join(random.choice(source) for i in range(length)) -def oo_contains_rule(source, apiGroups, resources, verbs): +def lib_utils_oo_contains_rule(source, apiGroups, resources, verbs): '''Return true if the specified rule is contained within the provided source''' rules = source['rules'] @@ -828,7 +510,7 @@ def oo_contains_rule(source, apiGroups, resources, verbs): return False -def oo_selector_to_string_list(user_dict): +def lib_utils_oo_selector_to_string_list(user_dict): """Convert a dict of selectors to a key=value list of strings Given input of {'region': 'infra', 'zone': 'primary'} returns a list @@ -840,7 +522,7 @@ of items as ['region=infra', 'zone=primary'] return selectors -def oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'): +def lib_utils_oo_filter_sa_secrets(sa_secrets, secret_hint='-token-'): """Parse the Service Account Secrets list, `sa_secrets`, (as from oc_serviceaccount_secret:state=list) and return the name of the secret containing the `secret_hint` string. For example, by default this will @@ -879,7 +561,7 @@ that result to this filter plugin. - name: Save the SA bearer token secret name set_fact: - management_token: "{{ sa.results | oo_filter_sa_secrets }}" + management_token: "{{ sa.results | lib_utils_oo_filter_sa_secrets }}" - name: Get the SA bearer token value oc_secret: @@ -914,39 +596,26 @@ class FilterModule(object): def filters(self): """ returns a mapping of filters to methods """ return { - "oo_select_keys": oo_select_keys, - "oo_select_keys_from_list": oo_select_keys_from_list, - "oo_chomp_commit_offset": oo_chomp_commit_offset, - "oo_collect": oo_collect, - "oo_flatten": oo_flatten, - "oo_pdb": oo_pdb, - "oo_prepend_strings_in_list": oo_prepend_strings_in_list, - "oo_ami_selector": oo_ami_selector, - "oo_ec2_volume_definition": oo_ec2_volume_definition, - "oo_combine_key_value": oo_combine_key_value, - "oo_combine_dict": oo_combine_dict, - "oo_dict_to_keqv_list": oo_dict_to_keqv_list, - "oo_dict_to_list_of_dict": oo_dict_to_list_of_dict, - "oo_split": oo_split, - "oo_list_to_dict": oo_list_to_dict, - "oo_filter_list": oo_filter_list, - "oo_parse_heat_stack_outputs": oo_parse_heat_stack_outputs, - "oo_parse_named_certificates": oo_parse_named_certificates, - "oo_haproxy_backend_masters": oo_haproxy_backend_masters, - "oo_pretty_print_cluster": oo_pretty_print_cluster, - "oo_generate_secret": oo_generate_secret, - "oo_31_rpm_rename_conversion": oo_31_rpm_rename_conversion, - "oo_pods_match_component": oo_pods_match_component, - "oo_get_hosts_from_hostvars": oo_get_hosts_from_hostvars, - "oo_image_tag_to_rpm_version": oo_image_tag_to_rpm_version, - "oo_merge_dicts": oo_merge_dicts, - "oo_hostname_from_url": oo_hostname_from_url, - "oo_merge_hostvars": oo_merge_hostvars, - "oo_openshift_loadbalancer_frontends": oo_openshift_loadbalancer_frontends, - "oo_openshift_loadbalancer_backends": oo_openshift_loadbalancer_backends, - "to_padded_yaml": to_padded_yaml, - "oo_random_word": oo_random_word, - "oo_contains_rule": oo_contains_rule, - "oo_selector_to_string_list": oo_selector_to_string_list, - "oo_filter_sa_secrets": oo_filter_sa_secrets, + "lib_utils_oo_select_keys": lib_utils_oo_select_keys, + "lib_utils_oo_select_keys_from_list": lib_utils_oo_select_keys_from_list, + "lib_utils_oo_chomp_commit_offset": lib_utils_oo_chomp_commit_offset, + "lib_utils_oo_collect": lib_utils_oo_collect, + "lib_utils_oo_pdb": lib_utils_oo_pdb, + "lib_utils_oo_prepend_strings_in_list": lib_utils_oo_prepend_strings_in_list, + "lib_utils_oo_dict_to_list_of_dict": lib_utils_oo_dict_to_list_of_dict, + "lib_utils_oo_split": lib_utils_oo_split, + "lib_utils_oo_dict_to_keqv_list": lib_utils_oo_dict_to_keqv_list, + "lib_utils_oo_list_to_dict": lib_utils_oo_list_to_dict, + "lib_utils_oo_parse_named_certificates": lib_utils_oo_parse_named_certificates, + "lib_utils_oo_generate_secret": lib_utils_oo_generate_secret, + "lib_utils_oo_pods_match_component": lib_utils_oo_pods_match_component, + "lib_utils_oo_image_tag_to_rpm_version": lib_utils_oo_image_tag_to_rpm_version, + "lib_utils_oo_hostname_from_url": lib_utils_oo_hostname_from_url, + "lib_utils_oo_loadbalancer_frontends": lib_utils_oo_loadbalancer_frontends, + "lib_utils_oo_loadbalancer_backends": lib_utils_oo_loadbalancer_backends, + "lib_utils_to_padded_yaml": lib_utils_to_padded_yaml, + "lib_utils_oo_random_word": lib_utils_oo_random_word, + "lib_utils_oo_contains_rule": lib_utils_oo_contains_rule, + "lib_utils_oo_selector_to_string_list": lib_utils_oo_selector_to_string_list, + "lib_utils_oo_filter_sa_secrets": lib_utils_oo_filter_sa_secrets, } diff --git a/library/kubeclient_ca.py b/roles/lib_utils/library/kubeclient_ca.py index a89a5574f..a89a5574f 100644 --- a/library/kubeclient_ca.py +++ b/roles/lib_utils/library/kubeclient_ca.py diff --git a/library/modify_yaml.py b/roles/lib_utils/library/modify_yaml.py index 9b8f9ba33..9b8f9ba33 100755..100644 --- a/library/modify_yaml.py +++ b/roles/lib_utils/library/modify_yaml.py diff --git a/roles/lib_os_firewall/library/os_firewall_manage_iptables.py b/roles/lib_utils/library/os_firewall_manage_iptables.py index aeee3ede8..aeee3ede8 100755..100644 --- a/roles/lib_os_firewall/library/os_firewall_manage_iptables.py +++ b/roles/lib_utils/library/os_firewall_manage_iptables.py diff --git a/library/rpm_q.py b/roles/lib_utils/library/rpm_q.py index 3dec50fc2..3dec50fc2 100644 --- a/library/rpm_q.py +++ b/roles/lib_utils/library/rpm_q.py diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml index 677f206ea..50ad7e373 100644 --- a/roles/nickhammond.logrotate/tasks/main.yml +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: nickhammond.logrotate | Install logrotate package: name=logrotate state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/nuage_ca/meta/main.yml b/roles/nuage_ca/meta/main.yml index 36838debc..0d0b8d1a5 100644 --- a/roles/nuage_ca/meta/main.yml +++ b/roles/nuage_ca/meta/main.yml @@ -13,4 +13,4 @@ galaxy_info: - cloud - system dependencies: -- { role: nuage_common } +- role: nuage_common diff --git a/roles/nuage_ca/tasks/main.yaml b/roles/nuage_ca/tasks/main.yaml index d96d0d802..cb7844bc5 100644 --- a/roles/nuage_ca/tasks/main.yaml +++ b/roles/nuage_ca/tasks/main.yaml @@ -1,7 +1,7 @@ --- - name: Install openssl package: name=openssl state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/nuage_common/tasks/main.yml b/roles/nuage_common/tasks/main.yml index 6c8c9f8d2..ec42518ff 100644 --- a/roles/nuage_common/tasks/main.yml +++ b/roles/nuage_common/tasks/main.yml @@ -2,17 +2,17 @@ - name: Set the Nuage plugin openshift directory fact to handle Atomic host install set_fact: nuage_node_plugin_dir: /var/usr/share/vsp-openshift - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage CNI network config directory fact to handle Atomic host install set_fact: nuage_node_cni_netconf_dir: /var/etc/cni/net.d/ - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage CNI binary directory fact to handle Atomic host install set_fact: nuage_node_cni_bin_dir: /var/opt/cni/bin/ - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Assure CNI plugin config dir exists before daemon set install become: yes diff --git a/roles/nuage_master/meta/main.yml b/roles/nuage_master/meta/main.yml index e2f7af5ad..643800680 100644 --- a/roles/nuage_master/meta/main.yml +++ b/roles/nuage_master/meta/main.yml @@ -14,4 +14,4 @@ galaxy_info: - system dependencies: - role: lib_openshift -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml index c264427de..29e16b6f8 100644 --- a/roles/nuage_master/tasks/main.yaml +++ b/roles/nuage_master/tasks/main.yaml @@ -5,22 +5,22 @@ - name: Set the Nuage certificate directory fact for Atomic hosts set_fact: cert_output_dir: /var/usr/share/nuage-openshift-monitor - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage kubeconfig file path fact for Atomic hosts set_fact: kube_config: /var/usr/share/nuage-openshift-monitor/nuage.kubeconfig - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage monitor yaml location fact for Atomic hosts set_fact: kubemon_yaml: /var/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage monitor certs location fact for Atomic hosts set_fact: nuage_master_crt_dir: /var/usr/share/nuage-openshift-monitor/ - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage master config directory for daemon sets install set_fact: @@ -35,27 +35,27 @@ - name: Set the Nuage CNI plugin binary directory for daemon sets install set_fact: nuage_cni_bin_dsets_mount_dir: /var/opt/cni/bin - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Create directory /usr/share/nuage-openshift-monitor become: yes file: path=/usr/share/nuage-openshift-monitor state=directory - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool - name: Create directory /var/usr/share/nuage-openshift-monitor become: yes file: path=/var/usr/share/nuage-openshift-monitor state=directory - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Create directory /var/usr/bin for monitor binary on atomic become: yes file: path=/var/usr/bin state=directory - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Create CNI bin directory /var/opt/cni/bin become: yes file: path=/var/opt/cni/bin state=directory - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Create the log directory become: yes diff --git a/roles/nuage_master/tasks/serviceaccount.yml b/roles/nuage_master/tasks/serviceaccount.yml index fbf2c4f8d..9127b33d6 100644 --- a/roles/nuage_master/tasks/serviceaccount.yml +++ b/roles/nuage_master/tasks/serviceaccount.yml @@ -19,7 +19,7 @@ - name: Generate the node client config command: > - {{ openshift.common.client_binary }} adm create-api-client-config + {{ openshift_client_binary }} adm create-api-client-config --certificate-authority={{ openshift_master_ca_cert }} --client-dir={{ cert_output_dir }} --master={{ openshift.master.api_url }} diff --git a/roles/nuage_node/meta/main.yml b/roles/nuage_node/meta/main.yml index 9b0315054..0480502b7 100644 --- a/roles/nuage_node/meta/main.yml +++ b/roles/nuage_node/meta/main.yml @@ -15,4 +15,4 @@ galaxy_info: dependencies: - role: nuage_common - role: nuage_ca -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml index c6b7a9b10..1f1bd1653 100644 --- a/roles/nuage_node/tasks/main.yaml +++ b/roles/nuage_node/tasks/main.yaml @@ -2,17 +2,17 @@ - name: Set the Nuage plugin openshift directory fact for Atomic hosts set_fact: vsp_openshift_dir: /var/usr/share/vsp-openshift - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage CNI binary directory fact for Atomic hosts set_fact: cni_bin_dir: /var/opt/cni/bin/ - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Set the Nuage plugin certs directory fact for Atomic hosts set_fact: nuage_plugin_crt_dir: /var/usr/share/vsp-openshift - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Assure CNI conf dir exists become: yes @@ -36,7 +36,7 @@ - name: Add additional Docker mounts for Nuage for atomic hosts become: yes lineinfile: dest="{{ openshift_atomic_node_config_file }}" line="{{ nuage_atomic_docker_additional_mounts }}" - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Restart node services command: /bin/true diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml index 74e5d1dde..71de24339 100644 --- a/roles/openshift_aws/defaults/main.yml +++ b/roles/openshift_aws/defaults/main.yml @@ -122,12 +122,25 @@ openshift_aws_ami_map: openshift_aws_master_group: - name: "{{ openshift_aws_clusterid }} master group" group: master + tags: + host-type: master + sub-host-type: default + runtime: docker openshift_aws_node_groups: - name: "{{ openshift_aws_clusterid }} compute group" group: compute + tags: + host-type: node + sub-host-type: compute + runtime: docker + - name: "{{ openshift_aws_clusterid }} infra group" group: infra + tags: + host-type: node + sub-host-type: infra + runtime: docker openshift_aws_created_asgs: [] openshift_aws_current_asgs: [] @@ -144,10 +157,6 @@ openshift_aws_master_group_config: min_size: 3 max_size: 3 desired_size: 3 - tags: - host-type: master - sub-host-type: default - runtime: docker wait_for_instances: True termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" @@ -167,10 +176,6 @@ openshift_aws_node_group_config: min_size: 3 max_size: 100 desired_size: 3 - tags: - host-type: node - sub-host-type: compute - runtime: docker termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" iam_role: "{{ openshift_aws_iam_role_name }}" @@ -186,10 +191,6 @@ openshift_aws_node_group_config: min_size: 2 max_size: 20 desired_size: 2 - tags: - host-type: node - sub-host-type: infra - runtime: docker termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" iam_role: "{{ openshift_aws_iam_role_name }}" diff --git a/roles/openshift_aws/tasks/build_node_group.yml b/roles/openshift_aws/tasks/build_node_group.yml index 7fb617dd5..9485cc3ac 100644 --- a/roles/openshift_aws/tasks/build_node_group.yml +++ b/roles/openshift_aws/tasks/build_node_group.yml @@ -30,7 +30,7 @@ - name: query all asg's for this cluster ec2_asg_facts: region: "{{ openshift_aws_region }}" - tags: "{{ {'kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid} | combine(l_node_group_config[openshift_aws_node_group.group].tags) }}" + tags: "{{ {'kubernetes.io/cluster/' ~ openshift_aws_clusterid: openshift_aws_clusterid} | combine(openshift_aws_node_group.tags) }}" register: asgs - fail: diff --git a/roles/openshift_aws/tasks/scale_group.yml b/roles/openshift_aws/tasks/scale_group.yml index 3632f7ce9..6ce8c58ba 100644 --- a/roles/openshift_aws/tasks/scale_group.yml +++ b/roles/openshift_aws/tasks/scale_group.yml @@ -22,7 +22,7 @@ else (l_node_group_config[openshift_aws_node_group.group].replace_all_instances | default(omit)) }}" tags: - "{{ openshift_aws_node_group_config_tags - | combine(l_node_group_config[openshift_aws_node_group.group].tags) + | combine(openshift_aws_node_group.tags) | combine({'deployment_serial': l_deployment_serial, 'ami': openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami)}) }}" - name: append the asg name to the openshift_aws_created_asgs fact diff --git a/roles/openshift_builddefaults/meta/main.yml b/roles/openshift_builddefaults/meta/main.yml index 422d08400..60ac189a8 100644 --- a/roles/openshift_builddefaults/meta/main.yml +++ b/roles/openshift_builddefaults/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_buildoverrides/meta/main.yml b/roles/openshift_buildoverrides/meta/main.yml index e9d2e8712..edca92e6f 100644 --- a/roles/openshift_buildoverrides/meta/main.yml +++ b/roles/openshift_buildoverrides/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_ca/meta/main.yml b/roles/openshift_ca/meta/main.yml index 81b49ce60..b2081efc6 100644 --- a/roles/openshift_ca/meta/main.yml +++ b/roles/openshift_ca/meta/main.yml @@ -15,3 +15,4 @@ galaxy_info: dependencies: - role: openshift_cli - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index ea4702248..b94cd9fba 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -9,9 +9,9 @@ - name: Install the base package for admin tooling package: - name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: install_result until: install_result is succeeded delegate_to: "{{ openshift_ca_host }}" @@ -41,7 +41,7 @@ - set_fact: master_ca_missing: "{{ False in (g_master_ca_stat_result.results - | oo_collect(attribute='stat.exists') + | lib_utils_oo_collect(attribute='stat.exists') | list) }}" run_once: true @@ -87,11 +87,11 @@ # This should NOT replace the CA due to --overwrite=false when a CA already exists. - name: Create the master certificates if they do not already exist command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-master-certs - {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-master-certs + {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} - {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %} + {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %} --certificate-authority {{ legacy_ca_certificate }} {% endfor %} --hostnames={{ hostvars[openshift_ca_host].openshift.common.all_hostnames | join(',') }} @@ -117,7 +117,7 @@ src: "{{ item }}" dest: "{{ openshift_ca_clientconfig_tmpdir.stdout }}/" remote_src: true - with_items: "{{ g_master_legacy_ca_result.files | default([]) | oo_collect('path') }}" + with_items: "{{ g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') }}" delegate_to: "{{ openshift_ca_host }}" run_once: true - copy: @@ -137,7 +137,7 @@ - name: Test local loopback context command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} config view + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} config view --config={{ openshift_master_loopback_config }} changed_when: false register: loopback_config @@ -154,9 +154,9 @@ register: openshift_ca_loopback_tmpdir - name: Generate the loopback master client config command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm create-api-client-config --certificate-authority={{ openshift_ca_cert }} - {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} --client-dir={{ openshift_ca_loopback_tmpdir.stdout }} diff --git a/roles/openshift_certificate_expiry/meta/main.yml b/roles/openshift_certificate_expiry/meta/main.yml index c13b29ba5..6758f5b36 100644 --- a/roles/openshift_certificate_expiry/meta/main.yml +++ b/roles/openshift_certificate_expiry/meta/main.yml @@ -13,4 +13,5 @@ galaxy_info: categories: - cloud - system -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml index 5d2b6abed..e531543b9 100644 --- a/roles/openshift_cli/meta/main.yml +++ b/roles/openshift_cli/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 68d82e436..37bed9dbe 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Install clients package: name={{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }} state=present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded @@ -18,7 +18,7 @@ tag: "{{ openshift_image_tag }}" backend: "docker" when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - not l_use_cli_atomic_image | bool - block: @@ -34,7 +34,7 @@ tag: "{{ openshift_image_tag }}" backend: "atomic" when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - l_use_cli_atomic_image | bool - name: Reload facts to pick up installed OpenShift version @@ -42,6 +42,6 @@ - name: Install bash completion for oc tools package: name=bash-completion state=present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded diff --git a/roles/openshift_cloud_provider/meta/main.yml b/roles/openshift_cloud_provider/meta/main.yml index 8ab95bf5a..e49cc4430 100644 --- a/roles/openshift_cloud_provider/meta/main.yml +++ b/roles/openshift_cloud_provider/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_cluster_autoscaler/meta/main.yml b/roles/openshift_cluster_autoscaler/meta/main.yml index d2bbd2576..543eb6fed 100644 --- a/roles/openshift_cluster_autoscaler/meta/main.yml +++ b/roles/openshift_cluster_autoscaler/meta/main.yml @@ -1,3 +1,4 @@ --- dependencies: - lib_openshift +- role: lib_utils diff --git a/roles/openshift_default_storage_class/meta/main.yml b/roles/openshift_default_storage_class/meta/main.yml index d7d57fe39..30671a59a 100644 --- a/roles/openshift_default_storage_class/meta/main.yml +++ b/roles/openshift_default_storage_class/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: lib_openshift +- role: lib_utils diff --git a/roles/openshift_docker_gc/meta/main.yml b/roles/openshift_docker_gc/meta/main.yml index f88a7c533..c8472d8bc 100644 --- a/roles/openshift_docker_gc/meta/main.yml +++ b/roles/openshift_docker_gc/meta/main.yml @@ -11,3 +11,4 @@ galaxy_info: - 7 dependencies: - role: lib_openshift +- role: lib_utils diff --git a/roles/openshift_etcd/meta/main.yml b/roles/openshift_etcd/meta/main.yml index 0e28fec03..25ae6a936 100644 --- a/roles/openshift_etcd/meta/main.yml +++ b/roles/openshift_etcd/meta/main.yml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: openshift_etcd_facts - role: etcd +- role: lib_utils diff --git a/roles/openshift_etcd_client_certificates/meta/main.yml b/roles/openshift_etcd_client_certificates/meta/main.yml index fbc72c8a3..6c79d345c 100644 --- a/roles/openshift_etcd_client_certificates/meta/main.yml +++ b/roles/openshift_etcd_client_certificates/meta/main.yml @@ -11,4 +11,5 @@ galaxy_info: - 7 categories: - cloud -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_etcd_facts/meta/main.yml b/roles/openshift_etcd_facts/meta/main.yml index 925aa9f92..5e64a8596 100644 --- a/roles/openshift_etcd_facts/meta/main.yml +++ b/roles/openshift_etcd_facts/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_etcd_facts/vars/main.yml b/roles/openshift_etcd_facts/vars/main.yml index 0c072b64a..9e635b34f 100644 --- a/roles/openshift_etcd_facts/vars/main.yml +++ b/roles/openshift_etcd_facts/vars/main.yml @@ -1,6 +1,6 @@ --- -etcd_is_containerized: "{{ openshift.common.is_containerized }}" -etcd_is_atomic: "{{ openshift.common.is_atomic }}" +etcd_is_containerized: "{{ openshift_is_containerized }}" +etcd_is_atomic: "{{ openshift_is_atomic }}" etcd_hostname: "{{ openshift.common.hostname }}" etcd_ip: "{{ openshift.common.ip }}" etcd_cert_subdir: "etcd-{{ openshift.common.hostname }}" diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index e623b33f3..0a6e8f20c 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -8,7 +8,7 @@ openshift_examples_load_quickstarts: true content_version: "{{ openshift.common.examples_content_version }}" -examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples" +examples_base: "{{ openshift.common.config_base if openshift_is_containerized | bool else '/usr/share/openshift' }}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: - "{{ image_streams_base }}/image-streams-centos7.json" diff --git a/roles/openshift_examples/meta/main.yml b/roles/openshift_examples/meta/main.yml index f3fe2dcbe..1a34c85fc 100644 --- a/roles/openshift_examples/meta/main.yml +++ b/roles/openshift_examples/meta/main.yml @@ -11,4 +11,5 @@ galaxy_info: - 7 categories: - cloud -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index 356317431..a09a598bd 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -53,7 +53,7 @@ # RHEL and Centos image streams are mutually exclusive - name: Import RHEL streams command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }} when: openshift_examples_load_rhel | bool with_items: - "{{ rhel_image_streams }}" @@ -63,7 +63,7 @@ - name: Import Centos Image streams command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }} when: openshift_examples_load_centos | bool with_items: - "{{ centos_image_streams }}" @@ -73,7 +73,7 @@ - name: Import db templates command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ db_templates_base }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ db_templates_base }} when: openshift_examples_load_db_templates | bool register: oex_import_db_templates failed_when: "'already exists' not in oex_import_db_templates.stderr and oex_import_db_templates.rc != 0" @@ -90,7 +90,7 @@ - "{{ quickstarts_base }}/django.json" - name: Remove defunct quickstart templates from openshift namespace - command: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}" + command: "{{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}" with_items: - nodejs-example - cakephp-example @@ -102,7 +102,7 @@ - name: Import quickstart-templates command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ quickstarts_base }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ quickstarts_base }} when: openshift_examples_load_quickstarts | bool register: oex_import_quickstarts failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" @@ -116,7 +116,7 @@ - "{{ xpaas_templates_base }}/sso70-basic.json" - name: Remove old xPaas templates from openshift namespace - command: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}" + command: "{{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}" with_items: - sso70-basic register: oex_delete_old_xpaas_templates @@ -125,7 +125,7 @@ - name: Import xPaas image streams command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_image_streams }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_image_streams }} when: openshift_examples_load_xpaas | bool register: oex_import_xpaas_streams failed_when: "'already exists' not in oex_import_xpaas_streams.stderr and oex_import_xpaas_streams.rc != 0" @@ -133,7 +133,7 @@ - name: Import xPaas templates command: > - {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_templates_base }} + {{ openshift_client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_templates_base }} when: openshift_examples_load_xpaas | bool register: oex_import_xpaas_templates failed_when: "'already exists' not in oex_import_xpaas_templates.stderr and oex_import_xpaas_templates.rc != 0" diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml index ad7c00d14..6532d7fe2 100644 --- a/roles/openshift_excluder/tasks/install.yml +++ b/roles/openshift_excluder/tasks/install.yml @@ -1,14 +1,14 @@ --- - when: - - not openshift.common.is_atomic | bool + - not openshift_is_atomic | bool - r_openshift_excluder_install_ran is not defined block: - name: Install docker excluder - yum package: - name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) + '*' }}" + name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) + '*' }}" state: "{{ r_openshift_excluder_docker_package_state }}" when: - r_openshift_excluder_enable_docker_excluder | bool @@ -23,7 +23,7 @@ # https://bugzilla.redhat.com/show_bug.cgi?id=1199432 - name: Install docker excluder - dnf package: - name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ r_openshift_excluder_service_type }}-docker-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: "{{ r_openshift_excluder_docker_package_state }}" when: - r_openshift_excluder_enable_docker_excluder | bool @@ -33,7 +33,7 @@ - name: Install openshift excluder - yum package: - name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) + '*' }}" + name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) + '*' }}" state: "{{ r_openshift_excluder_package_state }}" when: - r_openshift_excluder_enable_openshift_excluder | bool @@ -47,7 +47,7 @@ # https://bugzilla.redhat.com/show_bug.cgi?id=1199432 - name: Install openshift excluder - dnf package: - name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ r_openshift_excluder_service_type }}-excluder{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: "{{ r_openshift_excluder_package_state }}" when: - r_openshift_excluder_enable_openshift_excluder | bool diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index c7e21ba99..5ae863871 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Ensure growpart is installed package: name=cloud-utils-growpart state=present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded @@ -10,7 +10,7 @@ register: has_growpart failed_when: has_growpart.cr != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout changed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Grow the partitions command: "growpart {{oep_drive}} {{oep_partition}}" diff --git a/roles/openshift_facts/defaults/main.yml b/roles/openshift_facts/defaults/main.yml index 804b274a2..980350d14 100644 --- a/roles/openshift_facts/defaults/main.yml +++ b/roles/openshift_facts/defaults/main.yml @@ -1,8 +1,13 @@ --- +openshift_client_binary: "{{ openshift_is_containerized | ternary('/usr/local/bin/oc', 'oc') }}" + openshift_cli_image_dict: origin: 'openshift/origin' openshift-enterprise: 'openshift3/ose' +repoquery_cmd: "{{ (ansible_pkg_mgr == 'dnf') | ternary('dnf repoquery --latest-limit 1 -d 0', 'repoquery --plugins') }}" +repoquery_installed: "{{ (ansible_pkg_mgr == 'dnf') | ternary('dnf repoquery --latest-limit 1 -d 0 --disableexcludes=all --installed', 'repoquery --plugins --installed') }}" + openshift_hosted_images_dict: origin: 'openshift/origin-${component}:${version}' openshift-enterprise: 'openshift3/ose-${component}:${version}' diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 6170f15d9..d659286dc 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -887,7 +887,7 @@ def get_openshift_version(facts): if os.path.isfile('/usr/bin/openshift'): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) # noqa: F405 version = parse_openshift_version(output) - elif 'common' in facts and 'is_containerized' in facts['common']: + else: version = get_container_openshift_version(facts) # Handle containerized masters that have not yet been configured as a node. @@ -1278,36 +1278,7 @@ def set_container_facts_if_unset(facts): dict: the facts dict updated with the generated containerization facts """ - facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted') - - if 'is_containerized' not in facts['common']: - facts['common']['is_containerized'] = facts['common']['is_atomic'] - - if safe_get_bool(facts['common']['is_containerized']): - facts['common']['client_binary'] = '/usr/local/bin/oc' - - return facts - -def set_installed_variant_rpm_facts(facts): - """ Set RPM facts of installed variant - Args: - facts (dict): existing facts - Returns: - dict: the facts dict updated with installed_variant_rpms - """ - installed_rpms = [] - for base_rpm in ['openshift', 'atomic-openshift', 'origin']: - optional_rpms = ['master', 'node', 'clients', 'sdn-ovs'] - variant_rpms = [base_rpm] + \ - ['{0}-{1}'.format(base_rpm, r) for r in optional_rpms] + \ - ['tuned-profiles-%s-node' % base_rpm] - for rpm in variant_rpms: - exit_code, _, _ = module.run_command(['rpm', '-q', rpm]) # noqa: F405 - if exit_code == 0: - installed_rpms.append(rpm) - - facts['common']['installed_variant_rpms'] = installed_rpms return facts @@ -1430,8 +1401,6 @@ class OpenShiftFacts(object): facts = set_proxy_facts(facts) facts = set_builddefaults_facts(facts) facts = set_buildoverrides_facts(facts) - if not safe_get_bool(facts['common']['is_containerized']): - facts = set_installed_variant_rpm_facts(facts) facts = set_nodename(facts) return dict(openshift=facts) @@ -1459,7 +1428,6 @@ class OpenShiftFacts(object): hostname=hostname, public_hostname=hostname, portal_net='172.30.0.0/16', - client_binary='oc', dns_domain='cluster.local', config_base='/etc/origin') diff --git a/roles/openshift_health_checker/meta/main.yml b/roles/openshift_health_checker/meta/main.yml index bc8e7bdcf..b8a59ee14 100644 --- a/roles/openshift_health_checker/meta/main.yml +++ b/roles/openshift_health_checker/meta/main.yml @@ -1,3 +1,4 @@ --- dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py index 4f91f6bb3..744b79c1a 100644 --- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py +++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py @@ -160,7 +160,7 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck): required.add(self._registry_console_image(image_tag, image_info)) # images for containerized components - if self.get_var("openshift", "common", "is_containerized"): + if self.get_var("openshift_is_containerized"): components = set() if 'oo_nodes_to_config' in host_groups: components.update(["node", "openvswitch"]) diff --git a/roles/openshift_health_checker/openshift_checks/etcd_traffic.py b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py index 8b20ccb49..b56d2092b 100644 --- a/roles/openshift_health_checker/openshift_checks/etcd_traffic.py +++ b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py @@ -20,8 +20,8 @@ class EtcdTraffic(OpenShiftCheck): return super(EtcdTraffic, self).is_active() and valid_group_names and valid_version def run(self): - is_containerized = self.get_var("openshift", "common", "is_containerized") - unit = "etcd_container" if is_containerized else "etcd" + openshift_is_containerized = self.get_var("openshift_is_containerized") + unit = "etcd_container" if openshift_is_containerized else "etcd" log_matchers = [{ "start_regexp": r"Starting Etcd Server", diff --git a/roles/openshift_health_checker/openshift_checks/mixins.py b/roles/openshift_health_checker/openshift_checks/mixins.py index cfbdea303..567162be1 100644 --- a/roles/openshift_health_checker/openshift_checks/mixins.py +++ b/roles/openshift_health_checker/openshift_checks/mixins.py @@ -10,8 +10,8 @@ class NotContainerizedMixin(object): def is_active(self): """Only run on non-containerized hosts.""" - is_containerized = self.get_var("openshift", "common", "is_containerized") - return super(NotContainerizedMixin, self).is_active() and not is_containerized + openshift_is_containerized = self.get_var("openshift_is_containerized") + return super(NotContainerizedMixin, self).is_active() and not openshift_is_containerized class DockerHostMixin(object): @@ -23,7 +23,7 @@ class DockerHostMixin(object): """Only run on hosts that depend on Docker.""" group_names = set(self.get_var("group_names", default=[])) needs_docker = set(["oo_nodes_to_config"]) - if self.get_var("openshift.common.is_containerized"): + if self.get_var("openshift_is_containerized"): needs_docker.update(["oo_masters_to_config", "oo_etcd_to_config"]) return super(DockerHostMixin, self).is_active() and bool(group_names.intersection(needs_docker)) @@ -33,7 +33,7 @@ class DockerHostMixin(object): (which would not be able to install but should already have them). Returns: msg, failed """ - if self.get_var("openshift", "common", "is_atomic"): + if self.get_var("openshift_is_atomic"): return "", False # NOTE: we would use the "package" module but it's actually an action plugin diff --git a/roles/openshift_health_checker/test/docker_image_availability_test.py b/roles/openshift_health_checker/test/docker_image_availability_test.py index fc333dfd4..9fd6e049d 100644 --- a/roles/openshift_health_checker/test/docker_image_availability_test.py +++ b/roles/openshift_health_checker/test/docker_image_availability_test.py @@ -6,13 +6,8 @@ from openshift_checks.docker_image_availability import DockerImageAvailability, @pytest.fixture() def task_vars(): return dict( - openshift=dict( - common=dict( - is_containerized=False, - is_atomic=False, - ), - docker=dict(), - ), + openshift_is_atomic=False, + openshift_is_containerized=False, openshift_service_type='origin', openshift_deployment_type='origin', openshift_image_tag='', @@ -20,7 +15,7 @@ def task_vars(): ) -@pytest.mark.parametrize('deployment_type, is_containerized, group_names, expect_active', [ +@pytest.mark.parametrize('deployment_type, openshift_is_containerized, group_names, expect_active', [ ("invalid", True, [], False), ("", True, [], False), ("origin", False, [], False), @@ -30,20 +25,20 @@ def task_vars(): ("origin", True, ["nfs"], False), ("openshift-enterprise", True, ["lb"], False), ]) -def test_is_active(task_vars, deployment_type, is_containerized, group_names, expect_active): +def test_is_active(task_vars, deployment_type, openshift_is_containerized, group_names, expect_active): task_vars['openshift_deployment_type'] = deployment_type - task_vars['openshift']['common']['is_containerized'] = is_containerized + task_vars['openshift_is_containerized'] = openshift_is_containerized task_vars['group_names'] = group_names assert DockerImageAvailability(None, task_vars).is_active() == expect_active -@pytest.mark.parametrize("is_containerized,is_atomic", [ +@pytest.mark.parametrize("openshift_is_containerized,openshift_is_atomic", [ (True, True), (False, False), (True, False), (False, True), ]) -def test_all_images_available_locally(task_vars, is_containerized, is_atomic): +def test_all_images_available_locally(task_vars, openshift_is_containerized, openshift_is_atomic): def execute_module(module_name, module_args, *_): if module_name == "yum": return {} @@ -55,8 +50,8 @@ def test_all_images_available_locally(task_vars, is_containerized, is_atomic): 'images': [module_args['name']], } - task_vars['openshift']['common']['is_containerized'] = is_containerized - task_vars['openshift']['common']['is_atomic'] = is_atomic + task_vars['openshift_is_containerized'] = openshift_is_containerized + task_vars['openshift_is_atomic'] = openshift_is_atomic result = DockerImageAvailability(execute_module, task_vars).run() assert not result.get('failed', False) @@ -172,7 +167,7 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo assert expect_registries_reached == check.reachable_registries -@pytest.mark.parametrize("deployment_type, is_containerized, groups, oreg_url, expected", [ +@pytest.mark.parametrize("deployment_type, openshift_is_containerized, groups, oreg_url, expected", [ ( # standard set of stuff required on nodes "origin", False, ['oo_nodes_to_config'], "", set([ @@ -232,14 +227,10 @@ def test_registry_availability(image, registries, connection_test_failed, skopeo ), ]) -def test_required_images(deployment_type, is_containerized, groups, oreg_url, expected): +def test_required_images(deployment_type, openshift_is_containerized, groups, oreg_url, expected): task_vars = dict( - openshift=dict( - common=dict( - is_containerized=is_containerized, - is_atomic=False, - ), - ), + openshift_is_containerized=openshift_is_containerized, + openshift_is_atomic=False, openshift_deployment_type=deployment_type, group_names=groups, oreg_url=oreg_url, @@ -287,11 +278,7 @@ def test_registry_console_image(task_vars, expected): def test_containerized_etcd(): task_vars = dict( - openshift=dict( - common=dict( - is_containerized=True, - ), - ), + openshift_is_containerized=True, openshift_deployment_type="origin", group_names=['oo_etcd_to_config'], ) diff --git a/roles/openshift_health_checker/test/docker_storage_test.py b/roles/openshift_health_checker/test/docker_storage_test.py index 8fa68c378..33a5dd90a 100644 --- a/roles/openshift_health_checker/test/docker_storage_test.py +++ b/roles/openshift_health_checker/test/docker_storage_test.py @@ -4,21 +4,21 @@ from openshift_checks import OpenShiftCheckException from openshift_checks.docker_storage import DockerStorage -@pytest.mark.parametrize('is_containerized, group_names, is_active', [ +@pytest.mark.parametrize('openshift_is_containerized, group_names, is_active', [ (False, ["oo_masters_to_config", "oo_etcd_to_config"], False), (False, ["oo_masters_to_config", "oo_nodes_to_config"], True), (True, ["oo_etcd_to_config"], True), ]) -def test_is_active(is_containerized, group_names, is_active): +def test_is_active(openshift_is_containerized, group_names, is_active): task_vars = dict( - openshift=dict(common=dict(is_containerized=is_containerized)), + openshift_is_containerized=openshift_is_containerized, group_names=group_names, ) assert DockerStorage(None, task_vars).is_active() == is_active def non_atomic_task_vars(): - return {"openshift": {"common": {"is_atomic": False}}} + return {"openshift_is_atomic": False} @pytest.mark.parametrize('docker_info, failed, expect_msg', [ diff --git a/roles/openshift_health_checker/test/etcd_traffic_test.py b/roles/openshift_health_checker/test/etcd_traffic_test.py index a29dc166b..583c4c8dd 100644 --- a/roles/openshift_health_checker/test/etcd_traffic_test.py +++ b/roles/openshift_health_checker/test/etcd_traffic_test.py @@ -36,9 +36,7 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words) task_vars = dict( group_names=group_names, - openshift=dict( - common=dict(is_containerized=False), - ), + openshift_is_containerized=False, openshift_service_type="origin" ) @@ -50,15 +48,13 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words) assert result.get("failed", False) == failed -@pytest.mark.parametrize('is_containerized,expected_unit_value', [ +@pytest.mark.parametrize('openshift_is_containerized,expected_unit_value', [ (False, "etcd"), (True, "etcd_container"), ]) -def test_systemd_unit_matches_deployment_type(is_containerized, expected_unit_value): +def test_systemd_unit_matches_deployment_type(openshift_is_containerized, expected_unit_value): task_vars = dict( - openshift=dict( - common=dict(is_containerized=is_containerized), - ) + openshift_is_containerized=openshift_is_containerized ) def execute_module(module_name, args, *_): diff --git a/roles/openshift_health_checker/test/mixins_test.py b/roles/openshift_health_checker/test/mixins_test.py index b1a41ca3c..b5d6f2e95 100644 --- a/roles/openshift_health_checker/test/mixins_test.py +++ b/roles/openshift_health_checker/test/mixins_test.py @@ -10,8 +10,8 @@ class NotContainerizedCheck(NotContainerizedMixin, OpenShiftCheck): @pytest.mark.parametrize('task_vars,expected', [ - (dict(openshift=dict(common=dict(is_containerized=False))), True), - (dict(openshift=dict(common=dict(is_containerized=True))), False), + (dict(openshift_is_containerized=False), True), + (dict(openshift_is_containerized=True), False), ]) def test_is_active(task_vars, expected): assert NotContainerizedCheck(None, task_vars).is_active() == expected @@ -20,4 +20,4 @@ def test_is_active(task_vars, expected): def test_is_active_missing_task_vars(): with pytest.raises(OpenShiftCheckException) as excinfo: NotContainerizedCheck().is_active() - assert 'is_containerized' in str(excinfo.value) + assert 'openshift_is_containerized' in str(excinfo.value) diff --git a/roles/openshift_health_checker/test/ovs_version_test.py b/roles/openshift_health_checker/test/ovs_version_test.py index dd98ff4d8..0238f49d5 100644 --- a/roles/openshift_health_checker/test/ovs_version_test.py +++ b/roles/openshift_health_checker/test/ovs_version_test.py @@ -70,7 +70,7 @@ def test_ovs_package_version(openshift_release, expected_ovs_version): assert result is return_value -@pytest.mark.parametrize('group_names,is_containerized,is_active', [ +@pytest.mark.parametrize('group_names,openshift_is_containerized,is_active', [ (['oo_masters_to_config'], False, True), # ensure check is skipped on containerized installs (['oo_masters_to_config'], True, False), @@ -82,9 +82,9 @@ def test_ovs_package_version(openshift_release, expected_ovs_version): (['lb'], False, False), (['nfs'], False, False), ]) -def test_ovs_version_skip_when_not_master_nor_node(group_names, is_containerized, is_active): +def test_ovs_version_skip_when_not_master_nor_node(group_names, openshift_is_containerized, is_active): task_vars = dict( group_names=group_names, - openshift=dict(common=dict(is_containerized=is_containerized)), + openshift_is_containerized=openshift_is_containerized, ) assert OvsVersion(None, task_vars).is_active() == is_active diff --git a/roles/openshift_health_checker/test/package_availability_test.py b/roles/openshift_health_checker/test/package_availability_test.py index a1e6e0879..52740093d 100644 --- a/roles/openshift_health_checker/test/package_availability_test.py +++ b/roles/openshift_health_checker/test/package_availability_test.py @@ -3,16 +3,16 @@ import pytest from openshift_checks.package_availability import PackageAvailability -@pytest.mark.parametrize('pkg_mgr,is_containerized,is_active', [ +@pytest.mark.parametrize('pkg_mgr,openshift_is_containerized,is_active', [ ('yum', False, True), ('yum', True, False), ('dnf', True, False), ('dnf', False, False), ]) -def test_is_active(pkg_mgr, is_containerized, is_active): +def test_is_active(pkg_mgr, openshift_is_containerized, is_active): task_vars = dict( ansible_pkg_mgr=pkg_mgr, - openshift=dict(common=dict(is_containerized=is_containerized)), + openshift_is_containerized=openshift_is_containerized, ) assert PackageAvailability(None, task_vars).is_active() == is_active diff --git a/roles/openshift_health_checker/test/package_version_test.py b/roles/openshift_health_checker/test/package_version_test.py index ea8e02b97..d2916f617 100644 --- a/roles/openshift_health_checker/test/package_version_test.py +++ b/roles/openshift_health_checker/test/package_version_test.py @@ -99,7 +99,7 @@ def test_docker_package_version(deployment_type, openshift_release, expected_doc assert result == return_value -@pytest.mark.parametrize('group_names,is_containerized,is_active', [ +@pytest.mark.parametrize('group_names,openshift_is_containerized,is_active', [ (['oo_masters_to_config'], False, True), # ensure check is skipped on containerized installs (['oo_masters_to_config'], True, False), @@ -111,9 +111,9 @@ def test_docker_package_version(deployment_type, openshift_release, expected_doc (['lb'], False, False), (['nfs'], False, False), ]) -def test_package_version_skip_when_not_master_nor_node(group_names, is_containerized, is_active): +def test_package_version_skip_when_not_master_nor_node(group_names, openshift_is_containerized, is_active): task_vars = dict( group_names=group_names, - openshift=dict(common=dict(is_containerized=is_containerized)), + openshift_is_containerized=openshift_is_containerized, ) assert PackageVersion(None, task_vars).is_active() == is_active diff --git a/roles/openshift_hosted/meta/main.yml b/roles/openshift_hosted/meta/main.yml index ac9e241a5..ace2d15b0 100644 --- a/roles/openshift_hosted/meta/main.yml +++ b/roles/openshift_hosted/meta/main.yml @@ -14,4 +14,4 @@ galaxy_info: dependencies: - role: openshift_facts - role: lib_openshift -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/openshift_hosted/tasks/router.yml b/roles/openshift_hosted/tasks/router.yml index 4e9219477..8ecaacb4a 100644 --- a/roles/openshift_hosted/tasks/router.yml +++ b/roles/openshift_hosted/tasks/router.yml @@ -25,10 +25,10 @@ backup: True dest: "/etc/origin/master/{{ item | basename }}" src: "{{ item }}" - with_items: "{{ openshift_hosted_routers | oo_collect(attribute='certificate') | - oo_select_keys_from_list(['keyfile', 'certfile', 'cafile']) }}" + with_items: "{{ openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') | + lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile']) }}" when: ( not openshift_hosted_router_create_certificate | bool ) or openshift_hosted_router_certificate != {} or - ( openshift_hosted_routers | oo_collect(attribute='certificate') | oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length > 0 ) + ( openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') | lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length > 0 ) # This is for when we desire a cluster signed cert @@ -55,7 +55,7 @@ when: - openshift_hosted_router_create_certificate | bool - openshift_hosted_router_certificate == {} - - openshift_hosted_routers | oo_collect(attribute='certificate') | oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length == 0 + - openshift_hosted_routers | lib_utils_oo_collect(attribute='certificate') | lib_utils_oo_select_keys_from_list(['keyfile', 'certfile', 'cafile'])|length == 0 - name: Create the router service account(s) oc_serviceaccount: diff --git a/roles/openshift_hosted/tasks/storage/glusterfs.yml b/roles/openshift_hosted/tasks/storage/glusterfs.yml index 18b2edcc6..b39c44b01 100644 --- a/roles/openshift_hosted/tasks/storage/glusterfs.yml +++ b/roles/openshift_hosted/tasks/storage/glusterfs.yml @@ -17,7 +17,7 @@ until: - "registry_pods.results.results[0]['items'] | count > 0" # There must be as many matching pods with 'Ready' status True as there are expected replicas - - "registry_pods.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == openshift_hosted_registry_replicas | default(l_default_replicas) | int" + - "registry_pods.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == openshift_hosted_registry_replicas | default(l_default_replicas) | int" delay: 10 retries: "{{ (600 / 10) | int }}" diff --git a/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml b/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml index bd7181c17..77f020357 100644 --- a/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml +++ b/roles/openshift_hosted/tasks/storage/glusterfs_endpoints.yml @@ -10,7 +10,7 @@ dest: "{{ mktempHosted.stdout }}/glusterfs-registry-service.yml" - name: Create GlusterFS registry service and endpoint - command: "{{ openshift.common.client_binary }} apply -f {{ item }} -n {{ openshift_hosted_registry_namespace | default('default') }}" + command: "{{ openshift_client_binary }} apply -f {{ item }} -n {{ openshift_hosted_registry_namespace | default('default') }}" with_items: - "{{ mktempHosted.stdout }}/glusterfs-registry-service.yml" - "{{ mktempHosted.stdout }}/glusterfs-registry-endpoints.yml" diff --git a/roles/openshift_hosted/tasks/wait_for_pod.yml b/roles/openshift_hosted/tasks/wait_for_pod.yml index 056c79334..f4b9939cc 100644 --- a/roles/openshift_hosted/tasks/wait_for_pod.yml +++ b/roles/openshift_hosted/tasks/wait_for_pod.yml @@ -3,7 +3,7 @@ block: - name: Ensure OpenShift pod correctly rolls out (best-effort today) command: | - {{ openshift.common.client_binary }} rollout status deploymentconfig {{ item.name }} \ + {{ openshift_client_binary }} rollout status deploymentconfig {{ item.name }} \ --namespace {{ item.namespace | default('default') }} \ --config {{ openshift_master_config_dir }}/admin.kubeconfig async: 600 @@ -13,7 +13,7 @@ - name: Determine the latest version of the OpenShift pod deployment command: | - {{ openshift.common.client_binary }} get deploymentconfig {{ item.name }} \ + {{ openshift_client_binary }} get deploymentconfig {{ item.name }} \ --namespace {{ item.namespace }} \ --config {{ openshift_master_config_dir }}/admin.kubeconfig \ -o jsonpath='{ .status.latestVersion }' @@ -22,7 +22,7 @@ - name: Poll for OpenShift pod deployment success command: | - {{ openshift.common.client_binary }} get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \ + {{ openshift_client_binary }} get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \ --namespace {{ item.0.namespace }} \ --config {{ openshift_master_config_dir }}/admin.kubeconfig \ -o jsonpath='{ .metadata.annotations.openshift\.io/deployment\.phase }' diff --git a/roles/openshift_hosted_templates/defaults/main.yml b/roles/openshift_hosted_templates/defaults/main.yml index f4fd15089..48d62c8df 100644 --- a/roles/openshift_hosted_templates/defaults/main.yml +++ b/roles/openshift_hosted_templates/defaults/main.yml @@ -1,5 +1,5 @@ --- -hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted" +hosted_base: "{{ openshift.common.config_base if openshift_is_containerized | bool else '/usr/share/openshift' }}/hosted" hosted_deployment_type: "{{ 'origin' if openshift_deployment_type == 'origin' else 'enterprise' }}" content_version: "{{ openshift.common.examples_content_version }}" diff --git a/roles/openshift_hosted_templates/meta/main.yml b/roles/openshift_hosted_templates/meta/main.yml index 4027f524b..fca3485fd 100644 --- a/roles/openshift_hosted_templates/meta/main.yml +++ b/roles/openshift_hosted_templates/meta/main.yml @@ -11,4 +11,5 @@ galaxy_info: - 7 categories: - cloud -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_hosted_templates/tasks/main.yml b/roles/openshift_hosted_templates/tasks/main.yml index 89b92dfcc..b2313c297 100644 --- a/roles/openshift_hosted_templates/tasks/main.yml +++ b/roles/openshift_hosted_templates/tasks/main.yml @@ -52,7 +52,7 @@ - name: Create or update hosted templates command: > - {{ openshift.common.client_binary }} {{ openshift_hosted_templates_import_command }} + {{ openshift_client_binary }} {{ openshift_hosted_templates_import_command }} -f {{ hosted_base }} --config={{ openshift_hosted_templates_kubeconfig }} -n openshift diff --git a/roles/openshift_loadbalancer/meta/main.yml b/roles/openshift_loadbalancer/meta/main.yml index 72298b599..3b5b45c5f 100644 --- a/roles/openshift_loadbalancer/meta/main.yml +++ b/roles/openshift_loadbalancer/meta/main.yml @@ -10,5 +10,5 @@ galaxy_info: versions: - 7 dependencies: -- role: lib_os_firewall +- role: lib_utils - role: openshift_facts diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml index 3ca6c8cbe..4a11029ab 100644 --- a/roles/openshift_loadbalancer/tasks/main.yml +++ b/roles/openshift_loadbalancer/tasks/main.yml @@ -4,33 +4,33 @@ - name: Install haproxy package: name=haproxy state=present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded - name: Pull haproxy image command: > docker pull {{ openshift_router_image }}:{{ openshift_image_tag }} - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Create config directory for haproxy file: path: /etc/haproxy state: directory - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Create the systemd unit files template: src: "haproxy.docker.service.j2" dest: "/etc/systemd/system/haproxy.service" - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool notify: restart haproxy - name: Configure systemd service directory for haproxy file: path: /etc/systemd/system/haproxy.service.d state: directory - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool # Work around ini_file create option in 2.2 which defaults to no - name: Create limits.conf file @@ -41,7 +41,7 @@ owner: root group: root changed_when: false - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool - name: Configure the nofile limits for haproxy ini_file: @@ -50,7 +50,7 @@ option: LimitNOFILE value: "{{ openshift_loadbalancer_limit_nofile | default(100000) }}" notify: restart haproxy - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool - name: Configure haproxy template: diff --git a/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 b/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 index 24fd635ec..de5a8d7c2 100644 --- a/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 +++ b/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 @@ -3,7 +3,7 @@ global maxconn {{ openshift_loadbalancer_global_maxconn | default(20000) }} log /dev/log local0 info -{% if openshift.common.is_containerized | bool %} +{% if openshift_is_containerized | bool %} stats socket /var/lib/haproxy/run/haproxy.sock mode 600 level admin {% else %} chroot /var/lib/haproxy diff --git a/roles/openshift_logging/meta/main.yaml b/roles/openshift_logging/meta/main.yaml index 9c480f73a..01ed4918f 100644 --- a/roles/openshift_logging/meta/main.yaml +++ b/roles/openshift_logging/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging/tasks/annotate_ops_projects.yaml b/roles/openshift_logging/tasks/annotate_ops_projects.yaml index 59d6098d4..4a2ee64f0 100644 --- a/roles/openshift_logging/tasks/annotate_ops_projects.yaml +++ b/roles/openshift_logging/tasks/annotate_ops_projects.yaml @@ -1,6 +1,6 @@ --- - command: > - {{ openshift.common.client_binary }} + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get namespaces -o jsonpath={.items[*].metadata.name} {{ __default_logging_ops_projects | join(' ') }} register: __logging_ops_projects diff --git a/roles/openshift_logging/tasks/delete_logging.yaml b/roles/openshift_logging/tasks/delete_logging.yaml index af36d67c6..51d6d0efd 100644 --- a/roles/openshift_logging/tasks/delete_logging.yaml +++ b/roles/openshift_logging/tasks/delete_logging.yaml @@ -109,14 +109,14 @@ # remove annotations added by logging - command: > - {{ openshift.common.client_binary }} + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get namespaces -o name {{ __default_logging_ops_projects | join(' ') }} register: __logging_ops_projects - name: Remove Annotation of Operations Projects command: > - {{ openshift.common.client_binary }} + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig annotate {{ project }} openshift.io/logging.ui.hostname- with_items: "{{ __logging_ops_projects.stdout_lines }}" diff --git a/roles/openshift_logging/tasks/generate_certs.yaml b/roles/openshift_logging/tasks/generate_certs.yaml index 082c0128f..0d7f8c056 100644 --- a/roles/openshift_logging/tasks/generate_certs.yaml +++ b/roles/openshift_logging/tasks/generate_certs.yaml @@ -17,7 +17,7 @@ - name: Generate certificates command: > - {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-signer-cert + {{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-signer-cert --key={{generated_certs_dir}}/ca.key --cert={{generated_certs_dir}}/ca.crt --serial={{generated_certs_dir}}/ca.serial.txt --name=logging-signer-test check_mode: no @@ -139,10 +139,10 @@ # TODO: make idempotent - name: Generate proxy session - set_fact: session_secret={{ 200 | oo_random_word}} + set_fact: session_secret={{ 200 | lib_utils_oo_random_word}} check_mode: no # TODO: make idempotent - name: Generate oauth client secret - set_fact: oauth_secret={{ 64 | oo_random_word}} + set_fact: oauth_secret={{ 64 | lib_utils_oo_random_word}} check_mode: no diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml index bb8ebec6b..11f59652c 100644 --- a/roles/openshift_logging/tasks/install_logging.yaml +++ b/roles/openshift_logging/tasks/install_logging.yaml @@ -1,7 +1,7 @@ --- - name: Gather OpenShift Logging Facts openshift_logging_facts: - oc_bin: "{{openshift.common.client_binary}}" + oc_bin: "{{openshift_client_binary}}" openshift_logging_namespace: "{{openshift_logging_namespace}}" - name: Set logging project diff --git a/roles/openshift_logging/tasks/procure_server_certs.yaml b/roles/openshift_logging/tasks/procure_server_certs.yaml index 00de0ca06..bc817075d 100644 --- a/roles/openshift_logging/tasks/procure_server_certs.yaml +++ b/roles/openshift_logging/tasks/procure_server_certs.yaml @@ -27,7 +27,7 @@ - name: Creating signed server cert and key for {{ cert_info.procure_component }} command: > - {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-server-cert + {{ openshift_client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig ca create-server-cert --key={{generated_certs_dir}}/{{cert_info.procure_component}}.key --cert={{generated_certs_dir}}/{{cert_info.procure_component}}.crt --hostnames={{cert_info.hostnames|quote}} --signer-cert={{generated_certs_dir}}/ca.crt --signer-key={{generated_certs_dir}}/ca.key --signer-serial={{generated_certs_dir}}/ca.serial.txt diff --git a/roles/openshift_logging_curator/meta/main.yaml b/roles/openshift_logging_curator/meta/main.yaml index d4635aab0..9f7c6341c 100644 --- a/roles/openshift_logging_curator/meta/main.yaml +++ b/roles/openshift_logging_curator/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_curator/tasks/main.yaml b/roles/openshift_logging_curator/tasks/main.yaml index e7ef5ff22..524e239b7 100644 --- a/roles/openshift_logging_curator/tasks/main.yaml +++ b/roles/openshift_logging_curator/tasks/main.yaml @@ -2,7 +2,7 @@ - name: Set default image variables based on deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name diff --git a/roles/openshift_logging_elasticsearch/meta/main.yaml b/roles/openshift_logging_elasticsearch/meta/main.yaml index 6a9a6539c..e93d6b73e 100644 --- a/roles/openshift_logging_elasticsearch/meta/main.yaml +++ b/roles/openshift_logging_elasticsearch/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml index 5fe683ae5..6ddeb122e 100644 --- a/roles/openshift_logging_elasticsearch/tasks/main.yaml +++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml @@ -15,10 +15,10 @@ elasticsearch_name: "{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}" es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}" -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name @@ -111,7 +111,7 @@ - name: Create logging-metrics-reader-role command: > - {{ openshift.common.client_binary }} + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n "{{ openshift_logging_elasticsearch_namespace }}" create -f "{{mktemp.stdout}}/templates/logging-metrics-role.yml" @@ -352,7 +352,7 @@ delete_after: true - set_fact: - es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 8 | oo_random_word('abcdefghijklmnopqrstuvwxyz0123456789') }}" + es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 8 | lib_utils_oo_random_word('abcdefghijklmnopqrstuvwxyz0123456789') }}" when: openshift_logging_elasticsearch_deployment_name == "" - set_fact: diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2 index cf6ee36bb..4b189f255 100644 --- a/roles/openshift_logging_elasticsearch/templates/es.j2 +++ b/roles/openshift_logging_elasticsearch/templates/es.j2 @@ -50,7 +50,7 @@ spec: - -provider=openshift - -client-id={{openshift_logging_elasticsearch_prometheus_sa}} - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - - -cookie-secret={{ 16 | oo_random_word | b64encode }} + - -cookie-secret={{ 16 | lib_utils_oo_random_word | b64encode }} - -upstream=https://localhost:9200 - '-openshift-sar={"namespace": "{{ openshift_logging_elasticsearch_namespace}}", "verb": "view", "resource": "prometheus", "group": "metrics.openshift.io"}' - '-openshift-delegate-urls={"/": {"resource": "prometheus", "verb": "view", "group": "metrics.openshift.io", "namespace": "{{ openshift_logging_elasticsearch_namespace}}"}}' diff --git a/roles/openshift_logging_eventrouter/meta/main.yaml b/roles/openshift_logging_eventrouter/meta/main.yaml new file mode 100644 index 000000000..711bb8f22 --- /dev/null +++ b/roles/openshift_logging_eventrouter/meta/main.yaml @@ -0,0 +1,17 @@ +--- +galaxy_info: + author: OpenShift Red Hat + description: OpenShift Aggregated Logging Eventrouter + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 2.2 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- role: lib_openshift +- role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_eventrouter/tasks/main.yaml b/roles/openshift_logging_eventrouter/tasks/main.yaml index 96b181d61..31780a343 100644 --- a/roles/openshift_logging_eventrouter/tasks/main.yaml +++ b/roles/openshift_logging_eventrouter/tasks/main.yaml @@ -1,8 +1,8 @@ --- -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name diff --git a/roles/openshift_logging_fluentd/meta/main.yaml b/roles/openshift_logging_fluentd/meta/main.yaml index 89c98204f..62f076780 100644 --- a/roles/openshift_logging_fluentd/meta/main.yaml +++ b/roles/openshift_logging_fluentd/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml index 12b4f5bfd..1cef6c25e 100644 --- a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml +++ b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml @@ -4,7 +4,7 @@ name: "{{ node }}" kind: node state: add - labels: "{{ openshift_logging_fluentd_nodeselector | oo_dict_to_list_of_dict }}" + labels: "{{ openshift_logging_fluentd_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" # wait half a second between labels - local_action: command sleep {{ openshift_logging_fluentd_label_delay | default('.5') }} diff --git a/roles/openshift_logging_fluentd/tasks/main.yaml b/roles/openshift_logging_fluentd/tasks/main.yaml index 87eedfb4b..08d7561ac 100644 --- a/roles/openshift_logging_fluentd/tasks/main.yaml +++ b/roles/openshift_logging_fluentd/tasks/main.yaml @@ -34,10 +34,10 @@ msg: WARNING Use of openshift_logging_mux_client_mode=minimal is not recommended due to current scaling issues when: openshift_logging_mux_client_mode is defined and openshift_logging_mux_client_mode == 'minimal' -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name diff --git a/roles/openshift_logging_kibana/meta/main.yaml b/roles/openshift_logging_kibana/meta/main.yaml index d97586a37..d9d76dfe0 100644 --- a/roles/openshift_logging_kibana/meta/main.yaml +++ b/roles/openshift_logging_kibana/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml index 77bf8042a..3c3bd902e 100644 --- a/roles/openshift_logging_kibana/tasks/main.yaml +++ b/roles/openshift_logging_kibana/tasks/main.yaml @@ -1,9 +1,9 @@ --- # fail is we don't have an endpoint for ES to connect to? -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name @@ -69,7 +69,7 @@ # gen session_secret if necessary - name: Generate session secret copy: - content: "{{ 200 | oo_random_word }}" + content: "{{ 200 | lib_utils_oo_random_word }}" dest: "{{ generated_certs_dir }}/session_secret" when: - not session_secret_file.stat.exists @@ -77,7 +77,7 @@ # gen oauth_secret if necessary - name: Generate oauth secret copy: - content: "{{ 64 | oo_random_word }}" + content: "{{ 64 | lib_utils_oo_random_word }}" dest: "{{ generated_certs_dir }}/oauth_secret" when: - not oauth_secret_file.stat.exists diff --git a/roles/openshift_logging_mux/meta/main.yaml b/roles/openshift_logging_mux/meta/main.yaml index f271d8d7d..969752f15 100644 --- a/roles/openshift_logging_mux/meta/main.yaml +++ b/roles/openshift_logging_mux/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_mux/tasks/main.yaml b/roles/openshift_logging_mux/tasks/main.yaml index 68948bce2..59a6301d7 100644 --- a/roles/openshift_logging_mux/tasks/main.yaml +++ b/roles/openshift_logging_mux/tasks/main.yaml @@ -7,10 +7,10 @@ msg: Operations logs destination is required when: not openshift_logging_mux_ops_host or openshift_logging_mux_ops_host == '' -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name diff --git a/roles/openshift_manage_node/meta/main.yml b/roles/openshift_manage_node/meta/main.yml index d90cd28cf..a09808a39 100644 --- a/roles/openshift_manage_node/meta/main.yml +++ b/roles/openshift_manage_node/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: lib_openshift +- role: lib_utils diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index af22a1a03..9251d380b 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -18,7 +18,7 @@ retries: 120 delay: 1 changed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool delegate_to: "{{ openshift_master_host }}" run_once: true @@ -50,7 +50,7 @@ name: "{{ openshift.node.nodename }}" kind: node state: add - labels: "{{ openshift_node_labels | oo_dict_to_list_of_dict }}" + labels: "{{ openshift_node_labels | lib_utils_oo_dict_to_list_of_dict }}" namespace: default when: - "'nodename' in openshift.node" diff --git a/roles/openshift_manageiq/meta/main.yml b/roles/openshift_manageiq/meta/main.yml index 6c96a91bf..5c9481430 100644 --- a/roles/openshift_manageiq/meta/main.yml +++ b/roles/openshift_manageiq/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: lib_openshift +- role: lib_utils diff --git a/roles/openshift_management/tasks/add_container_provider.yml b/roles/openshift_management/tasks/add_container_provider.yml index 24b2ce6ac..ca381b105 100644 --- a/roles/openshift_management/tasks/add_container_provider.yml +++ b/roles/openshift_management/tasks/add_container_provider.yml @@ -27,7 +27,7 @@ - name: Ensure the management SA bearer token is identified set_fact: - management_token: "{{ sa.results | oo_filter_sa_secrets }}" + management_token: "{{ sa.results | lib_utils_oo_filter_sa_secrets }}" - name: Ensure the SA bearer token value is read oc_secret: diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index bf0cbbf18..3460efec9 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -14,5 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: lib_utils -- role: lib_os_firewall - role: openshift_facts diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 7bfc870d5..eea1401b8 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -16,10 +16,10 @@ - name: Install Master package package: - name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: - - not openshift.common.is_containerized | bool + - not openshift_is_containerized | bool register: result until: result is succeeded @@ -31,12 +31,12 @@ owner: root group: root when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - name: Reload systemd units command: systemctl daemon-reload when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - name: Re-gather package dependent master facts openshift_facts: @@ -48,7 +48,7 @@ - name: Create the policy file if it does not already exist command: > - {{ openshift.common.client_binary }} adm create-bootstrap-policy-file + {{ openshift_client_binary }} adm create-bootstrap-policy-file --filename={{ openshift_master_policy }} args: creates: "{{ openshift_master_policy }}" @@ -69,7 +69,7 @@ package: name=httpd-tools state=present when: - item.kind == 'HTPasswdPasswordIdentityProvider' - - not openshift.common.is_atomic | bool + - not openshift_is_atomic | bool with_items: "{{ openshift.master.identity_providers }}" register: result until: result is succeeded @@ -164,7 +164,7 @@ - name: Install Master system container include_tasks: system_container.yml when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - l_is_master_system_container | bool - name: Create session secrets file diff --git a/roles/openshift_master/tasks/registry_auth.yml b/roles/openshift_master/tasks/registry_auth.yml index 8b342a5b4..911a9bd3d 100644 --- a/roles/openshift_master/tasks/registry_auth.yml +++ b/roles/openshift_master/tasks/registry_auth.yml @@ -43,7 +43,7 @@ set_fact: l_bind_docker_reg_auth: True when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - oreg_auth_user is defined - > (master_oreg_auth_credentials_stat.stat.exists diff --git a/roles/openshift_master/tasks/set_loopback_context.yml b/roles/openshift_master/tasks/set_loopback_context.yml index 487fefb63..7e013a699 100644 --- a/roles/openshift_master/tasks/set_loopback_context.yml +++ b/roles/openshift_master/tasks/set_loopback_context.yml @@ -1,13 +1,13 @@ --- - name: Test local loopback context command: > - {{ openshift.common.client_binary }} config view + {{ openshift_client_binary }} config view --config={{ openshift_master_loopback_config }} changed_when: false register: l_loopback_config - command: > - {{ openshift.common.client_binary }} config set-cluster + {{ openshift_client_binary }} config set-cluster --certificate-authority={{ openshift_master_config_dir }}/ca.crt --embed-certs=true --server={{ openshift.master.loopback_api_url }} {{ openshift.master.loopback_cluster_name }} @@ -17,7 +17,7 @@ register: set_loopback_cluster - command: > - {{ openshift.common.client_binary }} config set-context + {{ openshift_client_binary }} config set-context --cluster={{ openshift.master.loopback_cluster_name }} --namespace=default --user={{ openshift.master.loopback_user }} {{ openshift.master.loopback_context_name }} @@ -27,7 +27,7 @@ register: l_set_loopback_context - command: > - {{ openshift.common.client_binary }} config use-context {{ openshift.master.loopback_context_name }} + {{ openshift_client_binary }} config use-context {{ openshift.master.loopback_context_name }} --config={{ openshift_master_loopback_config }} when: - l_set_loopback_context is changed diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 906ecf277..870ab7c57 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -7,7 +7,7 @@ containerized_svc_dir: "/etc/systemd/system" ha_svc_template_path: "docker-cluster" when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - include_tasks: registry_auth.yml @@ -34,7 +34,7 @@ register: l_pull_result changed_when: "'Downloaded newer image' in l_pull_result.stdout" when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - not l_is_master_system_container | bool - name: Create the ha systemd unit files diff --git a/roles/openshift_master/tasks/upgrade.yml b/roles/openshift_master/tasks/upgrade.yml index f84cf2f6e..f143673cf 100644 --- a/roles/openshift_master/tasks/upgrade.yml +++ b/roles/openshift_master/tasks/upgrade.yml @@ -1,6 +1,6 @@ --- - include_tasks: upgrade/rpm_upgrade.yml - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool - include_tasks: upgrade/upgrade_scheduler.yml diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2 index 3f7a528a9..4c68155ea 100644 --- a/roles/openshift_master/templates/atomic-openshift-master.j2 +++ b/roles/openshift_master/templates/atomic-openshift-master.j2 @@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }} {% elif openshift_push_via_dns | default(false) %} OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000 {% endif %} -{% if openshift.common.is_containerized | bool %} +{% if openshift_is_containerized | bool %} IMAGE_VERSION={{ openshift_image_tag }} {% endif %} diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index f1a76e5f5..c224ad714 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -1,6 +1,6 @@ admissionConfig: {% if 'admission_plugin_config' in openshift.master %} - pluginConfig:{{ openshift.master.admission_plugin_config | to_padded_yaml(level=2) }} + pluginConfig:{{ openshift.master.admission_plugin_config | lib_utils_to_padded_yaml(level=2) }} {% endif %} apiLevels: - v1 @@ -16,13 +16,13 @@ assetConfig: metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }} {% endif %} {% if 'extension_scripts' in openshift.master %} - extensionScripts: {{ openshift.master.extension_scripts | to_padded_yaml(1, 2) }} + extensionScripts: {{ openshift.master.extension_scripts | lib_utils_to_padded_yaml(1, 2) }} {% endif %} {% if 'extension_stylesheets' in openshift.master %} - extensionStylesheets: {{ openshift.master.extension_stylesheets | to_padded_yaml(1, 2) }} + extensionStylesheets: {{ openshift.master.extension_stylesheets | lib_utils_to_padded_yaml(1, 2) }} {% endif %} {% if 'extensions' in openshift.master %} - extensions: {{ openshift.master.extensions | to_padded_yaml(1, 2) }} + extensions: {{ openshift.master.extensions | lib_utils_to_padded_yaml(1, 2) }} {% endif %} servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }} @@ -42,7 +42,7 @@ assetConfig: {% endfor %} {% endif %} {% if openshift.master.audit_config | default(none) is not none %} -auditConfig:{{ openshift.master.audit_config | to_padded_yaml(level=1) }} +auditConfig:{{ openshift.master.audit_config | lib_utils_to_padded_yaml(level=1) }} {% endif %} controllerConfig: election: @@ -85,7 +85,7 @@ imageConfig: format: {{ openshift.master.registry_url }} latest: {{ openshift_master_image_config_latest }} {% if 'image_policy_config' in openshift.master %} -imagePolicyConfig:{{ openshift.master.image_policy_config | to_padded_yaml(level=1) }} +imagePolicyConfig:{{ openshift.master.image_policy_config | lib_utils_to_padded_yaml(level=1) }} {% endif %} kind: MasterConfig kubeletClientInfo: @@ -96,21 +96,21 @@ kubeletClientInfo: port: 10250 {% if openshift.master.embedded_kube | bool %} kubernetesMasterConfig: - apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }} + apiServerArguments: {{ openshift.master.api_server_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }} {% if r_openshift_master_etcd3_storage or ( r_openshift_master_clean_install and openshift.common.version_gte_3_6 ) %} storage-backend: - etcd3 storage-media-type: - application/vnd.kubernetes.protobuf {% endif %} - controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }} + controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }} masterCount: {{ openshift.master.master_count }} masterIP: {{ openshift.common.ip }} podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }} proxyClientInfo: certFile: master.proxy-client.crt keyFile: master.proxy-client.key - schedulerArguments: {{ openshift_master_scheduler_args | default(None) | to_padded_yaml( level=3 ) }} + schedulerArguments: {{ openshift_master_scheduler_args | default(None) | lib_utils_to_padded_yaml( level=3 ) }} schedulerConfigFile: {{ openshift_master_scheduler_conf }} servicesNodePortRange: "{{ openshift_node_port_range | default("") }}" servicesSubnet: {{ openshift.common.portal_net }} @@ -144,7 +144,7 @@ networkConfig: {% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.common.portal_net }} - externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | to_padded_yaml(1,2) }} + externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | lib_utils_to_padded_yaml(1,2) }} {% if openshift_master_ingress_ip_network_cidr is defined %} ingressIPNetworkCIDR: {{ openshift_master_ingress_ip_network_cidr }} {% endif %} @@ -153,7 +153,7 @@ oauthConfig: alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }} {% endif %} {% if 'oauth_templates' in openshift.master %} - templates:{{ openshift.master.oauth_templates | to_padded_yaml(level=2) }} + templates:{{ openshift.master.oauth_templates | lib_utils_to_padded_yaml(level=2) }} {% endif %} assetPublicURL: {{ openshift.master.public_console_url }}/ grantConfig: diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 index cc21b37af..bff32b2e3 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 @@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }} {% elif openshift_push_via_dns | default(false) %} OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000 {% endif %} -{% if openshift.common.is_containerized | bool %} +{% if openshift_is_containerized | bool %} IMAGE_VERSION={{ openshift_image_tag }} {% endif %} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 index 493fc510e..b8a519baa 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 @@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }} {% elif openshift_push_via_dns | default(false) %} OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000 {% endif %} -{% if openshift.common.is_containerized | bool %} +{% if openshift_is_containerized | bool %} IMAGE_VERSION={{ openshift_image_tag }} {% endif %} diff --git a/roles/openshift_master_certificates/meta/main.yml b/roles/openshift_master_certificates/meta/main.yml index 300b2cbff..e7d9f5bba 100644 --- a/roles/openshift_master_certificates/meta/main.yml +++ b/roles/openshift_master_certificates/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud - system -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index ec1fbb1ee..00cabe574 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -27,7 +27,7 @@ master_certs_missing: "{{ true if openshift_certificates_redeploy | default(false) | bool else (False in (g_master_cert_stat_result.results | default({}) - | oo_collect(attribute='stat.exists') + | lib_utils_oo_collect(attribute='stat.exists') | list)) }}" - name: Ensure the generated_configs directory present @@ -47,11 +47,11 @@ - name: Create the master server certificate command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert - {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-server-cert + {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} - {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %} + {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %} --certificate-authority {{ legacy_ca_certificate }} {% endfor %} --hostnames={{ hostvars[item].openshift.common.all_hostnames | join(',') }} @@ -64,16 +64,16 @@ --overwrite=false when: item != openshift_ca_host with_items: "{{ hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}" + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}" delegate_to: "{{ openshift_ca_host }}" run_once: true - name: Generate the loopback master client config command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm create-api-client-config --certificate-authority={{ openshift_ca_cert }} - {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + {% for named_ca_certificate in openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} --client-dir={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }} @@ -89,8 +89,8 @@ args: creates: "{{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}/openshift-master.kubeconfig" with_items: "{{ hostvars - | oo_select_keys(groups['oo_masters_to_config']) - | oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}" + | lib_utils_oo_select_keys(groups['oo_masters_to_config']) + | lib_utils_oo_collect(attribute='inventory_hostname', filters={'master_certs_missing':True}) }}" when: item != openshift_ca_host delegate_to: "{{ openshift_ca_host }}" run_once: true diff --git a/roles/openshift_master_facts/filter_plugins/oo_filters.py b/roles/openshift_master_facts/filter_plugins/oo_filters.py deleted file mode 120000 index 6f9bc47c1..000000000 --- a/roles/openshift_master_facts/filter_plugins/oo_filters.py +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins/oo_filters.py
\ No newline at end of file diff --git a/roles/openshift_master_facts/meta/main.yml b/roles/openshift_master_facts/meta/main.yml index 9dbf719f8..0ab2311d3 100644 --- a/roles/openshift_master_facts/meta/main.yml +++ b/roles/openshift_master_facts/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index dc639d417..ad9a21c96 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -15,7 +15,7 @@ set_fact: g_metrics_hostname: "{{ openshift_hosted_metrics_public_url | default('hawkular-metrics.' ~ openshift_master_default_subdomain) - | oo_hostname_from_url }}" + | lib_utils_oo_hostname_from_url }}" - set_fact: openshift_hosted_metrics_deploy_url: "https://{{ g_metrics_hostname }}/hawkular/metrics" diff --git a/roles/openshift_metrics/meta/main.yaml b/roles/openshift_metrics/meta/main.yaml index 50214135c..675ec112f 100644 --- a/roles/openshift_metrics/meta/main.yaml +++ b/roles/openshift_metrics/meta/main.yaml @@ -15,5 +15,6 @@ galaxy_info: categories: - openshift dependencies: -- { role: lib_openshift } -- { role: openshift_facts } +- role: lib_openshift +- role: lib_utils +- role: openshift_facts diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml index bb842d710..b71e35263 100644 --- a/roles/openshift_metrics/tasks/generate_certificates.yaml +++ b/roles/openshift_metrics/tasks/generate_certificates.yaml @@ -1,7 +1,7 @@ --- - name: generate ca certificate chain command: > - {{ openshift.common.client_binary }} adm ca create-signer-cert + {{ openshift_client_binary }} adm ca create-signer-cert --config={{ mktemp.stdout }}/admin.kubeconfig --key='{{ mktemp.stdout }}/ca.key' --cert='{{ mktemp.stdout }}/ca.crt' diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml index 0fd19c9f8..9395fceca 100644 --- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml +++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml @@ -14,7 +14,7 @@ changed_when: no - name: generate password for hawkular metrics - local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}" + local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | lib_utils_oo_random_word }}" with_items: - hawkular-metrics become: false diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml index 48584bd64..9026cc897 100644 --- a/roles/openshift_metrics/tasks/install_cassandra.yaml +++ b/roles/openshift_metrics/tasks/install_cassandra.yaml @@ -1,6 +1,6 @@ --- - shell: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project | quote }} + {{ openshift_client_binary }} -n {{ openshift_metrics_project | quote }} --config={{ mktemp.stdout }}/admin.kubeconfig get rc hawkular-cassandra-{{node}} -o jsonpath='{.spec.replicas}' || echo 0 vars: diff --git a/roles/openshift_metrics/tasks/install_hawkular.yaml b/roles/openshift_metrics/tasks/install_hawkular.yaml index a4ffa1890..f45e7a042 100644 --- a/roles/openshift_metrics/tasks/install_hawkular.yaml +++ b/roles/openshift_metrics/tasks/install_hawkular.yaml @@ -1,6 +1,6 @@ --- - command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project | quote }} + {{ openshift_client_binary }} -n {{ openshift_metrics_project | quote }} --config={{ mktemp.stdout }}/admin.kubeconfig get rc hawkular-metrics -o jsonpath='{.spec.replicas}' register: hawkular_metrics_replica_count diff --git a/roles/openshift_metrics/tasks/install_heapster.yaml b/roles/openshift_metrics/tasks/install_heapster.yaml index a33b28ba7..73e7454f0 100644 --- a/roles/openshift_metrics/tasks/install_heapster.yaml +++ b/roles/openshift_metrics/tasks/install_heapster.yaml @@ -1,6 +1,6 @@ --- - command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project | quote }} + {{ openshift_client_binary }} -n {{ openshift_metrics_project | quote }} --config={{ mktemp.stdout }}/admin.kubeconfig get rc heapster -o jsonpath='{.spec.replicas}' register: heapster_replica_count diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml index 49d1d8cf1..106909941 100644 --- a/roles/openshift_metrics/tasks/install_metrics.yaml +++ b/roles/openshift_metrics/tasks/install_metrics.yaml @@ -70,7 +70,7 @@ - include_tasks: update_master_config.yaml - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml index 9dfe360bb..b67077bca 100644 --- a/roles/openshift_metrics/tasks/main.yaml +++ b/roles/openshift_metrics/tasks/main.yaml @@ -9,10 +9,10 @@ - "'not installed' not in passlib_result.stdout" msg: "python-passlib rpm must be installed on control host" -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ item }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" - name: Set metrics image facts diff --git a/roles/openshift_metrics/tasks/oc_apply.yaml b/roles/openshift_metrics/tasks/oc_apply.yaml index 1e1af40e8..8ccfb7192 100644 --- a/roles/openshift_metrics/tasks/oc_apply.yaml +++ b/roles/openshift_metrics/tasks/oc_apply.yaml @@ -1,7 +1,7 @@ --- - name: Checking generation of {{file_content.kind}} {{file_content.metadata.name}} command: > - {{ openshift.common.client_binary }} + {{ openshift_client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' @@ -12,7 +12,7 @@ - name: Applying {{file_name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} apply -f {{ file_name }} -n {{namespace}} register: generation_apply @@ -21,7 +21,7 @@ - name: Determine change status of {{file_content.kind}} {{file_content.metadata.name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' -n {{namespace}} diff --git a/roles/openshift_metrics/tasks/pre_install.yaml b/roles/openshift_metrics/tasks/pre_install.yaml index d6756f9b9..976763236 100644 --- a/roles/openshift_metrics/tasks/pre_install.yaml +++ b/roles/openshift_metrics/tasks/pre_install.yaml @@ -14,7 +14,7 @@ - name: list existing secrets command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} + {{ openshift_client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig get secrets -o name register: metrics_secrets diff --git a/roles/openshift_metrics/tasks/setup_certificate.yaml b/roles/openshift_metrics/tasks/setup_certificate.yaml index 2d880f4d6..223bd975e 100644 --- a/roles/openshift_metrics/tasks/setup_certificate.yaml +++ b/roles/openshift_metrics/tasks/setup_certificate.yaml @@ -1,7 +1,7 @@ --- - name: generate {{ component }} keys command: > - {{ openshift.common.client_binary }} adm ca create-server-cert + {{ openshift_client_binary }} adm ca create-server-cert --config={{ mktemp.stdout }}/admin.kubeconfig --key='{{ mktemp.stdout }}/{{ component }}.key' --cert='{{ mktemp.stdout }}/{{ component }}.crt' @@ -23,7 +23,7 @@ - name: generate random password for the {{ component }} keystore copy: - content: "{{ 15 | oo_random_word }}" + content: "{{ 15 | lib_utils_oo_random_word }}" dest: '{{ mktemp.stdout }}/{{ component }}-keystore.pwd' - slurp: src={{ mktemp.stdout | quote }}/{{ component|quote }}-keystore.pwd @@ -39,5 +39,5 @@ - name: generate random password for the {{ component }} truststore copy: - content: "{{ 15 | oo_random_word }}" + content: "{{ 15 | lib_utils_oo_random_word }}" dest: '{{ mktemp.stdout | quote }}/{{ component|quote }}-truststore.pwd' diff --git a/roles/openshift_metrics/tasks/start_metrics.yaml b/roles/openshift_metrics/tasks/start_metrics.yaml index 2037e8dc3..899251727 100644 --- a/roles/openshift_metrics/tasks/start_metrics.yaml +++ b/roles/openshift_metrics/tasks/start_metrics.yaml @@ -1,6 +1,6 @@ --- - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra=hawkular-cassandra @@ -23,7 +23,7 @@ changed_when: metrics_cassandra_rc | length > 0 - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra=hawkular-metrics @@ -45,7 +45,7 @@ changed_when: metrics_metrics_rc | length > 0 - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra=heapster diff --git a/roles/openshift_metrics/tasks/stop_metrics.yaml b/roles/openshift_metrics/tasks/stop_metrics.yaml index 9a2ce9267..4b1d7119d 100644 --- a/roles/openshift_metrics/tasks/stop_metrics.yaml +++ b/roles/openshift_metrics/tasks/stop_metrics.yaml @@ -1,6 +1,6 @@ --- - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra=heapster @@ -22,7 +22,7 @@ loop_var: object - command: > - {{openshift.common.client_binary}} + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -l metrics-infra=hawkular-metrics @@ -44,7 +44,7 @@ changed_when: metrics_hawkular_rc | length > 0 - command: > - {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig + {{openshift_client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig get rc -o name -l metrics-infra=hawkular-cassandra diff --git a/roles/openshift_metrics/tasks/uninstall_hosa.yaml b/roles/openshift_metrics/tasks/uninstall_hosa.yaml index 42ed02460..ae3306496 100644 --- a/roles/openshift_metrics/tasks/uninstall_hosa.yaml +++ b/roles/openshift_metrics/tasks/uninstall_hosa.yaml @@ -1,7 +1,7 @@ --- - name: remove Hawkular Agent (HOSA) components command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_hawkular_agent_namespace }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} -n {{ openshift_metrics_hawkular_agent_namespace }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found --selector=metrics-infra=agent all,sa,secrets,templates,routes,pvc,rolebindings,clusterrolebindings register: delete_metrics @@ -9,7 +9,7 @@ - name: remove rolebindings command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_hawkular_agent_namespace }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} -n {{ openshift_metrics_hawkular_agent_namespace }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found clusterrolebinding/hawkular-openshift-agent-rb changed_when: delete_metrics.stdout != 'No resources found' diff --git a/roles/openshift_metrics/tasks/uninstall_metrics.yaml b/roles/openshift_metrics/tasks/uninstall_metrics.yaml index 1265c7bfd..0ab0eec4b 100644 --- a/roles/openshift_metrics/tasks/uninstall_metrics.yaml +++ b/roles/openshift_metrics/tasks/uninstall_metrics.yaml @@ -4,7 +4,7 @@ - name: remove metrics components command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found --selector=metrics-infra all,sa,secrets,templates,routes,pvc,rolebindings,clusterrolebindings,clusterrole register: delete_metrics @@ -12,7 +12,7 @@ - name: remove rolebindings command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found rolebinding/hawkular-view clusterrolebinding/heapster-cluster-reader diff --git a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 index e976bc222..7c75b2f97 100644 --- a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 +++ b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 @@ -64,7 +64,7 @@ spec: - name: MASTER_URL value: "{{ openshift_metrics_master_url }}" - name: JGROUPS_PASSWORD - value: "{{ 17 | oo_random_word }}" + value: "{{ 17 | lib_utils_oo_random_word }}" - name: TRUSTSTORE_AUTHORITIES value: "/hawkular-metrics-certs/tls.truststore.crt" - name: ENABLE_PROMETHEUS_ENDPOINT diff --git a/roles/openshift_named_certificates/meta/main.yml b/roles/openshift_named_certificates/meta/main.yml index 2c6e12494..e7d81df53 100644 --- a/roles/openshift_named_certificates/meta/main.yml +++ b/roles/openshift_named_certificates/meta/main.yml @@ -14,3 +14,4 @@ galaxy_info: - system dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_named_certificates/tasks/main.yml b/roles/openshift_named_certificates/tasks/main.yml index 1bcf9ef67..ad5472445 100644 --- a/roles/openshift_named_certificates/tasks/main.yml +++ b/roles/openshift_named_certificates/tasks/main.yml @@ -1,6 +1,6 @@ --- - set_fact: - parsed_named_certificates: "{{ named_certificates | oo_parse_named_certificates(named_certs_dir, internal_hostnames) }}" + parsed_named_certificates: "{{ named_certificates | lib_utils_oo_parse_named_certificates(named_certs_dir, internal_hostnames) }}" when: named_certificates | length > 0 delegate_to: localhost become: no @@ -43,4 +43,4 @@ src: "{{ item }}" dest: "{{ named_certs_dir }}/{{ item | basename }}" mode: 0600 - with_items: "{{ named_certificates | oo_collect('cafile') }}" + with_items: "{{ named_certificates | lib_utils_oo_collect('cafile') }}" diff --git a/roles/openshift_nfs/meta/main.yml b/roles/openshift_nfs/meta/main.yml index d7b5910f2..17c0cf33f 100644 --- a/roles/openshift_nfs/meta/main.yml +++ b/roles/openshift_nfs/meta/main.yml @@ -13,4 +13,4 @@ galaxy_info: - cloud dependencies: - role: lib_utils -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index 08e45dda1..a90aad532 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -27,7 +27,7 @@ openshift_dns_ip: "{{ ansible_default_ipv4['address'] }}" openshift_node_env_vars: {} # Create list of 'k=v' pairs. -l_node_kubelet_node_labels: "{{ openshift_node_labels | default({}) | oo_dict_to_keqv_list }}" +l_node_kubelet_node_labels: "{{ openshift_node_labels | default({}) | lib_utils_oo_dict_to_keqv_list }}" openshift_node_kubelet_args_dict: aws: diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 62e0e1341..779916335 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -34,7 +34,7 @@ pause: seconds=15 when: - (not skip_node_svc_handlers | default(False) | bool) - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - name: restart node systemd: diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml index b531d2dfe..86a2ca16f 100644 --- a/roles/openshift_node/meta/main.yml +++ b/roles/openshift_node/meta/main.yml @@ -13,9 +13,6 @@ galaxy_info: - cloud dependencies: - role: lib_openshift -- role: lib_os_firewall - when: not (openshift_node_upgrade_in_progress | default(False)) - role: openshift_cloud_provider when: not (openshift_node_upgrade_in_progress | default(False)) - role: lib_utils - when: openshift_node_upgrade_in_progress | default(False) diff --git a/roles/openshift_node/tasks/config.yml b/roles/openshift_node/tasks/config.yml index 8f38a47aa..1103fe4c9 100644 --- a/roles/openshift_node/tasks/config.yml +++ b/roles/openshift_node/tasks/config.yml @@ -4,7 +4,7 @@ - name: Pull container images include_tasks: container_images.yml - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - name: Start and enable openvswitch service systemd: @@ -13,7 +13,7 @@ state: started daemon_reload: yes when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - openshift_node_use_openshift_sdn | default(true) | bool register: ovs_start_result until: not (ovs_start_result is failed) @@ -58,7 +58,7 @@ # restarted after the node restarts docker and it will take up to 60 seconds for # systemd to start the master again - when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - not openshift_node_bootstrap block: - name: Wait for master API to become available before proceeding diff --git a/roles/openshift_node/tasks/dnsmasq_install.yml b/roles/openshift_node/tasks/dnsmasq_install.yml index 0c8857b11..5e06ba032 100644 --- a/roles/openshift_node/tasks/dnsmasq_install.yml +++ b/roles/openshift_node/tasks/dnsmasq_install.yml @@ -12,7 +12,7 @@ - name: Install dnsmasq package: name=dnsmasq state=installed - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/install.yml b/roles/openshift_node/tasks/install.yml index 9f004e8dd..55738d759 100644 --- a/roles/openshift_node/tasks/install.yml +++ b/roles/openshift_node/tasks/install.yml @@ -1,16 +1,16 @@ --- -- when: not openshift.common.is_containerized | bool +- when: not openshift_is_containerized | bool block: - name: Install Node package package: - name: "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: present register: result until: result is succeeded - name: Install sdn-ovs package package: - name: "{{ openshift_service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift_service_type }}-sdn-ovs{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: - openshift_node_use_openshift_sdn | bool @@ -25,7 +25,7 @@ until: result is succeeded - when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - not l_is_node_system_container | bool block: - name: Pre-pull node image when containerized diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 2daa6c75f..eb362816a 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -3,7 +3,7 @@ msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." when: - (not ansible_selinux or ansible_selinux.status != 'enabled') - - deployment_type == 'openshift-enterprise' + - openshift_deployment_type == 'openshift-enterprise' - not openshift_use_crio - include_tasks: dnsmasq_install.yml diff --git a/roles/openshift_node/tasks/registry_auth.yml b/roles/openshift_node/tasks/registry_auth.yml index ab43ec049..92650e6b7 100644 --- a/roles/openshift_node/tasks/registry_auth.yml +++ b/roles/openshift_node/tasks/registry_auth.yml @@ -41,7 +41,7 @@ set_fact: l_bind_docker_reg_auth: True when: - - openshift.common.is_containerized | bool + - openshift_is_containerized | bool - oreg_auth_user is defined - > (node_oreg_auth_credentials_stat.stat.exists diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index 52d80357e..e30f58a9a 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -1,6 +1,6 @@ --- - name: Install Ceph storage plugin dependencies package: name=ceph-common state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index e60f57ae7..c04a6922a 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -1,7 +1,7 @@ --- - name: Install GlusterFS storage plugin dependencies package: name=glusterfs-fuse state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/iscsi.yml b/roles/openshift_node/tasks/storage_plugins/iscsi.yml index d3a3668d5..a8048c42f 100644 --- a/roles/openshift_node/tasks/storage_plugins/iscsi.yml +++ b/roles/openshift_node/tasks/storage_plugins/iscsi.yml @@ -1,6 +1,6 @@ --- - name: Install iSCSI storage plugin dependencies package: name=iscsi-initiator-utils state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 1484aa076..c2922644f 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -1,7 +1,7 @@ --- - name: Install NFS storage plugin dependencies package: name=nfs-utils state=present - when: not openshift.common.is_atomic | bool + when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 262ee698b..e33a4999f 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -2,13 +2,13 @@ - name: Install Node service file template: dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service" - src: "{{ openshift.common.is_containerized | bool | ternary('openshift.docker.node.service', 'node.service.j2') }}" + src: "{{ openshift_is_containerized | bool | ternary('openshift.docker.node.service', 'node.service.j2') }}" when: not l_is_node_system_container | bool notify: - reload systemd units - restart node -- when: openshift.common.is_containerized | bool +- when: openshift_is_containerized | bool block: - name: include node deps docker service file include_tasks: config/install-node-deps-docker-service-file.yml diff --git a/roles/openshift_node/tasks/upgrade.yml b/roles/openshift_node/tasks/upgrade.yml index f0a013e45..02e417937 100644 --- a/roles/openshift_node/tasks/upgrade.yml +++ b/roles/openshift_node/tasks/upgrade.yml @@ -1,11 +1,10 @@ --- # input variables: # - l_docker_upgrade -# - openshift.common.is_atomic +# - openshift_is_atomic # - node_config_hook # - openshift_pkg_version -# - openshift.common.is_containerized -# - deployment_type +# - openshift_is_containerized # - openshift_release # tasks file for openshift_node_upgrade @@ -26,7 +25,7 @@ include_tasks: upgrade/rpm_upgrade_install.yml vars: openshift_version: "{{ openshift_pkg_version | default('') }}" - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool - include_tasks: "{{ node_config_hook }}" diff --git a/roles/openshift_node/tasks/upgrade/config_changes.yml b/roles/openshift_node/tasks/upgrade/config_changes.yml index 439700df6..50044eb3e 100644 --- a/roles/openshift_node/tasks/upgrade/config_changes.yml +++ b/roles/openshift_node/tasks/upgrade/config_changes.yml @@ -1,7 +1,7 @@ --- - name: Update systemd units include_tasks: ../systemd_units.yml - when: openshift.common.is_containerized + when: openshift_is_containerized - name: Update oreg value yedit: diff --git a/roles/openshift_node/tasks/upgrade/restart.yml b/roles/openshift_node/tasks/upgrade/restart.yml index 45b0be0a0..bd6f42182 100644 --- a/roles/openshift_node/tasks/upgrade/restart.yml +++ b/roles/openshift_node/tasks/upgrade/restart.yml @@ -1,7 +1,7 @@ --- # input variables: # - openshift_service_type -# - openshift.common.is_containerized +# - openshift_is_containerized # - openshift.common.hostname # - openshift.master.api_port diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml index cc9a8f2d9..91a358095 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml @@ -3,7 +3,7 @@ # - openshift_service_type # - component # - openshift_pkg_version -# - openshift.common.is_atomic +# - openshift_is_atomic # Pre-pull new node rpm, but don't install - name: download new node packages diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml index 32eeb76c6..c9094e05a 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml @@ -3,7 +3,7 @@ # - openshift_service_type # - component # - openshift_pkg_version -# - openshift.common.is_atomic +# - openshift_is_atomic # Install the pre-pulled RPM # Note: dnsmasq is covered in it's own play. openvswitch is included here diff --git a/roles/openshift_node/tasks/upgrade/stop_services.yml b/roles/openshift_node/tasks/upgrade/stop_services.yml index 2fff556e5..6d92516c3 100644 --- a/roles/openshift_node/tasks/upgrade/stop_services.yml +++ b/roles/openshift_node/tasks/upgrade/stop_services.yml @@ -19,7 +19,7 @@ - "{{ openshift_service_type }}-master-controllers" - "{{ openshift_service_type }}-node" failed_when: false - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool - service: name: docker @@ -40,4 +40,4 @@ - "{{ openshift_service_type }}-node" - openvswitch failed_when: false - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool diff --git a/roles/openshift_node/tasks/upgrade_pre.yml b/roles/openshift_node/tasks/upgrade_pre.yml index 7f591996c..3ae7dc6b6 100644 --- a/roles/openshift_node/tasks/upgrade_pre.yml +++ b/roles/openshift_node/tasks/upgrade_pre.yml @@ -11,7 +11,7 @@ command: "{{ ansible_pkg_mgr }} makecache" register: result until: result is succeeded - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool - name: Check Docker image count shell: "docker images -aq | wc -l" @@ -26,7 +26,7 @@ - l_docker_upgrade | bool - include_tasks: upgrade/containerized_upgrade_pull.yml - when: openshift.common.is_containerized | bool + when: openshift_is_containerized | bool # Prepull the rpms for docker upgrade, but don't install - name: download docker upgrade rpm @@ -40,7 +40,7 @@ - include_tasks: upgrade/rpm_upgrade.yml vars: openshift_version: "{{ openshift_pkg_version | default('') }}" - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool # https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory - name: Check for swap usage diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 76e75297a..f091263f5 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -13,7 +13,7 @@ imageConfig: format: {{ oreg_url_node }} latest: {{ openshift_node_image_config_latest }} kind: NodeConfig -kubeletArguments: {{ l2_openshift_node_kubelet_args | default(None) | to_padded_yaml(level=1) }} +kubeletArguments: {{ l2_openshift_node_kubelet_args | default(None) | lib_utils_to_padded_yaml(level=1) }} {% if openshift_use_crio %} container-runtime: - remote diff --git a/roles/openshift_node_certificates/meta/main.yml b/roles/openshift_node_certificates/meta/main.yml index 0440bf11a..4362c644a 100644 --- a/roles/openshift_node_certificates/meta/main.yml +++ b/roles/openshift_node_certificates/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud - system -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml index 97f1fbbdd..e95e38fdf 100644 --- a/roles/openshift_node_certificates/tasks/main.yml +++ b/roles/openshift_node_certificates/tasks/main.yml @@ -31,7 +31,7 @@ node_certs_missing: "{{ true if openshift_certificates_redeploy | default(false) | bool else (False in (g_node_cert_stat_result.results | default({}) - | oo_collect(attribute='stat.exists') + | lib_utils_oo_collect(attribute='stat.exists') | list)) }}" - name: Create openshift_generated_configs_dir if it does not exist @@ -51,11 +51,11 @@ - name: Generate the node client config command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config - {% for named_ca_certificate in hostvars[openshift_ca_host].openshift.master.named_certificates | default([]) | oo_collect('cafile') %} + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm create-api-client-config + {% for named_ca_certificate in hostvars[openshift_ca_host].openshift.master.named_certificates | default([]) | lib_utils_oo_collect('cafile') %} --certificate-authority {{ named_ca_certificate }} {% endfor %} - {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | oo_collect('path') %} + {% for legacy_ca_certificate in g_master_legacy_ca_result.files | default([]) | lib_utils_oo_collect('path') %} --certificate-authority {{ legacy_ca_certificate }} {% endfor %} --certificate-authority={{ openshift_ca_cert }} @@ -70,14 +70,14 @@ args: creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}" with_items: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}" + | lib_utils_oo_select_keys(groups['oo_nodes_to_config']) + | lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}" delegate_to: "{{ openshift_ca_host }}" run_once: true - name: Generate the node server certificate command: > - {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm ca create-server-cert + {{ hostvars[openshift_ca_host]['first_master_client_binary'] }} adm ca create-server-cert --cert={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt --key={{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.key --expire-days={{ openshift_node_cert_expire_days }} @@ -89,8 +89,8 @@ args: creates: "{{ openshift_generated_configs_dir }}/node-{{ hostvars[item].openshift.common.hostname }}/server.crt" with_items: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}" + | lib_utils_oo_select_keys(groups['oo_nodes_to_config']) + | lib_utils_oo_collect(attribute='inventory_hostname', filters={'node_certs_missing':True}) }}" delegate_to: "{{ openshift_ca_host }}" run_once: true diff --git a/roles/openshift_persistent_volumes/meta/main.yml b/roles/openshift_persistent_volumes/meta/main.yml index 48b0699ab..aea7616bf 100644 --- a/roles/openshift_persistent_volumes/meta/main.yml +++ b/roles/openshift_persistent_volumes/meta/main.yml @@ -11,3 +11,4 @@ galaxy_info: - 7 dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_persistent_volumes/tasks/pv.yml b/roles/openshift_persistent_volumes/tasks/pv.yml index 346605ff7..ef9ab7f5f 100644 --- a/roles/openshift_persistent_volumes/tasks/pv.yml +++ b/roles/openshift_persistent_volumes/tasks/pv.yml @@ -8,7 +8,7 @@ - name: Create PersistentVolumes command: > - {{ openshift.common.client_binary }} create + {{ openshift_client_binary }} create -f {{ mktemp.stdout }}/persistent-volumes.yml --config={{ mktemp.stdout }}/admin.kubeconfig register: pv_create_output diff --git a/roles/openshift_persistent_volumes/tasks/pvc.yml b/roles/openshift_persistent_volumes/tasks/pvc.yml index e44f9b18f..2c5519192 100644 --- a/roles/openshift_persistent_volumes/tasks/pvc.yml +++ b/roles/openshift_persistent_volumes/tasks/pvc.yml @@ -8,7 +8,7 @@ - name: Create PersistentVolumeClaims command: > - {{ openshift.common.client_binary }} create + {{ openshift_client_binary }} create -f {{ mktemp.stdout }}/persistent-volume-claims.yml --config={{ mktemp.stdout }}/admin.kubeconfig register: pvc_create_output diff --git a/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2 b/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2 index d40417a9a..fac589a92 100644 --- a/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2 +++ b/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2 @@ -8,7 +8,7 @@ items: metadata: name: "{{ claim.name }}" spec: - accessModes: {{ claim.access_modes | to_padded_yaml(2, 2) }} + accessModes: {{ claim.access_modes | lib_utils_to_padded_yaml(2, 2) }} resources: requests: storage: "{{ claim.capacity }}" diff --git a/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2 b/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2 index 9ec14208b..354561432 100644 --- a/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2 +++ b/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2 @@ -16,6 +16,6 @@ items: spec: capacity: storage: "{{ volume.capacity }}" - accessModes: {{ volume.access_modes | to_padded_yaml(2, 2) }} - {{ (volume.storage.keys() | list)[0] }}: {{ volume.storage[(volume.storage.keys() | list)[0]] | to_padded_yaml(3, 2) }} + accessModes: {{ volume.access_modes | lib_utils_to_padded_yaml(2, 2) }} + {{ (volume.storage.keys() | list)[0] }}: {{ volume.storage[(volume.storage.keys() | list)[0]] | lib_utils_to_padded_yaml(3, 2) }} {% endfor %} diff --git a/roles/openshift_project_request_template/tasks/main.yml b/roles/openshift_project_request_template/tasks/main.yml index c31ee5795..3403840fb 100644 --- a/roles/openshift_project_request_template/tasks/main.yml +++ b/roles/openshift_project_request_template/tasks/main.yml @@ -6,7 +6,7 @@ - name: Generate default project template command: | - {{ openshift.common.client_binary | quote }} \ + {{ openshift_client_binary | quote }} \ --config {{ openshift.common.config_base | quote }}/master/admin.kubeconfig \ --output yaml \ adm create-bootstrap-project-template \ @@ -28,7 +28,7 @@ - name: Create or update project request template command: | - {{ openshift.common.client_binary }} \ + {{ openshift_client_binary }} \ --config {{ openshift.common.config_base }}/master/admin.kubeconfig \ --namespace {{ openshift_project_request_template_namespace | quote }} \ apply --filename {{ mktemp.stdout }} diff --git a/roles/openshift_prometheus/meta/main.yaml b/roles/openshift_prometheus/meta/main.yaml index 33188bb7e..69c5e0ee2 100644 --- a/roles/openshift_prometheus/meta/main.yaml +++ b/roles/openshift_prometheus/meta/main.yaml @@ -15,5 +15,6 @@ galaxy_info: categories: - openshift dependencies: -- { role: lib_openshift } -- { role: openshift_facts } +- role: lib_openshift +- role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_prometheus/tasks/install_prometheus.yaml b/roles/openshift_prometheus/tasks/install_prometheus.yaml index abc5dd476..749df5152 100644 --- a/roles/openshift_prometheus/tasks/install_prometheus.yaml +++ b/roles/openshift_prometheus/tasks/install_prometheus.yaml @@ -5,7 +5,7 @@ oc_project: state: present name: "{{ openshift_prometheus_namespace }}" - node_selector: "{{ openshift_prometheus_node_selector | oo_selector_to_string_list() }}" + node_selector: "{{ openshift_prometheus_node_selector | lib_utils_oo_selector_to_string_list() }}" description: Prometheus # secrets @@ -16,7 +16,7 @@ namespace: "{{ openshift_prometheus_namespace }}" contents: - path: session_secret - data: "{{ 43 | oo_random_word }}=" + data: "{{ 43 | lib_utils_oo_random_word }}=" with_items: - prometheus - alerts @@ -39,7 +39,7 @@ # TODO remove this when annotations are supported by oc_serviceaccount - name: annotate serviceaccount command: > - {{ openshift.common.client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} + {{ openshift_client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} serviceaccount prometheus serviceaccounts.openshift.io/oauth-redirectreference.prom='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"prometheus"}}' serviceaccounts.openshift.io/oauth-redirectreference.alerts='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"alerts"}}' @@ -97,7 +97,7 @@ # TODO remove this when annotations are supported by oc_service - name: annotate prometheus service command: > - {{ openshift.common.client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} + {{ openshift_client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} service prometheus prometheus.io/scrape='true' prometheus.io/scheme=https @@ -105,7 +105,7 @@ - name: annotate alerts service command: > - {{ openshift.common.client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} + {{ openshift_client_binary }} annotate --overwrite -n {{ openshift_prometheus_namespace }} service alerts 'service.alpha.openshift.io/serving-cert-secret-name=prometheus-alerts-tls' # create prometheus and alerts routes diff --git a/roles/openshift_prometheus/tasks/main.yaml b/roles/openshift_prometheus/tasks/main.yaml index 38798e1f5..b859eb111 100644 --- a/roles/openshift_prometheus/tasks/main.yaml +++ b/roles/openshift_prometheus/tasks/main.yaml @@ -1,5 +1,5 @@ --- -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ item }}" with_first_found: - "{{ openshift_deployment_type }}.yml" diff --git a/roles/openshift_provisioners/meta/main.yaml b/roles/openshift_provisioners/meta/main.yaml index cb9278eb7..5ef352bcd 100644 --- a/roles/openshift_provisioners/meta/main.yaml +++ b/roles/openshift_provisioners/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_openshift - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_provisioners/tasks/install_efs.yaml b/roles/openshift_provisioners/tasks/install_efs.yaml index e543d753c..de763f6cf 100644 --- a/roles/openshift_provisioners/tasks/install_efs.yaml +++ b/roles/openshift_provisioners/tasks/install_efs.yaml @@ -1,7 +1,7 @@ --- - name: Check efs current replica count command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get dc provisioners-efs + {{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get dc provisioners-efs -o jsonpath='{.spec.replicas}' -n {{openshift_provisioners_project}} register: efs_replica_count when: not ansible_check_mode @@ -58,7 +58,7 @@ # anyuid in order to run as root & chgrp shares with allocated gids - name: "Check efs anyuid permissions" command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get scc/anyuid -o jsonpath='{.users}' register: efs_anyuid check_mode: no @@ -66,7 +66,7 @@ - name: "Set anyuid permissions for efs" command: > - {{ openshift.common.client_binary}} adm --config={{ mktemp.stdout }}/admin.kubeconfig policy + {{ openshift_client_binary}} adm --config={{ mktemp.stdout }}/admin.kubeconfig policy add-scc-to-user anyuid system:serviceaccount:{{openshift_provisioners_project}}:provisioners-efs register: efs_output failed_when: efs_output.rc == 1 and 'exists' not in efs_output.stderr diff --git a/roles/openshift_provisioners/tasks/oc_apply.yaml b/roles/openshift_provisioners/tasks/oc_apply.yaml index 49d03f203..a4ce53eae 100644 --- a/roles/openshift_provisioners/tasks/oc_apply.yaml +++ b/roles/openshift_provisioners/tasks/oc_apply.yaml @@ -1,7 +1,7 @@ --- - name: Checking generation of {{file_content.kind}} {{file_content.metadata.name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' -n {{namespace}} @@ -11,7 +11,7 @@ - name: Applying {{file_name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} apply -f {{ file_name }} -n {{ namespace }} register: generation_apply @@ -20,7 +20,7 @@ - name: Determine change status of {{file_content.kind}} {{file_content.metadata.name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} get {{file_content.kind}} {{file_content.metadata.name}} -o jsonpath='{.metadata.resourceVersion}' -n {{namespace}} @@ -32,7 +32,7 @@ - name: Removing previous {{file_name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} delete -f {{ file_name }} -n {{ namespace }} register: generation_delete @@ -42,7 +42,7 @@ - name: Recreating {{file_name}} command: > - {{ openshift.common.client_binary }} --config={{ kubeconfig }} + {{ openshift_client_binary }} --config={{ kubeconfig }} apply -f {{ file_name }} -n {{ namespace }} register: generation_apply diff --git a/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml b/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml index 602dee773..ac12087ec 100644 --- a/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml +++ b/roles/openshift_provisioners/tasks/uninstall_provisioners.yaml @@ -5,7 +5,7 @@ # delete the deployment objects that we had created - name: delete provisioner api objects command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete {{ item }} --selector provisioners-infra -n {{ openshift_provisioners_project }} --ignore-not-found=true with_items: - dc @@ -15,7 +15,7 @@ # delete our old secrets - name: delete provisioner secrets command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete secret {{ item }} -n {{ openshift_provisioners_project }} --ignore-not-found=true with_items: - provisioners-efs @@ -26,7 +26,7 @@ # delete cluster role bindings - name: delete cluster role bindings command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig + {{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete clusterrolebindings {{ item }} -n {{ openshift_provisioners_project }} --ignore-not-found=true with_items: - run-provisioners-efs diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 35206049f..911005bb6 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -40,7 +40,7 @@ - include_tasks: rhel_repos.yml when: - ansible_distribution == 'RedHat' - - deployment_type == 'openshift-enterprise' + - openshift_deployment_type == 'openshift-enterprise' - rhsub_user is defined - rhsub_pass is defined diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2 new file mode 100644 index 000000000..db214af2c --- /dev/null +++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin37.repo.j2 @@ -0,0 +1,27 @@ +[centos-openshift-origin37] +name=CentOS OpenShift Origin +baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin37/ +enabled=1 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS + +[centos-openshift-origin37-testing] +name=CentOS OpenShift Origin Testing +baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin37/ +enabled={{ 1 if openshift_repos_enable_testing else 0 }} +gpgcheck=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS + +[centos-openshift-origin37-debuginfo] +name=CentOS OpenShift Origin DebugInfo +baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/ +enabled=0 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS + +[centos-openshift-origin37-source] +name=CentOS OpenShift Origin Source +baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin37/ +enabled=0 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS diff --git a/roles/openshift_sanitize_inventory/meta/main.yml b/roles/openshift_sanitize_inventory/meta/main.yml index f5b37186e..324ba06d8 100644 --- a/roles/openshift_sanitize_inventory/meta/main.yml +++ b/roles/openshift_sanitize_inventory/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud - system -dependencies: [] +dependencies: +- role: lib_utils diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml index 651d896cf..62d460272 100644 --- a/roles/openshift_sanitize_inventory/tasks/main.yml +++ b/roles/openshift_sanitize_inventory/tasks/main.yml @@ -3,37 +3,11 @@ # the user would also be aware of any deprecated variables they should note to adjust - include_tasks: deprecations.yml -- name: Abort when conflicting deployment type variables are set - when: - - deployment_type is defined - - openshift_deployment_type is defined - - openshift_deployment_type != deployment_type - fail: - msg: |- - openshift_deployment_type is set to "{{ openshift_deployment_type }}". - deployment_type is set to "{{ deployment_type }}". - To avoid unexpected results, this conflict is not allowed. - deployment_type is deprecated in favor of openshift_deployment_type. - Please specify only openshift_deployment_type, or make both the same. - - name: Standardize on latest variable names set_fact: - # goal is to deprecate deployment_type in favor of openshift_deployment_type. - # both will be accepted for now, but code should refer to the new name. - # TODO: once this is well-documented, add deprecation notice if using old name. - deployment_type: "{{ openshift_deployment_type | default(deployment_type) | default | string }}" - openshift_deployment_type: "{{ openshift_deployment_type | default(deployment_type) | default | string }}" deployment_subtype: "{{ openshift_deployment_subtype | default(deployment_subtype) | default('basic') | string }}" openshift_deployment_subtype: "{{ openshift_deployment_subtype | default(deployment_subtype) | default('basic') | string }}" -- name: Abort when deployment type is invalid - # this variable is required; complain early and clearly if it is invalid. - when: openshift_deployment_type not in known_openshift_deployment_types - fail: - msg: |- - Please set openshift_deployment_type to one of: - {{ known_openshift_deployment_types | join(', ') }} - - name: Normalize openshift_release set_fact: # Normalize release if provided, e.g. "v3.5" => "3.5" diff --git a/roles/openshift_sanitize_inventory/vars/main.yml b/roles/openshift_sanitize_inventory/vars/main.yml index 0fc2372d2..df15948d2 100644 --- a/roles/openshift_sanitize_inventory/vars/main.yml +++ b/roles/openshift_sanitize_inventory/vars/main.yml @@ -1,7 +1,4 @@ --- -# origin uses community packages named 'origin' -# openshift-enterprise uses Red Hat packages named 'atomic-openshift' -known_openshift_deployment_types: ['origin', 'openshift-enterprise'] __deprecation_header: "[DEPRECATION WARNING]:" diff --git a/roles/openshift_service_catalog/tasks/generate_certs.yml b/roles/openshift_service_catalog/tasks/generate_certs.yml index cd7bda2c6..e478023f8 100644 --- a/roles/openshift_service_catalog/tasks/generate_certs.yml +++ b/roles/openshift_service_catalog/tasks/generate_certs.yml @@ -12,7 +12,7 @@ - name: Generate signing cert command: > - {{ openshift.common.client_binary }} adm --config=/etc/origin/master/admin.kubeconfig ca create-signer-cert + {{ openshift_client_binary }} adm --config=/etc/origin/master/admin.kubeconfig ca create-signer-cert --key={{ generated_certs_dir }}/ca.key --cert={{ generated_certs_dir }}/ca.crt --serial={{ generated_certs_dir }}/apiserver.serial.txt --name=service-catalog-signer @@ -60,7 +60,7 @@ register: apiserver_ca - shell: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found" + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found" register: get_apiservices changed_when: no diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml index 41a6691c9..cfecaa12c 100644 --- a/roles/openshift_service_catalog/tasks/install.yml +++ b/roles/openshift_service_catalog/tasks/install.yml @@ -6,10 +6,10 @@ register: mktemp changed_when: False -- name: Set default image variables based on deployment_type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ item }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" - name: Set service_catalog image facts @@ -38,7 +38,7 @@ - name: Make kube-service-catalog project network global command: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog - include_tasks: generate_certs.yml @@ -88,14 +88,14 @@ vars: original_content: "{{ edit_yaml.results.results[0] | to_yaml }}" when: - - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) + - not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) # only do this if we don't already have the updated role info - name: update edit role for service catalog and pod preset access command: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/edit_sc_patch.yml + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/edit_sc_patch.yml when: - - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) + - not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not edit_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) - oc_obj: name: admin @@ -111,14 +111,14 @@ vars: original_content: "{{ admin_yaml.results.results[0] | to_yaml }}" when: - - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) + - not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) # only do this if we don't already have the updated role info - name: update admin role for service catalog and pod preset access command: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/admin_sc_patch.yml + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/admin_sc_patch.yml when: - - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) + - not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch', 'patch']) or not admin_yaml.results.results[0] | lib_utils_oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch']) - oc_obj: name: view @@ -134,14 +134,14 @@ vars: original_content: "{{ view_yaml.results.results[0] | to_yaml }}" when: - - not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch']) + - not view_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch']) # only do this if we don't already have the updated role info - name: update view role for service catalog access command: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/view_sc_patch.yml + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/view_sc_patch.yml when: - - not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch']) + - not view_yaml.results.results[0] | lib_utils_oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch']) - oc_adm_policy_user: namespace: kube-service-catalog diff --git a/roles/openshift_service_catalog/tasks/remove.yml b/roles/openshift_service_catalog/tasks/remove.yml index a832e1f85..aa32d0513 100644 --- a/roles/openshift_service_catalog/tasks/remove.yml +++ b/roles/openshift_service_catalog/tasks/remove.yml @@ -1,7 +1,7 @@ --- - name: Remove Service Catalog APIServer command: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog # TODO: this module doesn't currently remove this #- name: Remove service catalog api service @@ -48,7 +48,7 @@ - name: Remove Service Catalog kube-system Role Bindinds shell: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process kube-system-service-catalog-role-bindings -n kube-system | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f - + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig process kube-system-service-catalog-role-bindings -n kube-system | {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f - - oc_obj: kind: template @@ -58,7 +58,7 @@ - name: Remove Service Catalog kube-service-catalog Role Bindinds shell: > - {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process service-catalog-role-bindings -n kube-service-catalog | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f - + {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig process service-catalog-role-bindings -n kube-service-catalog | {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f - - oc_obj: kind: template diff --git a/roles/openshift_service_catalog/tasks/start_api_server.yml b/roles/openshift_service_catalog/tasks/start_api_server.yml index b143292b6..84e542eaf 100644 --- a/roles/openshift_service_catalog/tasks/start_api_server.yml +++ b/roles/openshift_service_catalog/tasks/start_api_server.yml @@ -5,7 +5,7 @@ name: "{{ openshift.node.nodename }}" kind: node state: add - labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | oo_dict_to_list_of_dict }}" + labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | lib_utils_oo_dict_to_list_of_dict }}" # wait to see that the apiserver is available - name: wait for api server to be ready diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml index da34fab2a..4cbe262d2 100644 --- a/roles/openshift_storage_glusterfs/defaults/main.yml +++ b/roles/openshift_storage_glusterfs/defaults/main.yml @@ -6,16 +6,16 @@ openshift_storage_glusterfs_nodeselector: "glusterfs={{ openshift_storage_gluste openshift_storage_glusterfs_use_default_selector: False openshift_storage_glusterfs_storageclass: True openshift_storage_glusterfs_storageclass_default: False -openshift_storage_glusterfs_image: "{{ 'rhgs3/rhgs-server-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/gluster-centos' | quote }}" +openshift_storage_glusterfs_image: "{{ 'rhgs3/rhgs-server-rhel7' | quote if openshift_deployment_type == 'openshift-enterprise' else 'gluster/gluster-centos' | quote }}" openshift_storage_glusterfs_version: 'latest' openshift_storage_glusterfs_block_deploy: True -openshift_storage_glusterfs_block_image: "{{ 'rhgs3/rhgs-gluster-block-prov-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/glusterblock-provisioner' | quote }}" +openshift_storage_glusterfs_block_image: "{{ 'rhgs3/rhgs-gluster-block-prov-rhel7' | quote if openshift_deployment_type == 'openshift-enterprise' else 'gluster/glusterblock-provisioner' | quote }}" openshift_storage_glusterfs_block_version: 'latest' openshift_storage_glusterfs_block_host_vol_create: True openshift_storage_glusterfs_block_host_vol_size: 100 openshift_storage_glusterfs_block_host_vol_max: 15 openshift_storage_glusterfs_s3_deploy: True -openshift_storage_glusterfs_s3_image: "{{ 'rhgs3/rhgs-gluster-s3-server-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/gluster-object' | quote }}" +openshift_storage_glusterfs_s3_image: "{{ 'rhgs3/rhgs-gluster-s3-server-rhel7' | quote if openshift_deployment_type == 'openshift-enterprise' else 'gluster/gluster-object' | quote }}" openshift_storage_glusterfs_s3_version: 'latest' openshift_storage_glusterfs_s3_account: "{{ omit }}" openshift_storage_glusterfs_s3_user: "{{ omit }}" @@ -29,7 +29,7 @@ openshift_storage_glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_is openshift_storage_glusterfs_heketi_is_missing: True openshift_storage_glusterfs_heketi_deploy_is_missing: True openshift_storage_glusterfs_heketi_cli: 'heketi-cli' -openshift_storage_glusterfs_heketi_image: "{{ 'rhgs3/rhgs-volmanager-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'heketi/heketi' | quote }}" +openshift_storage_glusterfs_heketi_image: "{{ 'rhgs3/rhgs-volmanager-rhel7' | quote if openshift_deployment_type == 'openshift-enterprise' else 'heketi/heketi' | quote }}" openshift_storage_glusterfs_heketi_version: 'latest' openshift_storage_glusterfs_heketi_admin_key: "{{ omit }}" openshift_storage_glusterfs_heketi_user_key: "{{ omit }}" diff --git a/roles/openshift_storage_glusterfs/meta/main.yml b/roles/openshift_storage_glusterfs/meta/main.yml index 6a4ef942b..aa20245d5 100644 --- a/roles/openshift_storage_glusterfs/meta/main.yml +++ b/roles/openshift_storage_glusterfs/meta/main.yml @@ -12,4 +12,4 @@ galaxy_info: dependencies: - role: openshift_facts - role: lib_openshift -- role: lib_os_firewall +- role: lib_utils diff --git a/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml index 1664ecc1e..5b4c16740 100644 --- a/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml @@ -63,7 +63,7 @@ until: - "gluster_s3_pvcs.results.results[0]['items'] | count > 0" # Pod's 'Bound' status must be True - - "gluster_s3_pvcs.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Bound'}) | map('bool') | select | list | count == 2" + - "gluster_s3_pvcs.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Bound'}) | map('bool') | select | list | count == 2" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" @@ -108,6 +108,6 @@ until: - "gluster_s3_pod.results.results[0]['items'] | count > 0" # Pod's 'Ready' status must be True - - "gluster_s3_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" + - "gluster_s3_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" diff --git a/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml index d6be8c726..e5dcdcab7 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterblock_deploy.yml @@ -61,6 +61,6 @@ until: - "glusterblock_pod.results.results[0]['items'] | count > 0" # Pod's 'Ready' status must be True - - "glusterblock_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" + - "glusterblock_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml index d11023a39..001578406 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml @@ -2,7 +2,7 @@ - name: Make sure heketi-client is installed package: name=heketi-client state=present when: - - not openshift.common.is_atomic | bool + - not openshift_is_atomic | bool - not glusterfs_heketi_is_native | bool register: result until: result is succeeded @@ -126,7 +126,7 @@ - "glusterfs_heketi_is_native" - "deploy_heketi_pod.results.results[0]['items'] | count > 0" # deploy-heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True - - "deploy_heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" + - "deploy_heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" - name: Check for existing heketi pod oc_obj: @@ -144,7 +144,7 @@ - "glusterfs_heketi_is_native" - "heketi_pod.results.results[0]['items'] | count > 0" # heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True - - "heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" + - "heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" - name: Generate topology file template: @@ -177,14 +177,14 @@ - name: Generate heketi admin key set_fact: - glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}" + glusterfs_heketi_admin_key: "{{ 32 | lib_utils_oo_generate_secret }}" when: - glusterfs_heketi_is_native - glusterfs_heketi_admin_key is undefined - name: Generate heketi user key set_fact: - glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}" + glusterfs_heketi_user_key: "{{ 32 | lib_utils_oo_generate_secret }}" until: "glusterfs_heketi_user_key != glusterfs_heketi_admin_key" delay: 1 retries: 10 @@ -228,7 +228,7 @@ until: - "deploy_heketi_pod.results.results[0]['items'] | count > 0" # Pod's 'Ready' status must be True - - "deploy_heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" + - "deploy_heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" when: @@ -238,14 +238,14 @@ - name: Set heketi-cli command set_fact: - glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {%if not glusterfs_heketi_is_missing %}{{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% else %}{{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% endif %} {% endif %}{{ glusterfs_heketi_cli }} -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}" + glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift_client_binary }} rsh --namespace={{ glusterfs_namespace }} {%if not glusterfs_heketi_is_missing %}{{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% else %}{{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% endif %} {% endif %}{{ glusterfs_heketi_cli }} -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}" - name: Verify heketi service command: "{{ glusterfs_heketi_client }} cluster list" changed_when: False - name: Place heketi topology on heketi Pod - shell: "{{ openshift.common.client_binary }} exec --namespace={{ glusterfs_namespace }} -i {%if not glusterfs_heketi_is_missing %}{{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% else %}{{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% endif %} -- bash -c 'mkdir -p {{ mktemp.stdout }} && cat > {{ mktemp.stdout }}/topology.json' < {{ mktemp.stdout }}/topology.json" + shell: "{{ openshift_client_binary }} exec --namespace={{ glusterfs_namespace }} -i {%if not glusterfs_heketi_is_missing %}{{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% else %}{{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }}{% endif %} -- bash -c 'mkdir -p {{ mktemp.stdout }} && cat > {{ mktemp.stdout }}/topology.json' < {{ mktemp.stdout }}/topology.json" when: - glusterfs_heketi_is_native diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml index 0c2fcb2c5..4cc82f1ad 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml @@ -21,7 +21,7 @@ name: "{{ hostvars[item].openshift.node.nodename }}" kind: node state: absent - labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}" + labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" with_items: "{{ groups.all }}" when: "'openshift' in hostvars[item] and glusterfs_wipe" @@ -60,7 +60,7 @@ name: "{{ hostvars[item].openshift.node.nodename }}" kind: node state: add - labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}" + labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" with_items: "{{ glusterfs_nodes | default([]) }}" - name: Copy GlusterFS DaemonSet template @@ -109,6 +109,6 @@ until: - "glusterfs_pods.results.results[0]['items'] | count > 0" # There must be as many pods with 'Ready' staus True as there are nodes expecting those pods - - "glusterfs_pods.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == glusterfs_nodes | count" + - "glusterfs_pods.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == glusterfs_nodes | count" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml index d23bd42b9..c0a8c53de 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml @@ -4,7 +4,7 @@ register: setup_storage - name: Copy heketi-storage list - shell: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json" + shell: "{{ openshift_client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ deploy_heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json" # This is used in the subsequent task - name: Copy the admin client config @@ -15,7 +15,7 @@ # Need `command` here because heketi-storage.json contains multiple objects. - name: Copy heketi DB to GlusterFS volume - command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f {{ mktemp.stdout }}/heketi-storage.json -n {{ glusterfs_namespace }}" + command: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f {{ mktemp.stdout }}/heketi-storage.json -n {{ glusterfs_namespace }}" when: setup_storage.rc == 0 - name: Wait for copy job to finish @@ -28,14 +28,14 @@ until: - "'results' in heketi_job.results and heketi_job.results.results | count > 0" # Pod's 'Complete' status must be True - - "heketi_job.results.results | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Complete'}) | map('bool') | select | list | count == 1" + - "heketi_job.results.results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Complete'}) | map('bool') | select | list | count == 1" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" failed_when: - "'results' in heketi_job.results" - "heketi_job.results.results | count > 0" # Fail when pod's 'Failed' status is True - - "heketi_job.results.results | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Failed'}) | map('bool') | select | list | count == 1" + - "heketi_job.results.results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Failed'}) | map('bool') | select | list | count == 1" when: setup_storage.rc == 0 - name: Delete deploy resources @@ -120,13 +120,13 @@ until: - "heketi_pod.results.results[0]['items'] | count > 0" # Pod's 'Ready' status must be True - - "heketi_pod.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" + - "heketi_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" - name: Set heketi-cli command set_fact: - glusterfs_heketi_client: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {{ glusterfs_heketi_cli }} -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'" + glusterfs_heketi_client: "{{ openshift_client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {{ glusterfs_heketi_cli }} -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'" - name: Verify heketi service command: "{{ glusterfs_heketi_client }} cluster list" diff --git a/roles/openshift_storage_nfs/meta/main.yml b/roles/openshift_storage_nfs/meta/main.yml index d61e6873a..3ae04e59f 100644 --- a/roles/openshift_storage_nfs/meta/main.yml +++ b/roles/openshift_storage_nfs/meta/main.yml @@ -10,5 +10,5 @@ galaxy_info: versions: - 7 dependencies: -- role: lib_os_firewall +- role: lib_utils - role: openshift_facts diff --git a/roles/openshift_storage_nfs_lvm/meta/main.yml b/roles/openshift_storage_nfs_lvm/meta/main.yml index 50d94f6a3..de47708a5 100644 --- a/roles/openshift_storage_nfs_lvm/meta/main.yml +++ b/roles/openshift_storage_nfs_lvm/meta/main.yml @@ -16,3 +16,4 @@ galaxy_info: - openshift dependencies: - role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml index c8e7b6d7c..ff92e59e5 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/main.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml @@ -2,7 +2,7 @@ # TODO -- this may actually work on atomic hosts - fail: msg: "openshift_storage_nfs_lvm is not compatible with atomic host" - when: openshift.common.is_atomic | bool + when: openshift_is_atomic | bool - name: Create lvm volumes lvol: vg={{osnl_volume_group}} lv={{ item }} size={{osnl_volume_size}}G diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index 94dc63bd2..9a72adbdc 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -1,7 +1,7 @@ --- - name: Install NFS server package: name=nfs-utils state=present - when: not openshift.common.is_containerized | bool + when: not openshift_is_containerized | bool register: result until: result is succeeded diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml index e50d5371e..97e58ffac 100644 --- a/roles/openshift_version/tasks/main.yml +++ b/roles/openshift_version/tasks/main.yml @@ -1,10 +1,6 @@ --- # Determine the openshift_version to configure if none has been specified or set previously. -- set_fact: - is_containerized: "{{ openshift.common.is_containerized | default(False) | bool }}" - is_atomic: "{{ openshift.common.is_atomic | default(False) | bool }}" - # Block attempts to install origin without specifying some kind of version information. # This is because the latest tags for origin are usually alpha builds, which should not # be used by default. Users must indicate what they want. @@ -16,7 +12,7 @@ component images to use. You may want the latest (usually alpha) releases or a more stable release. (Suggestion: add openshift_release="x.y" to inventory.) when: - - is_containerized | bool + - openshift_is_containerized | bool - openshift.common.deployment_type == 'origin' - openshift_release is not defined - openshift_image_tag is not defined @@ -94,11 +90,11 @@ block: - name: Set openshift_version for rpm installation include_tasks: set_version_rpm.yml - when: not is_containerized | bool + when: not openshift_is_containerized | bool - name: Set openshift_version for containerized installation include_tasks: set_version_containerized.yml - when: is_containerized | bool + when: openshift_is_containerized | bool - block: - name: Get available {{ openshift_service_type}} version @@ -121,8 +117,8 @@ - openshift_pkg_version is not defined - openshift_image_tag is not defined when: - - is_containerized | bool - - not is_atomic | bool + - openshift_is_containerized | bool + - not openshift_is_atomic | bool # Warn if the user has provided an openshift_image_tag but is not doing a containerized install # NOTE: This will need to be modified/removed for future container + rpm installations work. @@ -132,7 +128,7 @@ openshift_image_tag is used for containerized installs. If you are trying to specify an image for a non-container install see oreg_url or oreg_url_master or oreg_url_node. when: - - not is_containerized | bool + - not openshift_is_containerized | bool - openshift_image_tag is defined # At this point we know openshift_version is set appropriately. Now we set @@ -182,14 +178,14 @@ msg: "No OpenShift version available; please ensure your systems are fully registered and have access to appropriate yum repositories." name: Abort if openshift_pkg_version was not set when: - - not is_containerized | bool + - not openshift_is_containerized | bool - openshift_version == '0.0' # We can't map an openshift_release to full rpm version like we can with containers; make sure # the rpm version we looked up matches the release requested and error out if not. - name: For an RPM install, abort when the release requested does not match the available version. when: - - not is_containerized | bool + - not openshift_is_containerized | bool - openshift_release is defined assert: that: diff --git a/roles/openshift_version/tasks/set_version_containerized.yml b/roles/openshift_version/tasks/set_version_containerized.yml index 71f957b78..e02a75eab 100644 --- a/roles/openshift_version/tasks/set_version_containerized.yml +++ b/roles/openshift_version/tasks/set_version_containerized.yml @@ -62,4 +62,4 @@ # dangly +c0mm1t-offset tags in the version. See also, # openshift_facts.py - set_fact: - openshift_version: "{{ openshift_version | oo_chomp_commit_offset }}" + openshift_version: "{{ openshift_version | lib_utils_oo_chomp_commit_offset }}" diff --git a/roles/template_service_broker/meta/main.yml b/roles/template_service_broker/meta/main.yml index ab5a0cf08..f1b56b771 100644 --- a/roles/template_service_broker/meta/main.yml +++ b/roles/template_service_broker/meta/main.yml @@ -11,3 +11,5 @@ galaxy_info: - 7 categories: - cloud +dependencies: +- role: lib_utils diff --git a/roles/template_service_broker/tasks/install.yml b/roles/template_service_broker/tasks/install.yml index 1253c1133..765263db5 100644 --- a/roles/template_service_broker/tasks/install.yml +++ b/roles/template_service_broker/tasks/install.yml @@ -1,9 +1,9 @@ --- # Fact setting -- name: Set default image variables based on deployment type +- name: Set default image variables based on openshift_deployment_type include_vars: "{{ item }}" with_first_found: - - "{{ openshift_deployment_type | default(deployment_type) }}.yml" + - "{{ openshift_deployment_type }}.yml" - "default_images.yml" - name: set template_service_broker facts @@ -44,16 +44,16 @@ - name: Apply template file shell: > - {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" + {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" --param API_SERVER_CONFIG="{{ config['content'] | b64decode }}" --param IMAGE="{{ template_service_broker_prefix }}{{ template_service_broker_image_name }}:{{ template_service_broker_version }}" --param NODE_SELECTOR={{ template_service_broker_selector | to_json | quote }} - | {{ openshift.common.client_binary }} apply -f - + | {{ openshift_client_binary }} apply -f - # reconcile with rbac - name: Reconcile with RBAC file shell: > - {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_rbac_file }}" | {{ openshift.common.client_binary }} auth reconcile -f - + {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_rbac_file }}" | {{ openshift_client_binary }} auth reconcile -f - # Check that the TSB is running - name: Verify that TSB is running @@ -80,7 +80,7 @@ # Register with broker - name: Register TSB with broker shell: > - {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" --param CA_BUNDLE="{{ __ca_bundle.content }}" | {{ openshift.common.client_binary }} apply -f - + {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" --param CA_BUNDLE="{{ __ca_bundle.content }}" | {{ openshift_client_binary }} apply -f - - file: state: absent diff --git a/roles/template_service_broker/tasks/remove.yml b/roles/template_service_broker/tasks/remove.yml index 8b5593ff9..8b4d798db 100644 --- a/roles/template_service_broker/tasks/remove.yml +++ b/roles/template_service_broker/tasks/remove.yml @@ -13,11 +13,11 @@ - name: Delete TSB broker shell: > - {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" | {{ openshift.common.client_binary }} delete --ignore-not-found -f - + {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" | {{ openshift_client_binary }} delete --ignore-not-found -f - - name: Delete TSB objects shell: > - {{ openshift.common.client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" | {{ openshift.common.client_binary }} delete --ignore-not-found -f - + {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" | {{ openshift_client_binary }} delete --ignore-not-found -f - - name: empty out tech preview extension file for service console UI copy: diff --git a/roles/tuned/tasks/main.yml b/roles/tuned/tasks/main.yml index e95d274d5..4a28d47b2 100644 --- a/roles/tuned/tasks/main.yml +++ b/roles/tuned/tasks/main.yml @@ -11,7 +11,7 @@ block: - name: Set tuned OpenShift variables set_fact: - openshift_tuned_guest_profile: "{{ 'atomic-guest' if openshift.common.is_atomic else 'virtual-guest' }}" + openshift_tuned_guest_profile: "{{ 'atomic-guest' if openshift_is_atomic else 'virtual-guest' }}" - name: Ensure directory structure exists file: @@ -348,21 +348,10 @@ class OpenShiftAnsibleSyntaxCheck(Command): # --syntax-check each entry point playbook try: # Create a host group list to avoid WARNING on unmatched host patterns - host_group_list = [ - 'etcd,masters,nodes,OSEv3', - 'oo_all_hosts', - 'oo_etcd_to_config,oo_new_etcd_to_config,oo_first_etcd,oo_etcd_hosts_to_backup,' - 'oo_etcd_hosts_to_upgrade,oo_etcd_to_migrate', - 'oo_masters,oo_masters_to_config,oo_first_master,oo_containerized_master_nodes', - 'oo_nodes_to_config,oo_nodes_to_upgrade', - 'oo_nodes_use_kuryr,oo_nodes_use_flannel', - 'oo_nodes_use_calico,oo_nodes_use_nuage,oo_nodes_use_contiv', - 'oo_lb_to_config', - 'oo_nfs_to_config', - 'glusterfs,glusterfs_registry,'] + tox_ansible_inv = os.environ['TOX_ANSIBLE_INV_PATH'] subprocess.check_output( - ['ansible-playbook', '-i ' + ','.join(host_group_list), - '--syntax-check', playbook] + ['ansible-playbook', '-i', tox_ansible_inv, + '--syntax-check', playbook, '-e', '@{}_extras'.format(tox_ansible_inv)] ) except subprocess.CalledProcessError as cpe: print('{}Execution failed: {}{}'.format( diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml index 006a71bd9..451ac0972 100644 --- a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml +++ b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_missing_required.yml @@ -4,7 +4,7 @@ vars: image: preflight-aos-package-checks l_host_vars: - deployment_type: openshift-enterprise + openshift_deployment_type: openshift-enterprise - name: Fail as required packages cannot be installed hosts: all diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml index b4f18e3b5..e37487f13 100644 --- a/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml +++ b/test/integration/openshift_health_checker/preflight/playbooks/package_availability_succeeds.yml @@ -3,7 +3,7 @@ vars: image: preflight-aos-package-checks l_host_vars: - deployment_type: origin + openshift_deployment_type: origin - name: Succeeds as Origin packages are public hosts: all diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml index 4e2b8a50c..9c845e1e5 100644 --- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml +++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_matches.yml @@ -3,7 +3,7 @@ vars: image: preflight-aos-package-checks l_host_vars: - deployment_type: openshift-enterprise + openshift_deployment_type: openshift-enterprise openshift_release: 3.2 - name: Success when AOS version matches openshift_release diff --git a/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml b/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml index e1f8d74e6..9ae811939 100644 --- a/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml +++ b/test/integration/openshift_health_checker/preflight/playbooks/package_version_mismatches.yml @@ -4,7 +4,7 @@ vars: image: preflight-aos-package-checks l_host_vars: - deployment_type: openshift-enterprise + openshift_deployment_type: openshift-enterprise openshift_release: 3.2 - name: Failure when AOS version doesn't match openshift_release diff --git a/test/openshift_version_tests.py b/test/openshift_version_tests.py deleted file mode 100644 index 36b8263bb..000000000 --- a/test/openshift_version_tests.py +++ /dev/null @@ -1,32 +0,0 @@ -""" Tests for the openshift_version Ansible filter module. """ -# pylint: disable=missing-docstring,invalid-name - -import os -import sys -import unittest - -sys.path = [os.path.abspath(os.path.dirname(__file__) + "/../filter_plugins/")] + sys.path - -# pylint: disable=import-error -import openshift_version # noqa: E402 - - -class OpenShiftVersionTests(unittest.TestCase): - - openshift_version_filters = openshift_version.FilterModule() - - def test_gte_filters(self): - for major, minor_start, minor_end in self.openshift_version_filters.versions: - for minor in range(minor_start, minor_end): - # Test positive case - self.assertTrue( - self.openshift_version_filters._filters["oo_version_gte_{}_{}".format(major, minor)]( - "{}.{}".format(major, minor + 1))) - # Test negative case - self.assertFalse( - self.openshift_version_filters._filters["oo_version_gte_{}_{}".format(major, minor)]( - "{}.{}".format(major, minor))) - - def test_get_filters(self): - self.assertTrue( - self.openshift_version_filters.filters() == self.openshift_version_filters._filters) diff --git a/test/tox-inventory.txt b/test/tox-inventory.txt new file mode 100644 index 000000000..6e57d224b --- /dev/null +++ b/test/tox-inventory.txt @@ -0,0 +1,105 @@ +[OSEv3] +localhost + + +[OSEv3:children] +etcd +masters +nodes +oo_all_hosts +oo_etcd_to_config +oo_new_etcd_to_config +oo_first_etcd +oo_etcd_hosts_to_backup +oo_etcd_hosts_to_upgrade +oo_etcd_to_migrate +oo_masters +oo_masters_to_config +oo_first_master +oo_containerized_master_nodes +oo_nodes_to_config +oo_nodes_to_upgrade +oo_nodes_use_kuryr +oo_nodes_use_flannel +oo_nodes_use_calico +oo_nodes_use_nuage +oo_nodes_use_contiv +oo_lb_to_config +oo_nfs_to_config +glusterfs +glusterfs_registry + +[etcd] +localhost + +[masters] +localhost + +[nodes] +localhost + +[oo_all_hosts] +localhost + +[oo_etcd_to_config] +localhost + +[oo_new_etcd_to_config] +localhost + +[oo_first_etcd] +localhost + +[oo_etcd_hosts_to_backup] +localhost + +[oo_etcd_hosts_to_upgrade] +localhost + +[oo_etcd_to_migrate] +localhost + +[oo_masters] +localhost + +[oo_masters_to_config] +localhost + +[oo_first_master] +localhost + +[oo_containerized_master_nodes] +localhost + +[oo_nodes_to_config] +localhost + +[oo_nodes_to_upgrade] +localhost + +[oo_nodes_use_kuryr] +localhost + +[oo_nodes_use_flannel] +localhost + +[oo_nodes_use_calico] +localhost + +[oo_nodes_use_nuage] +localhost + +[oo_nodes_use_contiv] +localhost + +[oo_lb_to_config] +localhost + +[oo_nfs_to_config] +localhost + +[glusterfs] +localhost + +[glusterfs_registry] +localhost diff --git a/test/tox-inventory.txt_extras b/test/tox-inventory.txt_extras new file mode 100644 index 000000000..f73610570 --- /dev/null +++ b/test/tox-inventory.txt_extras @@ -0,0 +1,3 @@ +--- +hostvars: + localhost: {} @@ -8,6 +8,7 @@ skip_missing_interpreters=True [testenv] skip_install=True +setenv = TOX_ANSIBLE_INV_PATH = {toxinidir}/test/tox-inventory.txt deps = -rrequirements.txt -rtest-requirements.txt |