summaryrefslogtreecommitdiffstats
path: root/playbooks/common/openshift-master
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/common/openshift-master')
-rw-r--r--playbooks/common/openshift-master/config.yml62
l---------playbooks/common/openshift-master/library1
-rwxr-xr-xplaybooks/common/openshift-master/library/modify_yaml.py95
3 files changed, 17 insertions, 141 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 060b5aa0d..8fd0904d6 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -46,7 +46,7 @@
openshift_hosted_metrics_duration: "{{ lookup('oo_option', 'openshift_hosted_metrics_duration') | default(7) }}"
when: openshift_hosted_metrics_duration is not defined
- set_fact:
- openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default(10) }}"
+ openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default('10s', true) }}"
when: openshift_hosted_metrics_resolution is not defined
roles:
- openshift_facts
@@ -120,7 +120,7 @@
-C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} .
args:
creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
- with_items: etcd_needing_client_certs
+ with_items: "{{ etcd_needing_client_certs | default([]) }}"
- name: Retrieve the etcd cert tarballs
fetch:
src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz"
@@ -128,7 +128,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: etcd_needing_client_certs
+ with_items: "{{ etcd_needing_client_certs | default([]) }}"
- name: Copy the external etcd certs to the masters
hosts: oo_masters_to_config
@@ -178,7 +178,7 @@
- name: Check status of master certificates
stat:
path: "{{ openshift.common.config_base }}/master/{{ item }}"
- with_items: openshift_master_certs
+ with_items: "{{ openshift_master_certs }}"
register: g_master_cert_stat_result
- set_fact:
master_certs_missing: "{{ False in (g_master_cert_stat_result.results
@@ -186,11 +186,6 @@
| list ) }}"
master_cert_subdir: master-{{ openshift.common.hostname }}
master_cert_config_dir: "{{ openshift.common.config_base }}/master"
- - set_fact:
- openshift_infra_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'])
- | oo_nodes_with_label('region', 'infra')
- | oo_collect('inventory_hostname') }}"
- when: openshift_infra_nodes is not defined and groups.oo_nodes_to_config | default([]) | length > 0
- name: Configure master certificates
hosts: oo_first_master
@@ -204,6 +199,7 @@
| oo_collect('openshift.common.all_hostnames')
| oo_flatten | unique }}"
sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
roles:
- openshift_master_certificates
post_tasks:
@@ -213,7 +209,7 @@
state: absent
when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config
with_nested:
- - masters_needing_certs
+ - "{{ masters_needing_certs | default([]) }}"
- - master.etcd-client.crt
- master.etcd-client.key
@@ -223,7 +219,7 @@
-C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} .
args:
creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz"
- with_items: masters_needing_certs
+ with_items: "{{ masters_needing_certs | default([]) }}"
- name: Retrieve the master cert tarball from the master
fetch:
@@ -232,34 +228,7 @@
flat: yes
fail_on_missing: yes
validate_checksum: yes
- with_items: masters_needing_certs
-
-- name: Configure load balancers
- hosts: oo_lb_to_config
- vars:
- sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"
- haproxy_limit_nofile: 100000
- haproxy_global_maxconn: 20000
- haproxy_default_maxconn: 20000
- haproxy_frontend_port: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}"
- haproxy_frontends:
- - name: atomic-openshift-api
- mode: tcp
- options:
- - tcplog
- binds:
- - "*:{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}"
- default_backend: atomic-openshift-api
- haproxy_backends:
- - name: atomic-openshift-api
- mode: tcp
- option: tcplog
- balance: source
- servers: "{{ hostvars | oo_select_keys(groups['oo_masters']) | oo_haproxy_backend_masters }}"
- roles:
- - role: openshift_facts
- - role: haproxy
- when: hostvars[groups.oo_first_master.0].openshift.master.ha | bool
+ with_items: "{{ masters_needing_certs | default([]) }}"
- name: Check for cached session secrets
hosts: oo_first_master
@@ -346,6 +315,14 @@
openshift_master_count: "{{ openshift.master.master_count }}"
openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}"
openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"
+ openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
+ openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
+ | union(groups['oo_masters_to_config'])
+ | union(groups['oo_etcd_to_config'] | default([])))
+ | oo_collect('openshift.common.hostname') | default([]) | join (',')
+ }}"
+ when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
+ openshift_generate_no_proxy_hosts | default(True) | bool }}"
pre_tasks:
- name: Ensure certificate directory exists
file:
@@ -367,13 +344,6 @@
group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }}
changed_when: False
-# Additional instance config for online deployments
-- name: Additional instance config
- hosts: oo_masters_deployment_type_online
- roles:
- - pods
- - os_env_extras
-
- name: Delete temporary directory on localhost
hosts: localhost
connection: local
diff --git a/playbooks/common/openshift-master/library b/playbooks/common/openshift-master/library
new file mode 120000
index 000000000..d0b7393d3
--- /dev/null
+++ b/playbooks/common/openshift-master/library
@@ -0,0 +1 @@
+../../../library/ \ No newline at end of file
diff --git a/playbooks/common/openshift-master/library/modify_yaml.py b/playbooks/common/openshift-master/library/modify_yaml.py
deleted file mode 100755
index a4be10ca3..000000000
--- a/playbooks/common/openshift-master/library/modify_yaml.py
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# vim: expandtab:tabstop=4:shiftwidth=4
-
-''' modify_yaml ansible module '''
-
-import yaml
-
-DOCUMENTATION = '''
----
-module: modify_yaml
-short_description: Modify yaml key value pairs
-author: Andrew Butcher
-requirements: [ ]
-'''
-EXAMPLES = '''
-- modify_yaml:
- dest: /etc/origin/master/master-config.yaml
- yaml_key: 'kubernetesMasterConfig.masterCount'
- yaml_value: 2
-'''
-
-def main():
- ''' Modify key (supplied in jinja2 dot notation) in yaml file, setting
- the key to the desired value.
- '''
-
- # disabling pylint errors for global-variable-undefined and invalid-name
- # for 'global module' usage, since it is required to use ansible_facts
- # pylint: disable=global-variable-undefined, invalid-name,
- # redefined-outer-name
- global module
-
- module = AnsibleModule(
- argument_spec=dict(
- dest=dict(required=True),
- yaml_key=dict(required=True),
- yaml_value=dict(required=True),
- backup=dict(required=False, default=True, type='bool'),
- ),
- supports_check_mode=True,
- )
-
- dest = module.params['dest']
- yaml_key = module.params['yaml_key']
- yaml_value = module.safe_eval(module.params['yaml_value'])
- backup = module.params['backup']
-
- # Represent null values as an empty string.
- # pylint: disable=missing-docstring, unused-argument
- def none_representer(dumper, data):
- return yaml.ScalarNode(tag=u'tag:yaml.org,2002:null', value=u'')
- yaml.add_representer(type(None), none_representer)
-
- try:
- changes = []
-
- yaml_file = open(dest)
- yaml_data = yaml.safe_load(yaml_file.read())
- yaml_file.close()
-
- ptr = yaml_data
- for key in yaml_key.split('.'):
- if key not in ptr and key != yaml_key.split('.')[-1]:
- ptr[key] = {}
- elif key == yaml_key.split('.')[-1]:
- if (key in ptr and module.safe_eval(ptr[key]) != yaml_value) or (key not in ptr):
- ptr[key] = yaml_value
- changes.append((yaml_key, yaml_value))
- else:
- ptr = ptr[key]
-
- if len(changes) > 0:
- if backup:
- module.backup_local(dest)
- yaml_file = open(dest, 'w')
- yaml_string = yaml.dump(yaml_data, default_flow_style=False)
- yaml_string = yaml_string.replace('\'\'', '""')
- yaml_file.write(yaml_string)
- yaml_file.close()
-
- return module.exit_json(changed=(len(changes) > 0), changes=changes)
-
- # ignore broad-except error to avoid stack trace to ansible user
- # pylint: disable=broad-except
- except Exception, e:
- return module.fail_json(msg=str(e))
-
-# ignore pylint errors related to the module_utils import
-# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import
-# import module snippets
-from ansible.module_utils.basic import *
-
-if __name__ == '__main__':
- main()
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-21 05:30:16 +0000