diff options
Diffstat (limited to 'playbooks/common/openshift-master')
-rw-r--r-- | playbooks/common/openshift-master/config.yml | 62 | ||||
l--------- | playbooks/common/openshift-master/library | 1 | ||||
-rwxr-xr-x | playbooks/common/openshift-master/library/modify_yaml.py | 95 |
3 files changed, 17 insertions, 141 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 060b5aa0d..8fd0904d6 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -46,7 +46,7 @@ openshift_hosted_metrics_duration: "{{ lookup('oo_option', 'openshift_hosted_metrics_duration') | default(7) }}" when: openshift_hosted_metrics_duration is not defined - set_fact: - openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default(10) }}" + openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default('10s', true) }}" when: openshift_hosted_metrics_resolution is not defined roles: - openshift_facts @@ -120,7 +120,7 @@ -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . args: creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" - with_items: etcd_needing_client_certs + with_items: "{{ etcd_needing_client_certs | default([]) }}" - name: Retrieve the etcd cert tarballs fetch: src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -128,7 +128,7 @@ flat: yes fail_on_missing: yes validate_checksum: yes - with_items: etcd_needing_client_certs + with_items: "{{ etcd_needing_client_certs | default([]) }}" - name: Copy the external etcd certs to the masters hosts: oo_masters_to_config @@ -178,7 +178,7 @@ - name: Check status of master certificates stat: path: "{{ openshift.common.config_base }}/master/{{ item }}" - with_items: openshift_master_certs + with_items: "{{ openshift_master_certs }}" register: g_master_cert_stat_result - set_fact: master_certs_missing: "{{ False in (g_master_cert_stat_result.results @@ -186,11 +186,6 @@ | list ) }}" master_cert_subdir: master-{{ openshift.common.hostname }} master_cert_config_dir: "{{ openshift.common.config_base }}/master" - - set_fact: - openshift_infra_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) - | oo_nodes_with_label('region', 'infra') - | oo_collect('inventory_hostname') }}" - when: openshift_infra_nodes is not defined and groups.oo_nodes_to_config | default([]) | length > 0 - name: Configure master certificates hosts: oo_first_master @@ -204,6 +199,7 @@ | oo_collect('openshift.common.all_hostnames') | oo_flatten | unique }}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}" roles: - openshift_master_certificates post_tasks: @@ -213,7 +209,7 @@ state: absent when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config with_nested: - - masters_needing_certs + - "{{ masters_needing_certs | default([]) }}" - - master.etcd-client.crt - master.etcd-client.key @@ -223,7 +219,7 @@ -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . args: creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" - with_items: masters_needing_certs + with_items: "{{ masters_needing_certs | default([]) }}" - name: Retrieve the master cert tarball from the master fetch: @@ -232,34 +228,7 @@ flat: yes fail_on_missing: yes validate_checksum: yes - with_items: masters_needing_certs - -- name: Configure load balancers - hosts: oo_lb_to_config - vars: - sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" - haproxy_limit_nofile: 100000 - haproxy_global_maxconn: 20000 - haproxy_default_maxconn: 20000 - haproxy_frontend_port: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}" - haproxy_frontends: - - name: atomic-openshift-api - mode: tcp - options: - - tcplog - binds: - - "*:{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}" - default_backend: atomic-openshift-api - haproxy_backends: - - name: atomic-openshift-api - mode: tcp - option: tcplog - balance: source - servers: "{{ hostvars | oo_select_keys(groups['oo_masters']) | oo_haproxy_backend_masters }}" - roles: - - role: openshift_facts - - role: haproxy - when: hostvars[groups.oo_first_master.0].openshift.master.ha | bool + with_items: "{{ masters_needing_certs | default([]) }}" - name: Check for cached session secrets hosts: oo_first_master @@ -346,6 +315,14 @@ openshift_master_count: "{{ openshift.master.master_count }}" openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}" openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}" + openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}" + openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config'] + | union(groups['oo_masters_to_config']) + | union(groups['oo_etcd_to_config'] | default([]))) + | oo_collect('openshift.common.hostname') | default([]) | join (',') + }}" + when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and + openshift_generate_no_proxy_hosts | default(True) | bool }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -367,13 +344,6 @@ group_by: key=oo_masters_deployment_type_{{ openshift.common.deployment_type }} changed_when: False -# Additional instance config for online deployments -- name: Additional instance config - hosts: oo_masters_deployment_type_online - roles: - - pods - - os_env_extras - - name: Delete temporary directory on localhost hosts: localhost connection: local diff --git a/playbooks/common/openshift-master/library b/playbooks/common/openshift-master/library new file mode 120000 index 000000000..d0b7393d3 --- /dev/null +++ b/playbooks/common/openshift-master/library @@ -0,0 +1 @@ +../../../library/
\ No newline at end of file diff --git a/playbooks/common/openshift-master/library/modify_yaml.py b/playbooks/common/openshift-master/library/modify_yaml.py deleted file mode 100755 index a4be10ca3..000000000 --- a/playbooks/common/openshift-master/library/modify_yaml.py +++ /dev/null @@ -1,95 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# vim: expandtab:tabstop=4:shiftwidth=4 - -''' modify_yaml ansible module ''' - -import yaml - -DOCUMENTATION = ''' ---- -module: modify_yaml -short_description: Modify yaml key value pairs -author: Andrew Butcher -requirements: [ ] -''' -EXAMPLES = ''' -- modify_yaml: - dest: /etc/origin/master/master-config.yaml - yaml_key: 'kubernetesMasterConfig.masterCount' - yaml_value: 2 -''' - -def main(): - ''' Modify key (supplied in jinja2 dot notation) in yaml file, setting - the key to the desired value. - ''' - - # disabling pylint errors for global-variable-undefined and invalid-name - # for 'global module' usage, since it is required to use ansible_facts - # pylint: disable=global-variable-undefined, invalid-name, - # redefined-outer-name - global module - - module = AnsibleModule( - argument_spec=dict( - dest=dict(required=True), - yaml_key=dict(required=True), - yaml_value=dict(required=True), - backup=dict(required=False, default=True, type='bool'), - ), - supports_check_mode=True, - ) - - dest = module.params['dest'] - yaml_key = module.params['yaml_key'] - yaml_value = module.safe_eval(module.params['yaml_value']) - backup = module.params['backup'] - - # Represent null values as an empty string. - # pylint: disable=missing-docstring, unused-argument - def none_representer(dumper, data): - return yaml.ScalarNode(tag=u'tag:yaml.org,2002:null', value=u'') - yaml.add_representer(type(None), none_representer) - - try: - changes = [] - - yaml_file = open(dest) - yaml_data = yaml.safe_load(yaml_file.read()) - yaml_file.close() - - ptr = yaml_data - for key in yaml_key.split('.'): - if key not in ptr and key != yaml_key.split('.')[-1]: - ptr[key] = {} - elif key == yaml_key.split('.')[-1]: - if (key in ptr and module.safe_eval(ptr[key]) != yaml_value) or (key not in ptr): - ptr[key] = yaml_value - changes.append((yaml_key, yaml_value)) - else: - ptr = ptr[key] - - if len(changes) > 0: - if backup: - module.backup_local(dest) - yaml_file = open(dest, 'w') - yaml_string = yaml.dump(yaml_data, default_flow_style=False) - yaml_string = yaml_string.replace('\'\'', '""') - yaml_file.write(yaml_string) - yaml_file.close() - - return module.exit_json(changed=(len(changes) > 0), changes=changes) - - # ignore broad-except error to avoid stack trace to ansible user - # pylint: disable=broad-except - except Exception, e: - return module.fail_json(msg=str(e)) - -# ignore pylint errors related to the module_utils import -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import -# import module snippets -from ansible.module_utils.basic import * - -if __name__ == '__main__': - main() |