summaryrefslogtreecommitdiffstats
path: root/playbooks/common
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/common')
-rw-r--r--playbooks/common/openshift-cluster/initialize_openshift_version.yml4
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/ca.yml2
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/router.yml5
-rw-r--r--playbooks/common/openshift-cluster/upgrades/post_control_plane.yml12
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml2
l---------playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins1
l---------playbooks/common/openshift-cluster/upgrades/v3_5/roles1
-rw-r--r--playbooks/common/openshift-node/config.yml20
-rw-r--r--playbooks/common/openshift-node/restart.yml20
10 files changed, 28 insertions, 41 deletions
diff --git a/playbooks/common/openshift-cluster/initialize_openshift_version.yml b/playbooks/common/openshift-cluster/initialize_openshift_version.yml
index 07b38920f..6b40176e1 100644
--- a/playbooks/common/openshift-cluster/initialize_openshift_version.yml
+++ b/playbooks/common/openshift-cluster/initialize_openshift_version.yml
@@ -18,6 +18,10 @@
msg: Incompatible versions of yum and subscription-manager found. You may need to update yum and yum-utils.
when: "not openshift.common.is_atomic | bool and 'Plugin \"search-disabled-repos\" requires API 2.7. Supported API is 2.6.' in yum_ver_test.stdout"
+- include: disable_excluder.yml
+ tags:
+ - always
+
- name: Determine openshift_version to configure on first master
hosts: oo_first_master
roles:
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml b/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml
index 9d4d3ea26..2af699209 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/ca.yml
@@ -294,7 +294,7 @@
client_path: "{{ openshift.common.config_base }}/master/admin.kubeconfig"
ca_path: "{{ openshift.common.config_base }}/master/ca-bundle.crt"
- name: Lookup default group for ansible_ssh_user
- command: "/usr/bin/id -g {{ ansible_ssh_user }}"
+ command: "/usr/bin/id -g {{ ansible_ssh_user | quote }}"
changed_when: false
register: _ansible_ssh_user_gid
- set_fact:
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
index 707fb6424..35eedd5ee 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
@@ -2,14 +2,13 @@
- name: Update router certificates
hosts: oo_first_master
vars:
+ roles:
+ - lib_openshift
tasks:
- name: Create temp directory for kubeconfig
command: mktemp -d /tmp/openshift-ansible-XXXXXX
register: mktemp
changed_when: false
- roles:
- - lib_openshift
-
- name: Copy admin client config(s)
command: >
cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig
diff --git a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
index f0191e380..6f096f705 100644
--- a/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/post_control_plane.yml
@@ -14,9 +14,6 @@
- name: Load lib_openshift modules
include_role:
name: lib_openshift
- # TODO: remove temp_skip_router_registry_upgrade variable. This is a short term hack
- # to allow ops to use this control plane upgrade, without triggering router/registry
- # upgrade which has not yet been synced with their process.
- name: Collect all routers
oc_obj:
state: list
@@ -24,22 +21,18 @@
all_namespaces: True
selector: 'router'
register: all_routers
- when: temp_skip_router_registry_upgrade is not defined
- - set_fact: haproxy_routers="{{ (all_routers.reults.results[0]['items'] | oo_pods_match_component(openshift_deployment_type, 'haproxy-router') | oo_select_keys_from_list(['metadata']) }}"
+ - set_fact: haproxy_routers="{{ all_routers.results.results[0]['items'] | oo_pods_match_component(openshift_deployment_type, 'haproxy-router') | oo_select_keys_from_list(['metadata']) }}"
when:
- all_routers.results.returncode == 0
- - temp_skip_router_registry_upgrade is not defined
- set_fact: haproxy_routers=[]
when:
- all_routers.results.returncode != 0
- - temp_skip_router_registry_upgrade is not defined
- name: Update router image to current version
when:
- all_routers.results.returncode == 0
- - temp_skip_router_registry_upgrade is not defined
command: >
{{ oc_cmd }} patch dc/{{ item['labels']['deploymentconfig'] }} -n {{ item['namespace'] }} -p
'{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}","livenessProbe":{"tcpSocket":null,"httpGet":{"path": "/healthz", "port": 1936, "host": "localhost", "scheme": "HTTP"},"initialDelaySeconds":10,"timeoutSeconds":1}}]}}}}'
@@ -55,12 +48,10 @@
kind: dc
name: docker-registry
register: _default_registry
- when: temp_skip_router_registry_upgrade is not defined
- name: Update registry image to current version
when:
- _default_registry.results.results[0] != {}
- - temp_skip_router_registry_upgrade is not defined
command: >
{{ oc_cmd }} patch dc/docker-registry -n default -p
'{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}'
@@ -96,6 +87,7 @@
register: grep_plugin_order_override
when: openshift.common.version_gte_3_3_or_1_3 | bool
changed_when: false
+ failed_when: false
- name: Warn if pluginOrderOverride is in use in master-config.yaml
debug:
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
index a4aefcdac..fd01a6625 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
@@ -257,7 +257,7 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data
+ {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
roles:
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
index e3a98fd9b..4e1838c71 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
@@ -26,7 +26,7 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data
+ {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
roles:
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins
new file mode 120000
index 000000000..7de3c1dd7
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_5/filter_plugins
@@ -0,0 +1 @@
+../../../../../filter_plugins/ \ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/roles b/playbooks/common/openshift-cluster/upgrades/v3_5/roles
new file mode 120000
index 000000000..415645be6
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/v3_5/roles
@@ -0,0 +1 @@
+../../../../../roles/ \ No newline at end of file
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index abeb93f97..6c5a299c1 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -20,17 +20,6 @@
annotations: "{{ openshift_node_annotations | default(None) }}"
schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}"
-- name: Create temp directory for syncing certs
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - name: Create local temp directory for syncing certs
- local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX
- register: mktemp
- changed_when: False
-
- name: Evaluate node groups
hosts: localhost
become: no
@@ -105,12 +94,3 @@
- name: Create group for deployment type
group_by: key=oo_nodes_deployment_type_{{ openshift.common.deployment_type }}
changed_when: False
-
-- name: Delete temporary directory on localhost
- hosts: localhost
- connection: local
- become: no
- gather_facts: no
- tasks:
- - file: name={{ mktemp.stdout }} state=absent
- changed_when: False
diff --git a/playbooks/common/openshift-node/restart.yml b/playbooks/common/openshift-node/restart.yml
index 6e9b1cca3..441b100e9 100644
--- a/playbooks/common/openshift-node/restart.yml
+++ b/playbooks/common/openshift-node/restart.yml
@@ -2,16 +2,24 @@
- name: Restart nodes
hosts: oo_nodes_to_config
serial: "{{ openshift_restart_nodes_serial | default(1) }}"
+
+ roles:
+ - lib_openshift
+
tasks:
- name: Restart docker
- service: name=docker state=restarted
+ service:
+ name: docker
+ state: restarted
- name: Update docker facts
openshift_facts:
role: docker
- name: Restart containerized services
- service: name={{ item }} state=started
+ service:
+ name: "{{ item }}"
+ state: started
with_items:
- etcd_container
- openvswitch
@@ -36,12 +44,14 @@
state: restarted
- name: Wait for node to be ready
- command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.client_binary }} get node {{ openshift.common.hostname | lower }} --no-headers
+ oc_obj:
+ state: list
+ kind: node
+ name: "{{ openshift.common.hostname | lower }}"
register: node_output
delegate_to: "{{ groups.oo_first_master.0 }}"
when: inventory_hostname in groups.oo_nodes_to_config
- until: "{{ node_output.stdout.split()[1].startswith('Ready')}}"
+ until: node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True
# Give the node two minutes to come back online.
retries: 24
delay: 5