diff options
Diffstat (limited to 'playbooks')
85 files changed, 1172 insertions, 323 deletions
diff --git a/playbooks/adhoc/bootstrap-fedora.yml b/playbooks/adhoc/bootstrap-fedora.yml index de9f36c8a..0df77e309 100644 --- a/playbooks/adhoc/bootstrap-fedora.yml +++ b/playbooks/adhoc/bootstrap-fedora.yml @@ -1,4 +1,4 @@ -- hosts: OSv3 +- hosts: OSEv3 gather_facts: false tasks: - name: install python and deps for ansible modules diff --git a/playbooks/adhoc/create_pv/create_pv.yaml b/playbooks/adhoc/create_pv/create_pv.yaml index 0ca040ee1..347d9f574 100644 --- a/playbooks/adhoc/create_pv/create_pv.yaml +++ b/playbooks/adhoc/create_pv/create_pv.yaml @@ -3,9 +3,8 @@ # ansible-playbook -e "cli_volume_size=1" \ # -e "cli_device_name=/dev/xvdf" \ # -e "cli_hosttype=master" \ -# -e "cli_env=ops" \ +# -e "cli_clusterid=ops" \ # create_pv.yaml -# FIXME: we need to change "env" to "clusterid" as that's what it really is now. # - name: Create a volume and attach it to master hosts: localhost @@ -16,7 +15,7 @@ cli_volume_type: gp2 cli_volume_iops: '' oo_name: "{{ groups['tag_host-type_' ~ cli_hosttype] | - intersect(groups['tag_env_' ~ cli_env]) | + intersect(groups['oo_clusterid_' ~ cli_clusterid]) | first }}" pre_tasks: - fail: @@ -26,7 +25,7 @@ - cli_volume_size - cli_device_name - cli_hosttype - - cli_env + - cli_clusterid - name: set oo_name fact set_fact: @@ -57,7 +56,7 @@ args: tags: Name: "pv-{{ hostvars[oo_name]['ec2_tag_Name'] }}" - env: "{{cli_env}}" + clusterid: "{{cli_clusterid}}" register: voltags - debug: var=voltags diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 89128dd3c..4d32fc40b 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -113,7 +113,7 @@ args: tags: Name: "{{ ec2_tag_Name }}" - env: "{{ ec2_tag_env}}" + clusterid: "{{ ec2_tag_clusterid }}" register: voltags - name: Wait for volume to attach diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml index b4bcb25da..d24e9cafa 100644 --- a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -20,7 +20,7 @@ # ansible-playbook -e 'cli_tag_name=ops-compute-12345' grow_docker_vg.yml # # Notes: -# * By default this will do a 55GB GP2 volume. The can be overidden with the "-e 'cli_volume_size=100'" variable +# * By default this will do a 200GB GP2 volume. The can be overidden with the "-e 'cli_volume_size=100'" variable # * This does a GP2 by default. Support for Provisioned IOPS has not been added # * This will assign the new volume to /dev/xvdc. This is not variablized, yet. # * This can be done with NO downtime on the host @@ -36,7 +36,7 @@ vars: cli_volume_type: gp2 - cli_volume_size: 55 + cli_volume_size: 200 # cli_volume_iops: "{{ 30 * cli_volume_size }}" pre_tasks: @@ -151,7 +151,7 @@ args: tags: Name: "{{ ec2_tag_Name }}" - env: "{{ ec2_tag_env }}" + clusterid: "{{ ec2_tag_clusterid }}" register: voltags - name: check for attached drive diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 071c2cf46..d409b4086 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -6,7 +6,7 @@ # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role. # The 'clusterid' is the short name of your cluster. -- hosts: tag_env_{{ clusterid }}:&tag_host-type_openshift-master +- hosts: tag_clusterid_{{ clusterid }}:&tag_host-type_openshift-master remote_user: root gather_facts: False diff --git a/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml new file mode 100755 index 000000000..0dc021fbc --- /dev/null +++ b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml @@ -0,0 +1,53 @@ +#!/usr/bin/ansible-playbook +--- +#example run: +# ansible-playbook -e "host=ops-node-compute-abcde" oo-sdn-restart.yml +# + +- name: Check vars + hosts: localhost + gather_facts: false + + pre_tasks: + - fail: + msg: "Playbook requires host to be set" + when: host is not defined or host == '' + +- name: Restart openshift/docker (and monitoring containers) + hosts: oo_version_3:&oo_name_{{ host }} + gather_facts: false + user: root + + tasks: + - name: stop openshift/docker + service: + name: "{{ item }}" + state: stopped + with_items: + - atomic-openshift-node + - docker + + - name: restart openvswitch + service: + name: openvswitch + state: restarted + + - name: wait 5 sec + pause: + seconds: 5 + + - name: start openshift/docker + service: + name: "{{ item }}" + state: started + with_items: + - atomic-openshift-node + - docker + + - name: start monitoring containers + service: + name: "{{ item }}" + state: restarted + with_items: + - oso-f22-host-monitoring + - oso-rhel7-zagg-client diff --git a/playbooks/adhoc/setupnfs.yml b/playbooks/adhoc/setupnfs.yml new file mode 100644 index 000000000..5f3631fcf --- /dev/null +++ b/playbooks/adhoc/setupnfs.yml @@ -0,0 +1,21 @@ +--- +### This playbook is old and we are currently not using NFS. +- hosts: tag_Name_nfs-v3-stg + sudo: no + remote_user: root + gather_facts: no + roles: + - role: openshift_storage_nfs_lvm + mount_dir: /exports/stg-black + volume_prefix: "kwoodsontest" + volume_size: 5 + volume_num_start: 222 + number_of_volumes: 3 + tasks: + - fetch: + dest: json/ + src: /root/"{{ item }}" + with_items: + - persistent-volume.kwoodsontest5g0222.json + - persistent-volume.kwoodsontest5g0223.json + - persistent-volume.kwoodsontest5g0224.json diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 9161076e5..36d686c8b 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -19,15 +19,19 @@ failed_when: false register: ostree_output + # Since we're not calling openshift_facts we'll do this for now - set_fact: is_atomic: "{{ ostree_output.rc == 0 }}" + - set_fact: + is_containerized: "{{ is_atomic or containerized | default(false) | bool }}" - name: Remove br0 interface shell: ovs-vsctl del-br br0 changed_when: False failed_when: False - - service: name={{ item }} state=stopped + - name: Stop services + service: name={{ item }} state=stopped with_items: - atomic-enterprise-master - atomic-enterprise-node @@ -36,6 +40,7 @@ - atomic-openshift-master-controllers - atomic-openshift-node - etcd + - haproxy - openshift-master - openshift-master-api - openshift-master-controllers @@ -46,8 +51,10 @@ - origin-master-controllers - origin-node - pcsd + failed_when: false - - action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" + - name: Remove packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" when: not is_atomic | bool with_items: - atomic-enterprise @@ -61,6 +68,7 @@ - atomic-openshift-sdn-ovs - corosync - etcd + - haproxy - openshift - openshift-master - openshift-node @@ -132,14 +140,26 @@ with_items: - registry\.access\..*redhat\.com/openshift3 - registry\.access\..*redhat\.com/aep3 + - registry\.access\..*redhat\.com/rhel7/etcd - docker.io/openshift - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}" changed_when: False failed_when: False with_items: "{{ images_to_delete.results }}" + + - name: Remove sdn drop files + file: + path: /run/openshift-sdn + state: absent + + - name: restart docker + service: + name: docker + state: restarted - - file: path={{ item }} state=absent + - name: Remove remaining files + file: path={{ item }} state=absent with_items: - "~{{ ansible_ssh_user }}/.kube" - /etc/ansible/facts.d/openshift.fact @@ -149,7 +169,15 @@ - /etc/openshift - /etc/openshift-sdn - /etc/origin + - /etc/systemd/system/atomic-openshift-master.service + - /etc/systemd/system/atomic-openshift-master-api.service + - /etc/systemd/system/atomic-openshift-master-controllers.service + - /etc/systemd/system/atomic-openshift-node.service + - /etc/systemd/system/etcd_container.service + - /etc/systemd/system/openvswitch.service - /etc/sysconfig/atomic-enterprise-master + - /etc/sysconfig/atomic-enterprise-master-api + - /etc/sysconfig/atomic-enterprise-master-controllers - /etc/sysconfig/atomic-enterprise-node - /etc/sysconfig/atomic-openshift-master - /etc/sysconfig/atomic-openshift-master-api @@ -174,6 +202,10 @@ - /usr/lib/systemd/system/atomic-openshift-master-controllers.service - /usr/lib/systemd/system/origin-master-api.service - /usr/lib/systemd/system/origin-master-controllers.service + - /usr/local/bin/openshift + - /usr/local/bin/oadm + - /usr/local/bin/oc + - /usr/local/bin/kubectl # Since we are potentially removing the systemd unit files for separated # master-api and master-controllers services, so we need to reload the diff --git a/playbooks/aws/openshift-cluster/cluster_hosts.yml b/playbooks/aws/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..d6b413c6f --- /dev/null +++ b/playbooks/aws/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type_nfs']|default([])) + | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 50fe42d6c..abdb23d78 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -1,26 +1,14 @@ --- -- hosts: localhost - gather_facts: no - connection: local - become: no - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../aws/openshift-cluster/vars.yml + - ../../aws/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml index 8341ba9c1..8b41a355e 100644 --- a/playbooks/aws/openshift-cluster/list.yml +++ b/playbooks/aws/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid_{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/aws/openshift-cluster/scaleup.yml b/playbooks/aws/openshift-cluster/scaleup.yml index 9c9118286..c2135cd03 100644 --- a/playbooks/aws/openshift-cluster/scaleup.yml +++ b/playbooks/aws/openshift-cluster/scaleup.yml @@ -7,9 +7,6 @@ vars_files: - vars.yml tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - name: Evaluate oo_hosts_to_update add_host: name: "{{ item }}" @@ -21,16 +18,16 @@ - include: ../../common/openshift-cluster/update_repos_and_packages.yml - include: ../../common/openshift-cluster/scaleup.yml + vars_files: + - ../../aws/openshift-cluster/vars.yml + - ../../aws/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" g_new_node_hosts: "{{ groups.nodes_to_add }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/service.yml b/playbooks/aws/openshift-cluster/service.yml index ce0992a45..d5f7d6b19 100644 --- a/playbooks/aws/openshift-cluster/service.yml +++ b/playbooks/aws/openshift-cluster/service.yml @@ -6,6 +6,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - fail: msg="cluster_id is required to be injected in this playbook" when: cluster_id is not defined @@ -16,7 +17,7 @@ groups: g_service_masters ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | default([]) }}" + with_items: "{{ master_hosts | default([]) }}" - name: Evaluate g_service_nodes add_host: @@ -24,7 +25,7 @@ groups: g_service_nodes ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_node_hosts | default([]) }}" + with_items: "{{ node_hosts | default([]) }}" - include: ../../common/openshift-node/service.yml - include: ../../common/openshift-master/service.yml diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 1fbd71a75..6090ed6fe 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -2,7 +2,8 @@ - set_fact: created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}" docker_vol_ephemeral: "{{ lookup('env', 'os_docker_vol_ephemeral') | default(false, true) }}" - env: "{{ cluster }}" + cluster: "{{ cluster_id }}" + env: "{{ cluster_env }}" host_type: "{{ type }}" sub_host_type: "{{ g_sub_host_type }}" @@ -123,7 +124,8 @@ wait: yes instance_tags: created-by: "{{ created_by }}" - env: "{{ env }}" + clusterid: "{{ cluster }}" + environment: "{{ cluster_env }}" host-type: "{{ host_type }}" sub-host-type: "{{ sub_host_type }}" volumes: "{{ volumes }}" @@ -139,7 +141,8 @@ Name: "{{ item.0 }}" - set_fact: - instance_groups: "tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}" + instance_groups: "tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }}, tag_environment_{{ cluster_env }}, + tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}" - set_fact: node_label: diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml index aafd40c43..4b9c80b14 100644 --- a/playbooks/aws/openshift-cluster/terminate.yml +++ b/playbooks/aws/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([]) | difference(['localhost']) + with_items: (groups['tag_clusterid_' ~ cluster_id] | default([])) | difference(['localhost']) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate @@ -29,34 +28,35 @@ connection: local become: no gather_facts: no - vars: - host_vars: "{{ hostvars - | oo_select_keys(groups['oo_hosts_to_terminate']) }}" tasks: - name: Remove tags from instances - ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent - args: + ec2_tag: + resource: "{{ hostvars[item]['ec2_id'] }}" + region: "{{ hostvars[item]['ec2_region'] }}" + state: absent tags: - env: "{{ item['ec2_tag_env'] }}" - host-type: "{{ item['ec2_tag_host-type'] }}" - sub_host_type: "{{ item['ec2_tag_sub-host-type'] }}" - with_items: host_vars + environment: "{{ hostvars[item]['ec2_tag_environment'] }}" + clusterid: "{{ hostvars[item]['ec2_tag_clusterid'] }}" + host-type: "{{ hostvars[item]['ec2_tag_host-type'] }}" + sub_host_type: "{{ hostvars[item]['ec2_tag_sub-host-type'] }}" + with_items: groups.oo_hosts_to_terminate when: "'oo_hosts_to_terminate' in groups" - name: Terminate instances ec2: state: absent - instance_ids: ["{{ item.ec2_id }}"] - region: "{{ item.ec2_region }}" + instance_ids: ["{{ hostvars[item].ec2_id }}"] + region: "{{ hostvars[item].ec2_region }}" ignore_errors: yes register: ec2_term - with_items: host_vars + with_items: groups.oo_hosts_to_terminate when: "'oo_hosts_to_terminate' in groups" # Fail if any of the instances failed to terminate with an error other # than 403 Forbidden - - fail: msg=Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }} - when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" + - fail: + msg: "Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }}" + when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed" with_items: ec2_term.results - name: Stop instance if termination failed @@ -65,7 +65,7 @@ instance_ids: ["{{ item.item.ec2_id }}"] region: "{{ item.item.ec2_region }}" register: ec2_stop - when: "'oo_hosts_to_terminate' in groups and item.failed" + when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed" with_items: ec2_term.results - name: Rename stopped instances diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml index 3df0c3f3a..32bab76b5 100644 --- a/playbooks/aws/openshift-cluster/update.yml +++ b/playbooks/aws/openshift-cluster/update.yml @@ -4,13 +4,9 @@ connection: local become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Update - Evaluate oo_hosts_to_update add_host: @@ -18,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 20cc97c8a..11026e38d 100644 --- a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -2,32 +2,16 @@ # This playbook upgrades an existing AWS cluster, leaving nodes untouched if used with an 'online' deployment type. # Usage: # ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=online -e cluster_id=<cluster_id> -- hosts: localhost - gather_facts: no - vars_files: - - ../../vars.yml - - "../../vars.{{ deployment_type }}.{{ cluster_id }}.yml" - - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - - set_fact: - tmp_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" - when: deployment_type != 'online' - - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../aws/openshift-cluster/vars.yml')}}" + - "{{lookup('file', '../../../../aws/openshift-cluster/cluster_hosts.yml')}}" vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ec2_private_ip_address }}" openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index 95bc4b3e2..ae12286bd 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -1,8 +1,23 @@ --- +debug_level: 2 + +deployment_rhel7_ent_base: + # rhel-7.1, requires cloud access subscription + image: ami-10663b78 + image_name: + region: us-east-1 + ssh_user: ec2-user + sudo: yes + keypair: libra + type: m4.large + security_groups: [ 'public' ] + vpc_subnet: + assign_public_ip: + deployment_vars: origin: # centos-7, requires marketplace - image: ami-96a818fe + image: ami-61bbf104 image_name: region: us-east-1 ssh_user: centos @@ -24,15 +39,6 @@ deployment_vars: security_groups: [ 'public' ] vpc_subnet: assign_public_ip: - enterprise: - # rhel-7.1, requires cloud access subscription - image: ami-10663b78 - image_name: - region: us-east-1 - ssh_user: ec2-user - sudo: yes - keypair: libra - type: m4.large - security_groups: [ 'public' ] - vpc_subnet: - assign_public_ip: + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/byo/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..e093b2580 --- /dev/null +++ b/playbooks/byo/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,13 @@ +--- +g_etcd_hosts: "{{ groups.etcd | default([]) }}" + +g_lb_hosts: "{{ groups.lb | default([]) }}" + +g_master_hosts: "{{ groups.masters | default([]) }}" + +g_node_hosts: "{{ groups.nodes | default([]) }}" + +g_nfs_hosts: "{{ groups.nfs | default([]) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index ba8fe0a52..5887b3208 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -1,10 +1,8 @@ --- - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../byo/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ groups.etcd | default([]) }}" - g_master_hosts: "{{ groups.masters | default([]) }}" - g_node_hosts: "{{ groups.nodes | default([]) }}" - g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level | default(2) }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/scaleup.yml b/playbooks/byo/openshift-cluster/scaleup.yml index 8f8ef6f21..1702690f6 100644 --- a/playbooks/byo/openshift-cluster/scaleup.yml +++ b/playbooks/byo/openshift-cluster/scaleup.yml @@ -1,10 +1,8 @@ --- - include: ../../common/openshift-cluster/scaleup.yml + vars_files: + - ../../byo/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ groups.etcd | default([]) }}" - g_master_hosts: "{{ groups.masters | default([]) }}" - g_new_node_hosts: "{{ groups.new_nodes | default([]) }}" - g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level | default(2) }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md index ce7aebf8e..ca01dbc9d 100644 --- a/playbooks/byo/openshift-cluster/upgrades/README.md +++ b/playbooks/byo/openshift-cluster/upgrades/README.md @@ -1,6 +1,6 @@ # Upgrade playbooks The playbooks provided in this directory can be used for upgrading an existing -environment. Additional notes for the associated upgrade playbooks are +cluster. Additional notes for the associated upgrade playbooks are provided in their respective directories. # Upgrades available diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml index 56e79e8c2..b52456dcd 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml @@ -1,8 +1,11 @@ --- - include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}" vars: g_etcd_hosts: "{{ groups.etcd | default([]) }}" g_master_hosts: "{{ groups.masters | default([]) }}" + g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_node_hosts: "{{ groups.nodes | default([]) }}" g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index b4b4f3ec0..e07e2b88e 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -1,8 +1,11 @@ --- - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml + vars_files: + - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}" vars: g_etcd_hosts: "{{ groups.etcd | default([]) }}" g_master_hosts: "{{ groups.masters | default([]) }}" + g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_node_hosts: "{{ groups.nodes | default([]) }}" g_lb_hosts: "{{ groups.lb | default([]) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/README.md new file mode 100644 index 000000000..b230835c3 --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/README.md @@ -0,0 +1,17 @@ +# v3.1 minor upgrade playbook +This upgrade will preserve all locally made configuration modifications to the +Masters and Nodes. + +## Overview +This playbook is available as a technical preview. It currently performs the +following steps. + + * Upgrade and restart master services + * Upgrade and restart node services + * Applies the latest cluster policies + * Updates the default router if one exists + * Updates the default registry if one exists + * Updates image streams and quickstarts + +## Usage +ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml new file mode 100644 index 000000000..20fa9b10f --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_1_minor/upgrade.yml @@ -0,0 +1,14 @@ +--- +- include: ../../../../common/openshift-cluster/evaluate_groups.yml + vars: + g_etcd_hosts: "{{ groups.etcd | default([]) }}" + g_master_hosts: "{{ groups.masters | default([]) }}" + g_nfs_hosts: "{{ groups.nfs | default([]) }}" + g_node_hosts: "{{ groups.nodes | default([]) }}" + g_lb_hosts: "{{ groups.lb | default([]) }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_deployment_type: "{{ deployment_type }}" +- include: ../../../../common/openshift-cluster/upgrades/v3_1_minor/pre.yml +- include: ../../../../common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml +- include: ../../../openshift-master/restart.yml +- include: ../../../../common/openshift-cluster/upgrades/v3_1_minor/post.yml diff --git a/playbooks/byo/openshift-master/filter_plugins b/playbooks/byo/openshift-master/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/byo/openshift-master/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/byo/openshift-master/lookup_plugins b/playbooks/byo/openshift-master/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/byo/openshift-master/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/byo/openshift-master/restart.yml b/playbooks/byo/openshift-master/restart.yml new file mode 100644 index 000000000..a78a6aa3d --- /dev/null +++ b/playbooks/byo/openshift-master/restart.yml @@ -0,0 +1,4 @@ +--- +- include: ../../common/openshift-master/restart.yml + vars_files: + - ../../byo/openshift-cluster/cluster_hosts.yml diff --git a/playbooks/byo/openshift-master/roles b/playbooks/byo/openshift-master/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/byo/openshift-master/roles @@ -0,0 +1 @@ +../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 482fa8441..11e5b68f6 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,8 +1,12 @@ --- - include: evaluate_groups.yml +- include: ../openshift-docker/config.yml + - include: ../openshift-etcd/config.yml +- include: ../openshift-nfs/config.yml + - include: ../openshift-master/config.yml - include: ../openshift-node/config.yml diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 6343a2567..db7105ed5 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -21,6 +21,14 @@ msg: This playbook requires g_lb_hosts to be set when: g_lb_hosts is not defined + - fail: + msg: This playbook requires g_nfs_hosts to be set + when: g_nfs_hosts is not defined + + - fail: + msg: The nfs group must be limited to one host + when: (groups[g_nfs_hosts] | default([])) | length > 1 + - name: Evaluate oo_etcd_to_config add_host: name: "{{ item }}" @@ -81,3 +89,11 @@ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" ansible_sudo: "{{ g_sudo | default(omit) }}" with_items: "{{ g_lb_hosts | default([]) }}" + + - name: Evaluate oo_nfs_to_config + add_host: + name: "{{ item }}" + groups: oo_nfs_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ g_nfs_hosts | default([]) }}" diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 190e2d862..88736ee03 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -4,9 +4,10 @@ openshift_deployment_type: "{{ deployment_type }}" roles: - role: rhel_subscribe - when: deployment_type == "enterprise" and + when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and ansible_distribution == "RedHat" and lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) | default('no', True) | lower in ['no', 'false'] + and not openshift.common.is_atomic | bool - openshift_repos - os_update_latest diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index fc098b4ed..68df2153d 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -29,6 +29,7 @@ hosts: oo_first_master vars: openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}" gather_facts: no tasks: # Pacemaker is currently the only supported upgrade path for multiple masters @@ -45,8 +46,8 @@ - fail: msg: > openshift_pkg_version is {{ openshift_pkg_version }} which is not a - valid version for a 3.1 upgrade - when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare('3.0.2.900','<') + valid version for a {{ target_version }} upgrade + when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<') # If this script errors out ansible will show the default stdout/stderr # which contains details for the user: @@ -55,6 +56,8 @@ - name: Verify upgrade can proceed hosts: oo_masters_to_config:oo_nodes_to_config + vars: + target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}" tasks: - name: Clean package cache command: "{{ ansible_pkg_mgr }} clean all" @@ -77,8 +80,8 @@ when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') - fail: - msg: Atomic OpenShift 3.1 packages not found - when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + msg: Upgrade packages not found + when: (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) - set_fact: pre_upgrade_complete: True @@ -235,6 +238,7 @@ - name: Ensure python-yaml present for config upgrade action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" + when: not openshift.common.is_atomic | bool - name: Upgrade master configuration openshift_upgrade_config: diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/filter_plugins new file mode 120000 index 000000000..27ddaa18b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/filter_plugins @@ -0,0 +1 @@ +../../../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/library b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/library new file mode 120000 index 000000000..53bed9684 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/library @@ -0,0 +1 @@ +../library
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/lookup_plugins new file mode 120000 index 000000000..cf407f69b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/lookup_plugins @@ -0,0 +1 @@ +../../../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/post.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/post.yml new file mode 100644 index 000000000..d8336fcae --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/post.yml @@ -0,0 +1,50 @@ +--- +############################################################################### +# Post upgrade - Upgrade default router, default registry and examples +############################################################################### +- name: Upgrade default router and default registry + hosts: oo_first_master + vars: + openshift_deployment_type: "{{ deployment_type }}" + registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" + router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" + oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + roles: + # Create the new templates shipped in 3.1.z, existing templates are left + # unmodified. This prevents the subsequent role definition for + # openshift_examples from failing when trying to replace templates that do + # not already exist. We could have potentially done a replace --force to + # create and update in one step. + - openshift_examples + # Update the existing templates + - role: openshift_examples + openshift_examples_import_command: replace + pre_tasks: + - name: Check for default router + command: > + {{ oc_cmd }} get -n default dc/router + register: _default_router + failed_when: false + changed_when: false + + - name: Check for default registry + command: > + {{ oc_cmd }} get -n default dc/docker-registry + register: _default_registry + failed_when: false + changed_when: false + + - name: Update router image to current version + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + --api-version=v1 + + - name: Update registry image to current version + when: _default_registry.rc == 0 + command: > + {{ oc_cmd }} patch dc/docker-registry -p + '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' + --api-version=v1 + diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml new file mode 100644 index 000000000..91780de09 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/pre.yml @@ -0,0 +1,87 @@ +--- +############################################################################### +# Evaluate host groups and gather facts +############################################################################### +- name: Load openshift_facts + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config:oo_lb_to_config + roles: + - openshift_facts + +############################################################################### +# Pre-upgrade checks +############################################################################### +- name: Verify upgrade can proceed + hosts: oo_first_master + vars: + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + target_version: "{{ '1.1.1' if deployment_type == 'origin' else '3.1.1' }}" + gather_facts: no + tasks: + - fail: + msg: > + This upgrade is only supported for origin, openshift-enterprise, and online + deployment types + when: deployment_type not in ['origin','openshift-enterprise', 'online'] + + - fail: + msg: > + openshift_pkg_version is {{ openshift_pkg_version }} which is not a + valid version for a {{ target_version }} upgrade + when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<') + +- name: Verify upgrade can proceed + hosts: oo_masters_to_config:oo_nodes_to_config + vars: + target_version: "{{ '1.1.1' if deployment_type == 'origin' else '3.1.1' }}" + tasks: + - name: Clean package cache + command: "{{ ansible_pkg_mgr }} clean all" + + - set_fact: + g_new_service_name: "{{ 'origin' if deployment_type =='origin' else 'atomic-openshift' }}" + + - name: Determine available versions + script: ../files/versions.sh {{ g_new_service_name }} openshift + register: g_versions_result + + - set_fact: + g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" + + - set_fact: + g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" + + - fail: + msg: This playbook requires Origin 1.1 or later + when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.1','<') + + - fail: + msg: This playbook requires Atomic Enterprise Platform/OpenShift Enterprise 3.1 or later + when: deployment_type == 'atomic-openshift' and g_aos_versions.curr_version | version_compare('3.1','<') + + - fail: + msg: Upgrade packages not found + when: (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) + + - set_fact: + pre_upgrade_complete: True + + +############################################################################## +# Gate on pre-upgrade checks +############################################################################## +- name: Gate on pre-upgrade checks + hosts: localhost + connection: local + become: no + vars: + pre_upgrade_hosts: "{{ groups.oo_masters_to_config | union(groups.oo_nodes_to_config) }}" + tasks: + - set_fact: + pre_upgrade_completed: "{{ hostvars + | oo_select_keys(pre_upgrade_hosts) + | oo_collect('inventory_hostname', {'pre_upgrade_complete': true}) }}" + - set_fact: + pre_upgrade_failed: "{{ pre_upgrade_hosts | difference(pre_upgrade_completed) }}" + - fail: + msg: "Upgrade cannot continue. The following hosts did not complete pre-upgrade checks: {{ pre_upgrade_failed | join(',') }}" + when: pre_upgrade_failed | length > 0 diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/roles b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/roles new file mode 120000 index 000000000..6bc1a7aef --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/roles @@ -0,0 +1 @@ +../../../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml new file mode 100644 index 000000000..81dbba1e3 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_minor/upgrade.yml @@ -0,0 +1,137 @@ +--- +############################################################################### +# The restart playbook should be run after this playbook completes. +############################################################################### + +############################################################################### +# Upgrade Masters +############################################################################### +- name: Upgrade master packages and configuration + hosts: oo_masters_to_config + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade master packages + command: "{{ ansible_pkg_mgr}} update -y {{ openshift.common.service_type }}-master{{ openshift_version }}" + + - name: Ensure python-yaml present for config upgrade + action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" + when: not openshift.common.is_atomic | bool + +# Currently 3.1.1 does not have any new configuration settings +# +# - name: Upgrade master configuration +# openshift_upgrade_config: +# from_version: '3.0' +# to_version: '3.1' +# role: master +# config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" + +- name: Set master update status to complete + hosts: oo_masters_to_config + tasks: + - set_fact: + master_update_complete: True + +############################################################################## +# Gate on master update complete +############################################################################## +- name: Gate on master update + hosts: localhost + connection: local + become: no + tasks: + - set_fact: + master_update_completed: "{{ hostvars + | oo_select_keys(groups.oo_masters_to_config) + | oo_collect('inventory_hostname', {'master_update_complete': true}) }}" + - set_fact: + master_update_failed: "{{ groups.oo_masters_to_config | difference(master_update_completed) }}" + - fail: + msg: "Upgrade cannot continue. The following masters did not finish updating: {{ master_update_failed | join(',') }}" + when: master_update_failed | length > 0 + +############################################################################### +# Upgrade Nodes +############################################################################### +- name: Upgrade nodes + hosts: oo_nodes_to_config + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + roles: + - openshift_facts + tasks: + - name: Upgrade node packages + command: "{{ ansible_pkg_mgr }} update -y {{ openshift.common.service_type }}-node{{ openshift_version }}" + + - name: Restart node service + service: name="{{ openshift.common.service_type }}-node" state=restarted + + - set_fact: + node_update_complete: True + +############################################################################## +# Gate on nodes update +############################################################################## +- name: Gate on nodes update + hosts: localhost + connection: local + become: no + tasks: + - set_fact: + node_update_completed: "{{ hostvars + | oo_select_keys(groups.oo_nodes_to_config) + | oo_collect('inventory_hostname', {'node_update_complete': true}) }}" + - set_fact: + node_update_failed: "{{ groups.oo_nodes_to_config | difference(node_update_completed) }}" + - fail: + msg: "Upgrade cannot continue. The following nodes did not finish updating: {{ node_update_failed | join(',') }}" + when: node_update_failed | length > 0 + +############################################################################### +# Reconcile Cluster Roles and Cluster Role Bindings +############################################################################### +- name: Reconcile Cluster Roles and Cluster Role Bindings + hosts: oo_masters_to_config + vars: + origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}" + ent_reconcile_bindings: true + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + tasks: + - name: Reconcile Cluster Roles + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-roles --confirm + run_once: true + + - name: Reconcile Cluster Role Bindings + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-role-bindings + --exclude-groups=system:authenticated + --exclude-groups=system:unauthenticated + --exclude-users=system:anonymous + --additive-only=true --confirm + when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool + run_once: true + + - set_fact: + reconcile_complete: True + +############################################################################## +# Gate on reconcile +############################################################################## +- name: Gate on reconcile + hosts: localhost + connection: local + become: no + tasks: + - set_fact: + reconcile_completed: "{{ hostvars + | oo_select_keys(groups.oo_masters_to_config) + | oo_collect('inventory_hostname', {'reconcile_complete': true}) }}" + - set_fact: + reconcile_failed: "{{ groups.oo_masters_to_config | difference(reconcile_completed) }}" + - fail: + msg: "Upgrade cannot continue. The following masters did not finish reconciling: {{ reconcile_failed | join(',') }}" + when: reconcile_failed | length > 0 diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml new file mode 100644 index 000000000..092d5533c --- /dev/null +++ b/playbooks/common/openshift-docker/config.yml @@ -0,0 +1,9 @@ +- name: Configure docker hosts + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config + vars: + docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}" + docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}" + docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" + roles: + - openshift_facts + - openshift_docker diff --git a/playbooks/common/openshift-docker/filter_plugins b/playbooks/common/openshift-docker/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-docker/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/lookup_plugins b/playbooks/common/openshift-docker/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-docker/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/roles b/playbooks/common/openshift-docker/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/common/openshift-docker/roles @@ -0,0 +1 @@ +../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 6dee196e3..9a5ae0e6b 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -14,7 +14,8 @@ public_hostname: "{{ openshift_public_hostname | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" - role: etcd - local_facts: {} + local_facts: + etcd_image: "{{ osm_etcd_image | default(None) }}" - name: Check status of etcd certificates stat: path: "{{ item }}" @@ -88,6 +89,7 @@ roles: - etcd - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - name: Delete temporary directory on localhost hosts: localhost diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index dd638487a..0df03f194 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -51,6 +51,7 @@ console_url: "{{ openshift_master_console_url | default(None) }}" console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + portal_net: "{{ openshift_master_portal_net | default(None) }}" - name: Check status of external etcd certificatees stat: path: "{{ openshift.common.config_base }}/master/{{ item }}" @@ -232,31 +233,36 @@ balance: source servers: "{{ hostvars.localhost.haproxy_backend_servers }}" roles: + - role: openshift_facts - role: haproxy when: groups.oo_masters_to_config | length > 1 -- name: Generate master session keys +- name: Check for cached session secrets + hosts: oo_first_master + roles: + - role: openshift_facts + post_tasks: + - openshift_facts: + role: master + local_facts: + session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}" + session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}" + +- name: Generate master session secrets hosts: oo_first_master + vars: + g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([]) and openshift.master.session_encryption_secrets | default([])) | length > 0 }}" + g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}" + g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}" + roles: + - role: openshift_facts tasks: - - fail: - msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set" - when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined) - - fail: - msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" - when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) - - name: Install OpenSSL package - action: "{{ ansible_pkg_mgr }} name=openssl state=present" - - name: Generate session authentication key - command: /usr/bin/openssl rand -base64 24 - register: session_auth_output - when: openshift_master_session_auth_secrets is undefined - - name: Generate session encryption key - command: /usr/bin/openssl rand -base64 24 - register: session_encryption_output - when: openshift_master_session_encryption_secrets is undefined - - set_fact: - session_auth_secret: "{{ openshift_master_session_auth_secrets | default([session_auth_output.stdout]) }}" - session_encryption_secret: "{{ openshift_master_session_encryption_secrets | default([session_encryption_output.stdout]) }}" + - openshift_facts: + role: master + local_facts: + session_auth_secrets: "{{ g_session_auth_secrets }}" + session_encryption_secrets: "{{ g_session_encryption_secrets }}" + when: not g_session_secrets_present | bool - name: Parse named certificates hosts: localhost @@ -307,13 +313,14 @@ - name: Configure master instances hosts: oo_masters_to_config + any_errors_fatal: true serial: 1 vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" openshift_master_count: "{{ groups.oo_masters_to_config | length }}" - openshift_master_session_auth_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_auth_secret'] }}" - openshift_master_session_encryption_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_encryption_secret'] }}" + openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}" + openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -328,6 +335,7 @@ roles: - openshift_master - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - role: fluentd_master when: openshift.common.use_fluentd | bool post_tasks: @@ -356,7 +364,7 @@ cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}" roles: - role: cockpit - when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and + when: not openshift.common.is_containerized and ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and (osm_use_cockpit | bool or osm_use_cockpit is undefined ) - name: Configure flannel @@ -394,7 +402,15 @@ - name: Create services hosts: oo_first_master + vars: + attach_registry_volume: "{{ groups.oo_nfs_to_config | length > 0 }}" + pre_tasks: + - set_fact: + nfs_host: "{{ groups.oo_nfs_to_config.0 }}" + registry_volume_path: "{{ hostvars[groups.oo_nfs_to_config.0].openshift.nfs.exports_dir + '/' + hostvars[groups.oo_nfs_to_config.0].openshift.nfs.registry_volume }}" + when: attach_registry_volume | bool roles: - role: openshift_router when: openshift.master.infra_nodes is defined - #- role: openshift_registry + - role: openshift_registry + when: openshift.master.infra_nodes is defined and attach_registry_volume | bool diff --git a/playbooks/common/openshift-master/restart.yml b/playbooks/common/openshift-master/restart.yml new file mode 100644 index 000000000..052892863 --- /dev/null +++ b/playbooks/common/openshift-master/restart.yml @@ -0,0 +1,151 @@ +--- +- include: ../openshift-cluster/evaluate_groups.yml + +- name: Validate configuration for rolling restart + hosts: oo_masters_to_config + roles: + - openshift_facts + tasks: + - fail: + msg: "openshift_rolling_restart_mode must be set to either 'services' or 'system'" + when: openshift_rolling_restart_mode is defined and openshift_rolling_restart_mode not in ["services", "system"] + - openshift_facts: + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: common + local_facts: + rolling_restart_mode: "{{ openshift_rolling_restart_mode | default('services') }}" + - role: master + local_facts: + cluster_method: "{{ openshift_master_cluster_method | default(None) }}" + +# Creating a temp file on localhost, we then check each system that will +# be rebooted to see if that file exists, if so we know we're running +# ansible on a machine that needs a reboot, and we need to error out. +- name: Create temp file on localhost + hosts: localhost + connection: local + become: no + gather_facts: no + tasks: + - local_action: command mktemp + register: mktemp + changed_when: false + +- name: Check if temp file exists on any masters + hosts: oo_masters_to_config + tasks: + - stat: path="{{ hostvars.localhost.mktemp.stdout }}" + register: exists + changed_when: false + +- name: Cleanup temp file on localhost + hosts: localhost + connection: local + become: no + gather_facts: no + tasks: + - file: path="{{ hostvars.localhost.mktemp.stdout }}" state=absent + changed_when: false + +- name: Warn if restarting the system where ansible is running + hosts: oo_masters_to_config + tasks: + - pause: + prompt: > + Warning: Running playbook from a host that will be restarted! + Press CTRL+C and A to abort playbook execution. You may + continue by pressing ENTER but the playbook will stop + executing after this system has been restarted and services + must be verified manually. To only restart services, set + openshift_master_rolling_restart_mode=services in host + inventory and relaunch the playbook. + when: exists.stat.exists and openshift.common.rolling_restart_mode == 'system' + - set_fact: + current_host: "{{ exists.stat.exists }}" + when: openshift.common.rolling_restart_mode == 'system' + +- name: Determine which masters are currently active + hosts: oo_masters_to_config + any_errors_fatal: true + tasks: + - name: Check master service status + command: > + systemctl is-active {{ openshift.common.service_type }}-master + register: active_check_output + when: openshift.master.cluster_method | default(None) == 'pacemaker' + failed_when: false + changed_when: false + # Any master which did not report 'active' or 'inactive' is likely + # unhealthy. Other possible states are 'unknown' or 'failed'. + - fail: + msg: > + Got invalid service state from {{ openshift.common.service_type }}-master + on {{ inventory_hostname }}. Please verify pacemaker cluster. + when: openshift.master.cluster_method | default(None) == 'pacemaker' and active_check_output.stdout not in ['active', 'inactive'] + - set_fact: + is_active: "{{ active_check_output.stdout == 'active' }}" + when: openshift.master.cluster_method | default(None) == 'pacemaker' + +- name: Evaluate master groups + hosts: localhost + become: no + tasks: + - name: Evaluate oo_active_masters + add_host: + name: "{{ item }}" + groups: oo_active_masters + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ groups.oo_masters_to_config | default([]) }}" + when: (hostvars[item]['is_active'] | default(false)) | bool + - name: Evaluate oo_current_masters + add_host: + name: "{{ item }}" + groups: oo_current_masters + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ groups.oo_masters_to_config | default([]) }}" + when: (hostvars[item]['current_host'] | default(false)) | bool + +- name: Validate pacemaker cluster + hosts: oo_active_masters + tasks: + - name: Retrieve pcs status + command: pcs status + register: pcs_status_output + changed_when: false + - fail: + msg: > + Pacemaker cluster validation failed. One or more nodes are not online. + when: not (pcs_status_output.stdout | validate_pcs_cluster(groups.oo_masters_to_config)) | bool + +- name: Restart masters + hosts: oo_masters_to_config:!oo_active_masters:!oo_current_masters + vars: + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + serial: 1 + tasks: + - include: restart_hosts.yml + when: openshift.common.rolling_restart_mode == 'system' + - include: restart_services.yml + when: openshift.common.rolling_restart_mode == 'services' + +- name: Restart active masters + hosts: oo_active_masters + serial: 1 + tasks: + - include: restart_hosts_pacemaker.yml + when: openshift.common.rolling_restart_mode == 'system' + - include: restart_services_pacemaker.yml + when: openshift.common.rolling_restart_mode == 'services' + +- name: Restart current masters + hosts: oo_current_masters + serial: 1 + tasks: + - include: restart_hosts.yml + when: openshift.common.rolling_restart_mode == 'system' + - include: restart_services.yml + when: openshift.common.rolling_restart_mode == 'services' diff --git a/playbooks/common/openshift-master/restart_hosts.yml b/playbooks/common/openshift-master/restart_hosts.yml new file mode 100644 index 000000000..ff206f5a2 --- /dev/null +++ b/playbooks/common/openshift-master/restart_hosts.yml @@ -0,0 +1,39 @@ +- name: Restart master system + # https://github.com/ansible/ansible/issues/10616 + shell: sleep 2 && shutdown -r now "OpenShift Ansible master rolling restart" + async: 1 + poll: 0 + ignore_errors: true + become: yes +# When cluster_method != pacemaker we can ensure the api_port is +# available. +- name: Wait for master API to come back online + become: no + local_action: + module: wait_for + host="{{ inventory_hostname }}" + state=started + delay=10 + port="{{ openshift.master.api_port }}" + when: openshift.master.cluster_method != 'pacemaker' +- name: Wait for master to start + become: no + local_action: + module: wait_for + host="{{ inventory_hostname }}" + state=started + delay=10 + port=22 + when: openshift.master.cluster_method == 'pacemaker' +- name: Wait for master to become available + command: pcs status + register: pcs_status_output + until: pcs_status_output.stdout | validate_pcs_cluster([inventory_hostname]) | bool + retries: 15 + delay: 2 + changed_when: false + when: openshift.master.cluster_method == 'pacemaker' +- fail: + msg: > + Pacemaker cluster validation failed {{ inventory hostname }} is not online. + when: openshift.master.cluster_method == 'pacemaker' and not (pcs_status_output.stdout | validate_pcs_cluster([inventory_hostname])) | bool diff --git a/playbooks/common/openshift-master/restart_hosts_pacemaker.yml b/playbooks/common/openshift-master/restart_hosts_pacemaker.yml new file mode 100644 index 000000000..c9219e8de --- /dev/null +++ b/playbooks/common/openshift-master/restart_hosts_pacemaker.yml @@ -0,0 +1,25 @@ +- name: Fail over master resource + command: > + pcs resource move master {{ hostvars | oo_select_keys(groups['oo_masters_to_config']) | oo_collect('openshift.common.hostname', {'is_active': 'False'}) | list | first }} +- name: Wait for master API to come back online + become: no + local_action: + module: wait_for + host="{{ openshift.master.cluster_hostname }}" + state=started + delay=10 + port="{{ openshift.master.api_port }}" +- name: Restart master system + # https://github.com/ansible/ansible/issues/10616 + shell: sleep 2 && shutdown -r now "OpenShift Ansible master rolling restart" + async: 1 + poll: 0 + ignore_errors: true + become: yes +- name: Wait for master to start + become: no + local_action: + module: wait_for + host="{{ inventory_hostname }}" + state=started + delay=10 diff --git a/playbooks/common/openshift-master/restart_services.yml b/playbooks/common/openshift-master/restart_services.yml new file mode 100644 index 000000000..5e539cd65 --- /dev/null +++ b/playbooks/common/openshift-master/restart_services.yml @@ -0,0 +1,27 @@ +- name: Restart master + service: + name: "{{ openshift.common.service_type }}-master" + state: restarted + when: not openshift_master_ha | bool +- name: Restart master API + service: + name: "{{ openshift.common.service_type }}-master-api" + state: restarted + when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker' +- name: Wait for master API to come back online + become: no + local_action: + module: wait_for + host="{{ inventory_hostname }}" + state=started + delay=10 + port="{{ openshift.master.api_port }}" + when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker' +- name: Restart master controllers + service: + name: "{{ openshift.common.service_type }}-master-controllers" + state: restarted + # Ignore errrors since it is possible that type != simple for + # pre-3.1.1 installations. + ignore_errors: true + when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker' diff --git a/playbooks/common/openshift-master/restart_services_pacemaker.yml b/playbooks/common/openshift-master/restart_services_pacemaker.yml new file mode 100644 index 000000000..e738f3fb6 --- /dev/null +++ b/playbooks/common/openshift-master/restart_services_pacemaker.yml @@ -0,0 +1,10 @@ +- name: Restart master services + command: pcs resource restart master +- name: Wait for master API to come back online + become: no + local_action: + module: wait_for + host="{{ openshift.master.cluster_hostname }}" + state=started + delay=10 + port="{{ openshift.master.api_port }}" diff --git a/playbooks/common/openshift-nfs/config.yml b/playbooks/common/openshift-nfs/config.yml new file mode 100644 index 000000000..e3f5c17ca --- /dev/null +++ b/playbooks/common/openshift-nfs/config.yml @@ -0,0 +1,5 @@ +--- +- name: Configure nfs hosts + hosts: oo_nfs_to_config + roles: + - role: openshift_storage_nfs diff --git a/playbooks/common/openshift-nfs/filter_plugins b/playbooks/common/openshift-nfs/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-nfs/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/lookup_plugins b/playbooks/common/openshift-nfs/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-nfs/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/roles b/playbooks/common/openshift-nfs/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/common/openshift-nfs/roles @@ -0,0 +1 @@ +../../../roles/
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/service.yml b/playbooks/common/openshift-nfs/service.yml new file mode 100644 index 000000000..20c8ca248 --- /dev/null +++ b/playbooks/common/openshift-nfs/service.yml @@ -0,0 +1,18 @@ +--- +- name: Populate g_service_nfs host group if needed + hosts: localhost + gather_facts: no + tasks: + - fail: msg="new_cluster_state is required to be injected in this playbook" + when: new_cluster_state is not defined + + - name: Evaluate g_service_nfs + add_host: name={{ item }} groups=g_service_nfs + with_items: oo_host_group_exp | default([]) + +- name: Change state on nfs instance(s) + hosts: g_service_nfs + connection: ssh + gather_facts: no + tasks: + - service: name=nfs-server state="{{ new_cluster_state }}" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index d1a5ee817..1d31657ed 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -154,21 +154,15 @@ validate_checksum: yes with_items: nodes_needing_certs -- name: Configure node instances +- name: Deploy node certificates hosts: oo_nodes_to_config vars: sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" - openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" - # TODO: Prefix flannel role variables. - etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" - embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" - openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" - pre_tasks: + tasks: - name: Ensure certificate directory exists file: path: "{{ node_cert_dir }}" state: directory - # TODO: notify restart node # possibly test service started time against certificate/config file # timestamps in node to trigger notify @@ -177,11 +171,48 @@ src: "{{ sync_tmpdir }}/{{ node_subdir }}.tgz" dest: "{{ node_cert_dir }}" when: certs_missing + +- name: Evaluate node groups + hosts: localhost + become: no + tasks: + - name: Evaluate oo_containerized_master_nodes + add_host: + name: "{{ item }}" + groups: oo_containerized_master_nodes + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ groups.oo_nodes_to_config | default([]) }}" + when: hostvars[item].openshift.common.is_containerized | bool and (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config) + +- name: Configure node instances + hosts: oo_containerized_master_nodes + serial: 1 + vars: + openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" + openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" roles: - openshift_node + +- name: Configure node instances + hosts: oo_nodes_to_config:!oo_containerized_master_nodes + vars: + openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" + openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" + roles: + - openshift_node + +- name: Additional node config + hosts: oo_nodes_to_config + vars: + # TODO: Prefix flannel role variables. + etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" + roles: - role: flannel when: openshift.common.use_flannel | bool - role: nickhammond.logrotate + when: not openshift.common.is_containerized | bool - role: fluentd_node when: openshift.common.use_fluentd | bool tasks: @@ -214,6 +245,19 @@ | oo_collect('openshift.common.hostname') }}" openshift_node_vars: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) }}" pre_tasks: - + # Necessary because when you're on a node that's also a master the master will be + # restarted after the node restarts docker and it will take up to 60 seconds for + # systemd to start the master again + - name: Wait for master API to become available before proceeding + # Using curl here since the uri module requires python-httplib2 and + # wait_for port doesn't provide health information. + command: > + curl -k --head --silent {{ openshift.master.api_url }} + register: api_available_output + until: api_available_output.stdout.find("200 OK") != -1 + retries: 120 + delay: 1 + changed_when: false + when: openshift.common.is_containerized | bool roles: - openshift_manage_node diff --git a/playbooks/gce/openshift-cluster/cluster_hosts.yml b/playbooks/gce/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..2bfcedfc9 --- /dev/null +++ b/playbooks/gce/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type-nfs']|default([])) + | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 5bf98c2d5..84a3f84d4 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -1,32 +1,15 @@ --- # TODO: fix firewall related bug with GCE and origin, since GCE is overriding # /etc/sysconfig/iptables - -- hosts: localhost - gather_facts: no - connection: local - become: no - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - use_sdn: "{{ do_we_use_openshift_sdn }}" - sdn_plugin: "{{ sdn_network_plugin }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../gce/openshift-cluster/vars.yml + - ../../gce/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" - openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn }}" - os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index ab593b897..75343dffa 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -4,13 +4,9 @@ connection: local become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -28,6 +24,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_nodes_to_config add_host: @@ -38,11 +35,11 @@ - name: Evaluate oo_first_master add_host: - name: "{{ g_master_hosts | first }}" + name: "{{ master_hosts | first }}" ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" groups: oo_first_master - when: g_master_hosts is defined and g_master_hosts|length > 0 + when: master_hosts is defined and master_hosts|length > 0 #- include: config.yml - include: ../../common/openshift-node/config.yml @@ -51,6 +48,4 @@ openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" - openshift_use_openshift_sdn: true openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " - os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index b9ff89c79..e67685912 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid-{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/gce/openshift-cluster/service.yml b/playbooks/gce/openshift-cluster/service.yml index 337ba7e44..8925de4cb 100644 --- a/playbooks/gce/openshift-cluster/service.yml +++ b/playbooks/gce/openshift-cluster/service.yml @@ -6,6 +6,7 @@ gather_facts: no vars_files: - vars.yml + - cluster_hosts.yml tasks: - fail: msg="cluster_id is required to be injected in this playbook" when: cluster_id is not defined @@ -15,14 +16,14 @@ groups: g_service_nodes ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" + with_items: "{{ node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" - add_host: name: "{{ item }}" groups: g_service_masters ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" + with_items: "{{ master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" - include: ../../common/openshift-node/service.yml - include: ../../common/openshift-master/service.yml diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 2360a3263..488b62eb9 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -16,7 +16,8 @@ #service_account_permissions: "datastore,logging-write" tags: - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} - - env-{{ cluster }} + - environment-{{ cluster_env }} + - clusterid-{{ cluster_id }} - host-type-{{ type }} - sub-host-type-{{ g_sub_host_type }} when: instances |length > 0 diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index f4e89983b..faa46c0d6 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) + with_items: (groups['tag_clusterid-' ~ cluster_id] | default([])) | difference(['localhost']) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate diff --git a/playbooks/gce/openshift-cluster/update.yml b/playbooks/gce/openshift-cluster/update.yml index d60662397..dadceae58 100644 --- a/playbooks/gce/openshift-cluster/update.yml +++ b/playbooks/gce/openshift-cluster/update.yml @@ -1,16 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -18,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index a8ce8eb22..f004a9e6b 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,7 +1,12 @@ --- -do_we_use_openshift_sdn: true -sdn_network_plugin: redhat/openshift-ovs-subnet -# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation +debug_level: 2 + +deployment_rhel7_ent_base: + image: rhel-7 + machine_type: n1-standard-1 + ssh_user: + sudo: yes + deployment_vars: origin: image: preinstalled-slave-50g-v5 @@ -13,8 +18,6 @@ deployment_vars: machine_type: n1-standard-1 ssh_user: root sudo: no - enterprise: - image: rhel-7 - machine_type: n1-standard-1 - ssh_user: - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/libvirt/openshift-cluster/cluster_hosts.yml b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..198a3e4e2 --- /dev/null +++ b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type-node']|default([])) + | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index b84bde084..be9cbbfaa 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -2,26 +2,14 @@ # TODO: need to figure out a plan for setting hostname, currently the default # is localhost, so no hostname value (or public_hostname) value is getting # assigned - -- hosts: localhost - gather_facts: no - become: no - connection: local - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../libvirt/openshift-cluster/vars.yml + - ../../libvirt/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" + g_nodeonmaster: true openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/libvirt/openshift-cluster/list.yml b/playbooks/libvirt/openshift-cluster/list.yml index d89e699f2..6cb81ee79 100644 --- a/playbooks/libvirt/openshift-cluster/list.yml +++ b/playbooks/libvirt/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env-{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid-{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml index 8a67d713f..397158b9e 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml @@ -4,13 +4,17 @@ dest: "{{ libvirt_storage_pool_path }}" state: directory +# We need to set permissions on the directory and any items created under the directory, so we need to call the acl module with and without default set. - acl: - default: yes + default: "{{ item }}" entity: kvm etype: group name: "{{ libvirt_storage_pool_path }}" permissions: rwx state: present + with_items: + - no + - yes - name: Test if libvirt storage pool for openshift already exists command: "virsh -c {{ libvirt_uri }} pool-info {{ libvirt_storage_pool }}" diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index ae8275ef6..ff1cedc94 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -88,7 +88,7 @@ ansible_ssh_host: '{{ item.1 }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env-{{ cluster }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}' + groups: "tag_environment-{{ cluster_env }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}, tag_clusterid-{{ cluster_id }}" with_together: - instances - ips diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index c4ac6a434..0ca8e0974 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -3,7 +3,8 @@ <memory unit='GiB'>1</memory> <metadata xmlns:ansible="https://github.com/ansible/ansible"> <ansible:tags> - <ansible:tag>env-{{ cluster }}</ansible:tag> + <ansible:tag>environment-{{ cluster_env }}</ansible:tag> + <ansible:tag>clusterid-{{ cluster }}</ansible:tag> <ansible:tag>host-type-{{ type }}</ansible:tag> <ansible:tag>sub-host-type-{{ g_sub_host_type }}</ansible:tag> </ansible:tags> diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml index a6b963608..8d845c8f2 100644 --- a/playbooks/libvirt/openshift-cluster/terminate.yml +++ b/playbooks/libvirt/openshift-cluster/terminate.yml @@ -9,7 +9,7 @@ vars_files: - vars.yml tasks: - - set_fact: cluster_group=tag_env-{{ cluster_id }} + - set_fact: cluster_group=tag_clusterid-{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml index 5e2bd3a3d..2dc540978 100644 --- a/playbooks/libvirt/openshift-cluster/update.yml +++ b/playbooks/libvirt/openshift-cluster/update.yml @@ -1,17 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" - vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -19,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index 67cfbcdb8..da628786b 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -3,6 +3,20 @@ libvirt_storage_pool_path: "{{ lookup('env','HOME') }}/libvirt-storage-pool-open libvirt_storage_pool: 'openshift-ansible' libvirt_network: openshift-ansible libvirt_uri: 'qemu:///system' +debug_level: 2 + +# Automatic download of the qcow2 image for RHEL cannot be done directly from the RedHat portal because it requires authentication. +# The default value of image_url for enterprise and openshift-enterprise deployment types below won't work. +deployment_rhel7_ent_base: + image: + url: "{{ lookup('oo_option', 'image_url') | + default('https://access.cdn.redhat.com//content/origin/files/sha256/25/25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0/rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + name: "{{ lookup('oo_option', 'image_name') | + default('rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" + sha256: "{{ lookup('oo_option', 'image_sha256') | + default('25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0', True) }}" + ssh_user: openshift + sudo: yes deployment_vars: origin: @@ -24,18 +38,6 @@ deployment_vars: sha256: ssh_user: root sudo: no - enterprise: - image: - url: "{{ lookup('oo_option', 'image_url') | - default('https://access.cdn.redhat.com//content/origin/files/sha256/ff/ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3/rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - name: "{{ lookup('oo_option', 'image_name') | - default('rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" - sha256: "{{ lookup('oo_option', 'image_sha256') | - default('ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3', True) }}" - ssh_user: openshift - sudo: yes -# origin: -# fedora: -# url: "http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.qcow2" -# name: Fedora-Cloud-Base-20141203-21.x86_64.qcow2 -# sha256: 3a99bb89f33e3d4ee826c8160053cdb8a72c80cd23350b776ce73cd244467d86 + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/openstack/openshift-cluster/cluster_hosts.yml b/playbooks/openstack/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..bc586d983 --- /dev/null +++ b/playbooks/openstack/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) + | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) + | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts: "{{ (groups['tag_host-type_nfs']|default([])) + | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) + | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index da7b5cc49..b338d2eb4 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -1,23 +1,13 @@ -- hosts: localhost - gather_facts: no - become: no - connection: local - vars_files: - - vars.yml - tasks: - - set_fact: - g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" - g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - +--- - include: ../../common/openshift-cluster/config.yml + vars_files: + - ../../openstack/openshift-cluster/vars.yml + - ../../openstack/openshift-cluster/cluster_hosts.yml vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" - g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" + g_nodeonmaster: true + g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" + g_sudo: "{{ deployment_vars[deployment_type].sudo }}" openshift_cluster_id: "{{ cluster_id }}" - openshift_debug_level: 2 + openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index bfd73c777..4f6a59a30 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -4,6 +4,11 @@ description: OpenShift cluster parameters: + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID @@ -345,13 +350,14 @@ resources: params: cluster_id: { get_param: cluster_id } k8s_type: etcd - cluster_id: { get_param: cluster_id } - type: etcd - image: { get_param: etcd_image } - flavor: { get_param: etcd_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: etcd + image: { get_param: etcd_image } + flavor: { get_param: etcd_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: etcd-secgrp } floating_network: { get_param: floating_ip_pool } @@ -375,13 +381,14 @@ resources: params: cluster_id: { get_param: cluster_id } k8s_type: master - cluster_id: { get_param: cluster_id } - type: master - image: { get_param: master_image } - flavor: { get_param: master_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: master + image: { get_param: master_image } + flavor: { get_param: master_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: master-secgrp } floating_network: { get_param: floating_ip_pool } @@ -406,14 +413,15 @@ resources: cluster_id: { get_param: cluster_id } k8s_type: node sub_host_type: compute - cluster_id: { get_param: cluster_id } - type: node - subtype: compute - image: { get_param: node_image } - flavor: { get_param: node_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: compute + image: { get_param: node_image } + flavor: { get_param: node_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } floating_network: { get_param: floating_ip_pool } @@ -438,14 +446,15 @@ resources: cluster_id: { get_param: cluster_id } k8s_type: node sub_host_type: infra - cluster_id: { get_param: cluster_id } - type: node - subtype: infra - image: { get_param: infra_image } - flavor: { get_param: infra_flavor } - key_name: { get_resource: keypair } - net: { get_resource: net } - subnet: { get_resource: subnet } + cluster_env: { get_param: cluster_env } + cluster_id: { get_param: cluster_id } + type: node + subtype: infra + image: { get_param: infra_image } + flavor: { get_param: infra_flavor } + key_name: { get_resource: keypair } + net: { get_resource: net } + subnet: { get_resource: subnet } secgrp: - { get_resource: node-secgrp } - { get_resource: infra-secgrp } diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml index 3f24a3e45..f83f2c984 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml @@ -9,6 +9,11 @@ parameters: label: Name description: Name + cluster_env: + type: string + label: Cluster environment + description: Environment of the cluster + cluster_id: type: string label: Cluster ID @@ -105,7 +110,8 @@ resources: user_data: { get_file: user-data } user_data_format: RAW metadata: - env: { get_param: cluster_id } + environment: { get_param: cluster_env } + clusterid: { get_param: cluster_id } host-type: { get_param: type } sub-host-type: { get_param: subtype } diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 876ca595a..fdcb77acc 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -29,6 +29,7 @@ - name: Create or Update OpenStack Stack command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} + -P cluster_env={{ cluster_env }} -P cluster_id={{ cluster_id }} -P cidr={{ openstack_network_cidr }} -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -71,7 +72,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_etcd, tag_sub-host-type_default' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_etcd, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.etcd_names - parsed_outputs.etcd_ips @@ -83,7 +84,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_master, tag_sub-host-type_default' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_master, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.master_names - parsed_outputs.master_ips @@ -95,7 +96,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_compute' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_compute, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.node_names - parsed_outputs.node_ips @@ -107,7 +108,7 @@ ansible_ssh_host: '{{ item[2] }}' ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_infra' + groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_infra, tag_clusterid_{{ cluster_id }}' with_together: - parsed_outputs.infra_names - parsed_outputs.infra_ips diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml index 436d3e6f7..123ebd323 100644 --- a/playbooks/openstack/openshift-cluster/list.yml +++ b/playbooks/openstack/openshift-cluster/list.yml @@ -7,7 +7,7 @@ vars_files: - vars.yml tasks: - - set_fact: scratch_group=tag_env_{{ cluster_id }} + - set_fact: scratch_group=tag_clusterid_{{ cluster_id }} when: cluster_id != '' - set_fact: scratch_group=all when: cluster_id == '' diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml index 2a7f04505..d4ab51fa7 100644 --- a/playbooks/openstack/openshift-cluster/terminate.yml +++ b/playbooks/openstack/openshift-cluster/terminate.yml @@ -6,13 +6,12 @@ vars_files: - vars.yml tasks: - - set_fact: cluster_group=tag_env_{{ cluster_id }} - add_host: name: "{{ item }}" groups: oo_hosts_to_terminate ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: groups[cluster_group] | default([]) + with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | intersect(groups['tag_clusterid_' ~ cluster_id ]|default([])) - name: Unsubscribe VMs hosts: oo_hosts_to_terminate diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml index 4ecf75a5d..2dc540978 100644 --- a/playbooks/openstack/openshift-cluster/update.yml +++ b/playbooks/openstack/openshift-cluster/update.yml @@ -1,17 +1,12 @@ --- - name: Populate oo_hosts_to_update group hosts: localhost - become: no connection: local + become: no gather_facts: no - vars: - g_etcd_hosts: "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_lb_hosts: "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" - g_node_hosts: "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" - vars_files: - vars.yml + - cluster_hosts.yml tasks: - name: Evaluate oo_hosts_to_update add_host: @@ -19,7 +14,7 @@ groups: oo_hosts_to_update ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" - with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" + with_items: "{{ g_all_hosts | default([]) }}" - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index e3796c91f..76cde1706 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -1,4 +1,5 @@ --- +debug_level: 2 openstack_infra_heat_stack: "{{ lookup('oo_option', 'infra_heat_stack' ) | default('files/heat_stack.yaml', True) }}" openstack_network_cidr: "{{ lookup('oo_option', 'net_cidr' ) | @@ -19,6 +20,11 @@ openstack_flavor: infra: "{{ lookup('oo_option', 'infra_flavor' ) | default('m1.small', True) }}" node: "{{ lookup('oo_option', 'node_flavor' ) | default('m1.medium', True) }}" +deployment_rhel7_ent_base: + image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}" + ssh_user: openshift + sudo: yes + deployment_vars: origin: image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}" @@ -28,7 +34,6 @@ deployment_vars: image: ssh_user: root sudo: no - enterprise: - image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.1-20150224.0.x86_64', True) }}" - ssh_user: openshift - sudo: yes + enterprise: "{{ deployment_rhel7_ent_base }}" + openshift-enterprise: "{{ deployment_rhel7_ent_base }}" + atomic-enterprise: "{{ deployment_rhel7_ent_base }}" |