diff options
Diffstat (limited to 'playbooks')
7 files changed, 90 insertions, 63 deletions
diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml index 3a285ab9f..1fa32570c 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml @@ -25,13 +25,13 @@ tasks: - name: Prepare for Node evacuation command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=false delegate_to: "{{ groups.oo_first_master.0 }}" when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config - name: Evacuate Node for Kubelet upgrade command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --evacuate --force delegate_to: "{{ groups.oo_first_master.0 }}" when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config @@ -40,7 +40,7 @@ - name: Set node schedulability command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=true + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=true delegate_to: "{{ groups.oo_first_master.0 }}" when: openshift.node.schedulable | bool when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_config and openshift.node.schedulable | bool diff --git a/playbooks/common/openshift-cluster/redeploy-certificates.yml b/playbooks/common/openshift-cluster/redeploy-certificates.yml index 5b72c3450..4996c56a7 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates.yml @@ -212,7 +212,7 @@ - name: Determine if node is currently scheduleable command: > {{ openshift.common.client_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig - get node {{ openshift.common.hostname | lower }} -o json + get node {{ openshift.node.nodename }} -o json register: node_output when: openshift_certificates_redeploy_ca | default(false) | bool delegate_to: "{{ groups.oo_first_master.0 }}" @@ -225,7 +225,7 @@ - name: Prepare for node evacuation command: > {{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig - manage-node {{ openshift.common.hostname | lower }} + manage-node {{ openshift.node.nodename }} --schedulable=false delegate_to: "{{ groups.oo_first_master.0 }}" when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool @@ -233,7 +233,7 @@ - name: Evacuate node command: > {{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig - manage-node {{ openshift.common.hostname | lower }} + manage-node {{ openshift.node.nodename }} --evacuate --force delegate_to: "{{ groups.oo_first_master.0 }}" when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool @@ -241,7 +241,7 @@ - name: Set node schedulability command: > {{ openshift.common.admin_binary }} --config={{ hostvars[groups.oo_first_master.0].mktemp.stdout }}/admin.kubeconfig - manage-node {{ openshift.common.hostname | lower }} --schedulable=true + manage-node {{ openshift.node.nodename }} --schedulable=true delegate_to: "{{ groups.oo_first_master.0 }}" when: openshift_certificates_redeploy_ca | default(false) | bool and was_schedulable | bool diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/upgrade.yml index ba4fc63be..8a2784fb4 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade.yml @@ -197,7 +197,7 @@ # we merge upgrade functionality into the base roles and a normal config.yml playbook run. - name: Determine if node is currently scheduleable command: > - {{ openshift.common.client_binary }} get node {{ openshift.common.hostname | lower }} -o json + {{ openshift.common.client_binary }} get node {{ openshift.node.nodename }} -o json register: node_output delegate_to: "{{ groups.oo_first_master.0 }}" changed_when: false @@ -209,13 +209,13 @@ - name: Mark unschedulable if host is a node command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=false + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=false delegate_to: "{{ groups.oo_first_master.0 }}" when: inventory_hostname in groups.oo_nodes_to_config - name: Evacuate Node for Kubelet upgrade command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --evacuate --force + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --evacuate --force delegate_to: "{{ groups.oo_first_master.0 }}" when: inventory_hostname in groups.oo_nodes_to_config @@ -237,7 +237,7 @@ - name: Set node schedulability command: > - {{ openshift.common.admin_binary }} manage-node {{ openshift.common.hostname | lower }} --schedulable=true + {{ openshift.common.admin_binary }} manage-node {{ openshift.node.nodename }} --schedulable=true delegate_to: "{{ groups.oo_first_master.0 }}" when: inventory_hostname in groups.oo_nodes_to_config and was_schedulable | bool diff --git a/playbooks/openstack/openshift-cluster/dns.yml b/playbooks/openstack/openshift-cluster/dns.yml index 285f8fa78..3ea0929bf 100644 --- a/playbooks/openstack/openshift-cluster/dns.yml +++ b/playbooks/openstack/openshift-cluster/dns.yml @@ -48,5 +48,5 @@ - { role: dns, dns_forwarders: "{{ openstack_network_dns }}", - dns_zones: [ novalocal, openstacklocal ], + dns_zones: [ example.com ], dns_all_hosts: "{{ g_all_hosts }}" } diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 458cf5ac7..461980ddd 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -637,41 +637,54 @@ resources: port_id: { get_resource: dns-port } dns-config: - type: OS::Heat::MultipartMime + type: OS::Heat::CloudConfig properties: - parts: - - config: - str_replace: - template: | - #cloud-config - disable_root: true - - system_info: - default_user: - name: openshift - sudo: ["ALL=(ALL) NOPASSWD: ALL"] - - write_files: - - path: /etc/sudoers.d/00-openshift-no-requiretty - permissions: 440 - content: | - Defaults:openshift !requiretty - - path: /etc/sysconfig/network-scripts/ifcfg-eth0 - content: | - DEVICE="eth0" - BOOTPROTO="dhcp" - DNS1="$dns1" - DNS2="$dns2" - PEERDNS="no" - ONBOOT="yes" - runcmd: - - [ "/usr/bin/systemctl", "restart", "network" ] - params: - $dns1: - get_param: - - dns_nameservers - - 0 - $dns2: - get_param: - - dns_nameservers - - 1 + cloud_config: + disable_root: true + + hostname: + str_replace: + template: cluster_id-dns + params: + cluster_id: { get_param: cluster_id } + fqdn: + str_replace: + template: cluster_id-dns.example.com + params: + cluster_id: { get_param: cluster_id } + + system_info: + default_user: + name: openshift + sudo: ["ALL=(ALL) NOPASSWD: ALL"] + + write_files: + - path: /etc/sudoers.d/00-openshift-no-requiretty + permissions: 440 + # content: Defaults:openshift !requiretty + # Encoded in base64 to be sure that we do not forget the trailing newline or + # sudo will not be able to parse that file + encoding: b64 + content: RGVmYXVsdHM6b3BlbnNoaWZ0ICFyZXF1aXJldHR5Cg== + - path: /etc/sysconfig/network-scripts/ifcfg-eth0 + content: + str_replace: + template: | + DEVICE="eth0" + BOOTPROTO="dhcp" + DNS1="$dns1" + DNS2="$dns2" + PEERDNS="no" + ONBOOT="yes" + params: + $dns1: + get_param: + - dns_nameservers + - 0 + $dns2: + get_param: + - dns_nameservers + - 1 + + runcmd: + - [ "/usr/bin/systemctl", "restart", "network" ] diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml index f83f2c984..ab6676afb 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml @@ -107,7 +107,7 @@ resources: flavor: { get_param: flavor } networks: - port: { get_resource: port } - user_data: { get_file: user-data } + user_data: { get_resource: config } user_data_format: RAW metadata: environment: { get_param: cluster_env } @@ -128,3 +128,30 @@ resources: properties: floating_network: { get_param: floating_network } port_id: { get_resource: port } + + config: + type: OS::Heat::CloudConfig + properties: + cloud_config: + disable_root: true + + hostname: { get_param: name } + fqdn: + str_replace: + template: name.example.com + params: + name: { get_param: name } + + system_info: + default_user: + name: openshift + sudo: ["ALL=(ALL) NOPASSWD: ALL"] + + write_files: + - path: /etc/sudoers.d/00-openshift-no-requiretty + permissions: 440 + # content: Defaults:openshift !requiretty + # Encoded in base64 to be sure that we do not forget the trailing newline or + # sudo will not be able to parse that file + encoding: b64 + content: RGVmYXVsdHM6b3BlbnNoaWZ0ICFyZXF1aXJldHR5Cg== diff --git a/playbooks/openstack/openshift-cluster/files/user-data b/playbooks/openstack/openshift-cluster/files/user-data deleted file mode 100644 index eb65f7cec..000000000 --- a/playbooks/openstack/openshift-cluster/files/user-data +++ /dev/null @@ -1,13 +0,0 @@ -#cloud-config -disable_root: true - -system_info: - default_user: - name: openshift - sudo: ["ALL=(ALL) NOPASSWD: ALL"] - -write_files: - - path: /etc/sudoers.d/00-openshift-no-requiretty - permissions: 440 - content: | - Defaults:openshift !requiretty |