diff options
Diffstat (limited to 'roles/openshift_master')
9 files changed, 19 insertions, 84 deletions
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml index 8e4a46ebb..38b2fd8b8 100644 --- a/roles/openshift_master/defaults/main.yml +++ b/roles/openshift_master/defaults/main.yml @@ -52,6 +52,8 @@ openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | containerized_svc_dir: "/usr/lib/systemd/system" ha_svc_template_path: "native-cluster" +openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}" + # NOTE # r_openshift_master_*_default may be defined external to this role. # openshift_use_*, if defined, may affect other roles or play behavior. diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 359536202..e6b8b8ac8 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -5,7 +5,6 @@ state: restarted when: - not (master_api_service_status_changed | default(false) | bool) - - openshift.master.cluster_method == 'native' notify: - Verify API Server @@ -18,7 +17,6 @@ until: result.rc == 0 when: - not (master_controllers_service_status_changed | default(false) | bool) - - openshift.master.cluster_method == 'native' - name: Verify API Server # Using curl here since the uri module requires python-httplib2 and diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index a1cda2ad4..bf0cbbf18 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -15,3 +15,4 @@ dependencies: - role: lib_openshift - role: lib_utils - role: lib_os_firewall +- role: openshift_facts diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index e52cd6231..5f4e6df71 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -11,25 +11,6 @@ - openshift_master_oauth_grant_method is defined - openshift_master_oauth_grant_method not in openshift_master_valid_grant_methods -# HA Variable Validation -- fail: - msg: "openshift_master_cluster_method must be set to either 'native' or 'pacemaker' for multi-master installations" - when: - - openshift.master.ha | bool - - (openshift.master.cluster_method is not defined) or (openshift.master.cluster_method is defined and openshift.master.cluster_method not in ["native", "pacemaker"]) -- fail: - msg: "openshift_master_cluster_password must be set for multi-master installations" - when: - - openshift.master.ha | bool - - openshift.master.cluster_method == "pacemaker" - - openshift_master_cluster_password is not defined or not openshift_master_cluster_password -- fail: - msg: "Pacemaker based HA is not supported at this time when used with containerized installs" - when: - - openshift.master.ha | bool - - openshift.master.cluster_method == "pacemaker" - - openshift.common.is_containerized | bool - - name: Open up firewall ports import_tasks: firewall.yml @@ -226,7 +207,6 @@ enabled: yes state: started when: - - openshift.master.cluster_method == 'native' - inventory_hostname == openshift_master_hosts[0] register: l_start_result until: not l_start_result | failed @@ -241,14 +221,12 @@ - set_fact: master_api_service_status_changed: "{{ l_start_result | changed }}" when: - - openshift.master.cluster_method == 'native' - inventory_hostname == openshift_master_hosts[0] - pause: seconds: 15 when: - openshift.master.ha | bool - - openshift.master.cluster_method == 'native' - name: Start and enable master api all masters systemd: @@ -256,7 +234,6 @@ enabled: yes state: started when: - - openshift.master.cluster_method == 'native' - inventory_hostname != openshift_master_hosts[0] register: l_start_result until: not l_start_result | failed @@ -271,14 +248,12 @@ - set_fact: master_api_service_status_changed: "{{ l_start_result | changed }}" when: - - openshift.master.cluster_method == 'native' - inventory_hostname != openshift_master_hosts[0] # A separate wait is required here for native HA since notifies will # be resolved after all tasks in the role. - include_tasks: check_master_api_is_ready.yml when: - - openshift.master.cluster_method == 'native' - master_api_service_status_changed | bool - name: Start and enable master controller service @@ -286,8 +261,6 @@ name: "{{ openshift.common.service_type }}-master-controllers" enabled: yes state: started - when: - - openshift.master.cluster_method == 'native' register: l_start_result until: not l_start_result | failed retries: 1 @@ -301,30 +274,6 @@ - name: Set fact master_controllers_service_status_changed set_fact: master_controllers_service_status_changed: "{{ l_start_result | changed }}" - when: - - openshift.master.cluster_method == 'native' - -- name: Install cluster packages - package: name=pcs state=present - when: - - openshift.master.cluster_method == 'pacemaker' - - not openshift.common.is_containerized | bool - register: l_install_result - until: l_install_result | success - -- name: Start and enable cluster service - systemd: - name: pcsd - enabled: yes - state: started - when: - - openshift.master.cluster_method == 'pacemaker' - - not openshift.common.is_containerized | bool - -- name: Set the cluster user password - shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster - when: - - l_install_result | changed - name: node bootstrap settings include_tasks: bootstrap.yml diff --git a/roles/openshift_master/tasks/registry_auth.yml b/roles/openshift_master/tasks/registry_auth.yml index c95f562d0..ca04d2243 100644 --- a/roles/openshift_master/tasks/registry_auth.yml +++ b/roles/openshift_master/tasks/registry_auth.yml @@ -33,7 +33,7 @@ - openshift_docker_alternative_creds | default(False) | bool - oreg_auth_user is defined - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool - register: master_oreg_auth_credentials_create + register: master_oreg_auth_credentials_create_alt notify: - restart master api - restart master controllers @@ -45,4 +45,8 @@ when: - openshift.common.is_containerized | bool - oreg_auth_user is defined - - (master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or master_oreg_auth_credentials_create.changed) | bool + - > + (master_oreg_auth_credentials_stat.stat.exists + or oreg_auth_credentials_replace + or master_oreg_auth_credentials_create.changed + or master_oreg_auth_credentials_create_alt.changed) | bool diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 9d11ed574..ee76413e3 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -25,7 +25,6 @@ state: absent ignore_errors: true when: - - openshift.master.cluster_method == "native" - not l_is_master_system_container | bool # This is the image used for both HA and non-HA clusters: @@ -43,7 +42,6 @@ src: "{{ ha_svc_template_path }}/atomic-openshift-master-{{ item }}.service.j2" dest: "{{ containerized_svc_dir }}/{{ openshift.common.service_type }}-master-{{ item }}.service" when: - - openshift.master.cluster_method == "native" - not l_is_master_system_container | bool with_items: - api @@ -63,22 +61,17 @@ - api - controllers when: - - openshift.master.cluster_method == "native" - not l_is_master_system_container | bool - name: Preserve Master API Proxy Config options command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-api register: l_master_api_proxy - when: - - openshift.master.cluster_method == "native" failed_when: false changed_when: false - name: Preserve Master API AWS options command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-api register: master_api_aws - when: - - openshift.master.cluster_method == "native" failed_when: false changed_when: false @@ -87,14 +80,11 @@ src: "{{ ha_svc_template_path }}/atomic-openshift-master-api.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api backup: true - when: - - openshift.master.cluster_method == "native" notify: - restart master api - name: Restore Master API Proxy Config Options when: - - openshift.master.cluster_method == "native" - l_master_api_proxy.rc == 0 - "'http_proxy' not in openshift.common" - "'https_proxy' not in openshift.common" @@ -105,7 +95,6 @@ - name: Restore Master API AWS Options when: - - openshift.master.cluster_method == "native" - master_api_aws.rc == 0 - not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined) lineinfile: @@ -117,16 +106,12 @@ - name: Preserve Master Controllers Proxy Config options command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers register: master_controllers_proxy - when: - - openshift.master.cluster_method == "native" failed_when: false changed_when: false - name: Preserve Master Controllers AWS options command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers register: master_controllers_aws - when: - - openshift.master.cluster_method == "native" failed_when: false changed_when: false @@ -135,8 +120,6 @@ src: "{{ ha_svc_template_path }}/atomic-openshift-master-controllers.j2" dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers backup: true - when: - - openshift.master.cluster_method == "native" notify: - restart master controllers @@ -146,7 +129,6 @@ line: "{{ item }}" with_items: "{{ master_controllers_proxy.stdout_lines | default([]) }}" when: - - openshift.master.cluster_method == "native" - master_controllers_proxy.rc == 0 - "'http_proxy' not in openshift.common" - "'https_proxy' not in openshift.common" @@ -157,6 +139,5 @@ line: "{{ item }}" with_items: "{{ master_controllers_aws.stdout_lines | default([]) }}" when: - - openshift.master.cluster_method == "native" - master_controllers_aws.rc == 0 - not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined) diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 index 5d4a99c97..cec3d3fb1 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 @@ -4,9 +4,9 @@ Documentation=https://github.com/openshift/origin After=etcd_container.service Wants=etcd_container.service Before={{ openshift.common.service_type }}-node.service -After={{ openshift.docker.service_name }}.service -PartOf={{ openshift.docker.service_name }}.service -Requires={{ openshift.docker.service_name }}.service +After={{ openshift_docker_service_name }}.service +PartOf={{ openshift_docker_service_name }}.service +Requires={{ openshift_docker_service_name }}.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api @@ -33,5 +33,5 @@ Restart=always RestartSec=5s [Install] -WantedBy={{ openshift.docker.service_name }}.service +WantedBy={{ openshift_docker_service_name }}.service WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 index f93f3b565..a0248151d 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 @@ -3,9 +3,9 @@ Description=Atomic OpenShift Master Controllers Documentation=https://github.com/openshift/origin Wants={{ openshift.common.service_type }}-master-api.service After={{ openshift.common.service_type }}-master-api.service -After={{ openshift.docker.service_name }}.service -Requires={{ openshift.docker.service_name }}.service -PartOf={{ openshift.docker.service_name }}.service +After={{ openshift_docker_service_name }}.service +Requires={{ openshift_docker_service_name }}.service +PartOf={{ openshift_docker_service_name }}.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers @@ -32,4 +32,4 @@ Restart=always RestartSec=5s [Install] -WantedBy={{ openshift.docker.service_name }}.service +WantedBy={{ openshift_docker_service_name }}.service diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index a0f00e545..92668b227 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -120,7 +120,7 @@ kubernetesMasterConfig: - application/vnd.kubernetes.protobuf {% endif %} controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }} - masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }} + masterCount: {{ openshift.master.master_count }} masterIP: {{ openshift.common.ip }} podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }} proxyClientInfo: @@ -204,7 +204,7 @@ projectConfig: mcsLabelsPerProject: {{ osm_mcs_labels_per_project }} uidAllocatorRange: "{{ osm_uid_allocator_range }}" routingConfig: - subdomain: "{{ openshift_master_default_subdomain | default("") }}" + subdomain: "{{ openshift_master_default_subdomain }}" serviceAccountConfig: limitSecretReferences: {{ openshift_master_saconfig_limitsecretreferences | default(false) }} managedNames: |