From 41fd8df9c6a9f3b7adda5c9331408482be9c666b Mon Sep 17 00:00:00 2001 From: John Kwiatkoski Date: Fri, 25 Mar 2016 11:36:14 -0400 Subject: added admin binary varibale usage as well as specifying kubeconfig copy to be used --- .../tasks/cleanup_logging.yaml | 28 ++++++++---------- .../tasks/deploy_logging.yaml | 34 +++++++++++----------- 2 files changed, 29 insertions(+), 33 deletions(-) diff --git a/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml index 9d3ab3015..8331f0389 100644 --- a/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml +++ b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml @@ -1,13 +1,4 @@ --- - - - name: "Checking for logging project" - command: oc get project logging - register: logging_project - failed_when: "'FAILED' in logging_project.stderr" - - - name: "Changing projects" - command: "{{ openshift.common.client_binary }} project logging" - - name: Create temp directory for kubeconfig command: mktemp -d /tmp/openshift-ansible-XXXXXX register: mktemp @@ -18,12 +9,17 @@ cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig changed_when: False + - name: "Checking for logging project" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get project logging" + register: logging_project + failed_when: "'FAILED' in logging_project.stderr" + - name: "Changing projects" - command: oc project logging + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig project logging" - name: "Cleanup any previous logging infrastructure" - command: "{{ openshift.common.client_binary }} delete --ignore-not-found all --selector logging-infra={{ item }}" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found all --selector logging-infra={{ item }}" with_items: - kibana - fluentd @@ -31,25 +27,25 @@ ignore_errors: yes - name: "Cleanup existing support infrastructure" - command: "{{ openshift.common.client_binary }} delete --ignore-not-found all,sa,oauthclient --selector logging-infra=support" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found all,sa,oauthclient --selector logging-infra=support" ignore_errors: yes - name: "Cleanup existing secrets" - command: "{{ openshift.common.client_binary }} delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy" ignore_errors: yes register: clean_result failed_when: clean_result.rc == 1 and 'not found' not in clean_result.stderr - name: "Cleanup existing logging deployers" - command: "{{ openshift.common.client_binary }} delete pods --all" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete pods --all" - name: "Cleanup logging project" - command: "{{ openshift.common.client_binary }} delete project logging" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete project logging" - name: "Remove deployer template" - command: "{{ openshift.common.client_binary }} delete template logging-deployer-template -n openshift" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete template logging-deployer-template -n openshift" register: delete_ouput failed_when: delete_ouput.rc == 1 and 'exists' not in delete_ouput.stderr diff --git a/roles/openshift_hosted_logging/tasks/deploy_logging.yaml b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml index a1ef2081f..d8a5b62a0 100644 --- a/roles/openshift_hosted_logging/tasks/deploy_logging.yaml +++ b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml @@ -15,13 +15,13 @@ changed_when: False - name: "Create logging project" - command: oadm new-project logging + command: {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project logging - name: "Changing projects" - command: "{{ openshift.common.client_binary }} project logging" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig project logging" - name: "Creating logging deployer secret" - command: " {{ openshift.common.client_binary }} secrets new logging-deployer {{ openshift_hosted_logging_secret_vars | default('nothing=/dev/null') }}" + command: " {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig secrets new logging-deployer {{ openshift_hosted_logging_secret_vars | default('nothing=/dev/null') }}" register: secret_output failed_when: "secret_output.rc == 1 and 'exists' not in secret_output.stderr" @@ -31,57 +31,57 @@ force=yes - name: "Create logging-deployer service account" - command: "{{ openshift.common.client_binary }} create -f /tmp/logging-deployer-sa.yaml" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f /tmp/logging-deployer-sa.yaml" register: deployer_output failed_when: "deployer_output.rc == 1 and 'exists' not in deployer_output.stderr" - name: "Set permissions for logging-deployer service account" - command: "{{ openshift.common.client_binary }} policy add-role-to-user edit system:serviceaccount:logging:logging-deployer" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig policy add-role-to-user edit system:serviceaccount:logging:logging-deployer" register: permiss_output failed_when: "permiss_output.rc == 1 and 'exists' not in permiss_output.stderr" - name: "Set permissions for fluentd" - command: oadm policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd + command: {{ openshift.common.admin_binary}} policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd_output failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr" - name: "Set additional permissions for fluentd" - command: oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd + command: {{ openshift.common.admin_binary}} policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd2_output failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr" - name: "Create deployer template" - command: "{{ openshift.common.client_binary }} create -f /usr/share/openshift/examples/infrastructure-templates/enterprise/logging-deployer.yaml -n openshift" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f /usr/share/openshift/examples/infrastructure-templates/enterprise/logging-deployer.yaml -n openshift" register: template_output failed_when: "template_output.rc == 1 and 'exists' not in template_output.stderr" - name: "Process the deployer template" - shell: "{{ openshift.common.client_binary }} process logging-deployer-template -n openshift -v {{ oc_process_values }} | {{ openshift.common.client_binary }} create -f -" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig process logging-deployer-template -n openshift -v {{ oc_process_values }} | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f -" - name: "Wait for image pull and deployer pod" - shell: "{{ openshift.common.client_binary }} get pods | grep logging-deployer.*Completed" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get pods | grep logging-deployer.*Completed" register: result until: result.rc == 0 retries: 15 delay: 10 - name: "Process support template" - shell: "{{ openshift.common.client_binary }} process logging-support-template | {{ openshift.common.client_binary }} create -f -" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig process logging-support-template | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f -" - name: "Set insecured registry" - command: "{{ openshift.common.client_binary }} annotate is --all openshift.io/image.insecureRepository=true --overwrite" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig annotate is --all openshift.io/image.insecureRepository=true --overwrite" when: "target_registry is defined and insecure_registry == 'true'" - name: "Wait for imagestreams to become available" - shell: "{{ openshift.common.client_binary }} get is | grep logging-fluentd" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get is | grep logging-fluentd" register: result until: result.rc == 0 failed_when: result.rc == 1 and 'not found' not in result.stderr retries: 20 delay: 10 - + - name: "Wait for replication controllers to become available" - shell: "{{ openshift.common.client_binary }} get rc | grep logging-fluentd-1" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get rc | grep logging-fluentd-1" register: result until: result.rc == 0 failed_when: result.rc == 1 and 'not found' not in result.stderr @@ -90,11 +90,11 @@ - name: "Scale fluentd deployment config" - command: "{{ openshift.common.client_binary }} scale dc/logging-fluentd --replicas={{ fluentd_replicas | default('1') }}" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig scale dc/logging-fluentd --replicas={{ fluentd_replicas | default('1') }}" - name: "Scale fluentd replication controller" - command: "{{ openshift.common.client_binary }} scale rc/logging-fluentd-1 --replicas={{ fluentd_replicas | default('1') }}" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig scale rc/logging-fluentd-1 --replicas={{ fluentd_replicas | default('1') }}" - debug: msg="Logging components deployed. Note persistant volume for elasticsearch must be setup manually" -- cgit v1.2.3