From 8c1343b778e39aca946b4014469810cece873a57 Mon Sep 17 00:00:00 2001 From: ewolinetz Date: Wed, 5 Jul 2017 14:01:58 -0500 Subject: Addressing servicecatalog doesnt have enough permissions and multimaster config for service-catalog --- playbooks/common/openshift-cluster/service_catalog.yml | 8 ++++++++ roles/ansible_service_broker/tasks/install.yml | 14 +++++++------- .../files/kubeservicecatalog_roles_bindings.yml | 16 ++++++++++++++++ .../templates/controller_manager.j2 | 1 + 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/playbooks/common/openshift-cluster/service_catalog.yml b/playbooks/common/openshift-cluster/service_catalog.yml index c42e8781a..85c7248e9 100644 --- a/playbooks/common/openshift-cluster/service_catalog.yml +++ b/playbooks/common/openshift-cluster/service_catalog.yml @@ -6,3 +6,11 @@ roles: - openshift_service_catalog - ansible_service_broker + +- name: Update Master configs + hosts: oo_masters:!oo_first_master + tasks: + - block: + - include_role: + name: openshift_service_catalog + tasks_from: wire_aggregator diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml index 81c3f8e5b..9c3379291 100644 --- a/roles/ansible_service_broker/tasks/install.yml +++ b/roles/ansible_service_broker/tasks/install.yml @@ -48,13 +48,13 @@ namespace: openshift-ansible-service-broker state: present labels: - app: ansible-service-broker + app: openshift-ansible-service-broker service: asb ports: - name: port-1338 port: 1338 selector: - app: ansible-service-broker + app: openshift-ansible-service-broker service: asb - name: create etcd service @@ -66,7 +66,7 @@ - name: etcd-advertise port: 2379 selector: - app: ansible-service-broker + app: openshift-ansible-service-broker service: etcd - name: create route for ansible-service-broker service @@ -118,12 +118,12 @@ name: etcd namespace: openshift-ansible-service-broker labels: - app: ansible-service-broker + app: openshift-ansible-service-broker service: etcd spec: selector: matchLabels: - app: ansible-service-broker + app: openshift-ansible-service-broker service: etcd strategy: type: RollingUpdate @@ -134,7 +134,7 @@ template: metadata: labels: - app: ansible-service-broker + app: openshift-ansible-service-broker service: etcd spec: restartPolicy: Always @@ -266,4 +266,4 @@ metadata: name: ansible-service-broker spec: - url: http://{{ ansible_service_broker_route }} + url: http://asb.openshift-ansible-service-broker.svc:1338 diff --git a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml index 880146ca4..ebefaeaba 100644 --- a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml +++ b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml @@ -115,6 +115,22 @@ objects: - bindings/status verbs: - update + - apiGroups: + - servicecatalog.k8s.io + resources: + - brokers + - instances + - bindings + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - patch + - create - kind: ClusterRoleBinding apiVersion: v1 diff --git a/roles/openshift_service_catalog/templates/controller_manager.j2 b/roles/openshift_service_catalog/templates/controller_manager.j2 index 33932eeb7..1bbc0fa2c 100644 --- a/roles/openshift_service_catalog/templates/controller_manager.j2 +++ b/roles/openshift_service_catalog/templates/controller_manager.j2 @@ -17,6 +17,7 @@ spec: labels: app: controller-manager spec: + serviceAccountName: service-catalog-controller nodeSelector: {% for key, value in node_selector.iteritems() %} {{key}}: "{{value}}" -- cgit v1.2.3