From 4ac06057c9a77626bb181c22a5f1adc8014b13d2 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Tue, 17 Feb 2015 22:33:33 -0500
Subject: create openshift_common role

- move common openshift logic into openshift_common
- set openshift_common as a dependency for openshift_node and openshift_master
- rename role variables to openshift_* to be more descriptive
- start recording local_facts on the openshift hosts
- clean up firewalld config to be a bit more dry
- Update firewall ports for https, make sure http rules are removed
- Replace references to ansible_eth0.ipv4.address with
  ansible_default_ipv4.address
---
 roles/openshift_master/defaults/main.yml |   3 +-
 roles/openshift_master/handlers/main.yml |   2 +-
 roles/openshift_master/meta/main.yml     | 135 +++----------------------------
 roles/openshift_master/tasks/main.yml    |  52 ++++++------
 roles/openshift_master/vars/main.yml     |   2 +-
 5 files changed, 41 insertions(+), 153 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index c7d14b676..3c941089c 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -1,2 +1,3 @@
 ---
-# defaults file for openshift_master
+openshift_master_manage_service_externally: false
+openshift_master_debug_level: "{{ openshift_debug_level | default(0) }}"
diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml
index 5c30dccab..503d08d41 100644
--- a/roles/openshift_master/handlers/main.yml
+++ b/roles/openshift_master/handlers/main.yml
@@ -1,4 +1,4 @@
 ---
-# handlers file for openshift_master
 - name: restart openshift-master
   service: name=openshift-master state=restarted
+  when: not openshift_master_manage_service_externally
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index c5c362c60..bb0fc00e9 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -1,124 +1,15 @@
 ---
 galaxy_info:
-  author: your name
-  description: 
-  company: your company (optional)
-  # Some suggested licenses:
-  # - BSD (default)
-  # - MIT
-  # - GPLv2
-  # - GPLv3
-  # - Apache
-  # - CC-BY
-  license: license (GPLv2, CC-BY, etc)
-  min_ansible_version: 1.2
-  #
-  # Below are all platforms currently available. Just uncomment
-  # the ones that apply to your role. If you don't see your 
-  # platform on this list, let us know and we'll get it added!
-  #
-  #platforms:
-  #- name: EL
-  #  versions:
-  #  - all
-  #  - 5
-  #  - 6
-  #  - 7
-  #- name: GenericUNIX
-  #  versions:
-  #  - all
-  #  - any
-  #- name: Fedora
-  #  versions:
-  #  - all
-  #  - 16
-  #  - 17
-  #  - 18
-  #  - 19
-  #  - 20
-  #- name: opensuse
-  #  versions:
-  #  - all
-  #  - 12.1
-  #  - 12.2
-  #  - 12.3
-  #  - 13.1
-  #  - 13.2
-  #- name: Amazon
-  #  versions:
-  #  - all
-  #  - 2013.03
-  #  - 2013.09
-  #- name: GenericBSD
-  #  versions:
-  #  - all
-  #  - any
-  #- name: FreeBSD
-  #  versions:
-  #  - all
-  #  - 8.0
-  #  - 8.1
-  #  - 8.2
-  #  - 8.3
-  #  - 8.4
-  #  - 9.0
-  #  - 9.1
-  #  - 9.1
-  #  - 9.2
-  #- name: Ubuntu
-  #  versions:
-  #  - all
-  #  - lucid
-  #  - maverick
-  #  - natty
-  #  - oneiric
-  #  - precise
-  #  - quantal
-  #  - raring
-  #  - saucy
-  #  - trusty
-  #- name: SLES
-  #  versions:
-  #  - all
-  #  - 10SP3
-  #  - 10SP4
-  #  - 11
-  #  - 11SP1
-  #  - 11SP2
-  #  - 11SP3
-  #- name: GenericLinux
-  #  versions:
-  #  - all
-  #  - any
-  #- name: Debian
-  #  versions:
-  #  - all
-  #  - etch
-  #  - lenny
-  #  - squeeze
-  #  - wheezy
-  #
-  # Below are all categories currently available. Just as with
-  # the platforms above, uncomment those that apply to your role.
-  #
-  #categories:
-  #- cloud
-  #- cloud:ec2
-  #- cloud:gce
-  #- cloud:rax
-  #- clustering
-  #- database
-  #- database:nosql
-  #- database:sql
-  #- development
-  #- monitoring
-  #- networking
-  #- packaging
-  #- system
-  #- web
-dependencies: []
-  # List your role dependencies here, one per line. Only
-  # dependencies available via galaxy should be listed here.
-  # Be sure to remove the '[]' above if you add dependencies
-  # to this list.
-  
+  author: Jhon Honce
+  description: OpenShift Master
+  company: Red Hat, Inc.
+  license: ASL 2.0
+  min_ansible_version: 1.7
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
+dependencies:
+- { role: openshift_common }
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 6f96a6cdb..ea97e42cc 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -1,37 +1,33 @@
 ---
-# tasks file for openshift_master
-- name: Install Origin
+- name: Install OpenShift Master package
   yum: pkg=openshift-master state=installed
 
-  # fixme: Once openshift stops resolving hostnames for node queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
-  command: /usr/bin/hostname {{ oo_bind_ip }}
+- name: Set master OpenShift facts
+  include: "{{ role_path | dirname }}/openshift_common/tasks/set_facts.yml"
+  facts:
+  - { section: master, option: debug_level, value: "{{ openshift_master_debug_level }}" }
+  - { section: master, option: public_ip, value: "{{ openshift_public_ip }}" }
+  - { section: master, option: externally_managed, value: "{{ openshift_master_manage_service_externally }}" }
 
-- name: Configure OpenShift Master settings
+- name: Configure firewall for OpenShift Master
+  include: "{{ role_path | dirname }}/openshift_common/tasks/firewall.yml"
+  allow:
+  - { service: etcd embedded, port: 4001/tcp}
+  - { service: etcd peer, port: 7001/tcp}
+  - { service: OpenShift api https, port: 8443/tcp}
+  - { service: OpenShift web console https, port: 8444/tcp}
+  deny:
+  - { service: OpenShift api http, port: 8080/tcp }
+
+- name: Configure OpenShift settings
   lineinfile:
     dest: /etc/sysconfig/openshift-master
-    regexp: "{{ item.regex }}"
-    line: "{{ item.line }}"
-  with_items:
-    - regex: '^OPTIONS='
-      line: "OPTIONS=\"--public-master={{ oo_public_ip }} --nodes={{ oo_node_ips | join(',') }}  --loglevel=5\""
+    regexp: '^OPTIONS='
+    line: "OPTIONS=\"--public-master={{ openshift_public_ip }} --nodes={{ openshift_node_ips
+          | join(',') }}  --loglevel={{ openshift_master_debug_level }}\""
   notify:
-    - restart openshift-master
-
-# Open etcd embedded, etcd embedded peer, openshift api, and
-# openshift client ports
-- name: Open firewalld ports for openshift-master
-  firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
-  with_nested:
-  - [ 4001/tcp, 7001/tcp, 8443/tcp, 8444/tcp ]
-  - [ true, false ]
-
-# Disable previously exposed ports that are no longer needed
-- name: Close firewalld ports for openshift-master that are no longer needed
-  firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
-  with_nested:
-  - [ 8080/tcp ]
-  - [ true, false ]
+  - restart openshift-master
 
-- name: Enable OpenShift
+- name: Start and enable openshift-master
   service: name=openshift-master enabled=yes state=started
+  when: not openshift_master_manage_service_externally
diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml
index e5e5535e7..9a8c4bba2 100644
--- a/roles/openshift_master/vars/main.yml
+++ b/roles/openshift_master/vars/main.yml
@@ -1,2 +1,2 @@
 ---
-# vars file for openshift_master
+openshift_host_type: master
-- 
cgit v1.2.3