1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
---
- name: Ensure proxies are in the atomic.conf
include_role:
name: openshift_atomic
tasks_from: proxy
- name: Pull etcd system container
command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
register: pull_result
changed_when: "'Pulling layer' in pull_result.stdout"
- name: Set initial Etcd cluster
set_fact:
etcd_initial_cluster: >-
{% for host in etcd_peers | default([]) -%}
{% if loop.last -%}
{{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }}
{%- else -%}
{{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }},
{%- endif -%}
{% endfor -%}
when: etcd_initial_cluster is undefined
- name: Check etcd system container package
command: >
atomic containers list --no-trunc -a -f container=etcd -f backend=ostree
register: etcd_result
- name: Unmask etcd service
systemd:
name: etcd
state: stopped
enabled: no
masked: no
daemon_reload: yes
register: task_result
failed_when: task_result|failed and 'could not' not in task_result.msg|lower
when: "'etcd' not in etcd_result.stdout"
- name: Disable etcd_container
systemd:
name: etcd_container
state: stopped
enabled: no
daemon_reload: yes
register: task_result
failed_when: task_result|failed and 'could not' not in task_result.msg|lower
- name: Remove etcd_container.service
file:
path: /etc/systemd/system/etcd_container.service
state: absent
- name: Systemd reload configuration
systemd: name=etcd_container daemon_reload=yes
- name: Install or Update Etcd system container package
oc_atomic_container:
name: etcd
image: "{{ openshift.etcd.etcd_image }}"
state: latest
values:
- ETCD_DATA_DIR=/var/lib/etcd
- ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
- ETCD_NAME={{ etcd_hostname }}
- ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }}
- ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
- ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
- ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
- ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
- ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
- ETCD_CA_FILE={{ etcd_ca_file }}
- ETCD_CERT_FILE={{ etcd_cert_file }}
- ETCD_KEY_FILE={{ etcd_key_file }}
- ETCD_PEER_CA_FILE={{ etcd_peer_ca_file }}
- ETCD_PEER_CERT_FILE={{ etcd_peer_cert_file }}
- ETCD_PEER_KEY_FILE={{ etcd_peer_key_file }}
- ETCD_TRUSTED_CA_FILE={{ etcd_ca_file }}
- ETCD_PEER_TRUSTED_CA_FILE={{ etcd_peer_ca_file }}
- 'ADDTL_MOUNTS=,{"type":"bind","source":"/etc/","destination":"/etc/","options":["rbind","rw","rslave"]},{"type":"bind","source":"/var/lib/etcd","destination":"/var/lib/etcd/","options":["rbind","rw","rslave"]}'
- name: Ensure etcd datadir ownership for the system container
file:
path: "{{ etcd_data_dir }}"
state: directory
mode: 0700
owner: root
group: root
recurse: True
|