blob: 22ff6dfd2803b491b189ec2348995131f8cb2a46 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
---
- fail:
msg: "SELinux is disabled, This deployment type requires that SELinux is enabled."
when:
- (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online', 'atomic-enterprise', 'openshift-enterprise']
- not openshift_use_crio | default(false)
- name: setup firewall
include: firewall.yml
static: yes
#### Disable SWAP #####
# https://docs.openshift.com/container-platform/3.4/admin_guide/overcommit.html#disabling-swap-memory
- name: Check for swap usage
command: grep "^[^#].*swap" /etc/fstab
# grep: match any lines which don't begin with '#' and contain 'swap'
changed_when: false
failed_when: false
register: swap_result
- when:
- swap_result.stdout_lines | length > 0
- openshift_disable_swap | default(true) | bool
block:
- name: Disable swap
command: swapoff --all
- name: Remove swap entries from /etc/fstab
replace:
dest: /etc/fstab
regexp: '(^[^#].*swap.*)'
replace: '# \1'
backup: yes
- name: Add notice about disabling swap
lineinfile:
dest: /etc/fstab
line: '# OpenShift-Ansible Installer disabled swap per overcommit guidelines'
state: present
#### End Disable Swap Block ####
- name: include node installer
include: install.yml
- name: Restart cri-o
systemd:
name: cri-o
enabled: yes
state: restarted
when: openshift_use_crio | default(false)
- name: restart NetworkManager to ensure resolv.conf is present
systemd:
name: NetworkManager
enabled: yes
state: restarted
when: openshift_node_bootstrap | bool
# The atomic-openshift-node service will set this parameter on
# startup, but if the network service is restarted this setting is
# lost. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1372388
#
# Use lineinfile w/ a handler for this task until
# https://github.com/ansible/ansible/pull/24277 is included in an
# ansible release and we can use the sysctl module.
- name: Persist net.ipv4.ip_forward sysctl entry
lineinfile: dest=/etc/sysctl.conf regexp='^net.ipv4.ip_forward' line='net.ipv4.ip_forward=1'
notify:
- reload sysctl.conf
- name: include bootstrap node config
include: bootstrap.yml
when: openshift_node_bootstrap
- name: include standard node config
include: config.yml
when: not openshift_node_bootstrap
- name: Check for credentials file for registry auth
stat:
path: "{{oreg_auth_credentials_path }}"
when:
- oreg_auth_user is defined
register: node_oreg_auth_credentials_stat
- name: Create credentials for registry auth
command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}"
when:
- oreg_auth_user is defined
- (not node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
notify:
- restart node
- name: Configure AWS Cloud Provider Settings
lineinfile:
dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
regexp: "{{ item.regex }}"
line: "{{ item.line }}"
create: true
with_items:
- regex: '^AWS_ACCESS_KEY_ID='
line: "AWS_ACCESS_KEY_ID={{ openshift_cloudprovider_aws_access_key | default('') }}"
- regex: '^AWS_SECRET_ACCESS_KEY='
line: "AWS_SECRET_ACCESS_KEY={{ openshift_cloudprovider_aws_secret_key | default('') }}"
no_log: True
when: openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined
notify:
- restart node
#### Storage class plugins here ####
- name: NFS storage plugin configuration
include: storage_plugins/nfs.yml
tags:
- nfs
- name: GlusterFS storage plugin configuration
include: storage_plugins/glusterfs.yml
when: "'glusterfs' in openshift.node.storage_plugin_deps"
- name: Ceph storage plugin configuration
include: storage_plugins/ceph.yml
when: "'ceph' in openshift.node.storage_plugin_deps"
- name: iSCSI storage plugin configuration
include: storage_plugins/iscsi.yml
when: "'iscsi' in openshift.node.storage_plugin_deps"
##### END Storage #####
- include: config/workaround-bz1331590-ovs-oom-fix.yml
when: openshift_node_use_openshift_sdn | default(true) | bool
|