diff options
| author | ewolinetz <ewolinet@redhat.com> | 2017-05-02 11:21:56 -0500 |
|---|---|---|
| committer | ewolinetz <ewolinet@redhat.com> | 2017-05-22 10:42:52 -0500 |
| commit | 60ad4626f03cbfb119290a4bfaf9ecba53dc762b (patch) | |
| tree | 766cafb64b81d26ba9cad66e84153248aad7141a /roles/openshift_logging_elasticsearch/tasks | |
| parent | a8e826248539179c5ef69ec003701be608e89b70 (diff) | |
| download | openshift-60ad4626f03cbfb119290a4bfaf9ecba53dc762b.tar.gz openshift-60ad4626f03cbfb119290a4bfaf9ecba53dc762b.tar.bz2 openshift-60ad4626f03cbfb119290a4bfaf9ecba53dc762b.tar.xz openshift-60ad4626f03cbfb119290a4bfaf9ecba53dc762b.zip | |
Pulling in changes from master
Diffstat (limited to 'roles/openshift_logging_elasticsearch/tasks')
| -rw-r--r-- | roles/openshift_logging_elasticsearch/tasks/main.yaml | 87 |
1 files changed, 69 insertions, 18 deletions
diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml index 0d4c7a013..620c82fd0 100644 --- a/roles/openshift_logging_elasticsearch/tasks/main.yaml +++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml @@ -11,7 +11,9 @@ msg: Invalid deployment type, one of ['data-master', 'data-client', 'master', 'client'] allowed when: not openshift_logging_elasticsearch_deployment_type in __allowed_es_types -- set_fact: elasticsearch_name="{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}" +- set_fact: + elasticsearch_name: "{{ 'logging-elasticsearch' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '')) }}" + es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}" - include: determine_version.yaml @@ -39,7 +41,7 @@ oc_serviceaccount: state: present name: "aggregated-logging-elasticsearch" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" image_pull_secrets: "{{ openshift_logging_image_pull_secret }}" when: openshift_logging_image_pull_secret != '' @@ -47,7 +49,7 @@ oc_serviceaccount: state: present name: "aggregated-logging-elasticsearch" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" when: - openshift_logging_image_pull_secret == '' @@ -61,7 +63,7 @@ state: present name: "rolebinding-reader" kind: clusterrole - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" files: - "{{ tempdir }}/rolebinding-reader.yml" delete_after: true @@ -70,10 +72,34 @@ - name: Set rolebinding-reader permissions for ES oc_adm_policy_user: state: present - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" resource_kind: cluster-role resource_name: rolebinding-reader - user: "system:serviceaccount:{{ openshift_logging_namespace }}:aggregated-logging-elasticsearch" + user: "system:serviceaccount:{{ openshift_logging_elasticsearch_namespace }}:aggregated-logging-elasticsearch" + +# View role and binding +- name: Generate logging-elasticsearch-view-role + template: + src: rolebinding.j2 + dest: "{{mktemp.stdout}}/logging-elasticsearch-view-role.yaml" + vars: + obj_name: logging-elasticsearch-view-role + roleRef: + name: view + subjects: + - kind: ServiceAccount + name: aggregated-logging-elasticsearch + changed_when: no + +- name: Set logging-elasticsearch-view-role role + oc_obj: + state: present + name: "logging-elasticsearch-view-role" + kind: rolebinding + namespace: "{{ openshift_logging_elasticsearch_namespace }}" + files: + - "{{ tempdir }}/logging-elasticsearch-view-role.yaml" + delete_after: true # configmap - template: @@ -87,7 +113,6 @@ dest: "{{ tempdir }}/elasticsearch.yml" vars: allow_cluster_reader: "{{ openshift_logging_elasticsearch_ops_allow_cluster_reader | lower | default('false') }}" - deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}" when: es_config_contents is undefined changed_when: no @@ -106,8 +131,8 @@ - name: Set ES configmap oc_configmap: state: present - name: "{{ elasticsearch_name }}-{{ openshift_logging_elasticsearch_deployment_type }}" - namespace: "{{ openshift_logging_namespace }}" + name: "{{ elasticsearch_name }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" from_file: elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml" logging.yml: "{{ tempdir }}/elasticsearch-logging.yml" @@ -119,7 +144,7 @@ oc_secret: state: present name: "logging-elasticsearch" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" files: - name: key path: "{{ generated_certs_dir }}/logging-es.jks" @@ -138,6 +163,34 @@ - name: admin.jks path: "{{ generated_certs_dir }}/system.admin.jks" +# services +- name: Set logging-{{ es_component }}-cluster service + oc_service: + state: present + name: "logging-{{ es_component }}-cluster" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" + selector: + component: "{{ es_component }}" + provider: openshift +# labels: +# - logging-infra: 'support' + ports: + - port: 9300 + +- name: Set logging-{{ es_component }} service + oc_service: + state: present + name: "logging-{{ es_component }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" + selector: + component: "{{ es_component }}" + provider: openshift +# labels: +# - logging-infra: 'support' + ports: + - port: 9200 + targetPort: "restapi" + - name: Creating ES storage template template: src: pvc.j2 @@ -171,7 +224,7 @@ state: present kind: pvc name: "{{ openshift_logging_elasticsearch_pvc_name }}" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" files: - "{{ tempdir }}/templates/logging-es-pvc.yml" delete_after: true @@ -179,9 +232,6 @@ - openshift_logging_elasticsearch_storage_type == "pvc" - set_fact: - es_component: "{{ 'es' ~ ( (openshift_logging_elasticsearch_ops_deployment | default(false) | bool) | ternary('-ops', '') ) }}" - -- set_fact: es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 'abcdefghijklmnopqrstuvwxyz0123456789' | random_word(8) }}" when: openshift_logging_elasticsearch_deployment_name == "" @@ -195,20 +245,21 @@ src: es.j2 dest: "{{ tempdir }}/templates/logging-es-dc.yml" vars: - es_configmap: "{{ elasticsearch_name }}-{{ openshift_logging_elasticsearch_deployment_type }}" es_cluster_name: "{{ es_component }}" - logging_component: "{{ es_component }}" + component: "{{ es_component }}" + logging_component: elasticsearch deploy_name: "{{ es_deploy_name }}" image: "{{ openshift_logging_image_prefix }}logging-elasticsearch:{{ openshift_logging_image_version }}" es_cpu_limit: "{{ openshift_logging_elasticsearch_cpu_limit }}" es_memory_limit: "{{ openshift_logging_elasticsearch_memory_limit }}" es_node_selector: "{{ openshift_logging_elasticsearch_nodeselector | default({}) }}" + deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}" - name: Set ES dc oc_obj: state: present name: "{{ es_deploy_name }}" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" kind: dc files: - "{{ tempdir }}/templates/logging-es-dc.yml" @@ -219,7 +270,7 @@ oc_scale: kind: dc name: "{{ es_deploy_name }}" - namespace: "{{ openshift_logging_namespace }}" + namespace: "{{ openshift_logging_elasticsearch_namespace }}" replicas: 1 ## Placeholder for migration when necessary ## |