diff options
Diffstat (limited to 'roles')
9 files changed, 56 insertions, 33 deletions
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml index 9fabc5826..66dd2f5a3 100644 --- a/roles/openshift_logging/tasks/install_logging.yaml +++ b/roles/openshift_logging/tasks/install_logging.yaml @@ -131,6 +131,7 @@ openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type | default(default_elasticsearch_storage_type) }}" openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}" openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_pvc_storage_class_name | default() }}" + __logging_scale_up: True with_sequence: count={{ openshift_logging_es_cluster_size | int - openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count }} loop_control: @@ -221,6 +222,7 @@ openshift_logging_es_hostname: "{{ openshift_logging_es_ops_hostname }}" openshift_logging_es_edge_term_policy: "{{ openshift_logging_es_ops_edge_term_policy | default('') }}" openshift_logging_es_allow_external: "{{ openshift_logging_es_ops_allow_external }}" + __logging_ops_scale_up: True with_sequence: count={{ openshift_logging_es_ops_cluster_size | int - openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count }} loop_control: diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml index 64e5a3a1f..441460b2d 100644 --- a/roles/openshift_logging_elasticsearch/tasks/main.yaml +++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml @@ -138,15 +138,22 @@ - "prometheus_out.stderr | length > 0" - "'already exists' not in prometheus_out.stderr" -- set_fact: - _logging_metrics_proxy_passwd: "{{ 16 | lib_utils_oo_random_word | b64encode }}" +- name: Checking for passwd.yml + stat: path="{{ generated_certs_dir }}/passwd.yml" + register: passwd_file + check_mode: no -- template: +- when: not passwd_file.stat.exists + template: src: passwd.j2 - dest: "{{mktemp.stdout}}/passwd.yml" + dest: "{{ generated_certs_dir }}/passwd.yml" vars: logging_user_name: "{{ openshift_logging_elasticsearch_prometheus_sa }}" - logging_user_passwd: "{{ _logging_metrics_proxy_passwd }}" + logging_user_passwd: "{{ 16 | lib_utils_oo_random_word | b64encode }}" + +- slurp: + src: "{{ generated_certs_dir }}/passwd.yml" + register: _logging_metrics_proxy_passwd # View role and binding - name: Generate logging-elasticsearch-view-role @@ -296,7 +303,7 @@ - name: admin.jks path: "{{ generated_certs_dir }}/system.admin.jks" - name: passwd.yml - path: "{{mktemp.stdout}}/passwd.yml" + path: "{{ generated_certs_dir }}/passwd.yml" # services - name: Set logging-{{ es_component }}-cluster service @@ -433,7 +440,7 @@ es_container_security_context: "{{ _es_containers.elasticsearch.securityContext if _es_containers is defined and 'elasticsearch' in _es_containers and 'securityContext' in _es_containers.elasticsearch else None }}" deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}" es_replicas: 1 - basic_auth_passwd: "{{ _logging_metrics_proxy_passwd | b64decode }}" + basic_auth_passwd: "{{ ( _logging_metrics_proxy_passwd['content'] | b64decode | from_yaml )[openshift_logging_elasticsearch_prometheus_sa]['passwd'] }}" es_number_of_shards: "{{ openshift_logging_es_number_of_shards | default(1) }}" es_number_of_replicas: "{{ openshift_logging_es_number_of_replicas| default(0) }}" diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml index 14f2313e1..01247dd5d 100644 --- a/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml +++ b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml @@ -65,6 +65,12 @@ {{ openshift_client_binary }} get dc -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} register: _cluster_dcs + # If we are currently restarting the "es" cluster we want to check if we are scaling up the number of es nodes + # If we are currently restarting the "es-ops" cluster we want to check if we are scaling up the number of ops nodes + # If we've created a new node for that cluster then the appropriate variable will be true, otherwise we default to false + - set_fact: + _skip_healthcheck: "{{ __logging_scale_up | default(false) if _cluster_component == 'es' else __logging_ops_scale_up | default(false) }}" + ## restart all dcs for full restart - name: "Restart ES node {{ _es_node }}" include_tasks: restart_es_node.yml @@ -94,6 +100,7 @@ {{ openshift_client_binary }} exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "all" } }' register: _enable_output changed_when: "'\"acknowledged\":true' in _enable_output.stdout" + when: _cluster_pods.stdout != "" # Reenable external communication for {{ _cluster_component }} - name: Reenable external communication for logging-{{ _cluster_component }} diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml index a1e172168..934ab886b 100644 --- a/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml +++ b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml @@ -3,7 +3,8 @@ command: > {{ openshift_client_binary }} rollout latest {{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} -- name: "Waiting for {{ _es_node }} to finish scaling up" +- when: not _skip_healthcheck | bool + name: "Waiting for {{ _es_node }} to finish scaling up" oc_obj: state: list name: "{{ _es_node }}" @@ -19,12 +20,14 @@ retries: 60 delay: 30 -- name: Gettings name(s) of replica pod(s) +- when: not _skip_healthcheck | bool + name: Gettings name(s) of replica pod(s) command: > {{ openshift_client_binary }} get pods -l deploymentconfig={{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} register: _pods -- name: "Waiting for ES to be ready for {{ _es_node }}" +- when: not _skip_healthcheck | bool + name: "Waiting for ES to be ready for {{ _es_node }}" shell: > {{ openshift_client_binary }} exec "{{ _pod }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- es_cluster_health with_items: "{{ _pods.stdout.split(' ') }}" diff --git a/roles/openshift_version/defaults/main.yml b/roles/openshift_version/defaults/main.yml index 513dff045..c807df9d3 100644 --- a/roles/openshift_version/defaults/main.yml +++ b/roles/openshift_version/defaults/main.yml @@ -10,4 +10,6 @@ openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_typ openshift_use_crio_only: False l_first_master_version_task_file: "{{ openshift_is_containerized | ternary('first_master_containerized_version.yml', 'first_master_rpm_version.yml') }}" -l_force_image_tag_to_version: False + +# Used during double control plane upgrades. +l_double_upgrade_cp_reset_version: False diff --git a/roles/openshift_version/tasks/first_master.yml b/roles/openshift_version/tasks/first_master.yml index b0d155c2c..022ac30fc 100644 --- a/roles/openshift_version/tasks/first_master.yml +++ b/roles/openshift_version/tasks/first_master.yml @@ -13,20 +13,30 @@ - include_tasks: "{{ l_first_master_version_task_file }}" +# When double upgrade is in process, we want to set everything to match +# openshift_verison. - block: - debug: msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}" - set_fact: - openshift_pkg_version: -{{ openshift_version }} + openshift_pkg_version: "-{{ openshift_version }}" when: - - openshift_pkg_version is not defined or openshift_pkg_version == "" - - openshift_upgrade_target is not defined + - openshift_pkg_version is not defined or l_double_upgrade_cp_reset_version +# When double upgrade is in process, we want to set everything to match +# openshift_verison. - block: - debug: - msg: "openshift_image_tag set to v{{ openshift_version }}" + msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}" - set_fact: - openshift_image_tag: v{{ openshift_version }} - when: > - openshift_image_tag is not defined or openshift_image_tag == "" - or l_force_image_tag_to_version | bool + openshift_image_tag: "v{{ openshift_version }}" + when: openshift_image_tag is not defined or l_double_upgrade_cp_reset_version + +# The end result of these three variables is quite important so make sure they are displayed and logged: +- debug: var=openshift_release + +- debug: var=openshift_image_tag + +- debug: var=openshift_pkg_version + +- debug: var=openshift_version diff --git a/roles/openshift_version/tasks/first_master_containerized_version.yml b/roles/openshift_version/tasks/first_master_containerized_version.yml index 9eb38cb2b..e02a75eab 100644 --- a/roles/openshift_version/tasks/first_master_containerized_version.yml +++ b/roles/openshift_version/tasks/first_master_containerized_version.yml @@ -6,9 +6,7 @@ openshift_version: "{{ openshift_image_tag[1:].split('-')[0] if openshift_image_tag != 'latest' else openshift_image_tag }}" when: - openshift_image_tag is defined - - openshift_image_tag != "" - openshift_version is not defined - - not (openshift_version_reinit | default(false)) - name: Set containerized version to configure if openshift_release specified set_fact: @@ -22,7 +20,7 @@ docker run --rm {{ openshift_cli_image }}:latest version register: cli_image_version when: - - openshift_version is not defined or openshift_version_reinit | default(false) + - openshift_version is not defined - not openshift_use_crio_only # Origin latest = pre-release version (i.e. v1.3.0-alpha.1-321-gb095e3a) @@ -36,7 +34,7 @@ - set_fact: openshift_version: "{{ cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0][1:] }}" - when: openshift_version is not defined or openshift_version_reinit | default(false) + when: openshift_version is not defined # If we got an openshift_version like "3.2", lookup the latest 3.2 container version # and use that value instead. diff --git a/roles/openshift_version/tasks/first_master_rpm_version.yml b/roles/openshift_version/tasks/first_master_rpm_version.yml index 85e440513..9a5f0c568 100644 --- a/roles/openshift_version/tasks/first_master_rpm_version.yml +++ b/roles/openshift_version/tasks/first_master_rpm_version.yml @@ -5,17 +5,14 @@ openshift_version: "{{ openshift_pkg_version[1:].split('-')[0] }}" when: - openshift_pkg_version is defined - - openshift_pkg_version != "" - openshift_version is not defined - - not (openshift_version_reinit | default(false)) # These tasks should only be run against masters and nodes - name: Set openshift_version for rpm installation include_tasks: check_available_rpms.yml +# If double upgrade is in process, we want to set openshift_version to whatever +# rpm package is available. - set_fact: openshift_version: "{{ rpm_results.results.versions.available_versions.0 }}" - when: openshift_version is not defined or ( openshift_version_reinit | default(false) ) -- set_fact: - openshift_pkg_version: "-{{ rpm_results.results.versions.available_versions.0 }}" - when: openshift_version_reinit | default(false) + when: openshift_version is not defined or l_double_upgrade_cp_reset_version diff --git a/roles/openshift_version/tasks/masters_and_nodes.yml b/roles/openshift_version/tasks/masters_and_nodes.yml index eddd5ff42..c4dbc2a5f 100644 --- a/roles/openshift_version/tasks/masters_and_nodes.yml +++ b/roles/openshift_version/tasks/masters_and_nodes.yml @@ -8,10 +8,7 @@ fail: msg: "OCP rpm version {{ rpm_results.results.versions.available_versions.0 }} is different from OCP image version {{ openshift_version }}" # Both versions have the same string representation - when: - - openshift_version not in rpm_results.results.versions.available_versions.0 - - openshift_version_reinit | default(false) - + when: rpm_results.results.versions.available_versions.0 != openshift_version # block when when: not openshift_is_atomic | bool |