diff options
Diffstat (limited to 'roles')
12 files changed, 71 insertions, 20 deletions
diff --git a/roles/lib_utils/filter_plugins/oo_filters.py b/roles/lib_utils/filter_plugins/oo_filters.py index 574743ff1..c355115b5 100644 --- a/roles/lib_utils/filter_plugins/oo_filters.py +++ b/roles/lib_utils/filter_plugins/oo_filters.py @@ -126,7 +126,7 @@ def lib_utils_oo_collect(data_list, attribute=None, filters=None): raise errors.AnsibleFilterError( "lib_utils_oo_collect expects filter to be a dict") retval.extend([get_attr(d, attribute) for d in data if ( - all([d.get(key, None) == filters[key] for key in filters]))]) + all([get_attr(d, key) == filters[key] for key in filters]))]) else: retval.extend([get_attr(d, attribute) for d in data]) diff --git a/roles/openshift_etcd_facts/defaults/main.yml b/roles/openshift_etcd_facts/defaults/main.yml new file mode 100644 index 000000000..d13e7c912 --- /dev/null +++ b/roles/openshift_etcd_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +etcd_ca_host_group: "oo_etcd_to_config" diff --git a/roles/openshift_etcd_facts/tasks/main.yml b/roles/openshift_etcd_facts/tasks/main.yml index ed97d539c..86546f4e3 100644 --- a/roles/openshift_etcd_facts/tasks/main.yml +++ b/roles/openshift_etcd_facts/tasks/main.yml @@ -1 +1,2 @@ --- +- import_tasks: set_etcd_ca_host.yml diff --git a/roles/openshift_etcd_facts/tasks/set_etcd_ca_host.yml b/roles/openshift_etcd_facts/tasks/set_etcd_ca_host.yml new file mode 100644 index 000000000..bf8d28a9b --- /dev/null +++ b/roles/openshift_etcd_facts/tasks/set_etcd_ca_host.yml @@ -0,0 +1,44 @@ +--- +- name: Check for CA indicator files + stat: + path: "{{ item.0 }}" + delegate_to: "{{ item.1 }}" + with_nested: + - - /etc/etcd/ca + - /etc/etcd/generated_certs + - "{{ groups[etcd_ca_host_group] }}" + register: __etcd_ca_host_stat + run_once: true + +# Collect ansible_host (inventory hostname) of hosts with /etc/etcd/ca +# and /etc/etcd/generated_certs directories. +- set_fact: + __etcd_ca_dir_hosts: "{{ __etcd_ca_host_stat.results + | lib_utils_oo_collect('_ansible_delegated_vars.ansible_host', + filters={'stat.path':'/etc/etcd/ca','stat.exists':True}) }}" + __etcd_generated_certs_dir_hosts: "{{ __etcd_ca_host_stat.results + | lib_utils_oo_collect('_ansible_delegated_vars.ansible_host', + filters={'stat.path':'/etc/etcd/generated_certs','stat.exists':True}) }}" + run_once: true + +# __etcd_ca_hosts is the intersection of hosts which have /etc/etcd/ca +# and /etc/etcd/generated_certs directories. +- set_fact: + __etcd_ca_hosts: "{{ __etcd_ca_dir_hosts | intersect(__etcd_generated_certs_dir_hosts) }}" + run_once: true + +# __etcd_ca_hosts should only contain one host. If more than one host +# is able to be an etcd CA host then we will use the first. +- set_fact: + etcd_ca_host: "{{ __etcd_ca_hosts[0] }}" + when: + - __etcd_ca_hosts | length > 0 + - etcd_ca_host is not defined + +# No etcd_ca_host was found in __etcd_ca_hosts. This is probably a +# fresh installation so we will default to the first member of the +# etcd host group. +- set_fact: + etcd_ca_host: "{{ groups[etcd_ca_host_group].0 }}" + when: + - etcd_ca_host is not defined diff --git a/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml index bbc0c7044..6ec1c0fed 100644 --- a/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml +++ b/roles/openshift_examples/files/examples/v3.9/cfme-templates/jboss-middleware-manager-template.yaml @@ -197,7 +197,7 @@ objects: spec: containers: - image: ${CASSANDRA_IMAGE} - imagePullPolicy: Always + imagePullPolicy: IfNotPresent name: hawkular-cassandra env: - name: DATA_VOLUME diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 11a51b6bb..8d0f615b5 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -18,7 +18,7 @@ import socket import ipaddress from distutils.util import strtobool from distutils.version import LooseVersion -from ansible.module_utils.six import u +from ansible.module_utils.six import text_type from ansible.module_utils.six import string_types from ansible.module_utils.six.moves import configparser @@ -1153,7 +1153,7 @@ def set_proxy_facts(facts): if 'no_proxy_internal_hostnames' in common: common['no_proxy'].extend(common['no_proxy_internal_hostnames'].split(',')) # We always add local dns domain and ourselves no matter what - kube_svc_ip = str(ipaddress.ip_network(u(common['portal_net']))[1]) + kube_svc_ip = str(ipaddress.ip_network(text_type(common['portal_net']))[1]) common['no_proxy'].append(kube_svc_ip) common['no_proxy'].append('.' + common['dns_domain']) common['no_proxy'].append('.svc') diff --git a/roles/openshift_logging_elasticsearch/tasks/get_es_version.yml b/roles/openshift_logging_elasticsearch/tasks/get_es_version.yml index 16de6f252..7c4ecaa5b 100644 --- a/roles/openshift_logging_elasticsearch/tasks/get_es_version.yml +++ b/roles/openshift_logging_elasticsearch/tasks/get_es_version.yml @@ -1,21 +1,21 @@ --- - command: > - oc get pod -l component=es,provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} + {{ openshift_client_binary }} get pod -l component=es,provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} register: _cluster_pods - name: "Getting ES version for logging-es cluster" command: > - oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XGET 'https://localhost:9200/' + {{ openshift_client_binary }} exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XGET 'https://localhost:9200/' register: _curl_output when: _cluster_pods.stdout_lines | count > 0 - command: > - oc get pod -l component=es-ops,provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} + {{ openshift_client_binary }} get pod -l component=es-ops,provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} register: _ops_cluster_pods - name: "Getting ES version for logging-es-ops cluster" command: > - oc exec {{ _ops_cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XGET 'https://localhost:9200/' + {{ openshift_client_binary }} exec {{ _ops_cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XGET 'https://localhost:9200/' register: _ops_curl_output when: _ops_cluster_pods.stdout_lines | count > 0 diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml index 8a174f0d5..9db67ea9b 100644 --- a/roles/openshift_logging_elasticsearch/tasks/main.yaml +++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml @@ -258,7 +258,7 @@ _restart_logging_components: "{{ _restart_logging_components | default([]) + [es_component] | unique }}" - shell: > - oc get dc -l component="{{ es_component }}" -n "{{ openshift_logging_elasticsearch_namespace }}" -o name | cut -d'/' -f2 + {{ openshift_client_binary }} get dc -l component="{{ es_component }}" -n "{{ openshift_logging_elasticsearch_namespace }}" -o name | cut -d'/' -f2 register: _es_dcs - set_fact: diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml index 879459cf6..14f2313e1 100644 --- a/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml +++ b/roles/openshift_logging_elasticsearch/tasks/restart_cluster.yml @@ -1,13 +1,13 @@ --- ## get all pods for the cluster - command: > - oc get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} + {{ openshift_client_binary }} get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} register: _cluster_pods ### Check for cluster state before making changes -- if its red then we don't want to continue - name: "Checking current health for {{ _es_node }} cluster" shell: > - oc exec "{{ _cluster_pods.stdout.split(' ')[0] }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- es_cluster_health + {{ openshift_client_binary }} exec "{{ _cluster_pods.stdout.split(' ')[0] }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- es_cluster_health register: _pod_status when: _cluster_pods.stdout_lines | count > 0 @@ -46,7 +46,7 @@ - name: "Disable shard balancing for logging-{{ _cluster_component }} cluster" command: > - oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "none" } }' + {{ openshift_client_binary }} exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "none" } }' register: _disable_output changed_when: "'\"acknowledged\":true' in _disable_output.stdout" when: _cluster_pods.stdout_lines | count > 0 @@ -54,7 +54,7 @@ # Flush ES - name: "Flushing for logging-{{ _cluster_component }} cluster" command: > - oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_flush/synced' + {{ openshift_client_binary }} exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_flush/synced' register: _flush_output changed_when: "'\"acknowledged\":true' in _flush_output.stdout" when: @@ -62,7 +62,7 @@ - full_restart_cluster | bool - command: > - oc get dc -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} + {{ openshift_client_binary }} get dc -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} register: _cluster_dcs ## restart all dcs for full restart @@ -86,12 +86,12 @@ ## we may need a new first pod to run against -- fetch them all again - command: > - oc get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} + {{ openshift_client_binary }} get pod -l component={{ _cluster_component }},provider=openshift -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[?(@.status.phase==\"Running\")].metadata.name} register: _cluster_pods - name: "Enable shard balancing for logging-{{ _cluster_component }} cluster" command: > - oc exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "all" } }' + {{ openshift_client_binary }} exec {{ _cluster_pods.stdout.split(' ')[0] }} -c elasticsearch -n {{ openshift_logging_elasticsearch_namespace }} -- {{ __es_local_curl }} -XPUT 'https://localhost:9200/_cluster/settings' -d '{ "transient": { "cluster.routing.allocation.enable" : "all" } }' register: _enable_output changed_when: "'\"acknowledged\":true' in _enable_output.stdout" diff --git a/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml index fe15e40fd..a1e172168 100644 --- a/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml +++ b/roles/openshift_logging_elasticsearch/tasks/restart_es_node.yml @@ -1,7 +1,7 @@ --- - name: "Rolling out new pod(s) for {{ _es_node }}" command: > - oc rollout latest {{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} + {{ openshift_client_binary }} rollout latest {{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} - name: "Waiting for {{ _es_node }} to finish scaling up" oc_obj: @@ -21,12 +21,12 @@ - name: Gettings name(s) of replica pod(s) command: > - oc get pods -l deploymentconfig={{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} + {{ openshift_client_binary }} get pods -l deploymentconfig={{ _es_node }} -n {{ openshift_logging_elasticsearch_namespace }} -o jsonpath={.items[*].metadata.name} register: _pods - name: "Waiting for ES to be ready for {{ _es_node }}" shell: > - oc exec "{{ _pod }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- es_cluster_health + {{ openshift_client_binary }} exec "{{ _pod }}" -c elasticsearch -n "{{ openshift_logging_elasticsearch_namespace }}" -- es_cluster_health with_items: "{{ _pods.stdout.split(' ') }}" loop_control: loop_var: _pod diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml index dcbf7fd9f..21a29a204 100644 --- a/roles/openshift_master/tasks/system_container.yml +++ b/roles/openshift_master/tasks/system_container.yml @@ -18,6 +18,8 @@ state: latest values: - COMMAND=api + - "NODE_SERVICE={{ openshift_service_type }}-node.service" + - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" - name: Install or Update HA controller master system container oc_atomic_container: @@ -26,3 +28,5 @@ state: latest values: - COMMAND=controllers + - "NODE_SERVICE={{ openshift_service_type }}-node.service" + - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml index 008f209d7..e1a533e8e 100644 --- a/roles/openshift_node/tasks/node_system_container.yml +++ b/roles/openshift_node/tasks/node_system_container.yml @@ -13,7 +13,7 @@ values: - "DNS_DOMAIN={{ openshift.common.dns_domain }}" - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" - - "MASTER_SERVICE={{ openshift_service_type }}.service" + - "MASTER_SERVICE={{ openshift_service_type }}-master-controllers.service" - 'ADDTL_MOUNTS={{ l_node_syscon_add_mounts2 }}' state: latest vars: |