summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_logging_curator/tasks/main.yaml2
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/main.yaml320
-rw-r--r--roles/openshift_logging_kibana/tasks/main.yaml2
-rw-r--r--roles/openshift_logging_mux/tasks/main.yaml48
-rw-r--r--roles/openshift_metrics/tasks/install_heapster.yaml12
-rw-r--r--roles/openshift_metrics/tasks/install_hosa.yaml6
-rw-r--r--roles/openshift_prometheus/tasks/install_prometheus.yaml54
-rw-r--r--roles/openshift_provisioners/tasks/install_provisioners.yaml8
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml56
-rw-r--r--roles/openshift_web_console/tasks/install.yml138
-rw-r--r--roles/template_service_broker/tasks/install.yml14
11 files changed, 330 insertions, 330 deletions
diff --git a/roles/openshift_logging_curator/tasks/main.yaml b/roles/openshift_logging_curator/tasks/main.yaml
index 414fdbb95..456a25082 100644
--- a/roles/openshift_logging_curator/tasks/main.yaml
+++ b/roles/openshift_logging_curator/tasks/main.yaml
@@ -19,7 +19,7 @@
msg: |-
No schedulable nodes found matching node selector for logging curator - '{{ openshift_logging_curator_nodeselector }}'
when:
- - openshift_schedulable_node_labels | lib_utils_oo_has_no_matching_selector(openshift_logging_curator_nodeselector)
+ - openshift_schedulable_node_labels | lib_utils_oo_has_no_matching_selector(openshift_logging_curator_nodeselector)
# allow passing in a tempdir
- name: Create temp directory for doing work in
diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml
index 758bb7e5d..64e5a3a1f 100644
--- a/roles/openshift_logging_elasticsearch/tasks/main.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml
@@ -25,8 +25,8 @@
- name: Set default image variables based on openshift_deployment_type
include_vars: "{{ var_file_name }}"
with_first_found:
- - "{{ openshift_deployment_type }}.yml"
- - "default_images.yml"
+ - "{{ openshift_deployment_type }}.yml"
+ - "default_images.yml"
loop_control:
loop_var: var_file_name
@@ -42,14 +42,14 @@
- set_fact:
full_restart_cluster: True
when:
- - _es_installed_version is defined
- - _es_installed_version.split('.')[0] | int < __es_version.split('.')[0] | int
+ - _es_installed_version is defined
+ - _es_installed_version.split('.')[0] | int < __es_version.split('.')[0] | int
- set_fact:
full_restart_cluster: True
when:
- - _es_ops_installed_version is defined
- - _es_ops_installed_version.split('.')[0] | int < __es_version.split('.')[0] | int
+ - _es_ops_installed_version is defined
+ - _es_ops_installed_version.split('.')[0] | int < __es_version.split('.')[0] | int
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -85,7 +85,7 @@
name: "aggregated-logging-elasticsearch"
namespace: "{{ openshift_logging_elasticsearch_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
# rolebinding reader
- name: Create rolebinding-reader role
@@ -93,9 +93,9 @@
state: present
name: rolebinding-reader
rules:
- - apiGroups: [""]
- resources: ["clusterrolebindings"]
- verbs: ["get"]
+ - apiGroups: [""]
+ resources: ["clusterrolebindings"]
+ verbs: ["get"]
# SA roles
- name: Set rolebinding-reader permissions for ES
@@ -135,8 +135,8 @@
- fail:
msg: "There was an error creating the logging-metrics-role and binding: {{prometheus_out}}"
when:
- - "prometheus_out.stderr | length > 0"
- - "'already exists' not in prometheus_out.stderr"
+ - "prometheus_out.stderr | length > 0"
+ - "'already exists' not in prometheus_out.stderr"
- set_fact:
_logging_metrics_proxy_passwd: "{{ 16 | lib_utils_oo_random_word | b64encode }}"
@@ -158,8 +158,8 @@
roleRef:
name: view
subjects:
- - kind: ServiceAccount
- name: aggregated-logging-elasticsearch
+ - kind: ServiceAccount
+ name: aggregated-logging-elasticsearch
changed_when: no
- name: Set logging-elasticsearch-view-role role
@@ -169,18 +169,18 @@
kind: rolebinding
namespace: "{{ openshift_logging_elasticsearch_namespace }}"
files:
- - "{{ tempdir }}/logging-elasticsearch-view-role.yaml"
+ - "{{ tempdir }}/logging-elasticsearch-view-role.yaml"
delete_after: true
# configmap
- assert:
that:
- - openshift_logging_elasticsearch_kibana_index_mode in __kibana_index_modes
+ - openshift_logging_elasticsearch_kibana_index_mode in __kibana_index_modes
msg: "The openshift_logging_elasticsearch_kibana_index_mode '{{ openshift_logging_elasticsearch_kibana_index_mode }}' only supports one of: {{ __kibana_index_modes | join(', ') }}"
- assert:
that:
- - "{{ openshift_logging_es_log_appenders | length > 0 }}"
+ - "{{ openshift_logging_es_log_appenders | length > 0 }}"
msg: "The openshift_logging_es_log_appenders '{{ openshift_logging_es_log_appenders }}' has an unrecognized option and only supports the following as a list: {{ __es_log_appenders | join(', ') }}"
- template:
@@ -196,81 +196,81 @@
# create diff between current configmap files and our current files
- when: not openshift_logging_es5_techpreview
block:
- - template:
- src: "{{ __base_file_dir }}/elasticsearch-logging.yml.j2"
- dest: "{{ tempdir }}/elasticsearch-logging.yml"
- vars:
- root_logger: "{{openshift_logging_es_log_appenders | join(', ')}}"
- changed_when: no
-
- - include_role:
- name: openshift_logging
- tasks_from: patch_configmap_files.yaml
- vars:
- configmap_name: "logging-elasticsearch"
- configmap_namespace: "logging"
- configmap_file_names:
- - current_file: "elasticsearch.yml"
- new_file: "{{ tempdir }}/elasticsearch.yml"
- protected_lines: ["number_of_shards", "number_of_replicas"]
- - current_file: "logging.yml"
- new_file: "{{ tempdir }}/elasticsearch-logging.yml"
-
- - name: Set ES configmap
- oc_configmap:
- state: present
- name: "{{ elasticsearch_name }}"
- namespace: "{{ openshift_logging_elasticsearch_namespace }}"
- from_file:
- elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
- logging.yml: "{{ tempdir }}/elasticsearch-logging.yml"
- register: es_config_creation
- notify: "restart elasticsearch"
+ - template:
+ src: "{{ __base_file_dir }}/elasticsearch-logging.yml.j2"
+ dest: "{{ tempdir }}/elasticsearch-logging.yml"
+ vars:
+ root_logger: "{{openshift_logging_es_log_appenders | join(', ')}}"
+ changed_when: no
+
+ - include_role:
+ name: openshift_logging
+ tasks_from: patch_configmap_files.yaml
+ vars:
+ configmap_name: "logging-elasticsearch"
+ configmap_namespace: "logging"
+ configmap_file_names:
+ - current_file: "elasticsearch.yml"
+ new_file: "{{ tempdir }}/elasticsearch.yml"
+ protected_lines: ["number_of_shards", "number_of_replicas"]
+ - current_file: "logging.yml"
+ new_file: "{{ tempdir }}/elasticsearch-logging.yml"
+
+ - name: Set ES configmap
+ oc_configmap:
+ state: present
+ name: "{{ elasticsearch_name }}"
+ namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+ from_file:
+ elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
+ logging.yml: "{{ tempdir }}/elasticsearch-logging.yml"
+ register: es_config_creation
+ notify: "restart elasticsearch"
- when: openshift_logging_es5_techpreview | bool
block:
- - template:
- src: "{{ __base_file_dir }}/log4j2.properties.j2"
- dest: "{{ tempdir }}/log4j2.properties"
- vars:
- root_logger: "{{ openshift_logging_es_log_appenders | list }}"
- changed_when: no
-
- - include_role:
- name: openshift_logging
- tasks_from: patch_configmap_files.yaml
- vars:
- configmap_name: "logging-elasticsearch"
- configmap_namespace: "logging"
- configmap_file_names:
- - current_file: "elasticsearch.yml"
- new_file: "{{ tempdir }}/elasticsearch.yml"
- - current_file: "log4j2.properties"
- new_file: "{{ tempdir }}/log4j2.properties"
-
- - name: Set ES configmap
- oc_configmap:
- state: present
- name: "{{ elasticsearch_name }}"
- namespace: "{{ openshift_logging_elasticsearch_namespace }}"
- from_file:
- elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
- log4j2.properties: "{{ tempdir }}/log4j2.properties"
- register: es_config_creation
- notify: "restart elasticsearch"
+ - template:
+ src: "{{ __base_file_dir }}/log4j2.properties.j2"
+ dest: "{{ tempdir }}/log4j2.properties"
+ vars:
+ root_logger: "{{ openshift_logging_es_log_appenders | list }}"
+ changed_when: no
+
+ - include_role:
+ name: openshift_logging
+ tasks_from: patch_configmap_files.yaml
+ vars:
+ configmap_name: "logging-elasticsearch"
+ configmap_namespace: "logging"
+ configmap_file_names:
+ - current_file: "elasticsearch.yml"
+ new_file: "{{ tempdir }}/elasticsearch.yml"
+ - current_file: "log4j2.properties"
+ new_file: "{{ tempdir }}/log4j2.properties"
+
+ - name: Set ES configmap
+ oc_configmap:
+ state: present
+ name: "{{ elasticsearch_name }}"
+ namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+ from_file:
+ elasticsearch.yml: "{{ tempdir }}/elasticsearch.yml"
+ log4j2.properties: "{{ tempdir }}/log4j2.properties"
+ register: es_config_creation
+ notify: "restart elasticsearch"
- when: es_config_creation.changed | bool
block:
- - set_fact:
- _restart_logging_components: "{{ _restart_logging_components | default([]) + [es_component] | unique }}"
+ - set_fact:
+ _restart_logging_components: "{{ _restart_logging_components | default([]) + [es_component] | unique }}"
- - shell: >
- {{ openshift_client_binary }} get dc -l component="{{ es_component }}" -n "{{ openshift_logging_elasticsearch_namespace }}" -o name | cut -d'/' -f2
- register: _es_dcs
+ - shell: >
+ {{ openshift_client_binary }} get dc -l component="{{ es_component }}" -n "{{ openshift_logging_elasticsearch_namespace }}" -o name | cut -d'/' -f2
+ register: _es_dcs
- - set_fact:
- _restart_logging_nodes: "{{ _restart_logging_nodes | default([]) + [_es_dcs.stdout] | unique }}"
- when: _es_dcs.stdout != ""
+ - set_fact:
+ _restart_logging_nodes: "{{ _restart_logging_nodes | default([]) + [_es_dcs.stdout] | unique }}"
+ when: _es_dcs.stdout != ""
# secret
- name: Set ES secret
@@ -279,24 +279,24 @@
name: "logging-elasticsearch"
namespace: "{{ openshift_logging_elasticsearch_namespace }}"
files:
- - name: key
- path: "{{ generated_certs_dir }}/logging-es.jks"
- - name: truststore
- path: "{{ generated_certs_dir }}/truststore.jks"
- - name: searchguard.key
- path: "{{ generated_certs_dir }}/elasticsearch.jks"
- - name: searchguard.truststore
- path: "{{ generated_certs_dir }}/truststore.jks"
- - name: admin-key
- path: "{{ generated_certs_dir }}/system.admin.key"
- - name: admin-cert
- path: "{{ generated_certs_dir }}/system.admin.crt"
- - name: admin-ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: admin.jks
- path: "{{ generated_certs_dir }}/system.admin.jks"
- - name: passwd.yml
- path: "{{mktemp.stdout}}/passwd.yml"
+ - name: key
+ path: "{{ generated_certs_dir }}/logging-es.jks"
+ - name: truststore
+ path: "{{ generated_certs_dir }}/truststore.jks"
+ - name: searchguard.key
+ path: "{{ generated_certs_dir }}/elasticsearch.jks"
+ - name: searchguard.truststore
+ path: "{{ generated_certs_dir }}/truststore.jks"
+ - name: admin-key
+ path: "{{ generated_certs_dir }}/system.admin.key"
+ - name: admin-cert
+ path: "{{ generated_certs_dir }}/system.admin.crt"
+ - name: admin-ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: admin.jks
+ path: "{{ generated_certs_dir }}/system.admin.jks"
+ - name: passwd.yml
+ path: "{{mktemp.stdout}}/passwd.yml"
# services
- name: Set logging-{{ es_component }}-cluster service
@@ -310,7 +310,7 @@
labels:
logging-infra: 'support'
ports:
- - port: 9300
+ - port: 9300
- name: Set logging-{{ es_component }} service
oc_service:
@@ -323,8 +323,8 @@
labels:
logging-infra: 'support'
ports:
- - port: 9200
- targetPort: "restapi"
+ - port: 9200
+ targetPort: "restapi"
- name: Set logging-{{ es_component}}-prometheus service
oc_service:
@@ -334,9 +334,9 @@
labels:
logging-infra: 'support'
ports:
- - name: proxy
- port: 443
- targetPort: 4443
+ - name: proxy
+ port: 443
+ targetPort: 4443
selector:
component: "{{ es_component }}"
provider: openshift
@@ -364,46 +364,46 @@
# so we check for the presence of 'stderr' to determine if the obj exists or not
# the RC for existing and not existing is both 0
- when:
- - logging_elasticsearch_pvc.results.stderr is defined
- - openshift_logging_elasticsearch_storage_type == "pvc"
+ - logging_elasticsearch_pvc.results.stderr is defined
+ - openshift_logging_elasticsearch_storage_type == "pvc"
block:
- # storageclasses are used by default but if static then disable
- # storageclasses with the storageClassName set to "" in pvc.j2
- - name: Creating ES storage template - static
- template:
- src: "{{ __base_file_dir }}/pvc.j2"
- dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
- vars:
- obj_name: "{{ openshift_logging_elasticsearch_pvc_name }}"
- size: "{{ (openshift_logging_elasticsearch_pvc_size | trim | length == 0) | ternary('10Gi', openshift_logging_elasticsearch_pvc_size) }}"
- access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
- pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
- storage_class_name: "{{ openshift_logging_elasticsearch_pvc_storage_class_name | default('', true) }}"
- when:
- - not openshift_logging_elasticsearch_pvc_dynamic | bool
-
- # Storageclasses are used by default if configured
- - name: Creating ES storage template - dynamic
- template:
- src: "{{ __base_file_dir }}/pvc.j2"
- dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
- vars:
- obj_name: "{{ openshift_logging_elasticsearch_pvc_name }}"
- size: "{{ (openshift_logging_elasticsearch_pvc_size | trim | length == 0) | ternary('10Gi', openshift_logging_elasticsearch_pvc_size) }}"
- access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
- pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
- when:
- - openshift_logging_elasticsearch_pvc_dynamic | bool
-
- - name: Set ES storage
- oc_obj:
- state: present
- kind: pvc
- name: "{{ openshift_logging_elasticsearch_pvc_name }}"
- namespace: "{{ openshift_logging_elasticsearch_namespace }}"
- files:
- - "{{ tempdir }}/templates/logging-es-pvc.yml"
- delete_after: true
+ # storageclasses are used by default but if static then disable
+ # storageclasses with the storageClassName set to "" in pvc.j2
+ - name: Creating ES storage template - static
+ template:
+ src: "{{ __base_file_dir }}/pvc.j2"
+ dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
+ vars:
+ obj_name: "{{ openshift_logging_elasticsearch_pvc_name }}"
+ size: "{{ (openshift_logging_elasticsearch_pvc_size | trim | length == 0) | ternary('10Gi', openshift_logging_elasticsearch_pvc_size) }}"
+ access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
+ pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_logging_elasticsearch_pvc_storage_class_name | default('', true) }}"
+ when:
+ - not openshift_logging_elasticsearch_pvc_dynamic | bool
+
+ # Storageclasses are used by default if configured
+ - name: Creating ES storage template - dynamic
+ template:
+ src: "{{ __base_file_dir }}/pvc.j2"
+ dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
+ vars:
+ obj_name: "{{ openshift_logging_elasticsearch_pvc_name }}"
+ size: "{{ (openshift_logging_elasticsearch_pvc_size | trim | length == 0) | ternary('10Gi', openshift_logging_elasticsearch_pvc_size) }}"
+ access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
+ pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
+ when:
+ - openshift_logging_elasticsearch_pvc_dynamic | bool
+
+ - name: Set ES storage
+ oc_obj:
+ state: present
+ kind: pvc
+ name: "{{ openshift_logging_elasticsearch_pvc_name }}"
+ namespace: "{{ openshift_logging_elasticsearch_namespace }}"
+ files:
+ - "{{ tempdir }}/templates/logging-es-pvc.yml"
+ delete_after: true
- set_fact:
es_deploy_name: "logging-{{ es_component }}-{{ openshift_logging_elasticsearch_deployment_type }}-{{ 8 | lib_utils_oo_random_word('abcdefghijklmnopqrstuvwxyz0123456789') }}"
@@ -444,7 +444,7 @@
namespace: "{{ openshift_logging_elasticsearch_namespace }}"
kind: dc
files:
- - "{{ tempdir }}/templates/logging-es-dc.yml"
+ - "{{ tempdir }}/templates/logging-es-dc.yml"
delete_after: true
register: es_dc_creation
notify: "restart elasticsearch"
@@ -459,37 +459,37 @@
src: "{{ generated_certs_dir }}/{{ item.file }}"
register: key_pairs
with_items:
- - { name: "ca_file", file: "ca.crt" }
- - { name: "es_key", file: "system.logging.es.key" }
- - { name: "es_cert", file: "system.logging.es.crt" }
+ - { name: "ca_file", file: "ca.crt" }
+ - { name: "es_key", file: "system.logging.es.key" }
+ - { name: "es_cert", file: "system.logging.es.crt" }
when: openshift_logging_es_allow_external | bool
- set_fact:
es_key: "{{ lookup('file', openshift_logging_es_key) | b64encode }}"
when:
- - openshift_logging_es_key | trim | length > 0
- - openshift_logging_es_allow_external | bool
+ - openshift_logging_es_key | trim | length > 0
+ - openshift_logging_es_allow_external | bool
changed_when: false
- set_fact:
es_cert: "{{ lookup('file', openshift_logging_es_cert) | b64encode }}"
when:
- - openshift_logging_es_cert | trim | length > 0
- - openshift_logging_es_allow_external | bool
+ - openshift_logging_es_cert | trim | length > 0
+ - openshift_logging_es_allow_external | bool
changed_when: false
- set_fact:
es_ca: "{{ lookup('file', openshift_logging_es_ca_ext) | b64encode }}"
when:
- - openshift_logging_es_ca_ext | trim | length > 0
- - openshift_logging_es_allow_external | bool
+ - openshift_logging_es_ca_ext | trim | length > 0
+ - openshift_logging_es_allow_external | bool
changed_when: false
- set_fact:
es_ca: "{{ key_pairs | entry_from_named_pair('ca_file') }}"
when:
- - es_ca is not defined
- - openshift_logging_es_allow_external | bool
+ - es_ca is not defined
+ - openshift_logging_es_allow_external | bool
changed_when: false
- name: Generating Elasticsearch {{ es_component }} route template
@@ -520,7 +520,7 @@
namespace: "{{ openshift_logging_elasticsearch_namespace }}"
kind: route
files:
- - "{{ tempdir }}/templates/logging-{{ es_component }}-route.yaml"
+ - "{{ tempdir }}/templates/logging-{{ es_component }}-route.yaml"
when: openshift_logging_es_allow_external | bool
## Placeholder for migration when necessary ##
diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml
index a125b53bf..7b6bc02e1 100644
--- a/roles/openshift_logging_kibana/tasks/main.yaml
+++ b/roles/openshift_logging_kibana/tasks/main.yaml
@@ -13,7 +13,7 @@
msg: |-
No schedulable nodes found matching node selector for Kibana - '{{ openshift_logging_kibana_nodeselector }}'
when:
- - openshift_schedulable_node_labels | lib_utils_oo_has_no_matching_selector(openshift_logging_kibana_nodeselector)
+ - openshift_schedulable_node_labels | lib_utils_oo_has_no_matching_selector(openshift_logging_kibana_nodeselector)
- name: Set kibana image facts
set_fact:
diff --git a/roles/openshift_logging_mux/tasks/main.yaml b/roles/openshift_logging_mux/tasks/main.yaml
index c061f6766..f810f3606 100644
--- a/roles/openshift_logging_mux/tasks/main.yaml
+++ b/roles/openshift_logging_mux/tasks/main.yaml
@@ -17,8 +17,8 @@
- name: Set default image variables based on openshift_deployment_type
include_vars: "{{ var_file_name }}"
with_first_found:
- - "{{ openshift_deployment_type }}.yml"
- - "default_images.yml"
+ - "{{ openshift_deployment_type }}.yml"
+ - "default_images.yml"
loop_control:
loop_var: var_file_name
@@ -62,7 +62,7 @@
name: "aggregated-logging-mux"
namespace: "{{ openshift_logging_mux_namespace }}"
when:
- - openshift_logging_image_pull_secret == ''
+ - openshift_logging_image_pull_secret == ''
# set service account scc
- name: Set privileged permissions for Mux
@@ -109,10 +109,10 @@
configmap_name: "logging-mux"
configmap_namespace: "{{ openshift_logging_mux_namespace }}"
configmap_file_names:
- - current_file: "fluent.conf"
- new_file: "{{ tempdir }}/fluent-mux.conf"
- - current_file: "secure-forward.conf"
- new_file: "{{ tempdir }}/secure-forward-mux.conf"
+ - current_file: "fluent.conf"
+ new_file: "{{ tempdir }}/fluent-mux.conf"
+ - current_file: "secure-forward.conf"
+ new_file: "{{ tempdir }}/secure-forward-mux.conf"
- name: Set Mux configmap
oc_configmap:
@@ -130,14 +130,14 @@
name: logging-mux
namespace: "{{ openshift_logging_mux_namespace }}"
files:
- - name: ca
- path: "{{ generated_certs_dir }}/ca.crt"
- - name: key
- path: "{{ generated_certs_dir }}/system.logging.mux.key"
- - name: cert
- path: "{{ generated_certs_dir }}/system.logging.mux.crt"
- - name: shared_key
- path: "{{ generated_certs_dir }}/mux_shared_key"
+ - name: ca
+ path: "{{ generated_certs_dir }}/ca.crt"
+ - name: key
+ path: "{{ generated_certs_dir }}/system.logging.mux.key"
+ - name: cert
+ path: "{{ generated_certs_dir }}/system.logging.mux.crt"
+ - name: shared_key
+ path: "{{ generated_certs_dir }}/mux_shared_key"
# services
- name: Set logging-mux service for external communication
@@ -151,11 +151,11 @@
labels:
logging-infra: 'support'
ports:
- - name: mux-forward
- port: "{{ openshift_logging_mux_port }}"
- targetPort: "mux-forward"
+ - name: mux-forward
+ port: "{{ openshift_logging_mux_port }}"
+ targetPort: "mux-forward"
external_ips:
- - "{{ openshift_logging_mux_external_address }}"
+ - "{{ openshift_logging_mux_external_address }}"
when: openshift_logging_mux_allow_external | bool
- name: Set logging-mux service for internal communication
@@ -169,9 +169,9 @@
labels:
logging-infra: 'support'
ports:
- - name: mux-forward
- port: "{{ openshift_logging_mux_port }}"
- targetPort: "mux-forward"
+ - name: mux-forward
+ port: "{{ openshift_logging_mux_port }}"
+ targetPort: "mux-forward"
when: not openshift_logging_mux_allow_external | bool
# create Mux DC
@@ -206,7 +206,7 @@
selector: "{{ openshift_logging_mux_file_buffer_pvc_pv_selector }}"
storage_class_name: "{{ openshift_logging_mux_file_buffer_pvc_storage_class_name | default('', true) }}"
when:
- - openshift_logging_mux_file_buffer_storage_type == "pvc"
+ - openshift_logging_mux_file_buffer_storage_type == "pvc"
- name: Set logging-mux DC
oc_obj:
@@ -215,7 +215,7 @@
namespace: "{{ openshift_logging_mux_namespace }}"
kind: dc
files:
- - "{{ tempdir }}/templates/logging-mux-dc.yaml"
+ - "{{ tempdir }}/templates/logging-mux-dc.yaml"
delete_after: true
- name: Add mux namespaces
diff --git a/roles/openshift_metrics/tasks/install_heapster.yaml b/roles/openshift_metrics/tasks/install_heapster.yaml
index 15eecf128..e4ddf98ff 100644
--- a/roles/openshift_metrics/tasks/install_heapster.yaml
+++ b/roles/openshift_metrics/tasks/install_heapster.yaml
@@ -27,8 +27,8 @@
- set_fact:
heapster_sa_secrets: "{{ heapster_sa_secrets + [item] }}"
with_items:
- - hawkular-metrics-certs
- - hawkular-metrics-account
+ - hawkular-metrics-certs
+ - hawkular-metrics-account
when: not openshift_metrics_heapster_standalone | bool
- name: Generating serviceaccount for heapster
@@ -45,7 +45,7 @@
vars:
obj_name: heapster
ports:
- - {port: 80, targetPort: http-endpoint}
+ - {port: 80, targetPort: http-endpoint}
selector:
name: "{{obj_name}}"
annotations:
@@ -68,9 +68,9 @@
kind: ClusterRole
name: cluster-reader
subjects:
- - kind: ServiceAccount
- name: heapster
- namespace: "{{ openshift_metrics_project }}"
+ - kind: ServiceAccount
+ name: heapster
+ namespace: "{{ openshift_metrics_project }}"
changed_when: no
- include_tasks: generate_heapster_secrets.yaml
diff --git a/roles/openshift_metrics/tasks/install_hosa.yaml b/roles/openshift_metrics/tasks/install_hosa.yaml
index d5ae77607..3624cb5ab 100644
--- a/roles/openshift_metrics/tasks/install_hosa.yaml
+++ b/roles/openshift_metrics/tasks/install_hosa.yaml
@@ -45,7 +45,7 @@
kind: ClusterRole
name: hawkular-openshift-agent
subjects:
- - kind: ServiceAccount
- name: hawkular-openshift-agent
- namespace: "{{openshift_metrics_hawkular_agent_namespace}}"
+ - kind: ServiceAccount
+ name: hawkular-openshift-agent
+ namespace: "{{openshift_metrics_hawkular_agent_namespace}}"
changed_when: no
diff --git a/roles/openshift_prometheus/tasks/install_prometheus.yaml b/roles/openshift_prometheus/tasks/install_prometheus.yaml
index 0d09b0228..5a8228bc4 100644
--- a/roles/openshift_prometheus/tasks/install_prometheus.yaml
+++ b/roles/openshift_prometheus/tasks/install_prometheus.yaml
@@ -24,12 +24,12 @@
name: "{{ item }}-proxy"
namespace: "{{ openshift_prometheus_namespace }}"
contents:
- - path: session_secret
- data: "{{ 43 | lib_utils_oo_random_word }}="
+ - path: session_secret
+ data: "{{ 43 | lib_utils_oo_random_word }}="
with_items:
- - prometheus
- - alerts
- - alertmanager
+ - prometheus
+ - alerts
+ - alertmanager
# serviceaccount
- name: create prometheus serviceaccount
@@ -69,10 +69,10 @@
oprometheus.io/scheme: https
service.alpha.openshift.io/serving-cert-secret-name: prometheus-tls
ports:
- - name: prometheus
- port: "{{ openshift_prometheus_service_port }}"
- targetPort: "{{ openshift_prometheus_service_targetport }}"
- protocol: TCP
+ - name: prometheus
+ port: "{{ openshift_prometheus_service_port }}"
+ targetPort: "{{ openshift_prometheus_service_targetport }}"
+ protocol: TCP
selector:
app: prometheus
@@ -85,10 +85,10 @@
annotations:
service.alpha.openshift.io/serving-cert-secret-name: alerts-tls
ports:
- - name: prometheus
- port: "{{ openshift_prometheus_service_port }}"
- targetPort: "{{ openshift_prometheus_alerts_service_targetport }}"
- protocol: TCP
+ - name: prometheus
+ port: "{{ openshift_prometheus_service_port }}"
+ targetPort: "{{ openshift_prometheus_alerts_service_targetport }}"
+ protocol: TCP
selector:
app: prometheus
@@ -101,10 +101,10 @@
annotations:
service.alpha.openshift.io/serving-cert-secret-name: alertmanager-tls
ports:
- - name: prometheus
- port: "{{ openshift_prometheus_service_port }}"
- targetPort: "{{ openshift_prometheus_alertmanager_service_targetport }}"
- protocol: TCP
+ - name: prometheus
+ port: "{{ openshift_prometheus_service_port }}"
+ targetPort: "{{ openshift_prometheus_alertmanager_service_targetport }}"
+ protocol: TCP
selector:
app: prometheus
@@ -119,12 +119,12 @@
service_name: "{{ item.name }}"
tls_termination: reencrypt
with_items:
- - name: prometheus
- host: "{{ openshift_prometheus_hostname }}"
- - name: alerts
- host: "{{ openshift_prometheus_alerts_hostname }}"
- - name: alertmanager
- host: "{{ openshift_prometheus_alertmanager_hostname }}"
+ - name: prometheus
+ host: "{{ openshift_prometheus_hostname }}"
+ - name: alerts
+ host: "{{ openshift_prometheus_alerts_hostname }}"
+ - name: alertmanager
+ host: "{{ openshift_prometheus_alertmanager_hostname }}"
# Storage
- name: create prometheus pvc
@@ -164,9 +164,9 @@
src: "{{ openshift_prometheus_additional_rules_file }}"
dest: "{{ tempdir }}/prometheus.additional.rules"
when:
- - openshift_prometheus_additional_rules_file is defined
- - openshift_prometheus_additional_rules_file is not none
- - openshift_prometheus_additional_rules_file | trim | length > 0
+ - openshift_prometheus_additional_rules_file is defined
+ - openshift_prometheus_additional_rules_file is not none
+ - openshift_prometheus_additional_rules_file | trim | length > 0
- stat:
path: "{{ tempdir }}/prometheus.additional.rules"
@@ -234,5 +234,5 @@
namespace: "{{ openshift_prometheus_namespace }}"
kind: statefulset
files:
- - "{{ tempdir }}/templates/prometheus.yaml"
+ - "{{ tempdir }}/templates/prometheus.yaml"
delete_after: true
diff --git a/roles/openshift_provisioners/tasks/install_provisioners.yaml b/roles/openshift_provisioners/tasks/install_provisioners.yaml
index ec9a762b7..1be498489 100644
--- a/roles/openshift_provisioners/tasks/install_provisioners.yaml
+++ b/roles/openshift_provisioners/tasks/install_provisioners.yaml
@@ -41,10 +41,10 @@
- name: Create objects
include_tasks: oc_apply.yaml
vars:
- - kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
- - namespace: "{{ openshift_provisioners_project }}"
- - file_name: "{{ file.source }}"
- - file_content: "{{ file.content | b64decode | from_yaml }}"
+ - kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
+ - namespace: "{{ openshift_provisioners_project }}"
+ - file_name: "{{ file.source }}"
+ - file_content: "{{ file.content | b64decode | from_yaml }}"
with_items: "{{ object_defs.results }}"
loop_control:
loop_var: file
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
index 668f9238b..96fa4a93e 100644
--- a/roles/openshift_service_catalog/tasks/install.yml
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -8,8 +8,8 @@
- name: Set default image variables based on openshift_deployment_type
include_vars: "{{ item }}"
with_first_found:
- - "{{ openshift_deployment_type }}.yml"
- - "default_images.yml"
+ - "{{ openshift_deployment_type }}.yml"
+ - "default_images.yml"
- name: Set service_catalog image facts
set_fact:
@@ -24,20 +24,20 @@
- when: os_sdn_network_plugin_name == 'redhat/openshift-ovs-multitenant'
block:
- - name: Waiting for netnamespace kube-service-catalog to be ready
- oc_obj:
- kind: netnamespace
- name: kube-service-catalog
- state: list
- register: get_output
- until: not get_output.results.stderr is defined
- retries: 30
- delay: 1
- changed_when: false
-
- - name: Make kube-service-catalog project network global
- command: >
- {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog
+ - name: Waiting for netnamespace kube-service-catalog to be ready
+ oc_obj:
+ kind: netnamespace
+ name: kube-service-catalog
+ state: list
+ register: get_output
+ until: not get_output.results.stderr is defined
+ retries: 30
+ delay: 1
+ changed_when: false
+
+ - name: Make kube-service-catalog project network global
+ command: >
+ {{ openshift_client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog
- include_tasks: generate_certs.yml
@@ -50,7 +50,7 @@
kind: template
namespace: "kube-service-catalog"
files:
- - "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
+ - "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
- oc_process:
create: True
@@ -66,7 +66,7 @@
kind: template
namespace: kube-system
files:
- - "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
+ - "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
- oc_process:
create: True
@@ -131,7 +131,7 @@
kind: daemonset
name: apiserver
files:
- - "{{ mktemp.stdout }}/service_catalog_api_server.yml"
+ - "{{ mktemp.stdout }}/service_catalog_api_server.yml"
delete_after: yes
- name: Set Service Catalog API Server service
@@ -140,10 +140,10 @@
namespace: kube-service-catalog
state: present
ports:
- - name: secure
- port: 443
- protocol: TCP
- targetPort: 6443
+ - name: secure
+ port: 443
+ protocol: TCP
+ targetPort: 6443
selector:
app: apiserver
session_affinity: None
@@ -159,7 +159,7 @@
kind: route
name: apiserver
files:
- - "{{ mktemp.stdout }}/service_catalog_api_route.yml"
+ - "{{ mktemp.stdout }}/service_catalog_api_route.yml"
delete_after: yes
## controller manager
@@ -179,7 +179,7 @@
kind: daemonset
name: controller-manager
files:
- - "{{ mktemp.stdout }}/controller_manager.yml"
+ - "{{ mktemp.stdout }}/controller_manager.yml"
delete_after: yes
- name: Set Controller Manager service
@@ -188,9 +188,9 @@
namespace: kube-service-catalog
state: present
ports:
- - port: 6443
- protocol: TCP
- targetPort: 6443
+ - port: 6443
+ protocol: TCP
+ targetPort: 6443
selector:
app: controller-manager
session_affinity: None
diff --git a/roles/openshift_web_console/tasks/install.yml b/roles/openshift_web_console/tasks/install.yml
index 08640d093..ab6613567 100644
--- a/roles/openshift_web_console/tasks/install.yml
+++ b/roles/openshift_web_console/tasks/install.yml
@@ -3,8 +3,8 @@
- name: Set default image variables based on deployment type
include_vars: "{{ item }}"
with_first_found:
- - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
- - "default_images.yml"
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
- name: Set openshift_web_console facts
set_fact:
@@ -19,7 +19,7 @@
name: openshift-web-console
state: present
node_selector:
- - ""
+ - ""
register: create_console_project
- name: Make temp directory for web console templates
@@ -37,9 +37,9 @@
src: "{{ item }}"
dest: "{{ mktemp.stdout }}/{{ item }}"
with_items:
- - "{{ __console_template_file }}"
- - "{{ __console_rbac_file }}"
- - "{{ __console_config_file }}"
+ - "{{ __console_template_file }}"
+ - "{{ __console_rbac_file }}"
+ - "{{ __console_config_file }}"
# Check if an existing webconsole-config config map exists. If so, use those
# contents so we don't overwrite changes.
@@ -62,69 +62,69 @@
# Generate a new config when a config map is not defined.
- when: existing_config_map_data['webconsole-config.yaml'] is not defined
block:
- # Migrate the previous master-config.yaml asset config if it exists into the new
- # web console config config map.
- - name: Read existing assetConfig in master-config.yaml
- slurp:
- src: "{{ openshift.common.config_base }}/master/master-config.yaml"
- register: master_config_output
-
- - set_fact:
- config_to_migrate: "{{ master_config_output.content | b64decode | from_yaml }}"
-
- - set_fact:
- cro_plugin_enabled: "{{ config_to_migrate.admissionConfig is defined and config_to_migrate.admissionConfig.pluginConfig is defined and config_to_migrate.admissionConfig.pluginConfig.ClusterResourceOverrides is defined }}"
-
- # Update properties in the config template based on inventory vars when the
- # asset config does not exist.
- - name: Set web console config properties from inventory variables
- yedit:
- src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
- edits:
- - key: clusterInfo#consolePublicURL
- # Must have a trailing slash
- value: "{{ openshift.master.public_console_url }}/"
- - key: clusterInfo#masterPublicURL
- value: "{{ openshift.master.public_api_url }}"
- - key: clusterInfo#logoutPublicURL
- value: "{{ openshift.master.logout_url | default('') }}"
- - key: features#inactivityTimeoutMinutes
- value: "{{ openshift_web_console_inactivity_timeout_minutes | default(0) }}"
- - key: features#clusterResourceOverridesEnabled
- value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
- - key: extensions#scriptURLs
- value: "{{ openshift_web_console_extension_script_urls | default([]) }}"
- - key: extensions#stylesheetURLs
- value: "{{ openshift_web_console_extension_stylesheet_urls | default([]) }}"
- - key: extensions#properties
- value: "{{ openshift_web_console_extension_properties | default({}) }}"
- separator: '#'
- state: present
- when: config_to_migrate.assetConfig is not defined
-
- - name: Migrate assetConfig from master-config.yaml
- yedit:
- src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
- edits:
- - key: clusterInfo#consolePublicURL
- value: "{{ config_to_migrate.assetConfig.publicURL }}"
- - key: clusterInfo#masterPublicURL
- value: "{{ config_to_migrate.assetConfig.masterPublicURL }}"
- - key: clusterInfo#logoutPublicURL
- value: "{{ config_to_migrate.assetConfig.logoutURL | default('') }}"
- - key: clusterInfo#metricsPublicURL
- value: "{{ config_to_migrate.assetConfig.metricsPublicURL | default('') }}"
- - key: clusterInfo#loggingPublicURL
- value: "{{ config_to_migrate.assetConfig.loggingPublicURL | default('') }}"
- - key: servingInfo#maxRequestsInFlight
- value: "{{ config_to_migrate.assetConfig.servingInfo.maxRequestsInFlight | default(0) }}"
- - key: servingInfo#requestTimeoutSeconds
- value: "{{ config_to_migrate.assetConfig.servingInfo.requestTimeoutSeconds | default(0) }}"
- - key: features#clusterResourceOverridesEnabled
- value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
- separator: '#'
- state: present
- when: config_to_migrate.assetConfig is defined
+ # Migrate the previous master-config.yaml asset config if it exists into the new
+ # web console config config map.
+ - name: Read existing assetConfig in master-config.yaml
+ slurp:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ register: master_config_output
+
+ - set_fact:
+ config_to_migrate: "{{ master_config_output.content | b64decode | from_yaml }}"
+
+ - set_fact:
+ cro_plugin_enabled: "{{ config_to_migrate.admissionConfig is defined and config_to_migrate.admissionConfig.pluginConfig is defined and config_to_migrate.admissionConfig.pluginConfig.ClusterResourceOverrides is defined }}"
+
+ # Update properties in the config template based on inventory vars when the
+ # asset config does not exist.
+ - name: Set web console config properties from inventory variables
+ yedit:
+ src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
+ edits:
+ - key: clusterInfo#consolePublicURL
+ # Must have a trailing slash
+ value: "{{ openshift.master.public_console_url }}/"
+ - key: clusterInfo#masterPublicURL
+ value: "{{ openshift.master.public_api_url }}"
+ - key: clusterInfo#logoutPublicURL
+ value: "{{ openshift.master.logout_url | default('') }}"
+ - key: features#inactivityTimeoutMinutes
+ value: "{{ openshift_web_console_inactivity_timeout_minutes | default(0) }}"
+ - key: features#clusterResourceOverridesEnabled
+ value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
+ - key: extensions#scriptURLs
+ value: "{{ openshift_web_console_extension_script_urls | default([]) }}"
+ - key: extensions#stylesheetURLs
+ value: "{{ openshift_web_console_extension_stylesheet_urls | default([]) }}"
+ - key: extensions#properties
+ value: "{{ openshift_web_console_extension_properties | default({}) }}"
+ separator: '#'
+ state: present
+ when: config_to_migrate.assetConfig is not defined
+
+ - name: Migrate assetConfig from master-config.yaml
+ yedit:
+ src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
+ edits:
+ - key: clusterInfo#consolePublicURL
+ value: "{{ config_to_migrate.assetConfig.publicURL }}"
+ - key: clusterInfo#masterPublicURL
+ value: "{{ config_to_migrate.assetConfig.masterPublicURL }}"
+ - key: clusterInfo#logoutPublicURL
+ value: "{{ config_to_migrate.assetConfig.logoutURL | default('') }}"
+ - key: clusterInfo#metricsPublicURL
+ value: "{{ config_to_migrate.assetConfig.metricsPublicURL | default('') }}"
+ - key: clusterInfo#loggingPublicURL
+ value: "{{ config_to_migrate.assetConfig.loggingPublicURL | default('') }}"
+ - key: servingInfo#maxRequestsInFlight
+ value: "{{ config_to_migrate.assetConfig.servingInfo.maxRequestsInFlight | default(0) }}"
+ - key: servingInfo#requestTimeoutSeconds
+ value: "{{ config_to_migrate.assetConfig.servingInfo.requestTimeoutSeconds | default(0) }}"
+ - key: features#clusterResourceOverridesEnabled
+ value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
+ separator: '#'
+ state: present
+ when: config_to_migrate.assetConfig is defined
- slurp:
src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
diff --git a/roles/template_service_broker/tasks/install.yml b/roles/template_service_broker/tasks/install.yml
index 9c81c3708..d674d24e4 100644
--- a/roles/template_service_broker/tasks/install.yml
+++ b/roles/template_service_broker/tasks/install.yml
@@ -10,8 +10,8 @@
- name: Set default image variables based on openshift_deployment_type
include_vars: "{{ item }}"
with_first_found:
- - "{{ openshift_deployment_type }}.yml"
- - "default_images.yml"
+ - "{{ openshift_deployment_type }}.yml"
+ - "default_images.yml"
- name: set template_service_broker facts
set_fact:
@@ -23,7 +23,7 @@
name: openshift-template-service-broker
state: present
node_selector:
- - ""
+ - ""
- command: mktemp -d /tmp/tsb-ansible-XXXXXX
register: mktemp
@@ -38,10 +38,10 @@
src: "{{ item }}"
dest: "{{ mktemp.stdout }}/{{ item }}"
with_items:
- - "{{ __tsb_template_file }}"
- - "{{ __tsb_rbac_file }}"
- - "{{ __tsb_broker_file }}"
- - "{{ __tsb_config_file }}"
+ - "{{ __tsb_template_file }}"
+ - "{{ __tsb_rbac_file }}"
+ - "{{ __tsb_broker_file }}"
+ - "{{ __tsb_config_file }}"
- yedit:
src: "{{ mktemp.stdout }}/{{ __tsb_config_file }}"