From ea13eed3bf86a8af67785e588449302ab96a6907 Mon Sep 17 00:00:00 2001 From: Jeff Cantrill Date: Tue, 7 Feb 2017 19:54:04 -0500 Subject: fixes 1419839. Install only heapster for openshift_metrics when heapster standalone flag is set --- .../tasks/generate_certificates.yaml | 15 ------- .../tasks/generate_rolebindings.yaml | 18 -------- .../tasks/generate_serviceaccounts.yaml | 12 ----- .../openshift_metrics/tasks/generate_services.yaml | 13 ------ .../openshift_metrics/tasks/install_heapster.yaml | 52 ++++++++++++++++++++++ roles/openshift_metrics/tasks/install_metrics.yaml | 16 +++---- roles/openshift_metrics/tasks/pre_install.yaml | 27 +++++++++++ roles/openshift_metrics/tasks/start_metrics.yaml | 3 ++ roles/openshift_metrics/tasks/stop_metrics.yaml | 2 + 9 files changed, 90 insertions(+), 68 deletions(-) create mode 100644 roles/openshift_metrics/tasks/pre_install.yaml (limited to 'roles/openshift_metrics') diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml index 16a967aa7..4925275e8 100644 --- a/roles/openshift_metrics/tasks/generate_certificates.yaml +++ b/roles/openshift_metrics/tasks/generate_certificates.yaml @@ -1,18 +1,4 @@ --- -- name: create certificate output directory - file: - path: "{{ openshift_metrics_certs_dir }}" - state: directory - mode: 0700 - -- name: list existing secrets - command: > - {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} - --config={{ mktemp.stdout }}/admin.kubeconfig - get secrets -o name - register: metrics_secrets - changed_when: false - - name: generate ca certificate chain shell: > {{ openshift.common.admin_binary }} ca create-signer-cert @@ -22,5 +8,4 @@ --serial='{{ openshift_metrics_certs_dir }}/ca.serial.txt' --name="metrics-signer@$(date +%s)" when: not '{{ openshift_metrics_certs_dir }}/ca.key' | exists -- include: generate_heapster_certificates.yaml - include: generate_hawkular_certificates.yaml diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml index 6524c3f32..e050c8eb2 100644 --- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml +++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml @@ -13,21 +13,3 @@ - kind: ServiceAccount name: hawkular changed_when: no - -- name: generate cluster-reader role binding for the heapster service account - template: - src: rolebinding.j2 - dest: "{{ mktemp.stdout }}/templates/heapster-rolebinding.yaml" - vars: - cluster: True - obj_name: heapster-cluster-reader - labels: - metrics-infra: heapster - roleRef: - kind: ClusterRole - name: cluster-reader - subjects: - - kind: ServiceAccount - name: heapster - namespace: "{{ openshift_metrics_project }}" - changed_when: no diff --git a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml index 94f34d860..e9d70f74f 100644 --- a/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml +++ b/roles/openshift_metrics/tasks/generate_serviceaccounts.yaml @@ -13,15 +13,3 @@ - name: cassandra secret: hawkular-cassandra-secrets changed_when: no - -- name: Generating serviceaccount for heapster - template: src=serviceaccount.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-sa.yaml - vars: - obj_name: heapster - labels: - metrics-infra: support - secrets: - - heapster-secrets - - hawkular-metrics-certificate - - hawkular-metrics-account - changed_when: no diff --git a/roles/openshift_metrics/tasks/generate_services.yaml b/roles/openshift_metrics/tasks/generate_services.yaml index 903d52bff..47d3c5c2e 100644 --- a/roles/openshift_metrics/tasks/generate_services.yaml +++ b/roles/openshift_metrics/tasks/generate_services.yaml @@ -1,17 +1,4 @@ --- -- name: Generate service for heapster - template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml - vars: - obj_name: heapster - ports: - - {port: 80, targetPort: http-endpoint} - selector: - name: "{{obj_name}}" - labels: - metrics-infra: "{{obj_name}}" - name: "{{obj_name}}" - changed_when: no - - name: Generate service for hawkular-metrics template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml vars: diff --git a/roles/openshift_metrics/tasks/install_heapster.yaml b/roles/openshift_metrics/tasks/install_heapster.yaml index 44bab8ace..c490bcdd3 100644 --- a/roles/openshift_metrics/tasks/install_heapster.yaml +++ b/roles/openshift_metrics/tasks/install_heapster.yaml @@ -13,3 +13,55 @@ replica_count: "{{heapster_replica_count.stdout | default(0)}}" node_selector: "{{openshift_metrics_heapster_nodeselector | default('') }}" changed_when: no + +- set_fact: + heapster_sa_secrets: ["heapster-secrets"] + +- set_fact: + heapster_sa_secrets: "{{ heapster_sa_secrets + [item] }}" + with_items: + - hawkular-metrics-certificate + - hawkular-metrics-account + when: "not {{ openshift_metrics_heapster_standalone | bool }}" + +- name: Generating serviceaccount for heapster + template: src=serviceaccount.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-sa.yaml + vars: + obj_name: heapster + labels: + metrics-infra: support + secrets: "{{ heapster_sa_secrets }}" + changed_when: no + +- name: Generate service for heapster + template: src=service.j2 dest={{mktemp.stdout}}/templates/metrics-{{obj_name}}-svc.yaml + vars: + obj_name: heapster + ports: + - {port: 80, targetPort: http-endpoint} + selector: + name: "{{obj_name}}" + labels: + metrics-infra: "{{obj_name}}" + name: "{{obj_name}}" + changed_when: no + +- name: generate cluster-reader role binding for the heapster service account + template: + src: rolebinding.j2 + dest: "{{ mktemp.stdout }}/templates/heapster-rolebinding.yaml" + vars: + cluster: True + obj_name: heapster-cluster-reader + labels: + metrics-infra: heapster + roleRef: + kind: ClusterRole + name: cluster-reader + subjects: + - kind: ServiceAccount + name: heapster + namespace: "{{ openshift_metrics_project }}" + changed_when: no + +- include: generate_heapster_certificates.yaml diff --git a/roles/openshift_metrics/tasks/install_metrics.yaml b/roles/openshift_metrics/tasks/install_metrics.yaml index ddaa54438..66925c113 100644 --- a/roles/openshift_metrics/tasks/install_metrics.yaml +++ b/roles/openshift_metrics/tasks/install_metrics.yaml @@ -1,14 +1,5 @@ --- -- name: Check that hawkular_metrics_hostname is set - fail: msg='the openshift_metrics_hawkular_hostname variable is required' - when: openshift_metrics_hawkular_hostname is not defined - -- name: Check the value of openshift_metrics_cassandra_storage_type - fail: - msg: > - openshift_metrics_cassandra_storage_type ({{ openshift_metrics_cassandra_storage_type }}) - is invalid, must be one of: emptydir, pv, dynamic - when: openshift_metrics_cassandra_storage_type not in openshift_metrics_cassandra_storage_types +- include: pre_install.yaml - name: Install Metrics include: "{{ role_path }}/tasks/install_{{ include_file }}.yaml" @@ -19,6 +10,11 @@ - cassandra loop_control: loop_var: include_file + when: "not {{ openshift_metrics_heapster_standalone | bool }}" + +- name: Install Heapster Standalone + include: install_heapster.yaml + when: "{{ openshift_metrics_heapster_standalone | bool }}" - find: paths={{ mktemp.stdout }}/templates patterns=*.yaml register: object_def_files diff --git a/roles/openshift_metrics/tasks/pre_install.yaml b/roles/openshift_metrics/tasks/pre_install.yaml new file mode 100644 index 000000000..262acd546 --- /dev/null +++ b/roles/openshift_metrics/tasks/pre_install.yaml @@ -0,0 +1,27 @@ +--- +- name: Check that hawkular_metrics_hostname is set + fail: msg='the openshift_metrics_hawkular_hostname variable is required' + when: openshift_metrics_hawkular_hostname is not defined + +- name: Check the value of openshift_metrics_cassandra_storage_type + fail: + msg: > + openshift_metrics_cassandra_storage_type ({{ openshift_metrics_cassandra_storage_type }}) + is invalid, must be one of: emptydir, pv, dynamic + when: + - openshift_metrics_cassandra_storage_type not in openshift_metrics_cassandra_storage_types + - "not {{ openshift_metrics_heapster_standalone | bool }}" + +- name: create certificate output directory + file: + path: "{{ openshift_metrics_certs_dir }}" + state: directory + mode: 0700 + +- name: list existing secrets + command: > + {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} + --config={{ mktemp.stdout }}/admin.kubeconfig + get secrets -o name + register: metrics_secrets + changed_when: false diff --git a/roles/openshift_metrics/tasks/start_metrics.yaml b/roles/openshift_metrics/tasks/start_metrics.yaml index f02774e47..b5a1c8f06 100644 --- a/roles/openshift_metrics/tasks/start_metrics.yaml +++ b/roles/openshift_metrics/tasks/start_metrics.yaml @@ -19,6 +19,8 @@ with_items: "{{metrics_cassandra_rc.stdout_lines}}" loop_control: loop_var: object + when: metrics_cassandra_rc is defined + changed_when: "{{metrics_cassandra_rc | length > 0 }}" - command: > {{openshift.common.client_binary}} @@ -40,6 +42,7 @@ with_items: "{{metrics_metrics_rc.stdout_lines}}" loop_control: loop_var: object + changed_when: "{{metrics_metrics_rc | length > 0 }}" - command: > {{openshift.common.client_binary}} diff --git a/roles/openshift_metrics/tasks/stop_metrics.yaml b/roles/openshift_metrics/tasks/stop_metrics.yaml index 5a73443a8..f69bb0f11 100644 --- a/roles/openshift_metrics/tasks/stop_metrics.yaml +++ b/roles/openshift_metrics/tasks/stop_metrics.yaml @@ -41,6 +41,7 @@ with_items: "{{metrics_hawkular_rc.stdout_lines}}" loop_control: loop_var: object + changed_when: "{{metrics_hawkular_rc | length > 0 }}" - command: > {{openshift.common.client_binary}} --config={{mktemp.stdout}}/admin.kubeconfig @@ -62,3 +63,4 @@ loop_control: loop_var: object when: metrics_cassandra_rc is defined + changed_when: "{{metrics_cassandra_rc | length > 0 }}" -- cgit v1.2.1