--- - fail: msg: Application logs destination is required when: not openshift_logging_mux_app_host or openshift_logging_mux_app_host == '' - fail: msg: Operations logs destination is required when: not openshift_logging_mux_ops_host or openshift_logging_mux_ops_host == '' - name: Ensure that logging mux has nodes to run on fail: msg: |- No schedulable nodes found matching node selector for logging mux - '{{ openshift_logging_mux_nodeselector }}' when: - openshift_schedulable_node_labels | lib_utils_oo_has_no_matching_selector(openshift_logging_mux_nodeselector) - name: Set default image variables based on openshift_deployment_type include_vars: "{{ var_file_name }}" with_first_found: - "{{ openshift_deployment_type }}.yml" - "default_images.yml" loop_control: loop_var: var_file_name - name: Set mux image facts set_fact: openshift_logging_mux_image_prefix: "{{ openshift_logging_mux_image_prefix | default(__openshift_logging_mux_image_prefix) }}" openshift_logging_mux_image_version: "{{ openshift_logging_mux_image_version | default(__openshift_logging_mux_image_version) }}" - include_tasks: determine_version.yaml # allow passing in a tempdir - name: Create temp directory for doing work in command: mktemp -d /tmp/openshift-logging-ansible-XXXXXX register: mktemp changed_when: False - set_fact: tempdir: "{{ mktemp.stdout }}" - name: Create templates subdirectory file: state: directory path: "{{ tempdir }}/templates" mode: 0755 changed_when: False # we want to make sure we have all the necessary components here # create service account - name: Create Mux service account oc_serviceaccount: state: present name: "aggregated-logging-mux" namespace: "{{ openshift_logging_mux_namespace }}" image_pull_secrets: "{{ openshift_logging_image_pull_secret }}" when: openshift_logging_image_pull_secret != '' - name: Create Mux service account oc_serviceaccount: state: present name: "aggregated-logging-mux" namespace: "{{ openshift_logging_mux_namespace }}" when: - openshift_logging_image_pull_secret == '' # set service account scc - name: Set privileged permissions for Mux oc_adm_policy_user: namespace: "{{ openshift_logging_mux_namespace }}" resource_kind: scc resource_name: privileged state: present user: "system:serviceaccount:{{ openshift_logging_mux_namespace }}:aggregated-logging-mux" # set service account permissions - name: Set cluster-reader permissions for Mux oc_adm_policy_user: namespace: "{{ openshift_logging_mux_namespace }}" resource_kind: cluster-role resource_name: cluster-reader state: present user: "system:serviceaccount:{{ openshift_logging_mux_namespace }}:aggregated-logging-mux" # set hostmount-anyuid permissions - name: Set hostmount-anyuid permissions for Mux oc_adm_policy_user: namespace: "{{ openshift_logging_mux_namespace }}" resource_kind: scc resource_name: hostmount-anyuid state: present user: "system:serviceaccount:{{ openshift_logging_mux_namespace }}:aggregated-logging-mux" # create Mux configmap - copy: src: "{{ __base_file_dir }}/fluent.conf" dest: "{{mktemp.stdout}}/fluent-mux.conf" changed_when: no - copy: src: "{{ __base_file_dir }}/secure-forward.conf" dest: "{{mktemp.stdout}}/secure-forward-mux.conf" changed_when: no - import_role: name: openshift_logging tasks_from: patch_configmap_files.yaml vars: configmap_name: "logging-mux" configmap_namespace: "{{ openshift_logging_mux_namespace }}" configmap_file_names: - current_file: "fluent.conf" new_file: "{{ tempdir }}/fluent-mux.conf" - current_file: "secure-forward.conf" new_file: "{{ tempdir }}/secure-forward-mux.conf" - name: Set Mux configmap oc_configmap: state: present name: "logging-mux" namespace: "{{ openshift_logging_mux_namespace }}" from_file: fluent.conf: "{{ tempdir }}/fluent-mux.conf" secure-forward.conf: "{{ tempdir }}/secure-forward-mux.conf" # create Mux secret - name: Set logging-mux secret oc_secret: state: present name: logging-mux namespace: "{{ openshift_logging_mux_namespace }}" files: - name: ca path: "{{ generated_certs_dir }}/ca.crt" - name: key path: "{{ generated_certs_dir }}/system.logging.mux.key" - name: cert path: "{{ generated_certs_dir }}/system.logging.mux.crt" - name: shared_key path: "{{ generated_certs_dir }}/mux_shared_key" # services - name: Set logging-mux service for external communication oc_service: state: present name: "logging-mux" namespace: "{{ openshift_logging_mux_namespace }}" selector: component: mux provider: openshift labels: logging-infra: 'support' ports: - name: mux-forward port: "{{ openshift_logging_mux_port }}" targetPort: "mux-forward" external_ips: - "{{ openshift_logging_mux_external_address }}" when: openshift_logging_mux_allow_external | bool - name: Set logging-mux service for internal communication oc_service: state: present name: "logging-mux" namespace: "{{ openshift_logging_mux_namespace }}" selector: component: mux provider: openshift labels: logging-infra: 'support' ports: - name: mux-forward port: "{{ openshift_logging_mux_port }}" targetPort: "mux-forward" when: not openshift_logging_mux_allow_external | bool # create Mux DC - name: Generating mux deploymentconfig template: src: "{{ __base_file_dir }}/mux.j2" dest: "{{mktemp.stdout}}/templates/logging-mux-dc.yaml" vars: component: mux logging_component: mux deploy_name: "logging-{{ component }}" image: "{{ openshift_logging_mux_image_prefix }}logging-fluentd:{{ openshift_logging_mux_image_version }}" es_host: "{{ openshift_logging_mux_app_host }}" es_port: "{{ openshift_logging_mux_app_port }}" ops_host: "{{ openshift_logging_mux_ops_host }}" ops_port: "{{ openshift_logging_mux_ops_port }}" mux_cpu_limit: "{{ openshift_logging_mux_cpu_limit }}" mux_cpu_request: "{{ openshift_logging_mux_cpu_request | min_cpu(openshift_logging_mux_cpu_limit | default(none)) }}" mux_memory_limit: "{{ openshift_logging_mux_memory_limit }}" mux_replicas: "{{ openshift_logging_mux_replicas | default(1) }}" mux_node_selector: "{{ openshift_logging_mux_nodeselector | default({}) }}" check_mode: no changed_when: no - name: Create Mux PVC oc_pvc: state: present name: "{{ openshift_logging_mux_file_buffer_pvc_name }}" namespace: "{{ openshift_logging_mux_namespace }}" volume_capacity: "{{ openshift_logging_mux_file_buffer_pvc_size }}" access_modes: "{{ openshift_logging_mux_file_buffer_pvc_access_modes | list }}" selector: "{{ openshift_logging_mux_file_buffer_pvc_pv_selector }}" storage_class_name: "{{ openshift_logging_mux_file_buffer_pvc_storage_class_name | default('', true) }}" when: - openshift_logging_mux_file_buffer_storage_type == "pvc" - name: Set logging-mux DC oc_obj: state: present name: logging-mux namespace: "{{ openshift_logging_mux_namespace }}" kind: dc files: - "{{ tempdir }}/templates/logging-mux-dc.yaml" delete_after: true - name: Add mux namespaces oc_project: state: present name: "{{ item }}" node_selector: "" with_items: "{{ openshift_logging_mux_namespaces | union(openshift_logging_mux_default_namespaces) }}" - name: Delete temp directory file: name: "{{ tempdir }}" state: absent changed_when: False