blob: ab6613567d34894b119e98ecd1513098044c27e0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
---
# Fact setting
- name: Set default image variables based on deployment type
include_vars: "{{ item }}"
with_first_found:
- "{{ openshift_deployment_type | default(deployment_type) }}.yml"
- "default_images.yml"
- name: Set openshift_web_console facts
set_fact:
openshift_web_console_prefix: "{{ openshift_web_console_prefix | default(__openshift_web_console_prefix) }}"
openshift_web_console_version: "{{ openshift_web_console_version | default(__openshift_web_console_version) }}"
openshift_web_console_image_name: "{{ openshift_web_console_image_name | default(__openshift_web_console_image_name) }}"
# Default the replica count to the number of masters.
openshift_web_console_replica_count: "{{ openshift_web_console_replica_count | default(groups.oo_masters_to_config | length) }}"
- name: Ensure openshift-web-console project exists
oc_project:
name: openshift-web-console
state: present
node_selector:
- ""
register: create_console_project
- name: Make temp directory for web console templates
command: mktemp -d /tmp/console-ansible-XXXXXX
register: mktemp
changed_when: False
- name: Copy admin client config
command: >
cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig
changed_when: false
- name: Copy web console templates to temp directory
copy:
src: "{{ item }}"
dest: "{{ mktemp.stdout }}/{{ item }}"
with_items:
- "{{ __console_template_file }}"
- "{{ __console_rbac_file }}"
- "{{ __console_config_file }}"
# Check if an existing webconsole-config config map exists. If so, use those
# contents so we don't overwrite changes.
- name: Read the existing web console config map
oc_configmap:
namespace: openshift-web-console
name: webconsole-config
state: list
register: webconsole_config_map
- set_fact:
existing_config_map_data: "{{ webconsole_config_map.results.results[0].data | default({}) }}"
- name: Copy the existing web console config to temp directory
copy:
content: "{{ existing_config_map_data['webconsole-config.yaml'] }}"
dest: "{{ mktemp.stdout }}/{{ __console_config_file }}"
when: existing_config_map_data['webconsole-config.yaml'] is defined
# Generate a new config when a config map is not defined.
- when: existing_config_map_data['webconsole-config.yaml'] is not defined
block:
# Migrate the previous master-config.yaml asset config if it exists into the new
# web console config config map.
- name: Read existing assetConfig in master-config.yaml
slurp:
src: "{{ openshift.common.config_base }}/master/master-config.yaml"
register: master_config_output
- set_fact:
config_to_migrate: "{{ master_config_output.content | b64decode | from_yaml }}"
- set_fact:
cro_plugin_enabled: "{{ config_to_migrate.admissionConfig is defined and config_to_migrate.admissionConfig.pluginConfig is defined and config_to_migrate.admissionConfig.pluginConfig.ClusterResourceOverrides is defined }}"
# Update properties in the config template based on inventory vars when the
# asset config does not exist.
- name: Set web console config properties from inventory variables
yedit:
src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
edits:
- key: clusterInfo#consolePublicURL
# Must have a trailing slash
value: "{{ openshift.master.public_console_url }}/"
- key: clusterInfo#masterPublicURL
value: "{{ openshift.master.public_api_url }}"
- key: clusterInfo#logoutPublicURL
value: "{{ openshift.master.logout_url | default('') }}"
- key: features#inactivityTimeoutMinutes
value: "{{ openshift_web_console_inactivity_timeout_minutes | default(0) }}"
- key: features#clusterResourceOverridesEnabled
value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
- key: extensions#scriptURLs
value: "{{ openshift_web_console_extension_script_urls | default([]) }}"
- key: extensions#stylesheetURLs
value: "{{ openshift_web_console_extension_stylesheet_urls | default([]) }}"
- key: extensions#properties
value: "{{ openshift_web_console_extension_properties | default({}) }}"
separator: '#'
state: present
when: config_to_migrate.assetConfig is not defined
- name: Migrate assetConfig from master-config.yaml
yedit:
src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
edits:
- key: clusterInfo#consolePublicURL
value: "{{ config_to_migrate.assetConfig.publicURL }}"
- key: clusterInfo#masterPublicURL
value: "{{ config_to_migrate.assetConfig.masterPublicURL }}"
- key: clusterInfo#logoutPublicURL
value: "{{ config_to_migrate.assetConfig.logoutURL | default('') }}"
- key: clusterInfo#metricsPublicURL
value: "{{ config_to_migrate.assetConfig.metricsPublicURL | default('') }}"
- key: clusterInfo#loggingPublicURL
value: "{{ config_to_migrate.assetConfig.loggingPublicURL | default('') }}"
- key: servingInfo#maxRequestsInFlight
value: "{{ config_to_migrate.assetConfig.servingInfo.maxRequestsInFlight | default(0) }}"
- key: servingInfo#requestTimeoutSeconds
value: "{{ config_to_migrate.assetConfig.servingInfo.requestTimeoutSeconds | default(0) }}"
- key: features#clusterResourceOverridesEnabled
value: "{{ openshift_web_console_cluster_resource_overrides_enabled | default(cro_plugin_enabled) }}"
separator: '#'
state: present
when: config_to_migrate.assetConfig is defined
- slurp:
src: "{{ mktemp.stdout }}/{{ __console_config_file }}"
register: updated_console_config
- name: Reconcile with the web console RBAC file
shell: >
{{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __console_rbac_file }}" --config={{ mktemp.stdout }}/admin.kubeconfig
| {{ openshift_client_binary }} auth reconcile --config={{ mktemp.stdout }}/admin.kubeconfig -f -
- name: Apply the web console template file
shell: >
{{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __console_template_file }}"
--param API_SERVER_CONFIG="{{ updated_console_config['content'] | b64decode }}"
--param IMAGE="{{ openshift_web_console_prefix }}{{ openshift_web_console_image_name }}:{{ openshift_web_console_version }}"
--param NODE_SELECTOR={{ openshift_web_console_nodeselector | to_json | quote }}
--param REPLICA_COUNT="{{ openshift_web_console_replica_count }}"
--config={{ mktemp.stdout }}/admin.kubeconfig
| {{ openshift_client_binary }} apply --config={{ mktemp.stdout }}/admin.kubeconfig -f -
# Wait to give the rollout time to start before verifying that the console is
# running. Unfortunately, we can't check if the deployment revision changed
# because it's possible applying the template did not result in any changes to
# the pod template spec, which would skip a new revision.
- name: Pause for the web console deployment to start
pause:
seconds: 30
# Skip if the project didn't exist since there was no previous deployment.
when: not create_console_project.changed
- name: Verify that the web console is running
command: >
curl -k https://webconsole.openshift-web-console.svc/healthz
args:
# Disables the following warning:
# Consider using get_url or uri module rather than running curl
warn: no
register: console_health
until: console_health.stdout == 'ok'
retries: 60
delay: 5
changed_when: false
- name: Remove temp directory
file:
state: absent
name: "{{ mktemp.stdout }}"
changed_when: False
|
