├── utils
├── test
│ └── __init__.py
├── src
│ ├── data
│ │ └── data_file
│ ├── ooinstall
│ │ ├── __init__.py
│ │ └── utils.py
│ ├── MANIFEST.in
│ └── DESCRIPTION.rst
├── workflows
│ └── enterprise_deploy
│ │ └── openshift.sh
├── test-requirements.txt
├── setup.cfg
├── .gitignore
├── etc
│ ├── ansible.cfg
│ └── ansible-quiet.cfg
├── site_assets
│ └── oo_install_launcher.README.txt
└── README.md
├── playbooks
├── byo
│ ├── roles
│ ├── filter_plugins
│ ├── lookup_plugins
│ ├── openshift-node
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ └── scaleup.yml
│ ├── openshift-cluster
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── upgrades
│ │ │ ├── docker
│ │ │ │ ├── roles
│ │ │ │ ├── nuke_images.sh
│ │ │ │ └── upgrade.yml
│ │ │ ├── v3_3
│ │ │ │ ├── roles
│ │ │ │ └── README.md
│ │ │ ├── v3_4
│ │ │ │ ├── roles
│ │ │ │ └── README.md
│ │ │ ├── README.md
│ │ │ └── v3_2
│ │ │ │ └── README.md
│ │ ├── enable_dnsmasq.yml
│ │ ├── redeploy-certificates.yml
│ │ ├── cluster_hosts.yml
│ │ └── config.yml
│ ├── openshift-master
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── restart.yml
│ │ └── scaleup.yml
│ ├── config.yml
│ ├── vagrant.yml
│ ├── openshift_facts.yml
│ └── rhel_subscribe.yml
├── adhoc
│ ├── zabbix_setup
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── oo-clean-zaio.yml
│ │ └── oo-config-zaio.yml
│ ├── docker_loopback_to_lvm
│ │ └── docker-storage-setup
│ ├── openshift_hosted_logging_efk.yaml
│ ├── bootstrap-fedora.yml
│ ├── create_pv
│ │ └── pv-template.j2
│ ├── metrics_setup
│ │ ├── playbooks
│ │ │ ├── master_config_facts.yml
│ │ │ └── uninstall.yml
│ │ └── README.md
│ ├── s3_registry
│ │ └── s3_registry.j2
│ ├── setupnfs.yml
│ └── atomic_openshift_tutorial_reset.yml
├── aws
│ └── openshift-cluster
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── templates
│ │ └── user_data.j2
│ │ ├── list.yml
│ │ ├── update.yml
│ │ ├── add_nodes.yml
│ │ ├── cluster_hosts.yml
│ │ ├── service.yml
│ │ └── scaleup.yml
├── common
│ ├── openshift-etcd
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── config.yml
│ │ └── service.yml
│ ├── openshift-nfs
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── config.yml
│ │ └── service.yml
│ ├── openshift-node
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── service.yml
│ │ └── scaleup.yml
│ ├── openshift-cluster
│ │ ├── roles
│ │ ├── library
│ │ ├── upgrades
│ │ │ ├── roles
│ │ │ ├── pre
│ │ │ │ ├── roles
│ │ │ │ ├── gate_checks.yml
│ │ │ │ ├── verify_nodes_running.yml
│ │ │ │ ├── verify_docker_upgrade_targets.yml
│ │ │ │ └── verify_control_plane_running.yml
│ │ │ ├── filter_plugins
│ │ │ ├── lookup_plugins
│ │ │ ├── v3_1_to_v3_2
│ │ │ │ └── nuke_images.sh
│ │ │ ├── docker-cluster
│ │ │ ├── master_docker
│ │ │ ├── native-cluster
│ │ │ ├── openvswitch.sysconfig.j2
│ │ │ ├── atomic-openshift-master.j2
│ │ │ ├── openvswitch.docker.service
│ │ │ ├── openshift.docker.node.service
│ │ │ ├── openshift.docker.node.dep.service
│ │ │ ├── containerized_node_upgrade.yml
│ │ │ ├── rpm_upgrade.yml
│ │ │ ├── files
│ │ │ │ ├── rpm_versions.sh
│ │ │ │ └── nuke_images.sh
│ │ │ ├── v3_3
│ │ │ │ └── node_config_upgrade.yml
│ │ │ └── cleanup_unused_images.yml
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── verify_ansible_version.yml
│ │ ├── tasks
│ │ │ ├── set_etcd_launch_facts.yml
│ │ │ ├── set_master_launch_facts.yml
│ │ │ └── set_node_launch_facts.yml
│ │ ├── initialize_facts.yml
│ │ ├── initialize_openshift_version.yml
│ │ ├── update_repos_and_packages.yml
│ │ ├── validate_hostnames.yml
│ │ └── additional_config.yml
│ ├── openshift-master
│ │ ├── library
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── restart_hosts.yml
│ │ ├── service.yml
│ │ └── restart_services.yml
│ └── openshift-loadbalancer
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ └── service.yml
├── gce
│ └── openshift-cluster
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── vars.yml
│ │ ├── update.yml
│ │ ├── list.yml
│ │ ├── cluster_hosts.yml
│ │ └── service.yml
├── libvirt
│ └── openshift-cluster
│ │ ├── roles
│ │ ├── filter_plugins
│ │ ├── lookup_plugins
│ │ ├── templates
│ │ ├── meta-data
│ │ ├── storage-pool.xml
│ │ └── network.xml
│ │ ├── tasks
│ │ ├── configure_libvirt.yml
│ │ ├── configure_libvirt_network.yml
│ │ └── configure_libvirt_storage_pool.yml
│ │ ├── list.yml
│ │ ├── update.yml
│ │ └── cluster_hosts.yml
└── openstack
│ └── openshift-cluster
│ ├── roles
│ ├── filter_plugins
│ ├── lookup_plugins
│ ├── update.yml
│ ├── list.yml
│ └── cluster_hosts.yml
├── roles
├── nuage_ca
│ ├── vars
│ │ └── main.yaml
│ ├── files
│ │ ├── serial.txt
│ │ └── openssl.cnf
│ └── meta
│ │ └── main.yml
├── docker
│ ├── defaults
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yml
│ ├── README.md
│ └── tasks
│ │ └── udev_workaround.yml
├── openshift_hosted
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── tasks
│ │ ├── registry
│ │ │ └── storage
│ │ │ │ ├── registry_config.j2
│ │ │ │ ├── registry_config_secret.j2
│ │ │ │ ├── s3.yml
│ │ │ │ └── persistent_volume.yml
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── templates
│ │ └── registry_config_secret.j2
│ └── meta
│ │ └── main.yml
├── openshift_cli
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── openshift_docker
│ ├── defaults
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── openshift_examples
│ ├── files
│ │ └── examples
│ │ │ ├── latest
│ │ │ └── README.md
│ └── meta
│ │ └── main.yml
├── nickhammond.logrotate
│ ├── tests
│ │ ├── inventory
│ │ └── test.yml
│ ├── meta
│ │ ├── .galaxy_install_info
│ │ └── main.yml
│ ├── templates
│ │ └── logrotate.d.j2
│ ├── tasks
│ │ └── main.yml
│ └── .travis.yml
├── openshift_docker_facts
│ ├── defaults
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── kube_nfs_volumes
│ ├── templates
│ │ ├── v1
│ │ │ └── nfs.json.j2
│ │ └── v1beta3
│ │ │ └── nfs.json.j2
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ ├── nfs.yml
│ │ └── main.yml
├── openshift_repos
│ ├── defaults
│ │ └── main.yaml
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ ├── templates
│ │ └── yum_repo.j2
│ ├── README.md
│ └── files
│ │ └── origin
│ │ ├── repos
│ │ └── openshift-ansible-centos-paas-sig.repo
│ │ └── gpg_keys
│ │ └── openshift-ansible-CentOS-SIG-PaaS
├── rhel_subscribe
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── enterprise.yml
├── openshift_version
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── set_version_rpm.yml
├── openshift_node
│ ├── templates
│ │ ├── openvswitch.sysconfig.j2
│ │ ├── openvswitch-avoid-oom.conf
│ │ ├── openvswitch.docker.service
│ │ └── openshift.docker.node.dep.service
│ ├── tasks
│ │ └── storage_plugins
│ │ │ ├── ceph.yml
│ │ │ ├── iscsi.yml
│ │ │ └── nfs.yml
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── handlers
│ │ └── main.yml
├── openshift_hosted_logging
│ ├── meta
│ │ └── main.yaml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── main.yaml
├── dns
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── templates
│ │ ├── Dockerfile
│ │ ├── named.conf
│ │ ├── named.service.j2
│ │ └── openshift-cluster.zone
├── openshift_common
│ ├── defaults
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── openshift_certificate_expiry
│ ├── templates
│ │ └── save_json_results.j2
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── openshift_metrics
│ ├── meta
│ │ └── main.yaml
│ ├── defaults
│ │ └── main.yml
│ └── vars
│ │ └── main.yaml
├── openshift_projects
│ ├── vars
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── openshift_master
│ ├── templates
│ │ ├── docker-cluster
│ │ │ ├── atomic-openshift-master-api.j2
│ │ │ └── atomic-openshift-master-controllers.j2
│ │ ├── htpasswd.j2
│ │ ├── sessionSecretsFile.yaml.v1.j2
│ │ ├── native-cluster
│ │ │ ├── atomic-openshift-master-api.service.j2
│ │ │ └── atomic-openshift-master-controllers.service.j2
│ │ └── master_docker
│ │ │ └── master.docker.service.j2
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── openshift_storage_nfs_lvm
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── templates
│ │ └── nfs.json.j2
│ └── tasks
│ │ └── nfs.yml
├── openshift_persistent_volumes
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── templates
│ │ ├── persistent-volume-claim.yml.j2
│ │ └── persistent-volume.yml.j2
├── os_update_latest
│ └── tasks
│ │ └── main.yml
├── openshift_serviceaccounts
│ ├── templates
│ │ └── serviceaccount.j2
│ └── meta
│ │ └── main.yml
├── openshift_node_dnsmasq
│ ├── tasks
│ │ ├── no-network-manager.yml
│ │ └── network-manager.yml
│ ├── templates
│ │ └── origin-dns.conf.j2
│ ├── handlers
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── nuage_master
│ ├── defaults
│ │ └── main.yaml
│ ├── README.md
│ ├── meta
│ │ └── main.yml
│ ├── handlers
│ │ └── main.yaml
│ └── tasks
│ │ └── main.yaml
├── openshift_etcd_facts
│ ├── tasks
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── rhel_unsubscribe
│ └── tasks
│ │ └── main.yml
├── etcd
│ ├── handlers
│ │ └── main.yml
│ ├── templates
│ │ └── etcd.docker.service
│ ├── defaults
│ │ └── main.yaml
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── openshift_cli_facts
│ ├── tasks
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── openshift_storage_nfs
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── templates
│ │ └── exports.j2
├── openshift_loadbalancer
│ ├── handlers
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── flannel
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── defaults
│ │ └── main.yaml
├── nuage_node
│ ├── README.md
│ ├── handlers
│ │ └── main.yaml
│ └── meta
│ │ └── main.yml
├── flannel_register
│ ├── templates
│ │ └── flannel-config.json
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yaml
│ └── tasks
│ │ └── main.yml
├── os_firewall
│ ├── tasks
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── defaults
│ │ └── main.yml
├── openshift_node_certificates
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ └── vars
│ │ └── main.yml
├── cockpit-ui
│ └── meta
│ │ └── main.yml
├── openshift_cloud_provider
│ ├── vars
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── tasks
│ │ ├── aws.yml
│ │ ├── main.yml
│ │ └── openstack.yml
│ └── templates
│ │ └── openstack.conf.j2
├── openshift_facts
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── openshift_ca
│ ├── vars
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── etcd_ca
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── etcd_common
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── openshift_clock
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── main.yaml
├── openshift_hosted_facts
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── openshift_master_cluster
│ ├── meta
│ │ └── main.yml
│ ├── README.md
│ └── tasks
│ │ └── main.yml
├── openshift_master_facts
│ └── meta
│ │ └── main.yml
├── openshift_hosted_templates
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── sync-templates.sh
├── etcd_server_certificates
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── etcd_client_certificates
│ ├── meta
│ │ └── main.yml
│ └── README.md
├── openshift_builddefaults
│ ├── meta
│ │ └── main.yml
│ ├── vars
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── openshift_master_certificates
│ ├── vars
│ │ └── main.yml
│ └── meta
│ │ └── main.yml
├── openshift_named_certificates
│ ├── meta
│ │ └── main.yml
│ ├── README.md
│ ├── vars
│ │ └── main.yml
│ └── tasks
│ │ └── named_certificates.yml
├── openshift_etcd_client_certificates
│ └── meta
│ │ └── main.yml
├── openshift_etcd_server_certificates
│ └── meta
│ │ └── main.yml
├── openshift_expand_partition
│ ├── meta
│ │ └── main.yml
│ ├── defaults
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── cockpit
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ │ └── main.yml
├── openshift_etcd
│ └── meta
│ │ └── main.yml
└── nuage_common
│ └── defaults
│ └── main.yaml
├── inventory
├── byo
│ └── .gitignore
├── hosts
├── aws
│ └── hosts
│ │ └── hosts
├── gce
│ └── hosts
│ │ └── hosts
├── openstack
│ └── hosts
│ │ └── hosts
└── libvirt
│ └── hosts
│ ├── hosts
│ └── libvirt.ini
├── .tito
├── packages
│ ├── openshift-ansible
│ └── .readme
├── tito.props
└── releasers.conf
├── README_vagrant.md
├── ansible-profile
└── README.md
├── .gitignore
├── offline
├── yum.repos.d
│ ├── CentOS-fasttrack.repo
│ ├── CentOS-Media.repo
│ ├── CentOS-Debuginfo.repo
│ └── openshift-ansible-centos-paas-sig.repo
└── createRepo.sh
├── README_ANSIBLE_CONTAINER.md
├── .github
└── ISSUE_TEMPLATE.md
├── ansible.cfg.example
├── Dockerfile
└── BUILD.md
/utils/test/__init__.py:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/playbooks/byo/roles:
--------------------------------------------------------------------------------
1 | ../../roles
--------------------------------------------------------------------------------
/roles/nuage_ca/vars/main.yaml:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/utils/src/data/data_file:
--------------------------------------------------------------------------------
1 | some data
--------------------------------------------------------------------------------
/inventory/byo/.gitignore:
--------------------------------------------------------------------------------
1 | hosts
2 |
--------------------------------------------------------------------------------
/roles/docker/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/roles/nuage_ca/files/serial.txt:
--------------------------------------------------------------------------------
1 | 00
2 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/handlers/main.yml:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/.tito/packages/openshift-ansible:
--------------------------------------------------------------------------------
1 | 3.4.17-1 ./
2 |
--------------------------------------------------------------------------------
/playbooks/adhoc/zabbix_setup/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/byo/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/byo/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-node/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/roles/openshift_cli/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/roles/openshift_docker/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/roles/openshift_docker/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/byo/openshift-master/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/common/openshift-etcd/roles:
--------------------------------------------------------------------------------
1 | ../../../roles/
--------------------------------------------------------------------------------
/playbooks/common/openshift-nfs/roles:
--------------------------------------------------------------------------------
1 | ../../../roles/
--------------------------------------------------------------------------------
/playbooks/common/openshift-node/roles:
--------------------------------------------------------------------------------
1 | ../../../roles/
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/roles/openshift_examples/files/examples/latest:
--------------------------------------------------------------------------------
1 | v1.4
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/library:
--------------------------------------------------------------------------------
1 | ../../../library/
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/roles:
--------------------------------------------------------------------------------
1 | ../../../roles/
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/roles:
--------------------------------------------------------------------------------
1 | ../../../roles
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/tests/inventory:
--------------------------------------------------------------------------------
1 | localhost
2 |
--------------------------------------------------------------------------------
/roles/openshift_docker_facts/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/library:
--------------------------------------------------------------------------------
1 | ../../../library/
--------------------------------------------------------------------------------
/playbooks/common/openshift-loadbalancer/roles:
--------------------------------------------------------------------------------
1 | ../../../roles/
--------------------------------------------------------------------------------
/playbooks/adhoc/zabbix_setup/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins/
--------------------------------------------------------------------------------
/playbooks/byo/openshift-master/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-master/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-node/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-node/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/roles:
--------------------------------------------------------------------------------
1 | ../../../../roles
--------------------------------------------------------------------------------
/playbooks/common/openshift-nfs/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-nfs/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/docker/roles:
--------------------------------------------------------------------------------
1 | ../../../../../roles
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/v3_3/roles:
--------------------------------------------------------------------------------
1 | ../../../../../roles
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/v3_4/roles:
--------------------------------------------------------------------------------
1 | ../../../../../roles
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-etcd/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-etcd/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-node/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-node/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/templates/v1/nfs.json.j2:
--------------------------------------------------------------------------------
1 | ../v1beta3/nfs.json.j2
--------------------------------------------------------------------------------
/utils/src/ooinstall/__init__.py:
--------------------------------------------------------------------------------
1 | # pylint: disable=missing-docstring
2 |
--------------------------------------------------------------------------------
/playbooks/byo/config.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: openshift-cluster/config.yml
3 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/pre/roles:
--------------------------------------------------------------------------------
1 | ../../../../../roles/
--------------------------------------------------------------------------------
/playbooks/common/openshift-loadbalancer/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-loadbalancer/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../lookup_plugins
--------------------------------------------------------------------------------
/roles/openshift_repos/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_additional_repos: {}
3 |
--------------------------------------------------------------------------------
/roles/rhel_subscribe/meta/main.yml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - role: openshift_facts
3 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/filter_plugins:
--------------------------------------------------------------------------------
1 | ../../../../filter_plugins
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/lookup_plugins:
--------------------------------------------------------------------------------
1 | ../../../../lookup_plugins
--------------------------------------------------------------------------------
/roles/openshift_hosted/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | registry_volume_claim: 'registry-claim'
3 |
--------------------------------------------------------------------------------
/playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup:
--------------------------------------------------------------------------------
1 | DEVS=/dev/xvdb
2 | VG=docker_vg
3 |
--------------------------------------------------------------------------------
/playbooks/byo/vagrant.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: rhel_subscribe.yml
3 |
4 | - include: config.yml
5 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/nuke_images.sh:
--------------------------------------------------------------------------------
1 | ../files/nuke_images.sh
--------------------------------------------------------------------------------
/roles/openshift_version/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_protect_installed_version: True
3 |
--------------------------------------------------------------------------------
/roles/docker/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d
3 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/tasks/registry/storage/registry_config.j2:
--------------------------------------------------------------------------------
1 | ../../../templates/registry_config.j2
--------------------------------------------------------------------------------
/roles/openshift_node/templates/openvswitch.sysconfig.j2:
--------------------------------------------------------------------------------
1 | IMAGE_VERSION={{ openshift_image_tag }}
2 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_logging/meta/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | - { role: openshift_common }
4 |
--------------------------------------------------------------------------------
/inventory/hosts:
--------------------------------------------------------------------------------
1 | # Eventually we'll add the GCE, AWS, etc dynamic inventories, but for now...
2 | localhost
3 |
--------------------------------------------------------------------------------
/roles/dns/handlers/main.yml:
--------------------------------------------------------------------------------
1 | - name: restart bind
2 | service:
3 | name: named
4 | state: restarted
5 |
--------------------------------------------------------------------------------
/roles/openshift_common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_cluster_id: 'default'
3 | openshift_debug_level: 2
4 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/docker-cluster:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_master/templates/docker-cluster
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/master_docker:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_master/templates/master_docker
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/native-cluster:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_master/templates/native-cluster
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/meta/.galaxy_install_info:
--------------------------------------------------------------------------------
1 | {install_date: 'Thu Aug 27 15:26:31 2015', version: master}
2 |
--------------------------------------------------------------------------------
/roles/openshift_certificate_expiry/templates/save_json_results.j2:
--------------------------------------------------------------------------------
1 | {{ json_result_string | to_nice_json(indent=2)}}
2 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/tasks/registry/storage/registry_config_secret.j2:
--------------------------------------------------------------------------------
1 | ../../../templates/registry_config_secret.j2
--------------------------------------------------------------------------------
/roles/openshift_metrics/meta/main.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - { role: openshift_examples }
3 | - { role: openshift_facts }
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nfs
3 | service: name=nfs-server state=restarted
4 |
--------------------------------------------------------------------------------
/roles/nuage_ca/files/openssl.cnf:
--------------------------------------------------------------------------------
1 | [ clientauth ]
2 | basicConstraints=CA:FALSE
3 | extendedKeyUsage=critical,clientAuth
4 |
--------------------------------------------------------------------------------
/roles/openshift_projects/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
3 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/docker/nuke_images.sh:
--------------------------------------------------------------------------------
1 | ../../../../common/openshift-cluster/upgrades/files/nuke_images.sh
--------------------------------------------------------------------------------
/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.j2:
--------------------------------------------------------------------------------
1 | ../native-cluster/atomic-openshift-master-api.j2
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs_lvm/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nfs
3 | service: name=nfs-server state=restarted
4 |
--------------------------------------------------------------------------------
/inventory/aws/hosts/hosts:
--------------------------------------------------------------------------------
1 | localhost ansible_connection=local ansible_become=no ansible_python_interpreter='/usr/bin/env python2'
2 |
--------------------------------------------------------------------------------
/inventory/gce/hosts/hosts:
--------------------------------------------------------------------------------
1 | localhost ansible_connection=local ansible_become=no ansible_python_interpreter='/usr/bin/env python2'
2 |
--------------------------------------------------------------------------------
/inventory/openstack/hosts/hosts:
--------------------------------------------------------------------------------
1 | localhost ansible_become=no ansible_python_interpreter='/usr/bin/env python2' connection=local
2 |
--------------------------------------------------------------------------------
/roles/openshift_persistent_volumes/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
3 |
--------------------------------------------------------------------------------
/inventory/libvirt/hosts/hosts:
--------------------------------------------------------------------------------
1 | localhost ansible_connection=local ansible_become=no ansible_python_interpreter='/usr/bin/env python2'
2 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/openvswitch.sysconfig.j2:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_node/templates/openvswitch.sysconfig.j2
--------------------------------------------------------------------------------
/roles/os_update_latest/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Update all packages
3 | action: "{{ ansible_pkg_mgr }} name=* state=latest"
4 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/atomic-openshift-master.j2:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_master/templates/atomic-openshift-master.j2
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/openvswitch.docker.service:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_node/templates/openvswitch.docker.service
--------------------------------------------------------------------------------
/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.j2:
--------------------------------------------------------------------------------
1 | ../native-cluster/atomic-openshift-master-controllers.j2
--------------------------------------------------------------------------------
/roles/openshift_serviceaccounts/templates/serviceaccount.j2:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: {{ item.0 }}
5 |
--------------------------------------------------------------------------------
/README_vagrant.md:
--------------------------------------------------------------------------------
1 | The Vagrant-based installation has been moved to: https://github.com/openshift/openshift-ansible-contrib/tree/master/vagrant
2 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/openshift.docker.node.service:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_node/templates/openshift.docker.node.service
--------------------------------------------------------------------------------
/roles/dns/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | base_docker_image: "{{ 'centos:centos7' if openshift.common.deployment_type == 'origin' else 'rhel7' }}"
3 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/openshift.docker.node.dep.service:
--------------------------------------------------------------------------------
1 | ../../../../roles/openshift_node/templates/openshift.docker.node.dep.service
--------------------------------------------------------------------------------
/roles/openshift_node/templates/openvswitch-avoid-oom.conf:
--------------------------------------------------------------------------------
1 | # Avoid the OOM killer for openvswitch and it's children:
2 | [Service]
3 | OOMScoreAdjust=-1000
4 |
--------------------------------------------------------------------------------
/roles/openshift_node_dnsmasq/tasks/no-network-manager.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - fail: msg="Currently, NetworkManager must be installed and enabled prior to installation."
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/templates/meta-data:
--------------------------------------------------------------------------------
1 | instance-id: {{ item[0] }}
2 | hostname: {{ item[0] }}
3 | local-hostname: {{ item[0] }}.example.com
4 |
--------------------------------------------------------------------------------
/roles/nuage_master/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | nuage_master_cspadminpasswd: ""
3 | nuage_master_adminusername: admin
4 | nuage_master_adminuserpasswd: admin
5 |
--------------------------------------------------------------------------------
/roles/openshift_docker_facts/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
3 |
--------------------------------------------------------------------------------
/roles/openshift_etcd_facts/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - openshift_facts:
3 | role: etcd
4 | local_facts:
5 | etcd_image: "{{ osm_etcd_image | default(None) }}"
6 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
3 | registry_config_secret_name: registry-config
4 |
--------------------------------------------------------------------------------
/.tito/tito.props:
--------------------------------------------------------------------------------
1 | [buildconfig]
2 | builder = tito.builder.Builder
3 | tagger = tito.tagger.VersionTagger
4 | changelog_do_not_remove_cherrypick = 0
5 | changelog_format = %s (%ae)
6 |
--------------------------------------------------------------------------------
/roles/openshift_metrics/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
3 |
--------------------------------------------------------------------------------
/roles/rhel_unsubscribe/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Remove RedHat subscriptions
3 | redhat_subscription:
4 | state: absent
5 | when: ansible_distribution == "RedHat"
6 |
--------------------------------------------------------------------------------
/ansible-profile/README.md:
--------------------------------------------------------------------------------
1 | # Ansible profile
2 |
3 | This is a callback plugin for timing tasks.
4 |
5 | The upstream project lies in:
6 | https://github.com/jlafon/ansible-profile
7 |
--------------------------------------------------------------------------------
/playbooks/adhoc/openshift_hosted_logging_efk.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: masters[0]
3 | roles:
4 | - role: openshift_hosted_logging
5 | openshift_hosted_logging_cleanup: no
6 |
7 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-nfs/config.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Configure nfs
3 | hosts: oo_nfs_to_config
4 | roles:
5 | - role: openshift_facts
6 | - role: openshift_storage_nfs
7 |
--------------------------------------------------------------------------------
/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2:
--------------------------------------------------------------------------------
1 | strict-order
2 | no-resolv
3 | domain-needed
4 | server=/{{ openshift.common.dns_domain }}/{{ openshift.common.kube_svc_ip }}
5 |
--------------------------------------------------------------------------------
/.tito/packages/.readme:
--------------------------------------------------------------------------------
1 | the .tito/packages directory contains metadata files
2 | named after their packages. Each file has the latest tagged
3 | version and the project's relative directory.
4 |
--------------------------------------------------------------------------------
/roles/etcd/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: restart etcd
4 | service: name={{ etcd_service }} state=restarted
5 | when: not (etcd_service_status_changed | default(false) | bool)
6 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_logging/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
3 |
--------------------------------------------------------------------------------
/utils/workflows/enterprise_deploy/openshift.sh:
--------------------------------------------------------------------------------
1 | # This file is not used for OpenShift 3.0. It's merely an artifact of the the
2 | # installation framework originally used for OpenShift 2.x.
3 |
--------------------------------------------------------------------------------
/utils/test-requirements.txt:
--------------------------------------------------------------------------------
1 | enum
2 | configparser
3 | pylint
4 | pep8
5 | nose
6 | coverage
7 | mock
8 | flake8
9 | PyYAML
10 | click
11 | backports.functools_lru_cache
12 | pyOpenSSL
13 |
--------------------------------------------------------------------------------
/roles/openshift_cli_facts/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # TODO: move this to a new 'cli' role
3 | - openshift_facts:
4 | role: common
5 | local_facts:
6 | cli_image: "{{ osm_image | default(None) }}"
7 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nfs-server
3 | service:
4 | name: nfs-server
5 | state: restarted
6 | when: not (nfs_service_status_changed | default(false))
7 |
--------------------------------------------------------------------------------
/roles/nuage_master/README.md:
--------------------------------------------------------------------------------
1 | Nuage Master
2 | ============
3 | Setup Nuage Kubernetes Monitor on the Master node
4 |
5 |
6 | Requirements
7 | ------------
8 | This role assumes it has been deployed on RHEL/Fedora
9 |
--------------------------------------------------------------------------------
/roles/openshift_loadbalancer/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart haproxy
3 | service:
4 | name: haproxy
5 | state: restarted
6 | when: not (haproxy_start_result_changed | default(false) | bool)
7 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/templates/storage-pool.xml:
--------------------------------------------------------------------------------
1 |
2 | {{ libvirt_storage_pool }}
3 |
4 | {{ libvirt_storage_pool_path }}
5 |
6 |
7 |
--------------------------------------------------------------------------------
/roles/dns/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Lénaïc Huard
4 | description: Deploy and configure a DNS server
5 | company: Amadeus SAS
6 | license: ASL 2.0
7 | dependencies:
8 | - { role: openshift_facts }
9 |
--------------------------------------------------------------------------------
/roles/flannel/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart flanneld
3 | become: yes
4 | service: name=flanneld state=restarted
5 |
6 | - name: restart docker
7 | become: yes
8 | service: name=docker state=restarted
9 |
--------------------------------------------------------------------------------
/roles/openshift_node/tasks/storage_plugins/ceph.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install Ceph storage plugin dependencies
3 | action: "{{ ansible_pkg_mgr }} name=ceph-common state=present"
4 | when: not openshift.common.is_atomic | bool
--------------------------------------------------------------------------------
/roles/openshift_master/templates/htpasswd.j2:
--------------------------------------------------------------------------------
1 | {% if 'htpasswd_users' in openshift.master %}
2 | {% for user,pass in openshift.master.htpasswd_users.iteritems() %}
3 | {{ user ~ ':' ~ pass }}
4 | {% endfor %}
5 | {% endif %}
6 |
--------------------------------------------------------------------------------
/playbooks/adhoc/zabbix_setup/oo-clean-zaio.yml:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ansible-playbook
2 | ---
3 | - include: clean_zabbix.yml
4 | vars:
5 | g_server: http://localhost/zabbix/api_jsonrpc.php
6 | g_user: Admin
7 | g_password: zabbix
8 |
--------------------------------------------------------------------------------
/roles/nuage_node/README.md:
--------------------------------------------------------------------------------
1 | Nuage Node
2 | ==========
3 |
4 | Setup Nuage VRS (Virtual Routing Switching) on the Openshift Node
5 |
6 | Requirements
7 | ------------
8 |
9 | This role assumes it has been deployed on RHEL/Fedora
10 |
--------------------------------------------------------------------------------
/roles/openshift_node/tasks/storage_plugins/iscsi.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install iSCSI storage plugin dependencies
3 | action: "{{ ansible_pkg_mgr }} name=iscsi-initiator-utils state=present"
4 | when: not openshift.common.is_atomic | bool
5 |
--------------------------------------------------------------------------------
/roles/openshift_repos/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: refresh cache
3 | command: "{{ ansible_pkg_mgr }} clean all"
4 | args:
5 | # Disables the following warning:
6 | # Consider using yum module rather than running yum
7 | warn: no
8 |
--------------------------------------------------------------------------------
/roles/nuage_node/handlers/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart vrs
3 | become: yes
4 | service: name=openvswitch state=restarted
5 |
6 | - name: restart node
7 | become: yes
8 | service: name={{ openshift.common.service_type }}-node state=restarted
9 |
--------------------------------------------------------------------------------
/roles/flannel_register/templates/flannel-config.json:
--------------------------------------------------------------------------------
1 | {
2 | "Network": "{{ flannel_network }}",
3 | "SubnetLen": {{ flannel_subnet_len }},
4 | "SubnetMin": "{{ flannel_min_network }}",
5 | "Backend": {
6 | "Type": "host-gw"
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/roles/openshift_node_dnsmasq/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart NetworkManager
3 | service:
4 | name: NetworkManager
5 | state: restarted
6 |
7 | - name: restart dnsmasq
8 | service:
9 | name: dnsmasq
10 | state: restarted
11 |
--------------------------------------------------------------------------------
/roles/os_firewall/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: firewall/firewalld.yml
3 | when: os_firewall_enabled | bool and os_firewall_use_firewalld | bool
4 |
5 | - include: firewall/iptables.yml
6 | when: os_firewall_enabled | bool and not os_firewall_use_firewalld | bool
7 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/pre/gate_checks.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Flag pre-upgrade checks complete for hosts without errors
3 | hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
4 | tasks:
5 | - set_fact:
6 | pre_upgrade_complete: True
7 |
--------------------------------------------------------------------------------
/roles/openshift_master/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_node_ips: []
3 | # TODO: update setting these values based on the facts
4 | #openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}"
5 |
--------------------------------------------------------------------------------
/playbooks/adhoc/bootstrap-fedora.yml:
--------------------------------------------------------------------------------
1 | - hosts: OSEv3
2 | gather_facts: false
3 | tasks:
4 | - name: install python and deps for ansible modules
5 | raw: dnf install -y python2 python2-dnf libselinux-python libsemanage-python python2-firewall pyOpenSSL python-cryptography
6 |
--------------------------------------------------------------------------------
/utils/setup.cfg:
--------------------------------------------------------------------------------
1 | [bdist_wheel]
2 | # This flag says that the code is written to work on both Python 2 and Python
3 | # 3. If at all possible, it is good practice to do this. If you cannot, you
4 | # will need to generate wheels for each Python version that you support.
5 | universal=1
6 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/templates/registry_config_secret.j2:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Secret
4 | metadata:
5 | name: registry-config
6 | annotations:
7 | provider: {{ openshift.hosted.registry.storage.provider }}
8 | data:
9 | config.yml: {{ registry_config }}
10 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: configure_libvirt_storage_pool.yml
3 | when: libvirt_storage_pool is defined and libvirt_storage_pool_path is defined
4 |
5 | - include: configure_libvirt_network.yml
6 | when: libvirt_network is defined
7 |
--------------------------------------------------------------------------------
/roles/docker/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: OpenShift
4 | description: docker package install
5 | company: Red Hat, Inc
6 | license: ASL 2.0
7 | min_ansible_version: 1.2
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | dependencies: []
13 |
--------------------------------------------------------------------------------
/roles/openshift_node_certificates/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: update ca trust
3 | command: update-ca-trust
4 | notify:
5 | - restart docker after updating ca trust
6 |
7 | - name: restart docker after updating ca trust
8 | service:
9 | name: docker
10 | state: restarted
11 |
--------------------------------------------------------------------------------
/roles/docker/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: restart docker
4 | service:
5 | name: docker
6 | state: restarted
7 | when: not docker_service_status_changed | default(false) | bool
8 |
9 | - name: restart udev
10 | service:
11 | name: systemd-udevd
12 | state: restarted
13 |
--------------------------------------------------------------------------------
/roles/dns/templates/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM {{ base_docker_image }}
2 | MAINTAINER Jan Provaznik
3 |
4 | # install main packages:
5 | RUN yum -y update; yum clean all;
6 | RUN yum -y install bind-utils bind
7 |
8 | EXPOSE 53
9 |
10 | # start services:
11 | CMD ["/usr/sbin/named", "-f"]
12 |
--------------------------------------------------------------------------------
/roles/openshift_node_dnsmasq/tasks/network-manager.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install network manager dispatch script
3 | copy:
4 | src: networkmanager/99-origin-dns.sh
5 | dest: /etc/NetworkManager/dispatcher.d/
6 | mode: 0755
7 | notify: restart NetworkManager
8 |
9 | - meta: flush_handlers
10 |
--------------------------------------------------------------------------------
/roles/openshift_loadbalancer/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | haproxy_frontends:
3 | - name: main
4 | binds:
5 | - "*:8443"
6 | default_backend: default
7 |
8 | haproxy_backends:
9 | - name: default
10 | balance: roundrobin
11 | servers:
12 | - name: web01
13 | address: 127.0.0.1:9000
14 | opts: check
15 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *~
2 | #*#
3 | .idea
4 | *.iml
5 | *.komodoproject
6 | .loadpath
7 | .project
8 | *.pyc
9 | .pydevproject
10 | *.pyo
11 | *.redcar*
12 | .*.swp
13 | .sass-cache
14 | .rvmrc
15 | .DS_Store
16 | gce.ini
17 | multi_ec2.yaml
18 | multi_inventory.yaml
19 | .vagrant
20 | .tags*
21 | ansible.cfg
22 | *.retry
23 | .vscode/*
24 |
--------------------------------------------------------------------------------
/roles/cockpit-ui/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Samuel Munilla
4 | description: Deploy and Enable cockpit-ui
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 |
--------------------------------------------------------------------------------
/roles/openshift_master/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jhon Honce
4 | description: Master
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies: []
15 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | has_cloudprovider: "{{ openshift_cloudprovider_kind | default(None) != None }}"
3 | cloudprovider_is_aws: "{{ has_cloudprovider | bool and openshift_cloudprovider_kind == 'aws' }}"
4 | cloudprovider_is_openstack: "{{ has_cloudprovider | bool and openshift_cloudprovider_kind == 'openstack' }}"
5 |
--------------------------------------------------------------------------------
/roles/openshift_node/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jhon Honce
4 | description: OpenShift Node
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies: []
15 |
--------------------------------------------------------------------------------
/utils/src/MANIFEST.in:
--------------------------------------------------------------------------------
1 | include DESCRIPTION.rst
2 |
3 | # Include the test suite (FIXME: does not work yet)
4 | # recursive-include tests *
5 |
6 | # If using Python 2.6 or less, then have to include package data, even though
7 | # it's already declared in setup.py
8 | include ooinstall/*
9 | include ansible.cfg
10 | include ansible-quiet.cfg
11 |
--------------------------------------------------------------------------------
/offline/yum.repos.d/CentOS-fasttrack.repo:
--------------------------------------------------------------------------------
1 | [fasttrack]
2 | name=CentOS-7 - fasttrack
3 | mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=fasttrack&infra=$infra
4 | #baseurl=http://mirror.centos.org/centos/$releasever/fasttrack/$basearch/
5 | gpgcheck=1
6 | enabled=0
7 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
8 |
9 |
--------------------------------------------------------------------------------
/roles/openshift_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description:
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.8
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies: []
16 |
--------------------------------------------------------------------------------
/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: SessionSecrets
3 | secrets:
4 | {% for secret in openshift.master.session_auth_secrets %}
5 | - authentication: "{{ openshift.master.session_auth_secrets[loop.index0] }}"
6 | encryption: "{{ openshift.master.session_encryption_secrets[loop.index0] }}"
7 | {% endfor %}
8 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: OpenShift Red Hat
4 | description: OpenShift Embedded Router
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies: []
15 |
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Nick Hammond
4 | description: Role to configure logrotate scripts
5 | license: BSD
6 | min_ansible_version: 1.5
7 | platforms:
8 | - name: Ubuntu
9 | versions:
10 | - lucid
11 | - precise
12 | - trusty
13 | categories:
14 | - system
15 | dependencies: []
16 |
--------------------------------------------------------------------------------
/roles/openshift_ca/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
3 | openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
4 | openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
5 | openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
6 | openshift_version: "{{ openshift_pkg_version | default('') }}"
7 |
--------------------------------------------------------------------------------
/roles/etcd_ca/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: Etcd CA
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: etcd_common
17 |
--------------------------------------------------------------------------------
/roles/nuage_ca/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Vishal Patil
4 | description:
5 | company: Nuage Networks
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.8
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - { role: nuage_common }
17 |
--------------------------------------------------------------------------------
/roles/os_firewall/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: os_firewall
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - system
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/roles/etcd_common/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description:
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - { role: openshift_repos }
17 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_logging/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Cleanup logging deployment
3 | include: "{{ role_path }}/tasks/cleanup_logging.yaml"
4 | when: openshift_hosted_logging_cleanup | default(false) | bool
5 |
6 | - name: Deploy logging
7 | include: "{{ role_path }}/tasks/deploy_logging.yaml"
8 | when: not openshift_hosted_logging_cleanup | default(false) | bool
9 |
--------------------------------------------------------------------------------
/roles/openshift_repos/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: TODO
4 | description: OpenShift Repositories
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_network.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create the libvirt network for OpenShift
3 | virt_net:
4 | name: '{{ libvirt_network }}'
5 | state: '{{ item }}'
6 | autostart: 'yes'
7 | xml: "{{ lookup('template', 'network.xml') }}"
8 | uri: '{{ libvirt_uri }}'
9 | with_items:
10 | - present
11 | - active
12 |
--------------------------------------------------------------------------------
/roles/openshift_clock/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jeremiah Stuever
4 | description: OpenShift Clock
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/roles/openshift_examples/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Scott Dodson
4 | description: OpenShift Examples
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_common
16 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs_lvm/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Options of NFS exports.
3 | osnl_nfs_export_options: "*(rw,sync,all_squash)"
4 |
5 | # Directory, where the created partitions should be mounted. They will be
6 | # mounted as /test1g0001 etc.
7 | osnl_mount_dir: /exports/openshift
8 |
9 | # Volume Group to use.
10 | osnl_volume_group: openshiftvg
11 |
--------------------------------------------------------------------------------
/roles/openshift_cli_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift CLI Facts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_etcd_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift etcd Facts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_projects/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Projects
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift Hosted Facts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_master_cluster/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description:
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.8
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - { role: openshift_repos }
17 |
--------------------------------------------------------------------------------
/roles/openshift_master_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Master Facts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_docker_facts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Docker Facts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_templates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift Hosted Templates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_common
16 |
--------------------------------------------------------------------------------
/roles/openshift_node_dnsmasq/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Scott Dodson
4 | description: OpenShift Node DNSMasq support
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_common
16 |
--------------------------------------------------------------------------------
/roles/etcd_server_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: Etcd Server Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: etcd_ca
17 |
--------------------------------------------------------------------------------
/roles/os_firewall/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | os_firewall_enabled: True
3 | # TODO: Upstream kubernetes only supports iptables currently
4 | # TODO: it might be possible to still use firewalld if we wire up the created
5 | # chains with the public zone (or the zone associated with the correct
6 | # interfaces)
7 | os_firewall_use_firewalld: False
8 | os_firewall_allow: []
9 | os_firewall_deny: []
10 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/README.md:
--------------------------------------------------------------------------------
1 | # Upgrade playbooks
2 | The playbooks provided in this directory can be used for upgrading an existing
3 | cluster. Additional notes for the associated upgrade playbooks are
4 | provided in their respective directories.
5 |
6 | # Upgrades available
7 | - [OpenShift Enterprise 3.2 to 3.3](v3_3/README.md)
8 | - [OpenShift Enterprise 3.1 to 3.2](v3_2/README.md)
9 |
--------------------------------------------------------------------------------
/roles/etcd_client_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: Etcd Client Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: etcd_common
17 |
--------------------------------------------------------------------------------
/roles/openshift_builddefaults/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Scott Dodson
4 | description: OpenShift Build Defaults configuration
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_persistent_volumes/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift Persistent Volumes
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | dependencies:
13 | - role: openshift_common
14 | - role: openshift_hosted_facts
15 |
--------------------------------------------------------------------------------
/roles/openshift_serviceaccounts/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: OpenShift Operations
4 | description: OpenShift Service Accounts
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - { role: openshift_facts }
16 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Sylvain Baubeau, Andrew Butcher
4 | description: OpenShift Cloud Provider
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 |
--------------------------------------------------------------------------------
/roles/openshift_master_certificates/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs"
3 | openshift_master_cert_subdir: "master-{{ openshift.common.hostname }}"
4 | openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
5 | openshift_master_generated_config_dir: "{{ openshift_generated_configs_dir }}/{{ openshift_master_cert_subdir }}"
6 |
--------------------------------------------------------------------------------
/roles/flannel_register/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Sylvain
4 | description: register flannel configuration into etcd
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.2
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - { role: openshift_facts }
17 |
--------------------------------------------------------------------------------
/roles/openshift_certificate_expiry/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Tim Bielawa
4 | description: OpenShift Certificate Expiry Checker
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | version: 1.0
9 | platforms:
10 | - name: EL
11 | versions:
12 | - 7
13 | categories:
14 | - cloud
15 | - system
16 | dependencies: []
17 |
--------------------------------------------------------------------------------
/roles/openshift_named_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift Named Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: openshift_facts
17 |
--------------------------------------------------------------------------------
/roles/openshift_node_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Node Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: openshift_facts
17 |
--------------------------------------------------------------------------------
/playbooks/adhoc/create_pv/pv-template.j2:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: PersistentVolume
4 | metadata:
5 | name: {{ pv_name }}
6 | labels:
7 | type: ebs
8 | spec:
9 | capacity:
10 | storage: {{ vol_size }}Gi
11 | accessModes:
12 | - ReadWriteOnce
13 | persistentVolumeReclaimPolicy: Retain
14 | awsElasticBlockStore:
15 | volumeID: aws://{{ vol_az }}/{{ vol_id }}
16 | fsType: ext4
17 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-etcd/config.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Configure etcd
3 | hosts: oo_etcd_to_config
4 | any_errors_fatal: true
5 | roles:
6 | - role: openshift_etcd
7 | etcd_peers: "{{ groups.oo_etcd_to_config | default([], true) }}"
8 | etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
9 | etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}"
10 | - role: nickhammond.logrotate
11 |
--------------------------------------------------------------------------------
/roles/openshift_common/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Common
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_facts
16 | - role: openshift_repos
17 | - role: openshift_version
18 |
--------------------------------------------------------------------------------
/roles/openshift_docker/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Docker
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_version
16 | - role: openshift_docker_facts
17 | - role: docker
18 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/pre/verify_nodes_running.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Verify node processes
3 | hosts: oo_nodes_to_config
4 | roles:
5 | - openshift_facts
6 | - openshift_docker_facts
7 | tasks:
8 | - name: Ensure Node is running
9 | service:
10 | name: "{{ openshift.common.service_type }}-node"
11 | state: started
12 | enabled: yes
13 | when: openshift.common.is_containerized | bool
14 |
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jan Safranek
4 | description: Partition disks and use them as Kubernetes NFS physical volumes.
5 | company: Red Hat, Inc.
6 | license: license (Apache)
7 | min_ansible_version: 1.4
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | - name: Fedora
13 | versions:
14 | - all
15 | categories:
16 | - cloud
17 | dependencies: []
18 |
--------------------------------------------------------------------------------
/roles/openshift_etcd_facts/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | etcd_is_containerized: "{{ openshift.common.is_containerized }}"
3 | etcd_is_atomic: "{{ openshift.common.is_atomic }}"
4 | etcd_hostname: "{{ openshift.common.hostname }}"
5 | etcd_ip: "{{ openshift.common.ip }}"
6 | etcd_cert_subdir: "etcd-{{ openshift.common.hostname }}"
7 | etcd_cert_prefix:
8 | etcd_cert_config_dir: /etc/etcd
9 | etcd_peer_url_scheme: https
10 | etcd_url_scheme: https
11 |
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/templates/logrotate.d.j2:
--------------------------------------------------------------------------------
1 | # {{ ansible_managed }}
2 |
3 | {{ item.path }} {
4 | {% if item.options is defined -%}
5 | {% for option in item.options -%}
6 | {{ option }}
7 | {% endfor -%}
8 | {% endif %}
9 | {%- if item.scripts is defined -%}
10 | {%- for name, script in item.scripts.iteritems() -%}
11 | {{ name }}
12 | {{ script }}
13 | endscript
14 | {% endfor -%}
15 | {% endif -%}
16 | }
17 |
--------------------------------------------------------------------------------
/roles/openshift_master_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Master Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: openshift_master_facts
17 | - role: openshift_ca
18 |
--------------------------------------------------------------------------------
/playbooks/adhoc/metrics_setup/playbooks/master_config_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: "Load master config"
3 | hosts: masters
4 | vars:
5 | master_config_file: "/tmp/ansible-metrics-{{ ansible_hostname }}"
6 | tasks:
7 | - name: "Fetch master config from remote"
8 | fetch: "src=/etc/origin/master/master-config.yaml dest={{ master_config_file }} flat=yes"
9 | - name: "Load config"
10 | include_vars: "{{ master_config_file }}"
11 |
--------------------------------------------------------------------------------
/roles/openshift_ca/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift CA
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: openshift_repos
17 | - role: openshift_cli
18 | - role: openshift_named_certificates
19 |
--------------------------------------------------------------------------------
/roles/openshift_etcd_client_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Etcd Client Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_etcd_facts
16 | - role: etcd_client_certificates
17 |
--------------------------------------------------------------------------------
/roles/openshift_etcd_server_certificates/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Etcd Server Certificates
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_etcd_facts
16 | - role: etcd_server_certificates
17 |
--------------------------------------------------------------------------------
/roles/openshift_node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | os_firewall_allow:
3 | - service: Kubernetes kubelet
4 | port: 10250/tcp
5 | - service: http
6 | port: 80/tcp
7 | - service: https
8 | port: 443/tcp
9 | - service: Openshift kubelet ReadOnlyPort
10 | port: 10255/tcp
11 | - service: Openshift kubelet ReadOnlyPort udp
12 | port: 10255/udp
13 | - service: OpenShift OVS sdn
14 | port: 4789/udp
15 | when: openshift.node.use_openshift_sdn | bool
16 |
--------------------------------------------------------------------------------
/roles/openshift_examples/files/examples/README.md:
--------------------------------------------------------------------------------
1 | Image Streams and Templates may require specific versions of OpenShift so
2 | they've been namespaced. At this time, once a new version of Origin is released
3 | the older versions will only receive new content by speficic request.
4 |
5 | Please file an issue at https://github.com/openshift/openshift-ansible if you'd
6 | like to see older content updated and have tested to ensure it's backwards
7 | compatible.
8 |
--------------------------------------------------------------------------------
/roles/flannel/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Sylvain
4 | description: flannel management
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 2.1
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: openshift_facts
17 | - role: openshift_etcd_client_certificates
18 | etcd_cert_prefix: flannel.etcd-
19 |
--------------------------------------------------------------------------------
/roles/nuage_node/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Vishal Patil
4 | description:
5 | company: Nuage Networks
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.8
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: nuage_ca
17 | - role: os_firewall
18 | os_firewall_allow:
19 | - service: vxlan
20 | port: 4789/udp
21 |
--------------------------------------------------------------------------------
/roles/openshift_expand_partition/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Troy Dawson
4 | description: Expand partition and filesystem to fill free space on disks.
5 | company: Red Hat, Inc.
6 | license: license (Apache)
7 | min_ansible_version: 1.4
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | - name: Fedora
13 | versions:
14 | - all
15 | categories:
16 | - openshift
17 | - cloud
18 | dependencies: []
19 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs_lvm/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jan Safranek, Troy Dawson
4 | description: Create LVM volumes and use them as openshift persistent volumes.
5 | company: Red Hat, Inc.
6 | license: license (Apache)
7 | min_ansible_version: 1.4
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | - name: Fedora
13 | versions:
14 | - all
15 | categories:
16 | - openshift
17 | dependencies: []
18 |
--------------------------------------------------------------------------------
/roles/cockpit/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Scott Dodson
4 | description: Deploy and Enable cockpit-ws plus optional plugins
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.7
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: os_firewall
16 | os_firewall_allow:
17 | - service: cockpit-ws
18 | port: 9090/tcp
19 |
--------------------------------------------------------------------------------
/roles/openshift_persistent_volumes/templates/persistent-volume-claim.yml.j2:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "List"
4 | items:
5 | {% for claim in persistent_volume_claims %}
6 | - apiVersion: "v1"
7 | kind: "PersistentVolumeClaim"
8 | metadata:
9 | name: "{{ claim.name }}"
10 | spec:
11 | accessModes: {{ claim.access_modes | to_padded_yaml(2, 2) }}
12 | resources:
13 | requests:
14 | storage: "{{ claim.capacity }}"
15 | {% endfor %}
16 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/verify_ansible_version.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Verify Ansible version is greater than or equal to 2.1.0.0
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | tasks:
8 | - name: Verify Ansible version is greater than or equal to 2.1.0.0
9 | fail:
10 | msg: "Unsupported ansible version: {{ ansible_version.full }} found"
11 | when: not ansible_version.full | version_compare('2.1.0.0', 'ge')
12 |
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: nickhammond.logrotate | Install logrotate
3 | action: "{{ ansible_pkg_mgr }} name=logrotate state=present"
4 | when: not openshift.common.is_atomic | bool
5 |
6 | - name: nickhammond.logrotate | Setup logrotate.d scripts
7 | template:
8 | src: logrotate.d.j2
9 | dest: /etc/logrotate.d/{{ item.name }}
10 | with_items: "{{ logrotate_scripts | default([]) }}"
11 | when: logrotate_scripts is defined
12 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift:
3 | hosted:
4 | registry:
5 | storage:
6 | nfs:
7 | directory: "/exports"
8 | options: "*(rw,root_squash)"
9 | volume:
10 | name: "registry"
11 | metrics:
12 | deploy: False
13 | storage:
14 | nfs:
15 | directory: "/exports"
16 | options: "*(rw,root_squash)"
17 | volume:
18 | name: "metrics"
19 |
--------------------------------------------------------------------------------
/roles/etcd_ca/README.md:
--------------------------------------------------------------------------------
1 | etcd_ca
2 | ========================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | TODO
10 |
11 | Role Variables
12 | --------------
13 |
14 | TODO
15 |
16 | Dependencies
17 | ------------
18 |
19 | TODO
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Scott Dodson (sdodson@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/openshift_certificate_expiry/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_certificate_expiry_config_base: "/etc/origin"
3 | openshift_certificate_expiry_warning_days: 30
4 | openshift_certificate_expiry_show_all: no
5 | openshift_certificate_expiry_generate_html_report: no
6 | openshift_certificate_expiry_html_report_path: "/tmp/cert-expiry-report.html"
7 | openshift_certificate_expiry_save_json_results: no
8 | openshift_certificate_expiry_json_results_path: "/tmp/cert-expiry-report.json"
9 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Andrew Butcher
4 | description: OpenShift NFS Server
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | dependencies:
13 | - role: os_firewall
14 | os_firewall_allow:
15 | - service: nfs
16 | port: "2049/tcp"
17 | - role: openshift_hosted_facts
18 | - role: openshift_repos
19 |
--------------------------------------------------------------------------------
/roles/openshift_cli/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift Docker
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_docker
16 | when: not skip_docker_role | default(False) | bool
17 | - role: openshift_common
18 | - role: openshift_cli_facts
19 |
--------------------------------------------------------------------------------
/roles/openshift_repos/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # origin uses community packages named 'origin'
3 | # online currently uses 'openshift' packages
4 | # enterprise is used for OSE 3.0 < 3.1 which uses packages named 'openshift'
5 | # atomic-enterprise uses Red Hat packages named 'atomic-openshift'
6 | # openshift-enterprise uses Red Hat packages named 'atomic-openshift' starting with OSE 3.1
7 | known_openshift_deployment_types: ['origin', 'online', 'enterprise','atomic-enterprise','openshift-enterprise']
8 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/containerized_node_upgrade.yml:
--------------------------------------------------------------------------------
1 | - name: Update systemd units
2 | include: ../../../../roles/openshift_node/tasks/systemd_units.yml openshift_version={{ openshift_image_tag }}
3 |
4 | - name: Verifying the correct version was configured
5 | shell: grep {{ verify_upgrade_version }} {{ item }}
6 | with_items:
7 | - /etc/sysconfig/openvswitch
8 | - /etc/sysconfig/{{ openshift.common.service_type }}*
9 | when: verify_upgrade_version is defined
10 |
--------------------------------------------------------------------------------
/roles/etcd_common/README.md:
--------------------------------------------------------------------------------
1 | etcd_common
2 | ========================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | TODO
10 |
11 | Role Variables
12 | --------------
13 |
14 | TODO
15 |
16 | Dependencies
17 | ------------
18 |
19 | openshift-repos
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Jason DeTiberus (jdetiber@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/openshift_etcd/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift etcd
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_etcd_facts
16 | - role: openshift_clock
17 | - role: openshift_docker
18 | when: openshift.common.is_containerized | bool
19 | - role: etcd
20 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs/templates/exports.j2:
--------------------------------------------------------------------------------
1 | {{ openshift.hosted.registry.storage.nfs.directory }}/{{ openshift.hosted.registry.storage.volume.name }} {{ openshift.hosted.registry.storage.nfs.options }}
2 | {{ openshift.hosted.metrics.storage.nfs.directory }}/{{ openshift.hosted.metrics.storage.volume.name }} {{ openshift.hosted.metrics.storage.nfs.options }}
3 | {{ openshift.hosted.logging.storage.nfs.directory }}/{{ openshift.hosted.logging.storage.volume.name }} {{ openshift.hosted.logging.storage.nfs.options }}
4 |
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | kubernetes_url: https://172.30.0.1:443
3 |
4 | kube_api_version: v1
5 |
6 | kube_req_template: "../templates/{{ kube_api_version }}/nfs.json.j2"
7 |
8 | # Options of NFS exports.
9 | nfs_export_options: "*(rw,no_root_squash,insecure,no_subtree_check)"
10 |
11 | # Directory, where the created partitions should be mounted. They will be
12 | # mounted as /sda1 etc.
13 | mount_dir: /exports
14 |
15 | # Force re-partitioning the disks
16 | force: false
17 |
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/.travis.yml:
--------------------------------------------------------------------------------
1 | ---
2 | language: python
3 | python: "2.7"
4 | before_install:
5 | - sudo apt-get update -qq
6 | - sudo apt-get install -qq python-apt python-pycurl
7 | install:
8 | - pip install ansible
9 | script:
10 | - "printf '[defaults]\nroles_path = ../' > ansible.cfg"
11 | - ansible-playbook -i tests/inventory --syntax-check tests/test.yml
12 | - ansible-playbook -i tests/inventory --connection=local --sudo -vvvv tests/test.yml
13 | notifications:
14 | email: false
15 |
--------------------------------------------------------------------------------
/roles/openshift_named_certificates/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Named Certificates
2 | ============================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | Role Variables
10 | --------------
11 |
12 | TODO
13 |
14 | Dependencies
15 | ------------
16 |
17 | TODO
18 |
19 | Example Playbook
20 | ----------------
21 |
22 | TODO
23 |
24 | License
25 | -------
26 |
27 | Apache License Version 2.0
28 |
29 | Author Information
30 | ------------------
31 |
32 | Andrew Butcher
33 |
--------------------------------------------------------------------------------
/roles/cockpit/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install cockpit-ws
3 | action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
4 | with_items:
5 | - cockpit-ws
6 | - cockpit-shell
7 | - cockpit-bridge
8 | - cockpit-docker
9 | - "{{ cockpit_plugins }}"
10 | when: not openshift.common.is_containerized | bool
11 |
12 | - name: Enable cockpit-ws
13 | service:
14 | name: cockpit.socket
15 | enabled: true
16 | state: started
17 | when: not openshift.common.is_containerized | bool
18 |
--------------------------------------------------------------------------------
/roles/etcd_client_certificates/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Etcd Certificates
2 | ===========================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | TODO
10 |
11 | Role Variables
12 | --------------
13 |
14 | TODO
15 |
16 | Dependencies
17 | ------------
18 |
19 | TODO
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Scott Dodson (sdodson@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/etcd_server_certificates/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Etcd Certificates
2 | ===========================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | TODO
10 |
11 | Role Variables
12 | --------------
13 |
14 | TODO
15 |
16 | Dependencies
17 | ------------
18 |
19 | TODO
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Scott Dodson (sdodson@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/openshift_clock/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Set clock facts
3 | openshift_facts:
4 | role: clock
5 | local_facts:
6 | enabled: "{{ openshift_clock_enabled | default(None) }}"
7 |
8 | - name: Install ntp package
9 | action: "{{ ansible_pkg_mgr }} name=ntp state=present"
10 | when: openshift.clock.enabled | bool and not openshift.clock.chrony_installed | bool
11 |
12 | - name: Start and enable ntpd/chronyd
13 | shell: timedatectl set-ntp true
14 | when: openshift.clock.enabled | bool
15 |
--------------------------------------------------------------------------------
/roles/openshift_master_cluster/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Master Cluster
2 | ========================
3 |
4 | TODO
5 |
6 | Requirements
7 | ------------
8 |
9 | TODO
10 |
11 | Role Variables
12 | --------------
13 |
14 | TODO
15 |
16 | Dependencies
17 | ------------
18 |
19 | TODO
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Jason DeTiberus (jdetiber@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/dns/templates/named.conf:
--------------------------------------------------------------------------------
1 | options
2 | {
3 | directory "/var/named";
4 |
5 | allow-query { {{ ansible_default_ipv4.network }}/24; };
6 |
7 | recursion yes;
8 |
9 | {% if dns_forwarders is defined %}
10 | forwarders {
11 | {% for dns in dns_forwarders %}
12 | {{ dns }};
13 | {% endfor %}
14 | };
15 | {% endif %}
16 | };
17 | {% for zone in dns_zones %}
18 |
19 | zone "{{ zone }}" IN {
20 | type master;
21 | file "openshift-cluster.zone";
22 | };
23 | {% endfor %}
24 |
--------------------------------------------------------------------------------
/roles/openshift_facts/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Facts
2 | ===============
3 |
4 | Provides the openshift_facts module
5 |
6 | Requirements
7 | ------------
8 |
9 | None
10 |
11 | Role Variables
12 | --------------
13 |
14 | None
15 |
16 | Dependencies
17 | ------------
18 |
19 | None
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | TODO
25 |
26 | License
27 | -------
28 |
29 | Apache License, Version 2.0
30 |
31 | Author Information
32 | ------------------
33 |
34 | Jason DeTiberus (jdetiber@redhat.com)
35 |
--------------------------------------------------------------------------------
/roles/nickhammond.logrotate/tests/test.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: all
3 | sudo: True
4 | roles:
5 | - ansible-logrotate
6 | - role: ansible-logrotate
7 | logrotate_scripts:
8 | - name: nginx-options
9 | path: /var/log/nginx/options.log
10 | options:
11 | - daily
12 |
13 | - role: ansible-logrotate
14 | logrotate_scripts:
15 | - name: nginx-scripts
16 | path: /var/log/nginx/scripts.log
17 | scripts:
18 | postrotate: "echo test"
19 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/tasks/set_etcd_launch_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - set_fact: k8s_type="etcd"
3 |
4 | - name: Generate etcd instance names(s)
5 | set_fact:
6 | scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}"
7 | register: etcd_names_output
8 | with_sequence: count={{ num_etcd }}
9 |
10 | - set_fact:
11 | etcd_names: "{{ etcd_names_output.results | default([])
12 | | oo_collect('ansible_facts')
13 | | oo_collect('scratch_name') }}"
14 |
--------------------------------------------------------------------------------
/roles/openshift_persistent_volumes/templates/persistent-volume.yml.j2:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: List
4 | items:
5 | {% for volume in persistent_volumes %}
6 | - apiVersion: v1
7 | kind: PersistentVolume
8 | metadata:
9 | name: "{{ volume.name }}"
10 | spec:
11 | capacity:
12 | storage: "{{ volume.capacity }}"
13 | accessModes: {{ volume.access_modes | to_padded_yaml(2, 2) }}
14 | {{ volume.storage.keys()[0] }}: {{ volume.storage[volume.storage.keys()[0]] | to_padded_yaml(3, 2) }}
15 | {% endfor %}
16 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-master/restart.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | connection: local
4 | become: no
5 | gather_facts: no
6 | tasks:
7 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
8 | - add_host:
9 | name: "{{ item }}"
10 | groups: l_oo_all_hosts
11 | with_items: "{{ g_all_hosts }}"
12 |
13 | - hosts: l_oo_all_hosts
14 | gather_facts: no
15 | tasks:
16 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
17 |
18 | - include: ../../common/openshift-master/restart.yml
19 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_templates/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hosted_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/hosted"
3 | hosted_deployment_type: "{{ 'origin' if openshift_deployment_type == 'origin' else 'enterprise' }}"
4 |
5 | content_version: "{{ openshift.common.examples_content_version }}"
6 |
7 | registry_url: ""
8 | registry_host: "{{ registry_url.split('/')[0] if '.' in registry_url.split('/')[0] else '' }}"
9 |
10 | openshift_hosted_templates_import_command: 'create'
11 |
--------------------------------------------------------------------------------
/playbooks/adhoc/s3_registry/s3_registry.j2:
--------------------------------------------------------------------------------
1 | version: 0.1
2 | log:
3 | level: debug
4 | http:
5 | addr: :5000
6 | storage:
7 | cache:
8 | layerinfo: inmemory
9 | s3:
10 | accesskey: {{ aws_access_key }}
11 | secretkey: {{ aws_secret_key }}
12 | region: {{ aws_bucket_region }}
13 | bucket: {{ aws_bucket_name }}
14 | encrypt: true
15 | secure: true
16 | v4auth: true
17 | rootdirectory: /registry
18 | auth:
19 | openshift:
20 | realm: openshift
21 | middleware:
22 | repository:
23 | - name: openshift
24 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/tasks/set_master_launch_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - set_fact: k8s_type="master"
3 |
4 | - name: Generate master instance names(s)
5 | set_fact:
6 | scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' | format(1048576 | random) }}"
7 | register: master_names_output
8 | with_sequence: count={{ num_masters }}
9 |
10 | - set_fact:
11 | master_names: "{{ master_names_output.results | default([])
12 | | oo_collect('ansible_facts')
13 | | oo_collect('scratch_name') }}"
14 |
--------------------------------------------------------------------------------
/roles/openshift_expand_partition/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # oep_drive
3 | # Drive that has the partition we wish to expand.
4 | oep_drive: "/dev/xvda"
5 |
6 | # oep_partition
7 | # Partition that we wish to expand.
8 | oep_partition: 3
9 |
10 | # oep_partition_mount_point
11 | # Where the partition is mounted
12 | oep_partition_mount_point: /var
13 |
14 | # oep_file_system
15 | # What file system is on the partition
16 | # Currently only xfs, and ext(2,3,4) are supported
17 | # For ext2, ext3, or ext4 just use ext
18 | oep_file_system: "xfs"
19 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/initialize_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Initialize host facts
3 | hosts: oo_all_hosts
4 | any_errors_fatal: true
5 | roles:
6 | - openshift_facts
7 | tasks:
8 | - openshift_facts:
9 | role: common
10 | local_facts:
11 | hostname: "{{ openshift_hostname | default(None) }}"
12 | - set_fact:
13 | openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.common.portal_net }}"
14 | - set_fact:
15 | openshift_deployment_type: "{{ deployment_type }}"
16 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/tasks/aws.yml:
--------------------------------------------------------------------------------
1 | # Work around ini_file create option in 2.2 which defaults to no
2 | - name: Create cloud config file
3 | file:
4 | dest: "{{ openshift.common.config_base }}/cloudprovider/aws.conf"
5 | state: touch
6 | mode: 0660
7 | owner: root
8 | group: root
9 | changed_when: false
10 |
11 | - name: Configure AWS cloud provider
12 | ini_file:
13 | dest: "{{ openshift.common.config_base }}/cloudprovider/aws.conf"
14 | section: Global
15 | option: Zone
16 | value: "{{ openshift.provider.zone }}"
17 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Set cloud provider facts
3 | openshift_facts:
4 | role: cloudprovider
5 | local_facts:
6 | kind: "{{ openshift_cloudprovider_kind | default(None) }}"
7 |
8 | - name: Create cloudprovider config dir
9 | file:
10 | path: "{{ openshift.common.config_base }}/cloudprovider"
11 | state: directory
12 | when: has_cloudprovider | bool
13 |
14 | - include: openstack.yml
15 | when: cloudprovider_is_openstack | bool
16 |
17 | - include: aws.yml
18 | when: cloudprovider_is_aws | bool
19 |
--------------------------------------------------------------------------------
/roles/openshift_node/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart openvswitch
3 | service: name=openvswitch state=restarted
4 | when: not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | bool
5 | notify:
6 | - restart openvswitch pause
7 |
8 | - name: restart openvswitch pause
9 | pause: seconds=15
10 | when: openshift.common.is_containerized | bool
11 |
12 | - name: restart node
13 | service: name={{ openshift.common.service_type }}-node state=restarted
14 | when: not (node_service_status_changed | default(false) | bool)
15 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/restart_hosts.yml:
--------------------------------------------------------------------------------
1 | - name: Restart master system
2 | # https://github.com/ansible/ansible/issues/10616
3 | shell: sleep 2 && shutdown -r now "OpenShift Ansible master rolling restart"
4 | async: 1
5 | poll: 0
6 | ignore_errors: true
7 | become: yes
8 |
9 | # Ensure the api_port is available.
10 | - name: Wait for master API to come back online
11 | become: no
12 | local_action:
13 | module: wait_for
14 | host="{{ inventory_hostname }}"
15 | state=started
16 | delay=10
17 | port="{{ openshift.master.api_port }}"
18 |
--------------------------------------------------------------------------------
/roles/nuage_master/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Vishal Patil
4 | description:
5 | company: Nuage Networks
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.8
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | - system
15 | dependencies:
16 | - role: nuage_ca
17 | - role: nuage_common
18 | - role: openshift_etcd_client_certificates
19 | - role: os_firewall
20 | os_firewall_allow:
21 | - service: openshift-monitor
22 | port: "{{ nuage_mon_rest_server_port }}/tcp"
23 |
--------------------------------------------------------------------------------
/roles/openshift_version/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Devan Goodwin
4 | description: Determines the version of OpenShift to install or upgrade to
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | categories:
13 | - cloud
14 | dependencies:
15 | - role: openshift_repos
16 | - role: openshift_docker_facts
17 | - role: docker
18 | when: openshift.common.is_containerized | default(False) | bool and not skip_docker_role | default(False) | bool
19 |
--------------------------------------------------------------------------------
/roles/openshift_loadbalancer/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Jason DeTiberus
4 | description: OpenShift haproxy loadbalancer
5 | company: Red Hat, Inc.
6 | license: Apache License, Version 2.0
7 | min_ansible_version: 1.9
8 | platforms:
9 | - name: EL
10 | versions:
11 | - 7
12 | dependencies:
13 | - role: openshift_facts
14 | - role: os_firewall
15 | os_firewall_allow:
16 | - service: haproxy stats
17 | port: "9000/tcp"
18 | - service: haproxy balance
19 | port: "{{ openshift_master_api_port | default(8443) }}/tcp"
20 | - role: openshift_repos
21 |
--------------------------------------------------------------------------------
/utils/src/DESCRIPTION.rst:
--------------------------------------------------------------------------------
1 | A sample Python project
2 | =======================
3 |
4 | This is the description file for the project.
5 |
6 | The file should use UTF-8 encoding and be written using ReStructured Text. It
7 | will be used to generate the project webpage on PyPI, and should be written for
8 | that purpose.
9 |
10 | Typical contents for this file would include an overview of the project, basic
11 | usage examples, etc. Generally, including the project changelog in here is not
12 | a good idea, although a simple "What's New" section for the most recent version
13 | may be appropriate.
14 |
--------------------------------------------------------------------------------
/roles/dns/templates/named.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Requires=docker.service
3 | After=docker.service
4 | PartOf=docker.service
5 |
6 | [Service]
7 | Type=simple
8 | TimeoutStartSec=5m
9 | ExecStartPre=/usr/bin/docker run --rm -v /etc/named.conf:/etc/named.conf -v /var/named:/var/named:z bind named-checkconf -z /etc/named.conf
10 | ExecStartPre=-/usr/bin/docker rm -f bind
11 | ExecStart=/usr/bin/docker run --name bind -p 53:53/udp -v /var/log:/var/log -v /etc/named.conf:/etc/named.conf -v /var/named:/var/named:z bind
12 | ExecStop=/usr/bin/docker stop bind
13 |
14 | [Install]
15 | WantedBy=docker.service
16 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml:
--------------------------------------------------------------------------------
1 | # We verified latest rpm available is suitable, so just yum update.
2 | - name: Upgrade packages
3 | action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-{{ component }}{{ openshift_pkg_version }} state=present"
4 |
5 | - name: Ensure python-yaml present for config upgrade
6 | action: "{{ ansible_pkg_mgr }} name=PyYAML state=present"
7 | when: not openshift.common.is_atomic | bool
8 |
9 | - name: Restart node service
10 | service: name="{{ openshift.common.service_type }}-node" state=restarted
11 | when: component == "node"
12 |
--------------------------------------------------------------------------------
/README_ANSIBLE_CONTAINER.md:
--------------------------------------------------------------------------------
1 | # Running ansible in a docker container
2 | * Building ansible container:
3 |
4 | ```sh
5 | git clone https://github.com/openshift/openshift-ansible.git
6 | cd openshift-ansible
7 | docker build --rm -t ansible .
8 | ```
9 | * Create /etc/ansible directory on the host machine and copy inventory file (hosts) into it.
10 | * Copy ssh public key of the host machine to master and nodes machines in the cluster.
11 | * Running the ansible container:
12 |
13 | ```sh
14 | docker run -it --rm --privileged --net=host -v ~/.ssh:/root/.ssh -v /etc/ansible:/etc/ansible ansible
15 | ```
16 |
--------------------------------------------------------------------------------
/roles/flannel_register/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | flannel_network: "{{ openshift.common.portal_net | default('172.30.0.0/16', true) }}"
3 | flannel_min_network: 172.30.5.0
4 | flannel_subnet_len: 24
5 | flannel_etcd_key: /openshift.com/network
6 | etcd_hosts: "{{ etcd_urls }}"
7 | etcd_conf_dir: "{{ openshift.common.config_base }}/master"
8 | etcd_peer_ca_file: "{{ etcd_conf_dir + '/ca.crt' if (openshift.master.embedded_etcd | bool) else etcd_conf_dir + '/master.etcd-ca.crt' }}"
9 | etcd_peer_cert_file: "{{ etcd_conf_dir }}/master.etcd-client.crt"
10 | etcd_peer_key_file: "{{ etcd_conf_dir }}/master.etcd-client.key"
11 |
12 |
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/templates/v1beta3/nfs.json.j2:
--------------------------------------------------------------------------------
1 | {
2 | "kind": "PersistentVolume",
3 | "apiVersion": "v1beta3",
4 | "metadata": {
5 | "name": "pv-{{ inventory_hostname | regex_replace("\.", "-") }}-{{ item.name }}",
6 | "labels": {
7 | "type": "nfs"
8 | }
9 | },
10 | "spec": {
11 | "capacity": {
12 | "storage": "{{ item.size }}"
13 | },
14 | "accessModes": [
15 | "ReadWriteOnce"
16 | ],
17 | "NFS": {
18 | "Server": "{{ inventory_hostname }}",
19 | "Path": "{{ mount_dir }}/{{ item.name }}",
20 | "ReadOnly": false
21 | }
22 | }
23 | }
24 |
--------------------------------------------------------------------------------
/roles/flannel_register/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Assures /etc/flannel dir exists
3 | become: yes
4 | file: path=/etc/flannel state=directory
5 |
6 | - name: Generate etcd configuration for etcd
7 | become: yes
8 | template:
9 | src: "flannel-config.json"
10 | dest: "/etc/flannel/config.json"
11 |
12 | - name: Insert flannel configuration into etcd
13 | become: yes
14 | command: 'curl -L --cacert "{{ etcd_peer_ca_file }}" --cert "{{ etcd_peer_cert_file }}" --key "{{ etcd_peer_key_file }}" "{{ etcd_hosts[0] }}/v2/keys{{ flannel_etcd_key }}/config" -XPUT --data-urlencode value@/etc/flannel/config.json'
15 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2:
--------------------------------------------------------------------------------
1 | {
2 | "apiVersion": "v1",
3 | "kind": "PersistentVolume",
4 | "metadata": {
5 | "name": "pv-{{ inventory_hostname | regex_replace("\.", "-") }}-{{ item }}",
6 | "labels": {
7 | "type": "nfs"
8 | }
9 | },
10 | "spec": {
11 | "capacity": {
12 | "storage": "{{ osnl_volume_size }}Gi"
13 | },
14 | "accessModes": [ "ReadWriteMany" ],
15 | "persistentVolumeReclaimPolicy": "Recycle",
16 | "nfs": {
17 | "Server": "{{ inventory_hostname }}",
18 | "Path": "{{ osnl_mount_dir }}/{{ item }}"
19 | }
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/roles/flannel/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | flannel_interface: "{{ ansible_default_ipv4.interface }}"
3 | flannel_etcd_key: /openshift.com/network
4 | etcd_hosts: "{{ etcd_urls }}"
5 | etcd_peer_ca_file: "{{ openshift.common.config_base }}/node/{{ 'ca' if (embedded_etcd | bool) else 'flannel.etcd-ca' }}.crt"
6 | etcd_peer_cert_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.crt"
7 | etcd_peer_key_file: "{{ openshift.common.config_base }}/node/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'flannel.etcd-client' }}.key"
8 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/tasks/set_node_launch_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - set_fact: k8s_type=node
3 | - set_fact: sub_host_type="{{ type }}"
4 | - set_fact: number_nodes="{{ count }}"
5 |
6 | - name: Generate node instance names(s)
7 | set_fact:
8 | scratch_name: "{{ cluster_id }}-{{ k8s_type }}-{{ sub_host_type }}-{{ '%05x' | format(1048576 | random) }}"
9 | register: node_names_output
10 | with_sequence: count={{ number_nodes }}
11 |
12 | - set_fact:
13 | node_names: "{{ node_names_output.results | default([])
14 | | oo_collect('ansible_facts')
15 | | oo_collect('scratch_name') }}"
16 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/enable_dnsmasq.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: ../../common/openshift-cluster/verify_ansible_version.yml
3 |
4 | - hosts: localhost
5 | connection: local
6 | become: no
7 | gather_facts: no
8 | tasks:
9 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
10 | - add_host:
11 | name: "{{ item }}"
12 | groups: l_oo_all_hosts
13 | with_items: "{{ g_all_hosts | default([]) }}"
14 |
15 | - hosts: l_oo_all_hosts
16 | gather_facts: no
17 | tasks:
18 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
19 |
20 | - include: ../../common/openshift-cluster/enable_dnsmasq.yml
21 |
--------------------------------------------------------------------------------
/inventory/libvirt/hosts/libvirt.ini:
--------------------------------------------------------------------------------
1 | # Ansible libvirt external inventory script settings
2 | #
3 |
4 | [libvirt]
5 |
6 | uri = qemu:///system
7 |
8 | # API calls to libvirt can be slow. For this reason, we cache the results of an API
9 | # call. Set this to the path you want cache files to be written to. Two files
10 | # will be written to this directory:
11 | # - ansible-libvirt.cache
12 | # - ansible-libvirt.index
13 | cache_path = /tmp
14 |
15 | # The number of seconds a cache file is considered valid. After this many
16 | # seconds, a new API call will be made, and the cache file will be updated.
17 | cache_max_age = 900
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-nfs/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Populate g_service_nfs host group if needed
3 | hosts: localhost
4 | gather_facts: no
5 | tasks:
6 | - fail: msg="new_cluster_state is required to be injected in this playbook"
7 | when: new_cluster_state is not defined
8 |
9 | - name: Evaluate g_service_nfs
10 | add_host: name={{ item }} groups=g_service_nfs
11 | with_items: "{{ oo_host_group_exp | default([]) }}"
12 |
13 | - name: Change state on nfs instance(s)
14 | hosts: g_service_nfs
15 | connection: ssh
16 | gather_facts: no
17 | tasks:
18 | - service: name=nfs-server state="{{ new_cluster_state }}"
19 |
--------------------------------------------------------------------------------
/playbooks/adhoc/setupnfs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | ### This playbook is old and we are currently not using NFS.
3 | - hosts: tag_Name_nfs-v3-stg
4 | become: no
5 | remote_user: root
6 | gather_facts: no
7 | roles:
8 | - role: openshift_storage_nfs_lvm
9 | mount_dir: /exports/stg-black
10 | volume_prefix: "kwoodsontest"
11 | volume_size: 5
12 | volume_num_start: 222
13 | number_of_volumes: 3
14 | tasks:
15 | - fetch:
16 | dest: json/
17 | src: /root/"{{ item }}"
18 | with_items:
19 | - persistent-volume.kwoodsontest5g0222.json
20 | - persistent-volume.kwoodsontest5g0223.json
21 | - persistent-volume.kwoodsontest5g0224.json
22 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/initialize_openshift_version.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # NOTE: requires openshift_facts be run
3 | - name: Determine openshift_version to configure on first master
4 | hosts: oo_first_master
5 | roles:
6 | - openshift_version
7 |
8 | # NOTE: We set this even on etcd hosts as they may also later run as masters,
9 | # and we don't want to install wrong version of docker and have to downgrade
10 | # later.
11 | - name: Set openshift_version for all hosts
12 | hosts: oo_all_hosts:!oo_first_master
13 | vars:
14 | openshift_version: "{{ hostvars[groups.oo_first_master.0].openshift_version }}"
15 | roles:
16 | - openshift_version
17 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/tasks/registry/storage/s3.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - fail:
3 | msg: >
4 | openshift_hosted_registry_storage_s3_accesskey and
5 | openshift_hosted_registry_storage_s3_secretkey are required
6 | when: openshift.hosted.registry.storage.s3.accesskey | default(none) is none or openshift.hosted.registry.storage.s3.secretkey | default(none) is none
7 |
8 | - fail:
9 | msg: >
10 | openshift_hosted_registry_storage_s3_bucket and
11 | openshift_hosted_registry_storage_s3_region are required
12 | when: openshift.hosted.registry.storage.s3.bucket | default(none) is none or openshift.hosted.registry.storage.s3.region | default(none) is none
13 |
--------------------------------------------------------------------------------
/roles/openshift_repos/templates/yum_repo.j2:
--------------------------------------------------------------------------------
1 | {% for repo in openshift_additional_repos %}
2 | [{{ repo.id }}]
3 | name={{ repo.name | default(repo.id) }}
4 | baseurl={{ repo.baseurl }}
5 | {% set enable_repo = repo.enabled | default('1') %}
6 | enabled={{ 1 if ( enable_repo == 1 or enable_repo == True ) else 0 }}
7 | {% set enable_gpg_check = repo.gpgcheck | default('1') %}
8 | gpgcheck={{ 1 if ( enable_gpg_check == 1 or enable_gpg_check == True ) else 0 }}
9 | {% for key, value in repo.iteritems() %}
10 | {% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined %}
11 | {{ key }}={{ value }}
12 | {% endif %}
13 | {% endfor %}
14 | {% endfor %}
15 |
--------------------------------------------------------------------------------
/playbooks/adhoc/metrics_setup/playbooks/uninstall.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: "Uninstall metrics"
3 | hosts: masters
4 | tasks:
5 | - name: "Remove metrics url from master config"
6 | lineinfile: "state=absent dest=/etc/origin/master/master-config.yaml regexp='^\ \ metricsPublicURL'"
7 |
8 | - name: "Delete metrics objects"
9 | command: "{{item}}"
10 | with_items:
11 | - oc delete all --selector=metrics-infra
12 | # - oc delete secrets --selector=metrics-infra
13 | # - oc delete sa --selector=metrics-infra
14 | - oc delete templates --selector=metrics-infra
15 | - oc delete sa metrics-deployer
16 | - oc delete secret metrics-deployer
17 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/files/rpm_versions.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | if [ `which dnf 2> /dev/null` ]; then
3 | installed=$(dnf repoquery --installed --latest-limit 1 -d 0 --qf '%{version}-%{release}' "${@}" 2> /dev/null)
4 | available=$(dnf repoquery --available --latest-limit 1 -d 0 --qf '%{version}-%{release}' "${@}" 2> /dev/null)
5 | else
6 | installed=$(repoquery --plugins --pkgnarrow=installed --qf '%{version}-%{release}' "${@}" 2> /dev/null)
7 | available=$(repoquery --plugins --pkgnarrow=available --qf '%{version}-%{release}' "${@}" 2> /dev/null)
8 | fi
9 |
10 | echo "---"
11 | echo "curr_version: ${installed}"
12 | echo "avail_version: ${available}"
13 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/tasks/openstack.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - fail:
3 | msg: "The Openstack integration requires OpenShift Enterprise 3.2 or Origin 1.2."
4 | when: not openshift.common.version_gte_3_2_or_1_2 | bool
5 |
6 | - name: Create cloud config
7 | template:
8 | dest: "{{ openshift.common.config_base }}/cloudprovider/openstack.conf"
9 | src: openstack.conf.j2
10 | when: "openshift_cloudprovider_openstack_auth_url is defined and openshift_cloudprovider_openstack_username is defined and openshift_cloudprovider_openstack_password is defined and (openshift_cloudprovider_openstack_tenant_id is defined or openshift_cloudprovider_openstack_tenant_name is defined)"
11 |
--------------------------------------------------------------------------------
/roles/etcd/templates/etcd.docker.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=The Etcd Server container
3 | After=docker.service
4 | Requires=docker.service
5 | PartOf=docker.service
6 |
7 | [Service]
8 | EnvironmentFile=/etc/etcd/etcd.conf
9 | ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }}
10 | ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }}
11 | ExecStop=/usr/bin/docker stop {{ etcd_service }}
12 | SyslogIdentifier=etcd_container
13 | Restart=always
14 | RestartSec=5s
15 |
16 | [Install]
17 | WantedBy=docker.service
18 |
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/tasks/nfs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install NFS server
3 | action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present"
4 | when: not openshift.common.is_containerized | bool
5 |
6 | - name: Start rpcbind on Fedora/Red Hat
7 | service: name=rpcbind state=started enabled=yes
8 |
9 | - name: Start nfs on Fedora/Red Hat
10 | service: name=nfs-server state=started enabled=yes
11 |
12 | - name: Export the directories
13 | lineinfile: dest=/etc/exports
14 | regexp="^{{ mount_dir }}/{{ item.name }} "
15 | line="{{ mount_dir }}/{{ item.name }} {{nfs_export_options}}"
16 | with_items: "{{ partition_pool }}"
17 | notify: restart nfs
18 |
--------------------------------------------------------------------------------
/roles/nuage_common/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | nuage_ca_master: "{{ groups.oo_first_master.0 }}"
2 | nuage_ca_master_crt_dir: /usr/share/nuage-openshift-certificates
3 |
4 | nuage_ca_dir: /usr/share/nuage-openshift-ca
5 | nuage_ca_key: "{{ nuage_ca_dir }}/nuageMonCA.key"
6 | nuage_ca_crt: "{{ nuage_ca_dir }}/nuageMonCA.crt"
7 | nuage_ca_serial: "{{ nuage_ca_dir }}/nuageMonCA.serial.txt"
8 |
9 | nuage_master_mon_dir: /usr/share/nuage-openshift-monitor
10 | nuage_node_plugin_dir: /usr/share/vsp-openshift
11 |
12 | nuage_mon_rest_server_port: "{{ nuage_openshift_monitor_rest_server_port | default('9443') }}"
13 | nuage_mon_cert_validity_period: "{{ nuage_cert_validity_period | default('3650') }}"
14 |
--------------------------------------------------------------------------------
/playbooks/adhoc/zabbix_setup/oo-config-zaio.yml:
--------------------------------------------------------------------------------
1 | #!/usr/bin/ansible-playbook
2 | ---
3 | - hosts: localhost
4 | gather_facts: no
5 | connection: local
6 | become: no
7 | vars:
8 | g_server: http://localhost/zabbix/api_jsonrpc.php
9 | g_user: Admin
10 | g_password: zabbix
11 | g_zbx_scriptrunner_user: scriptrunner
12 | g_zbx_scriptrunner_bastion_host: specialhost.example.com
13 | roles:
14 | - role: os_zabbix
15 | ozb_server: "{{ g_server }}"
16 | ozb_user: "{{ g_user }}"
17 | ozb_password: "{{ g_password }}"
18 | ozb_scriptrunner_user: "{{ g_zbx_scriptrunner_user }}"
19 | ozb_scriptrunner_bastion_host: "{{ g_zbx_scriptrunner_bastion_host }}"
20 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-loadbalancer/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Populate g_service_nodes host group if needed
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | tasks:
8 | - fail: msg="new_cluster_state is required to be injected in this playbook"
9 | when: new_cluster_state is not defined
10 |
11 | - name: Evaluate g_service_lb
12 | add_host: name={{ item }} groups=g_service_lb
13 | with_items: "{{ oo_host_group_exp | default([]) }}"
14 |
15 | - name: Change state on lb instance(s)
16 | hosts: g_service_lb
17 | connection: ssh
18 | gather_facts: no
19 | tasks:
20 | - service: name=haproxy state="{{ new_cluster_state }}"
21 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-etcd/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Populate g_service_masters host group if needed
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | tasks:
8 | - fail: msg="new_cluster_state is required to be injected in this playbook"
9 | when: new_cluster_state is not defined
10 |
11 | - name: Evaluate g_service_etcd
12 | add_host: name={{ item }} groups=g_service_etcd
13 | with_items: "{{ oo_host_group_exp | default([]) }}"
14 |
15 | - name: Change etcd state on etcd instance(s)
16 | hosts: g_service_etcd
17 | connection: ssh
18 | gather_facts: no
19 | tasks:
20 | - service: name=etcd state="{{ new_cluster_state }}"
21 |
--------------------------------------------------------------------------------
/roles/openshift_node/templates/openvswitch.docker.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | After=docker.service
3 | Requires=docker.service
4 | PartOf=docker.service
5 |
6 | [Service]
7 | EnvironmentFile=/etc/sysconfig/openvswitch
8 | ExecStartPre=-/usr/bin/docker rm -f openvswitch
9 | ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }}:${IMAGE_VERSION}
10 | ExecStartPost=/usr/bin/sleep 5
11 | ExecStop=/usr/bin/docker stop openvswitch
12 | SyslogIdentifier=openvswitch
13 | Restart=always
14 | RestartSec=5s
15 |
16 | [Install]
17 | WantedBy=docker.service
18 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | [provide a description of the issue]
2 |
3 | ##### Version
4 | [if you're operating from a git clone provide the output of `git describe`]
5 | [if you're running from playbooks installed via RPM or atomic-openshift-utils `rpm -q atomic-openshift-utils openshift-ansible`]
6 | [Your version of ansible, `ansible --version`]
7 |
8 |
9 | ##### Steps To Reproduce
10 | 1. [step 1]
11 | 2. [step 2]
12 |
13 | ##### Current Result
14 |
15 | ##### Expected Result
16 |
17 | ##### Additional Information
18 | [The exact command you ran]
19 | [Your operating system and version, ie: RHEL 7.2, Fedora 23]
20 | [Your inventory file]
21 | [visit https://docs.openshift.org/latest/welcome/index.html]
22 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/v3_2/README.md:
--------------------------------------------------------------------------------
1 | # v3.2 Major and Minor Upgrade Playbook
2 |
3 | ## Overview
4 | This playbook currently performs the
5 | following steps.
6 |
7 | * Upgrade and restart master services
8 | * Unschedule node.
9 | * Upgrade and restart docker
10 | * Upgrade and restart node services
11 | * Modifies the subset of the configuration necessary
12 | * Applies the latest cluster policies
13 | * Updates the default router if one exists
14 | * Updates the default registry if one exists
15 | * Updates image streams and quickstarts
16 |
17 | ## Usage
18 | ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_2/upgrade.yml
19 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/v3_3/README.md:
--------------------------------------------------------------------------------
1 | # v3.3 Major and Minor Upgrade Playbook
2 |
3 | ## Overview
4 | This playbook currently performs the
5 | following steps.
6 |
7 | * Upgrade and restart master services
8 | * Unschedule node.
9 | * Upgrade and restart docker
10 | * Upgrade and restart node services
11 | * Modifies the subset of the configuration necessary
12 | * Applies the latest cluster policies
13 | * Updates the default router if one exists
14 | * Updates the default registry if one exists
15 | * Updates image streams and quickstarts
16 |
17 | ## Usage
18 | ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_3/upgrade.yml
19 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/v3_4/README.md:
--------------------------------------------------------------------------------
1 | # v3.4 Major and Minor Upgrade Playbook
2 |
3 | ## Overview
4 | This playbook currently performs the
5 | following steps.
6 |
7 | * Upgrade and restart master services
8 | * Unschedule node.
9 | * Upgrade and restart docker
10 | * Upgrade and restart node services
11 | * Modifies the subset of the configuration necessary
12 | * Applies the latest cluster policies
13 | * Updates the default router if one exists
14 | * Updates the default registry if one exists
15 | * Updates image streams and quickstarts
16 |
17 | ## Usage
18 | ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_4/upgrade.yml
19 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/files/nuke_images.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Stop any running containers
4 | running_container_ids=`docker ps -q`
5 | if test -n "$running_container_ids"
6 | then
7 | docker stop $running_container_ids
8 | fi
9 |
10 | # Delete all containers
11 | container_ids=`docker ps -a -q`
12 | if test -n "$container_ids"
13 | then
14 | docker rm -f -v $container_ids
15 | fi
16 |
17 | # Delete all images (forcefully)
18 | image_ids=`docker images -aq`
19 | if test -n "$image_ids"
20 | then
21 | # Some layers are deleted recursively and are no longer present
22 | # when docker goes to remove them:
23 | docker rmi -f `docker images -aq` || true
24 | fi
25 |
26 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-node/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Populate g_service_nodes host group if needed
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | tasks:
8 | - fail: msg="new_cluster_state is required to be injected in this playbook"
9 | when: new_cluster_state is not defined
10 |
11 | - name: Evaluate g_service_nodes
12 | add_host: name={{ item }} groups=g_service_nodes
13 | with_items: "{{ oo_host_group_exp | default([]) }}"
14 |
15 | - name: Change state on node instance(s)
16 | hosts: g_service_nodes
17 | connection: ssh
18 | gather_facts: no
19 | tasks:
20 | - service: name={{ service_type }}-node state="{{ new_cluster_state }}"
21 |
--------------------------------------------------------------------------------
/roles/openshift_named_certificates/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
3 | openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
4 | openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
5 | openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
6 | openshift_version: "{{ openshift_pkg_version | default('') }}"
7 |
8 | overwrite_named_certs: "{{ openshift_master_overwrite_named_certificates | default(false) }}"
9 | named_certs_dir: "{{ openshift.common.config_base }}/master/named_certificates/"
10 | internal_hostnames: "{{ openshift.common.internal_hostnames }}"
11 | named_certificates: "{{ openshift_master_named_certificates | default([]) }}"
12 |
--------------------------------------------------------------------------------
/utils/.gitignore:
--------------------------------------------------------------------------------
1 | package/
2 |
3 | # Backup files
4 | *.~
5 |
6 | # Byte-compiled / optimized / DLL files
7 | __pycache__/
8 | *.py[cod]
9 |
10 | # C extensions
11 | *.so
12 |
13 | # Distribution / packaging
14 | bin/
15 | build/
16 | develop-eggs/
17 | dist/
18 | eggs/
19 | lib/
20 | lib64/
21 | parts/
22 | sdist/
23 | var/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 | MANIFEST
28 |
29 | # Installer logs
30 | pip-log.txt
31 | pip-delete-this-directory.txt
32 |
33 | # Unit test / coverage reports
34 | .tox/
35 | .coverage
36 | .cache
37 | .noseids
38 | nosetests.xml
39 | coverage.xml
40 |
41 | # Translations
42 | *.mo
43 |
44 | # Sphinx documentation
45 | docs/_build/
46 | oo-install
47 | oo-installenv
48 | cover
49 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/redeploy-certificates.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: ../../common/openshift-cluster/verify_ansible_version.yml
3 |
4 | - hosts: localhost
5 | connection: local
6 | become: no
7 | gather_facts: no
8 | tasks:
9 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
10 | - add_host:
11 | name: "{{ item }}"
12 | groups: l_oo_all_hosts
13 | with_items: "{{ g_all_hosts | default([]) }}"
14 |
15 | - hosts: l_oo_all_hosts
16 | gather_facts: no
17 | tasks:
18 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
19 |
20 | - include: ../../common/openshift-cluster/redeploy-certificates.yml
21 | vars:
22 | openshift_deployment_type: "{{ deployment_type }}"
23 |
--------------------------------------------------------------------------------
/roles/openshift_node/templates/openshift.docker.node.dep.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Requires=docker.service
3 | After=docker.service
4 | PartOf={{ openshift.common.service_type }}-node.service
5 | Before={{ openshift.common.service_type }}-node.service
6 |
7 |
8 | [Service]
9 | ExecStart=/bin/bash -c "if [[ -f /usr/bin/docker-current ]]; then echo \"DOCKER_ADDTL_BIND_MOUNTS=--volume=/usr/bin/docker-current:/usr/bin/docker-current:ro --volume=/etc/sysconfig/docker:/etc/sysconfig/docker:ro\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; else echo \"#DOCKER_ADDTL_BIND_MOUNTS=\" > /etc/sysconfig/{{ openshift.common.service_type }}-node-dep; fi"
10 | ExecStop=
11 | SyslogIdentifier={{ openshift.common.service_type }}-node-dep
12 |
--------------------------------------------------------------------------------
/offline/createRepo.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | cd /etc/yum.repos.d/
3 | [ -f CentOS-PAAS-local.repo ] && exit 0
4 | for i in `ls`; do mv -f $i `echo $i".bak"`; done
5 | cat <>CentOS-PAAS-local.repo
6 | [Base]
7 | name=local base\$basearch
8 | baseurl=http://192.168.56.1:8000/base/
9 | enable=1
10 | gpgcheck=0
11 | [extras]
12 | name=local extras \$basearch
13 | baseurl=http://192.168.56.1:8000/extras/
14 | enable=1
15 | gpgcheck=0
16 | [updates]
17 | name=local updates \$basearch
18 | baseurl=http://192.168.56.1:8000/updates/
19 | enable=1
20 | gpgcheck=0
21 | [origin]
22 | name=local origin \$basearch
23 | baseurl=http://192.168.56.1:8000/centos-openshift-origin/
24 | enable=1
25 | gpgcheck=0
26 | EOF
27 | yum clean all
28 | yum makecache
29 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-node/scaleup.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | connection: local
4 | become: no
5 | gather_facts: no
6 | tasks:
7 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
8 | - add_host:
9 | name: "{{ item }}"
10 | groups: l_oo_all_hosts
11 | with_items: "{{ g_all_hosts }}"
12 |
13 | - hosts: l_oo_all_hosts
14 | gather_facts: no
15 | tasks:
16 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
17 |
18 | - include: ../../common/openshift-node/scaleup.yml
19 | vars:
20 | openshift_cluster_id: "{{ cluster_id | default('default') }}"
21 | openshift_debug_level: "{{ debug_level | default(2) }}"
22 | openshift_deployment_type: "{{ deployment_type }}"
23 |
--------------------------------------------------------------------------------
/roles/openshift_node_certificates/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_generated_configs_dir: "{{ openshift.common.config_base }}/generated-configs"
3 | openshift_node_cert_dir: "{{ openshift.common.config_base }}/node"
4 | openshift_node_cert_subdir: "node-{{ openshift.common.hostname }}"
5 | openshift_node_config_dir: "{{ openshift.common.config_base }}/node"
6 | openshift_node_generated_config_dir: "{{ openshift_generated_configs_dir }}/{{ openshift_node_cert_subdir }}"
7 |
8 | openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
9 | openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
10 | openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
11 | openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
12 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-master/scaleup.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | connection: local
4 | become: no
5 | gather_facts: no
6 | tasks:
7 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
8 | - add_host:
9 | name: "{{ item }}"
10 | groups: l_oo_all_hosts
11 | with_items: "{{ g_all_hosts }}"
12 |
13 | - hosts: l_oo_all_hosts
14 | gather_facts: no
15 | tasks:
16 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
17 |
18 | - include: ../../common/openshift-master/scaleup.yml
19 | vars:
20 | openshift_cluster_id: "{{ cluster_id | default('default') }}"
21 | openshift_debug_level: "{{ debug_level | default(2) }}"
22 | openshift_deployment_type: "{{ deployment_type }}"
23 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Populate g_service_masters host group if needed
3 | hosts: localhost
4 | gather_facts: no
5 | connection: local
6 | become: no
7 | tasks:
8 | - fail: msg="new_cluster_state is required to be injected in this playbook"
9 | when: new_cluster_state is not defined
10 |
11 | - name: Evaluate g_service_masters
12 | add_host: name={{ item }} groups=g_service_masters
13 | with_items: "{{ oo_host_group_exp | default([]) }}"
14 |
15 | - name: Change state on master instance(s)
16 | hosts: g_service_masters
17 | connection: ssh
18 | gather_facts: no
19 | tasks:
20 | - service: name={{ openshift.common.service_type }}-master state="{{ new_cluster_state }}"
21 |
--------------------------------------------------------------------------------
/roles/openshift_master_cluster/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - fail:
3 | msg: "Not possible on atomic hosts for now"
4 | when: openshift.common.is_containerized | bool
5 |
6 | - fail:
7 | msg: "Pacemaker HA is unsupported on OpenShift Enterprise 3.2 and Origin 1.2"
8 | when: openshift.master.cluster_method == "pacemaker" and openshift.common.version_gte_3_2_or_1_2 | bool
9 |
10 | - name: Test if cluster is already configured
11 | command: pcs status
12 | register: pcs_status
13 | changed_when: false
14 | failed_when: false
15 | when: openshift.master.cluster_method == "pacemaker"
16 |
17 | - include: configure.yml
18 | when: "pcs_status | failed and 'Error: cluster is not currently running on this node' in pcs_status.stderr"
19 |
--------------------------------------------------------------------------------
/roles/dns/templates/openshift-cluster.zone:
--------------------------------------------------------------------------------
1 | $TTL 1d
2 | @ IN SOA {{ ansible_hostname }} openshift (
3 | {{ ansible_date_time.epoch }} ; Serial (To be fixed before 2039)
4 | 12h ; Refresh
5 | 3m ; Retry
6 | 4w ; Expire
7 | 3h ; TTL for negative replies
8 | )
9 |
10 | IN NS {{ ansible_hostname }}
11 | {{ ansible_hostname }} IN A {{ ansible_default_ipv4.address }}
12 | {% for host in dns_all_hosts %}
13 | {{ hostvars[host].ansible_hostname }} IN A {{ hostvars[host]['ansible_default_ipv4'].address }}
14 | {% endfor %}
15 |
--------------------------------------------------------------------------------
/roles/etcd/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | etcd_service: "{{ 'etcd' if not etcd_is_containerized | bool else 'etcd_container' }}"
3 | etcd_client_port: 2379
4 | etcd_peer_port: 2380
5 | etcd_url_scheme: http
6 | etcd_peer_url_scheme: http
7 |
8 | etcd_initial_cluster_state: new
9 | etcd_initial_cluster_token: etcd-cluster-1
10 |
11 | etcd_initial_advertise_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}"
12 | etcd_listen_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}"
13 | etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
14 | etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
15 |
16 | etcd_data_dir: /var/lib/etcd/
17 |
--------------------------------------------------------------------------------
/offline/yum.repos.d/CentOS-Media.repo:
--------------------------------------------------------------------------------
1 | # CentOS-Media.repo
2 | #
3 | # This repo can be used with mounted DVD media, verify the mount point for
4 | # CentOS-7. You can use this repo and yum to install items directly off the
5 | # DVD ISO that we release.
6 | #
7 | # To use this repo, put in your DVD and use it with the other repos too:
8 | # yum --enablerepo=c7-media [command]
9 | #
10 | # or for ONLY the media repo, do this:
11 | #
12 | # yum --disablerepo=\* --enablerepo=c7-media [command]
13 |
14 | [c7-media]
15 | name=CentOS-$releasever - Media
16 | baseurl=file:///media/CentOS/
17 | file:///media/cdrom/
18 | file:///media/cdrecorder/
19 | gpgcheck=1
20 | enabled=0
21 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
22 |
23 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/cluster_hosts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | g_etcd_hosts: "{{ groups.etcd | default([]) }}"
3 |
4 | g_lb_hosts: "{{ groups.lb | default([]) }}"
5 |
6 | g_master_hosts: "{{ groups.masters | default([]) }}"
7 |
8 | g_new_master_hosts: "{{ groups.new_masters | default([]) }}"
9 |
10 | g_node_hosts: "{{ groups.nodes | default([]) }}"
11 |
12 | g_new_node_hosts: "{{ groups.new_nodes | default([]) }}"
13 |
14 | g_nfs_hosts: "{{ groups.nfs | default([]) }}"
15 |
16 | g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts)
17 | | union(g_lb_hosts) | union(g_nfs_hosts)
18 | | union(g_new_node_hosts)| union(g_new_master_hosts)
19 | | default([]) }}"
20 |
--------------------------------------------------------------------------------
/ansible.cfg.example:
--------------------------------------------------------------------------------
1 | # config file for ansible -- http://ansible.com/
2 | # ==============================================
3 |
4 | # This config file provides examples for running
5 | # the OpenShift playbooks with the provided
6 | # inventory scripts. Only global defaults are
7 | # left uncommented
8 |
9 | [defaults]
10 | # Add the roles directory to the roles path
11 | roles_path = roles/
12 |
13 | # Set the log_path
14 | log_path = /tmp/ansible.log
15 |
16 | # Uncomment to use the provided BYO inventory
17 | #hostfile = inventory/byo/hosts
18 |
19 | # Uncomment to use the provided GCE dynamic inventory script
20 | #hostfile = inventory/gce/gce.py
21 |
22 | # Uncomment to use the provided AWS dynamic inventory script
23 | #hostfile = inventory/aws/ec2.py
24 |
--------------------------------------------------------------------------------
/roles/openshift_storage_nfs_lvm/tasks/nfs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install NFS server
3 | action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present"
4 | when: not openshift.common.is_containerized | bool
5 |
6 | - name: Start rpcbind
7 | service: name=rpcbind state=started enabled=yes
8 |
9 | - name: Start nfs
10 | service: name=nfs-server state=started enabled=yes
11 |
12 | - name: Export the directories
13 | lineinfile: dest=/etc/exports
14 | regexp="^{{ osnl_mount_dir }}/{{ item }} "
15 | line="{{ osnl_mount_dir }}/{{ item }} {{osnl_nfs_export_options}}"
16 | with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d
17 | notify: restart nfs
18 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_facts/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - set_fact:
3 | openshift_hosted_router_selector: "{{ openshift_hosted_infra_selector }}"
4 | when: openshift_hosted_router_selector is not defined and openshift_hosted_infra_selector is defined
5 | - set_fact:
6 | openshift_hosted_registry_selector: "{{ openshift_hosted_infra_selector }}"
7 | when: openshift_hosted_registry_selector is not defined and openshift_hosted_infra_selector is defined
8 |
9 | - name: Set hosted facts
10 | openshift_facts:
11 | role: hosted
12 | openshift_env: "{{ hostvars
13 | | oo_merge_hostvars(vars, inventory_hostname)
14 | | oo_openshift_env }}"
15 | openshift_env_structures:
16 | - 'openshift.hosted.router.*'
17 |
--------------------------------------------------------------------------------
/utils/src/ooinstall/utils.py:
--------------------------------------------------------------------------------
1 | import logging
2 | import re
3 |
4 |
5 | installer_log = logging.getLogger('installer')
6 |
7 |
8 | def debug_env(env):
9 | for k in sorted(env.keys()):
10 | if k.startswith("OPENSHIFT") or k.startswith("ANSIBLE") or k.startswith("OO"):
11 | installer_log.debug("{key}: {value}".format(
12 | key=k, value=env[k]))
13 |
14 |
15 | def is_valid_hostname(hostname):
16 | if not hostname or len(hostname) > 255:
17 | return False
18 | if hostname[-1] == ".":
19 | hostname = hostname[:-1] # strip exactly one dot from the right, if present
20 | allowed = re.compile(r"(?!-)[A-Z\d-]{1,63}(?
10 | {{ repoquery_cmd }} --qf '%{version}' "{{ openshift.common.service_type}}"
11 | register: common_version
12 | failed_when: false
13 | changed_when: false
14 | when: openshift_version is not defined
15 |
16 | - set_fact:
17 | openshift_version: "{{ common_version.stdout | default('0.0', True) }}"
18 | when: openshift_version is not defined
19 |
--------------------------------------------------------------------------------
/roles/docker/README.md:
--------------------------------------------------------------------------------
1 | Docker
2 | =========
3 |
4 | Ensures docker package is installed, and optionally raises timeout for systemd-udevd.service to 5 minutes.
5 |
6 | Requirements
7 | ------------
8 |
9 | None
10 |
11 | Role Variables
12 | --------------
13 |
14 | udevw_udevd_dir: location of systemd config for systemd-udevd.service
15 | docker_udev_workaround: raises udevd timeout to 5 minutes (https://bugzilla.redhat.com/show_bug.cgi?id=1272446)
16 |
17 | Dependencies
18 | ------------
19 |
20 | None
21 |
22 | Example Playbook
23 | ----------------
24 |
25 | - hosts: servers
26 | roles:
27 | - role: docker
28 | docker_udev_workaround: "true"
29 |
30 | License
31 | -------
32 |
33 | ASL 2.0
34 |
35 | Author Information
36 | ------------------
37 |
38 | OpenShift operations, Red Hat, Inc
39 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create temp directory for kubeconfig
3 | command: mktemp -d /tmp/openshift-ansible-XXXXXX
4 | register: mktemp
5 | changed_when: False
6 |
7 | - set_fact:
8 | openshift_hosted_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
9 |
10 | - name: Copy the admin client config(s)
11 | command: >
12 | cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ openshift_hosted_kubeconfig }}
13 | changed_when: False
14 |
15 | - include: router/router.yml
16 | when: openshift_hosted_manage_router | default(true) | bool
17 |
18 | - include: registry/registry.yml
19 | when: openshift_hosted_manage_registry | default(true) | bool
20 |
21 | - name: Delete temp directory
22 | file:
23 | name: "{{ mktemp.stdout }}"
24 | state: absent
25 | changed_when: False
26 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/templates/network.xml:
--------------------------------------------------------------------------------
1 |
2 | {{ libvirt_network }}
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/roles/etcd/README.md:
--------------------------------------------------------------------------------
1 | Role Name
2 | =========
3 |
4 | Configures an etcd cluster for an arbitrary number of hosts
5 |
6 | Requirements
7 | ------------
8 |
9 | This role assumes it's being deployed on a RHEL/Fedora based host with package
10 | named 'etcd' available via yum or dnf (conditionally).
11 |
12 | Role Variables
13 | --------------
14 |
15 | TODO
16 |
17 | Dependencies
18 | ------------
19 |
20 | etcd-common
21 |
22 | Example Playbook
23 | ----------------
24 |
25 | - hosts: etcd
26 | roles:
27 | - { etcd }
28 |
29 | License
30 | -------
31 |
32 | MIT
33 |
34 | Author Information
35 | ------------------
36 |
37 | Scott Dodson
38 | Adapted from https://github.com/retr0h/ansible-etcd for use on RHEL/Fedora. We
39 | should at some point submit a PR to merge this with that module.
40 |
--------------------------------------------------------------------------------
/playbooks/adhoc/atomic_openshift_tutorial_reset.yml:
--------------------------------------------------------------------------------
1 | # This deletes *ALL* Docker images, and uninstalls OpenShift and
2 | # Atomic Enterprise RPMs. It is primarily intended for use
3 | # with the tutorial as well as for developers to reset state.
4 | #
5 | ---
6 | - include: uninstall.yml
7 |
8 | - hosts:
9 | - OSEv3:children
10 |
11 | become: yes
12 |
13 | tasks:
14 | - shell: docker ps -a -q | xargs docker stop
15 | changed_when: False
16 | failed_when: False
17 |
18 | - shell: docker ps -a -q| xargs docker rm
19 | changed_when: False
20 | failed_when: False
21 |
22 | - shell: docker images -q |xargs docker rmi
23 | changed_when: False
24 | failed_when: False
25 |
26 | - user: name={{ item }} state=absent remove=yes
27 | with_items:
28 | - alice
29 | - joe
30 |
--------------------------------------------------------------------------------
/.tito/releasers.conf:
--------------------------------------------------------------------------------
1 | [brew]
2 | releaser = tito.release.DistGitReleaser
3 | branches = libra-rhel-7
4 |
5 | [ose-3.0]
6 | releaser = tito.release.DistGitReleaser
7 | branches = rhose-3.0-rhel-7
8 | srpm_disttag = .el7ose
9 |
10 | [aos-3.1]
11 | releaser = tito.release.DistGitReleaser
12 | branches = rhaos-3.1-rhel-7
13 | srpm_disttag = .el7aos
14 |
15 | [aos-3.2]
16 | releaser = tito.release.DistGitReleaser
17 | branches = rhaos-3.2-rhel-7
18 | srpm_disttag = .el7aos
19 |
20 | [aos-3.3]
21 | releaser = tito.release.DistGitReleaser
22 | branches = rhaos-3.3-rhel-7
23 | srpm_disttag = .el7aos
24 |
25 | [aos-3.4]
26 | releaser = tito.release.DistGitReleaser
27 | branches = rhaos-3.4-rhel-7
28 | srpm_disttag = .el7aos
29 |
30 | [copr-openshift-ansible]
31 | releaser = tito.release.CoprReleaser
32 | project_name = @OpenShiftOnlineOps/openshift-ansible
33 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift_facts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: ../common/openshift-cluster/verify_ansible_version.yml
3 |
4 | - hosts: localhost
5 | connection: local
6 | become: no
7 | gather_facts: no
8 | tasks:
9 | - include_vars: openshift-cluster/cluster_hosts.yml
10 | - add_host:
11 | name: "{{ item }}"
12 | groups: l_oo_all_hosts
13 | with_items: "{{ g_all_hosts }}"
14 |
15 | - hosts: l_oo_all_hosts
16 | gather_facts: no
17 | tasks:
18 | - include_vars: openshift-cluster/cluster_hosts.yml
19 |
20 | - include: ../common/openshift-cluster/evaluate_groups.yml
21 |
22 | - name: Gather Cluster facts
23 | hosts: OSEv3
24 | roles:
25 | - openshift_facts
26 | tasks:
27 | - openshift_facts:
28 | openshift_env: "{{ hostvars[inventory_hostname] | oo_openshift_env }}"
29 | register: result
30 | - debug: var=result
31 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/update_repos_and_packages.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: evaluate_groups.yml
3 |
4 | - hosts: oo_hosts_to_update
5 | vars:
6 | openshift_deployment_type: "{{ deployment_type }}"
7 | roles:
8 | # Explicitly calling openshift_facts because it appears that when
9 | # rhel_subscribe is skipped that the openshift_facts dependency for
10 | # openshift_repos is also skipped (this is the case at least for Ansible
11 | # 2.0.2)
12 | - openshift_facts
13 | - role: rhel_subscribe
14 | when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and
15 | ansible_distribution == "RedHat" and
16 | lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) |
17 | default('no', True) | lower in ['no', 'false']
18 | - openshift_repos
19 | - os_update_latest
20 |
--------------------------------------------------------------------------------
/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Atomic OpenShift Master API
3 | Documentation=https://github.com/openshift/origin
4 | After=network-online.target
5 | After=etcd.service
6 | Before={{ openshift.common.service_type }}-node.service
7 | Requires=network-online.target
8 |
9 | [Service]
10 | Type=notify
11 | EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
12 | Environment=GOTRACEBACK=crash
13 | ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS
14 | LimitNOFILE=131072
15 | LimitCORE=infinity
16 | WorkingDirectory={{ openshift.common.data_dir }}
17 | SyslogIdentifier=atomic-openshift-master-api
18 | Restart=always
19 | RestartSec=5s
20 |
21 | [Install]
22 | WantedBy=multi-user.target
23 | WantedBy={{ openshift.common.service_type }}-node.service
24 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/v3_3/node_config_upgrade.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - modify_yaml:
3 | dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
4 | yaml_key: 'masterClientConnectionOverrides.acceptContentTypes'
5 | yaml_value: 'application/vnd.kubernetes.protobuf,application/json'
6 |
7 | - modify_yaml:
8 | dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
9 | yaml_key: 'masterClientConnectionOverrides.contentType'
10 | yaml_value: 'application/vnd.kubernetes.protobuf'
11 |
12 | - modify_yaml:
13 | dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
14 | yaml_key: 'masterClientConnectionOverrides.burst'
15 | yaml_value: 40
16 |
17 | - modify_yaml:
18 | dest: "{{ openshift.common.config_base}}/node/node-config.yaml"
19 | yaml_key: 'masterClientConnectionOverrides.qps'
20 | yaml_value: 20
21 |
22 |
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/vars.yml:
--------------------------------------------------------------------------------
1 | ---
2 | debug_level: 2
3 |
4 | deployment_rhel7_ent_base:
5 | image: "{{ lookup('oo_option', 'image_name') | default('rhel-7', True) }}"
6 | machine_type: "{{ lookup('oo_option', 'machine_type') | default('n1-standard-1', True) }}"
7 | ssh_user: "{{ lookup('env', 'gce_ssh_user') | default(ansible_ssh_user, true) }}"
8 | become: yes
9 |
10 | deployment_vars:
11 | origin:
12 | image: "{{ lookup('oo_option', 'image_name') | default('centos-7', True) }}"
13 | machine_type: "{{ lookup('oo_option', 'machine_type') | default('n1-standard-1', True) }}"
14 | ssh_user: "{{ lookup('env', 'gce_ssh_user') | default(ansible_ssh_user, true) }}"
15 | become: yes
16 | enterprise: "{{ deployment_rhel7_ent_base }}"
17 | openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
18 | atomic-enterprise: "{{ deployment_rhel7_ent_base }}"
19 |
--------------------------------------------------------------------------------
/utils/etc/ansible.cfg:
--------------------------------------------------------------------------------
1 | # config file for ansible -- http://ansible.com/
2 | # ==============================================
3 |
4 | # This config file provides examples for running
5 | # the OpenShift playbooks with the provided
6 | # inventory scripts. Only global defaults are
7 | # left uncommented
8 |
9 | [defaults]
10 | # Add the roles directory to the roles path
11 | roles_path = roles/
12 |
13 | # Set the log_path
14 | log_path = /tmp/ansible.log
15 |
16 | forks = 10
17 | host_key_checking = False
18 | nocows = 1
19 |
20 | retry_files_enabled = False
21 |
22 | deprecation_warnings = False
23 |
24 | # Need to handle:
25 | # inventory - derive from OO_ANSIBLE_DIRECTORY env var
26 | # callback_plugins - derive from pkg_resource.resource_filename
27 | # private_key_file - prompt if missing
28 | # remote_tmp - set if provided by user (cli)
29 | # ssh_args - set if provided by user (cli)
30 | # control_path
31 |
--------------------------------------------------------------------------------
/playbooks/adhoc/metrics_setup/README.md:
--------------------------------------------------------------------------------
1 | ## Playbook for adding [Metrics](https://github.com/openshift/origin-metrics) to Openshift
2 |
3 | See OSE Ansible [readme](https://github.com/openshift/openshift-ansible/blob/master/README_OSE.md) for general install instructions. Playbook has been tested on OSE 3.1/RHEL7.2 cluster
4 |
5 |
6 | Add the following vars to `[OSEv3:vars]` section of your inventory file
7 | ```
8 | [OSEv3:vars]
9 | # Enable cluster metrics
10 | use_cluster_metrics=true
11 | metrics_external_service=< external service name for metrics >
12 | metrics_image_prefix=rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/
13 | metrics_image_version=3.1.0
14 | ```
15 |
16 | Run playbook
17 | ```
18 | ansible-playbook -i $INVENTORY_FILE playbooks/install.yml
19 | ```
20 |
21 | ## Contact
22 | Email: hawkular-dev@lists.jboss.org
23 |
24 | ## Credits
25 | Playbook adapted from install shell scripts by Matt Mahoney
26 |
--------------------------------------------------------------------------------
/roles/docker/tasks/udev_workaround.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Getting current systemd-udevd exec command
4 | command: grep -e "^ExecStart=" /lib/systemd/system/systemd-udevd.service
5 | changed_when: false
6 | register: udevw_udev_start_cmd
7 |
8 | - name: Assure systemd-udevd.service.d directory exists
9 | file:
10 | path: "{{ udevw_udevd_dir }}"
11 | state: directory
12 |
13 | - name: Create systemd-udevd override file
14 | copy:
15 | content: |
16 | [Service]
17 | #Need blank ExecStart to "clear" pre-existing one
18 | ExecStart=
19 | {{ udevw_udev_start_cmd.stdout }} --event-timeout=300
20 | dest: "{{ udevw_udevd_dir }}/override.conf"
21 | owner: root
22 | mode: "0644"
23 | notify:
24 | - restart udev
25 | register: udevw_override_conf
26 |
27 | - name: reload systemd config files
28 | command: systemctl daemon-reload
29 | when: udevw_override_conf | changed
30 |
31 |
--------------------------------------------------------------------------------
/roles/openshift_expand_partition/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Ensure growpart is installed
3 | action: "{{ ansible_pkg_mgr }} name=cloud-utils-growpart state=present"
4 | when: not openshift.common.is_containerized | bool
5 |
6 | - name: Determine if growpart is installed
7 | command: "rpm -q cloud-utils-growpart"
8 | register: has_growpart
9 | failed_when: "has_growpart.cr != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout"
10 | changed_when: false
11 | when: openshift.common.is_containerized | bool
12 |
13 | - name: Grow the partitions
14 | command: "growpart {{oep_drive}} {{oep_partition}}"
15 |
16 | - name: Expand the filesystem - xfs
17 | command: "xfs_growfs {{oep_drive}}{{oep_partition}}"
18 | when: oep_file_system == "xfs"
19 |
20 | - name: Expand the filesystem - ext(2,3,4)
21 | command: "resize2fs {{oep_drive}}{{oep_partition}}"
22 | when: oep_file_system == "ext"
23 |
--------------------------------------------------------------------------------
/roles/openshift_master/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
3 | openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml"
4 | openshift_master_loopback_config: "{{ openshift_master_config_dir }}/openshift-master.kubeconfig"
5 | loopback_context_string: "current-context: {{ openshift.master.loopback_context_name }}"
6 | openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json"
7 | openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml"
8 | openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json"
9 |
10 | scheduler_config:
11 | kind: Policy
12 | apiVersion: v1
13 | predicates: "{{ openshift.master.scheduler_predicates }}"
14 | priorities: "{{ openshift.master.scheduler_priorities }}"
15 |
16 | openshift_master_valid_grant_methods:
17 | - auto
18 | - prompt
19 | - deny
20 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/list.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate oo_list_hosts group
3 | hosts: localhost
4 | gather_facts: no
5 | connection: local
6 | become: no
7 | vars_files:
8 | - vars.yml
9 | tasks:
10 | - set_fact: scratch_group=tag_clusterid_{{ cluster_id }}
11 | when: cluster_id != ''
12 | - set_fact: scratch_group=all
13 | when: cluster_id == ''
14 | - add_host:
15 | name: "{{ item }}"
16 | groups: oo_list_hosts
17 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
18 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
19 | with_items: "{{ groups[scratch_group] | default([]) | difference(['localhost']) }}"
20 |
21 | - name: List Hosts
22 | hosts: oo_list_hosts
23 | gather_facts: no
24 | tasks:
25 | - debug:
26 | msg: "public ip:{{ hostvars[inventory_hostname].ec2_ip_address }} private ip:{{ hostvars[inventory_hostname].ec2_private_ip_address }}"
27 |
--------------------------------------------------------------------------------
/roles/nuage_master/handlers/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nuage-openshift-monitor
3 | become: yes
4 | service: name=nuage-openshift-monitor state=restarted
5 |
6 | - name: restart master
7 | service: name={{ openshift.common.service_type }}-master state=restarted
8 | when: (not openshift_master_ha | bool) and (not master_service_status_changed | default(false))
9 |
10 | - name: restart master api
11 | service: name={{ openshift.common.service_type }}-master-api state=restarted
12 | when: (openshift_master_ha | bool) and (not master_api_service_status_changed | default(false)) and openshift.master.cluster_method == 'native'
13 |
14 | # TODO: need to fix up ignore_errors here
15 | - name: restart master controllers
16 | service: name={{ openshift.common.service_type }}-master-controllers state=restarted
17 | when: (openshift_master_ha | bool) and (not master_controllers_service_status_changed | default(false)) and openshift.master.cluster_method == 'native'
18 | ignore_errors: yes
19 |
--------------------------------------------------------------------------------
/utils/site_assets/oo_install_launcher.README.txt:
--------------------------------------------------------------------------------
1 | = oo-install Portable Installer Package
2 |
3 | This package is identical to the installer package that can be downloaded
4 | and executed directly from https://install.openshift.com/.
5 |
6 | NOTE: It will still be necessary for this installer to download RPMs from the
7 | internet, unless you have already set up the necessary local repositories.
8 |
9 | To run the installer from this package, run the following command:
10 |
11 | $ ./LAUNCHERNAME
12 |
13 | That command script and the packaged zip file can be burned to a CD or
14 | written to a USB drive and used to run the oo-install utility in places
15 | where the web-based installer is not reachable.
16 |
17 | All of the command-line arguments supported by oo-install can be passed
18 | to this launcher application.
19 |
20 | For more information for Enterprise installs, refer to the OpenShift
21 | Enterprise Administrator Guide:
22 | https://docs.openshift.com/enterprise/latest/welcome/index.html
23 |
--------------------------------------------------------------------------------
/playbooks/byo/rhel_subscribe.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | connection: local
4 | become: no
5 | gather_facts: no
6 | tasks:
7 | - include_vars: openshift-cluster/cluster_hosts.yml
8 | - add_host:
9 | name: "{{ item }}"
10 | groups: l_oo_all_hosts
11 | with_items: "{{ g_all_hosts }}"
12 |
13 | - hosts: l_oo_all_hosts
14 | gather_facts: no
15 | tasks:
16 | - include_vars: openshift-cluster/cluster_hosts.yml
17 |
18 | - include: ../common/openshift-cluster/evaluate_groups.yml
19 |
20 | - hosts: l_oo_all_hosts
21 | vars:
22 | openshift_deployment_type: "{{ deployment_type }}"
23 | roles:
24 | - role: rhel_subscribe
25 | when: deployment_type in ['atomic-enterprise', 'enterprise', 'openshift-enterprise'] and
26 | ansible_distribution == "RedHat" and
27 | lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) |
28 | default('no', True) | lower in ['no', 'false']
29 | - openshift_repos
30 | - os_update_latest
31 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/cleanup_unused_images.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Check Docker image count
3 | shell: "docker images -aq | wc -l"
4 | register: docker_image_count
5 | when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
6 |
7 | - debug: var=docker_image_count.stdout
8 | when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
9 |
10 | - name: Remove unused Docker images for Docker 1.10+ migration
11 | shell: "docker rmi `docker images -aq`"
12 | # Will fail on images still in use:
13 | failed_when: false
14 | when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
15 |
16 | - name: Check Docker image count
17 | shell: "docker images -aq | wc -l"
18 | register: docker_image_count
19 | when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
20 |
21 | - debug: var=docker_image_count.stdout
22 | when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
23 |
--------------------------------------------------------------------------------
/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Atomic OpenShift Master Controllers
3 | Documentation=https://github.com/openshift/origin
4 | After=network-online.target
5 | After={{ openshift.common.service_type }}-master-api.service
6 | Wants={{ openshift.common.service_type }}-master-api.service
7 | Requires=network-online.target
8 |
9 | [Service]
10 | {% if openshift.common.version_gte_3_1_1_or_1_1_1 | bool %}
11 | Type=notify
12 | {% else %}
13 | Type=simple
14 | {% endif %}
15 | EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
16 | Environment=GOTRACEBACK=crash
17 | ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS
18 | LimitNOFILE=131072
19 | LimitCORE=infinity
20 | WorkingDirectory={{ openshift.common.data_dir }}
21 | SyslogIdentifier={{ openshift.common.service_type }}-master-controllers
22 | Restart=always
23 | RestartSec=5s
24 |
25 | [Install]
26 | WantedBy=multi-user.target
27 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/validate_hostnames.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Gather and set facts for node hosts
3 | hosts: oo_nodes_to_config
4 | roles:
5 | - openshift_facts
6 | tasks:
7 | - shell:
8 | getent ahostsv4 {{ openshift.common.hostname }} | head -n 1 | awk '{ print $1 }'
9 | register: lookupip
10 | changed_when: false
11 | failed_when: false
12 | - name: Warn user about bad openshift_hostname values
13 | pause:
14 | prompt: "The hostname \"{{ openshift.common.hostname }}\" for \"{{ ansible_nodename }}\" doesn't resolve to an ip address owned by this host. Please set openshift_hostname variable to a hostname that when resolved on the host in question resolves to an IP address matching an interface on this host. This host will fail liveness checks for pods utilizing hostPorts, press ENTER to continue or CTRL-C to abort."
15 | seconds: "{{ 10 if openshift_override_hostname_check | default(false) | bool else omit }}"
16 | when: lookupip.stdout not in ansible_all_ipv4_addresses
17 |
--------------------------------------------------------------------------------
/roles/openshift_repos/README.md:
--------------------------------------------------------------------------------
1 | OpenShift Repos
2 | ================
3 |
4 | Configures repositories for an OpenShift installation
5 |
6 | Requirements
7 | ------------
8 |
9 | A RHEL 7.1 host pre-configured with access to the rhel-7-server-rpms,
10 | rhel-7-server-extra-rpms, and rhel-7-server-ose-3.0-rpms repos.
11 |
12 | Role Variables
13 | --------------
14 |
15 | | Name | Default value | |
16 | |-------------------------------|---------------|----------------------------------------------|
17 | | openshift_deployment_type | None | Possible values enterprise, origin, online |
18 | | openshift_additional_repos | {} | TODO |
19 |
20 | Dependencies
21 | ------------
22 |
23 | None.
24 |
25 | Example Playbook
26 | ----------------
27 |
28 | TODO
29 |
30 | License
31 | -------
32 |
33 | Apache License, Version 2.0
34 |
35 | Author Information
36 | ------------------
37 |
38 | TODO
39 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create libvirt storage directory for openshift
3 | file:
4 | dest: "{{ libvirt_storage_pool_path }}"
5 | state: directory
6 |
7 | # We need to set permissions on the directory and any items created under the directory, so we need to call the acl module with and without default set.
8 | - acl:
9 | default: '{{ item.default }}'
10 | entity: kvm
11 | etype: group
12 | name: "{{ libvirt_storage_pool_path }}"
13 | permissions: '{{ item.permissions }}'
14 | state: present
15 | with_items:
16 | - default: no
17 | permissions: x
18 | - default: yes
19 | permissions: rwx
20 |
21 | - name: Create the libvirt storage pool for OpenShift
22 | virt_pool:
23 | name: '{{ libvirt_storage_pool }}'
24 | state: '{{ item }}'
25 | autostart: 'yes'
26 | xml: "{{ lookup('template', 'storage-pool.xml') }}"
27 | uri: '{{ libvirt_uri }}'
28 | with_items:
29 | - present
30 | - active
31 |
--------------------------------------------------------------------------------
/utils/etc/ansible-quiet.cfg:
--------------------------------------------------------------------------------
1 | # config file for ansible -- http://ansible.com/
2 | # ==============================================
3 |
4 | # This config file provides examples for running
5 | # the OpenShift playbooks with the provided
6 | # inventory scripts. Only global defaults are
7 | # left uncommented
8 |
9 | [defaults]
10 | # Add the roles directory to the roles path
11 | roles_path = roles/
12 |
13 | # Set the log_path
14 | log_path = /tmp/ansible.log
15 |
16 | forks = 10
17 | host_key_checking = False
18 | nocows = 1
19 |
20 | retry_files_enabled = False
21 |
22 | deprecation_warnings=False
23 |
24 | # Need to handle:
25 | # inventory - derive from OO_ANSIBLE_DIRECTORY env var
26 | # callback_plugins - derive from pkg_resource.resource_filename
27 | # private_key_file - prompt if missing
28 | # remote_tmp - set if provided by user (cli)
29 | # ssh_args - set if provided by user (cli)
30 | # control_path
31 |
32 | stdout_callback = openshift_quick_installer
33 | callback_plugins = /usr/share/ansible_plugins/callback_plugins
34 |
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/update.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | gather_facts: no
4 | tasks:
5 | - include_vars: vars.yml
6 | - include_vars: cluster_hosts.yml
7 | - add_host:
8 | name: "{{ item }}"
9 | groups: l_oo_all_hosts
10 | with_items: "{{ g_all_hosts }}"
11 |
12 | - hosts: l_oo_all_hosts
13 | gather_facts: no
14 | tasks:
15 | - include_vars: vars.yml
16 | - include_vars: cluster_hosts.yml
17 |
18 | - name: Populate oo_hosts_to_update group
19 | hosts: localhost
20 | connection: local
21 | become: no
22 | gather_facts: no
23 | tasks:
24 | - name: Evaluate oo_hosts_to_update
25 | add_host:
26 | name: "{{ item }}"
27 | groups: oo_hosts_to_update
28 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
29 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
30 | with_items: "{{ g_all_hosts | default([]) }}"
31 |
32 | - include: ../../common/openshift-cluster/update_repos_and_packages.yml
33 |
34 | - include: config.yml
35 |
--------------------------------------------------------------------------------
/roles/openshift_named_certificates/tasks/named_certificates.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Clear named certificates
3 | file:
4 | path: "{{ named_certs_dir }}"
5 | state: absent
6 | when: overwrite_named_certs | bool
7 |
8 | - name: Ensure named certificate directory exists
9 | file:
10 | path: "{{ named_certs_dir }}"
11 | state: directory
12 | mode: 0700
13 |
14 | - name: Land named certificates
15 | copy:
16 | src: "{{ item.certfile }}"
17 | dest: "{{ named_certs_dir }}"
18 | with_items: "{{ openshift_master_named_certificates | default([]) }}"
19 |
20 | - name: Land named certificate keys
21 | copy:
22 | src: "{{ item.keyfile }}"
23 | dest: "{{ named_certs_dir }}"
24 | mode: 0600
25 | with_items: "{{ openshift_master_named_certificates | default([]) }}"
26 |
27 | - name: Land named CA certificates
28 | copy:
29 | src: "{{ item }}"
30 | dest: "{{ named_certs_dir }}"
31 | mode: 0600
32 | with_items: "{{ openshift_master_named_certificates | default([]) | oo_collect('cafile') }}"
33 |
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/update.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | gather_facts: no
4 | tasks:
5 | - include_vars: vars.yml
6 | - include_vars: cluster_hosts.yml
7 | - add_host:
8 | name: "{{ item }}"
9 | groups: l_oo_all_hosts
10 | with_items: "{{ g_all_hosts }}"
11 |
12 | - hosts: l_oo_all_hosts
13 | gather_facts: no
14 | tasks:
15 | - include_vars: vars.yml
16 | - include_vars: cluster_hosts.yml
17 |
18 | - name: Populate oo_hosts_to_update group
19 | hosts: localhost
20 | connection: local
21 | become: no
22 | gather_facts: no
23 | tasks:
24 | - name: Evaluate oo_hosts_to_update
25 | add_host:
26 | name: "{{ item }}"
27 | groups: oo_hosts_to_update
28 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
29 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
30 | with_items: "{{ g_all_hosts | default([]) }}"
31 |
32 | - include: ../../common/openshift-cluster/update_repos_and_packages.yml
33 |
34 | - include: config.yml
35 |
--------------------------------------------------------------------------------
/roles/openshift_cli/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install clients
3 | action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present"
4 | when: not openshift.common.is_containerized | bool
5 |
6 | - name: Pull CLI Image
7 | command: >
8 | docker pull {{ openshift.common.cli_image }}:{{ openshift_image_tag }}
9 | register: pull_result
10 | changed_when: "'Downloaded newer image' in pull_result.stdout"
11 | when: openshift.common.is_containerized | bool
12 |
13 | - name: Copy client binaries/symlinks out of CLI image for use on the host
14 | openshift_container_binary_sync:
15 | image: "{{ openshift.common.cli_image }}"
16 | tag: "{{ openshift_image_tag }}"
17 | when: openshift.common.is_containerized | bool
18 |
19 | - name: Reload facts to pick up installed OpenShift version
20 | openshift_facts:
21 |
22 | - name: Install bash completion for oc tools
23 | action: "{{ ansible_pkg_mgr }} name=bash-completion state=present"
24 | when: not openshift.common.is_containerized | bool
25 |
--------------------------------------------------------------------------------
/offline/yum.repos.d/openshift-ansible-centos-paas-sig.repo:
--------------------------------------------------------------------------------
1 | [centos-openshift-origin]
2 | name=CentOS OpenShift Origin
3 | baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
4 | enabled=1
5 | gpgcheck=1
6 | gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
7 |
8 | [centos-openshift-origin-testing]
9 | name=CentOS OpenShift Origin Testing
10 | baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/
11 | enabled=0
12 | gpgcheck=0
13 | gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
14 |
15 | [centos-openshift-origin-debuginfo]
16 | name=CentOS OpenShift Origin DebugInfo
17 | baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
18 | enabled=0
19 | gpgcheck=1
20 | gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
21 |
22 | [centos-openshift-origin-source]
23 | name=CentOS OpenShift Origin Source
24 | baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin/
25 | enabled=0
26 | gpgcheck=1
27 | gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
28 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/update.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | gather_facts: no
4 | tasks:
5 | - include_vars: vars.yml
6 | - include_vars: cluster_hosts.yml
7 | - add_host:
8 | name: "{{ item }}"
9 | groups: l_oo_all_hosts
10 | with_items: "{{ g_all_hosts }}"
11 |
12 | - hosts: l_oo_all_hosts
13 | gather_facts: no
14 | tasks:
15 | - include_vars: vars.yml
16 | - include_vars: cluster_hosts.yml
17 |
18 | - name: Update - Populate oo_hosts_to_update group
19 | hosts: localhost
20 | connection: local
21 | become: no
22 | gather_facts: no
23 | tasks:
24 | - name: Update - Evaluate oo_hosts_to_update
25 | add_host:
26 | name: "{{ item }}"
27 | groups: oo_hosts_to_update
28 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
29 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
30 | with_items: "{{ g_all_hosts | default([]) }}"
31 |
32 | - include: ../../common/openshift-cluster/update_repos_and_packages.yml
33 |
34 | - include: config.yml
35 |
--------------------------------------------------------------------------------
/roles/openshift_builddefaults/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | builddefaults_yaml:
3 | BuildDefaults:
4 | configuration:
5 | apiVersion: v1
6 | kind: BuildDefaultsConfig
7 | gitHTTPProxy: "{{ openshift.builddefaults.git_http_proxy | default('', true) }}"
8 | gitHTTPSProxy: "{{ openshift.builddefaults.git_https_proxy | default('', true) }}"
9 | env:
10 | - name: HTTP_PROXY
11 | value: "{{ openshift.builddefaults.http_proxy | default('', true) }}"
12 | - name: HTTPS_PROXY
13 | value: "{{ openshift.builddefaults.https_proxy | default('', true) }}"
14 | - name: NO_PROXY
15 | value: "{{ openshift.builddefaults.no_proxy | default('', true) | join(',') }}"
16 | - name: http_proxy
17 | value: "{{ openshift.builddefaults.http_proxy | default('', true) }}"
18 | - name: https_proxy
19 | value: "{{ openshift.builddefaults.https_proxy | default('', true) }}"
20 | - name: no_proxy
21 | value: "{{ openshift.builddefaults.no_proxy | default('', true) | join(',') }}"
22 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/list.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate oo_list_hosts group
3 | hosts: localhost
4 | become: no
5 | connection: local
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | tasks:
10 | - set_fact: scratch_group=tag_clusterid-{{ cluster_id }}
11 | when: cluster_id != ''
12 | - set_fact: scratch_group=all
13 | when: cluster_id == ''
14 | - add_host:
15 | name: "{{ item }}"
16 | groups: oo_list_hosts
17 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
18 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
19 | with_items: "{{ groups[scratch_group] | default([]) | difference(['localhost']) }}"
20 |
21 | - name: List Hosts
22 | hosts: oo_list_hosts
23 |
24 | - name: List Hosts
25 | hosts: localhost
26 | become: no
27 | connection: local
28 | gather_facts: no
29 | vars_files:
30 | - vars.yml
31 | tasks:
32 | - debug:
33 | msg: "{{ hostvars | oo_select_keys(groups[scratch_group] | default([])) | oo_pretty_print_cluster }}"
34 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/add_nodes.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Launch instance(s)
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | vars:
10 | oo_extend_env: True
11 | tasks:
12 | - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
13 | vars:
14 | type: "compute"
15 | count: "{{ num_nodes }}"
16 | - include: tasks/launch_instances.yml
17 | vars:
18 | instances: "{{ node_names }}"
19 | cluster: "{{ cluster_id }}"
20 | type: "{{ k8s_type }}"
21 | g_sub_host_type: "{{ sub_host_type }}"
22 |
23 | - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
24 | vars:
25 | type: "infra"
26 | count: "{{ num_infra }}"
27 | - include: tasks/launch_instances.yml
28 | vars:
29 | instances: "{{ node_names }}"
30 | cluster: "{{ cluster_id }}"
31 | type: "{{ k8s_type }}"
32 | g_sub_host_type: "{{ sub_host_type }}"
33 |
34 | - include: scaleup.yml
35 | - include: list.yml
36 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/config.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: ../../common/openshift-cluster/verify_ansible_version.yml
3 |
4 | - name: Create initial host groups for localhost
5 | hosts: localhost
6 | connection: local
7 | become: no
8 | gather_facts: no
9 | tags:
10 | - always
11 | tasks:
12 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
13 | - add_host:
14 | name: "{{ item }}"
15 | groups: l_oo_all_hosts
16 | with_items: "{{ g_all_hosts | default([]) }}"
17 |
18 | - name: Create initial host groups for all hosts
19 | hosts: l_oo_all_hosts
20 | gather_facts: no
21 | tags:
22 | - always
23 | tasks:
24 | - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml
25 |
26 | - include: ../../common/openshift-cluster/config.yml
27 | vars:
28 | openshift_cluster_id: "{{ cluster_id | default('default') }}"
29 | openshift_debug_level: "{{ debug_level | default(2) }}"
30 | openshift_deployment_type: "{{ deployment_type }}"
31 | openshift_deployment_subtype: "{{ deployment_subtype | default(none) }}"
32 |
--------------------------------------------------------------------------------
/roles/rhel_subscribe/tasks/enterprise.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable all repositories
3 | command: subscription-manager repos --disable="*"
4 |
5 | - set_fact:
6 | default_ose_version: '3.0'
7 | when: deployment_type == 'enterprise'
8 |
9 | - set_fact:
10 | default_ose_version: '3.3'
11 | when: deployment_type in ['atomic-enterprise', 'openshift-enterprise']
12 |
13 | - set_fact:
14 | ose_version: "{{ lookup('oo_option', 'ose_version') | default(default_ose_version, True) }}"
15 |
16 | - fail:
17 | msg: "{{ ose_version }} is not a valid version for {{ deployment_type }} deployment type"
18 | when: ( deployment_type == 'enterprise' and ose_version not in ['3.0'] ) or
19 | ( deployment_type in ['atomic-enterprise', 'openshift-enterprise'] and ose_version not in ['3.1', '3.2', '3.3'] )
20 |
21 | - name: Enable RHEL repositories
22 | command: subscription-manager repos \
23 | --enable="rhel-7-server-rpms" \
24 | --enable="rhel-7-server-extras-rpms" \
25 | --enable="rhel-7-server-ose-{{ ose_version }}-rpms"
26 |
--------------------------------------------------------------------------------
/roles/openshift_cloud_provider/templates/openstack.conf.j2:
--------------------------------------------------------------------------------
1 | [Global]
2 | auth-url = {{ openshift_cloudprovider_openstack_auth_url }}
3 | username = {{ openshift_cloudprovider_openstack_username }}
4 | password = {{ openshift_cloudprovider_openstack_password }}
5 | {% if openshift_cloudprovider_openstack_domain_id is defined %}
6 | domain-id = {{ openshift_cloudprovider_openstack_domain_id }}
7 | {% elif openshift_cloudprovider_openstack_domain_name is defined %}
8 | domain-name = {{ openshift_cloudprovider_openstack_domain_name }}
9 | {% endif %}
10 | {% if openshift_cloudprovider_openstack_tenant_id is defined %}
11 | tenant-id = {{ openshift_cloudprovider_openstack_tenant_id }}
12 | {% else %}
13 | tenant-name = {{ openshift_cloudprovider_openstack_tenant_name }}
14 | {% endif %}
15 | {% if openshift_cloudprovider_openstack_region is defined %}
16 | region = {{ openshift_cloudprovider_openstack_region }}
17 | {% endif %}
18 | {% if openshift_cloudprovider_openstack_lb_subnet_id is defined %}
19 | [LoadBalancer]
20 | subnet-id = {{ openshift_cloudprovider_openstack_lb_subnet_id }}
21 | {% endif %}
22 |
--------------------------------------------------------------------------------
/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml:
--------------------------------------------------------------------------------
1 | # Playbook to upgrade Docker to the max allowable version for an OpenShift cluster.
2 | #
3 | # Currently only supports upgrading 1.9.x to >= 1.10.x.
4 | - hosts: localhost
5 | connection: local
6 | become: no
7 | gather_facts: no
8 | tasks:
9 | - include_vars: ../../cluster_hosts.yml
10 | - add_host:
11 | name: "{{ item }}"
12 | groups: l_oo_all_hosts
13 | with_items: "{{ g_all_hosts | default([]) }}"
14 | changed_when: false
15 |
16 | - hosts: l_oo_all_hosts
17 | gather_facts: no
18 | tasks:
19 | - include_vars: ../../cluster_hosts.yml
20 |
21 | - include: ../../../../common/openshift-cluster/evaluate_groups.yml
22 | vars:
23 | # Do not allow adding hosts during upgrade.
24 | g_new_master_hosts: []
25 | g_new_node_hosts: []
26 | openshift_cluster_id: "{{ cluster_id | default('default') }}"
27 | openshift_deployment_type: "{{ deployment_type }}"
28 |
29 | - include: ../../../../common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml
30 |
31 | - include: docker_upgrade.yml
32 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/update.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: localhost
3 | gather_facts: no
4 | tasks:
5 | - include_vars: vars.yml
6 | - include_vars: cluster_hosts.yml
7 | - add_host:
8 | name: "{{ item }}"
9 | groups: l_oo_all_hosts
10 | with_items: '{{ g_all_hosts }}'
11 |
12 | - hosts: l_oo_all_hosts
13 | gather_facts: no
14 | tasks:
15 | - include_vars: vars.yml
16 | - include_vars: cluster_hosts.yml
17 |
18 | - name: Populate oo_hosts_to_update group
19 | hosts: localhost
20 | connection: local
21 | become: no
22 | gather_facts: no
23 | vars_files:
24 | - vars.yml
25 | - cluster_hosts.yml
26 | tasks:
27 | - name: Evaluate oo_hosts_to_update
28 | add_host:
29 | name: "{{ item }}"
30 | groups: oo_hosts_to_update
31 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
32 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
33 | with_items: '{{ g_all_hosts | default([]) }}'
34 |
35 | - include: ../../common/openshift-cluster/update_repos_and_packages.yml
36 |
37 | - include: config.yml
38 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM rhel7
2 |
3 | MAINTAINER Troy Dawson
4 |
5 | LABEL Name="openshift3/installer"
6 | LABEL Vendor="Red Hat" License=GPLv2+
7 | LABEL Version="v3.1.1.901"
8 | LABEL Release="6"
9 | LABEL BZComponent="aos3-installation-docker"
10 | LABEL Architecture="x86_64"
11 | LABEL io.k8s.description="Ansible code and playbooks for installing Openshift Container Platform." \
12 | io.k8s.display-name="Openshift Installer" \
13 | io.openshift.tags="openshift,installer"
14 |
15 | RUN INSTALL_PKGS="atomic-openshift-utils" && \
16 | yum install -y --enablerepo=rhel-7-server-ose-3.2-rpms $INSTALL_PKGS && \
17 | rpm -V $INSTALL_PKGS && \
18 | yum clean all
19 |
20 | # Expect user to mount a workdir for container output (installer.cfg, hosts inventory, ansible log)
21 | VOLUME /var/lib/openshift-installer/
22 | WORKDIR /var/lib/openshift-installer/
23 |
24 | RUN mkdir -p /var/lib/openshift-installer/
25 |
26 | ENTRYPOINT ["/usr/bin/atomic-openshift-installer", "-c", "/var/lib/openshift-installer/installer.cfg", "--ansible-log-path", "/var/lib/openshift-installer/ansible.log"]
27 |
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/list.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate oo_list_hosts group
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | tasks:
10 | - set_fact: scratch_group=tag_clusterid-{{ cluster_id }}
11 | when: cluster_id != ''
12 | - set_fact: scratch_group=all
13 | when: cluster_id == ''
14 | - add_host:
15 | name: "{{ item }}"
16 | groups: oo_list_hosts
17 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
18 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
19 | with_items: "{{ groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) }}"
20 |
21 | - name: List Hosts
22 | hosts: oo_list_hosts
23 |
24 | - name: List Hosts
25 | hosts: localhost
26 | become: no
27 | connection: local
28 | gather_facts: no
29 | vars_files:
30 | - vars.yml
31 | tasks:
32 | - debug:
33 | msg: "{{ hostvars | oo_select_keys(groups[scratch_group] | default([])) | oo_pretty_print_cluster }}"
34 |
--------------------------------------------------------------------------------
/roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo:
--------------------------------------------------------------------------------
1 | # [centos-openshift-origin]
2 | # name=CentOS OpenShift Origin
3 | # baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
4 | # enabled=1
5 | # gpgcheck=1
6 | # gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
7 |
8 | # [centos-openshift-origin-testing]
9 | # name=CentOS OpenShift Origin Testing
10 | # baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/
11 | # enabled=0
12 | # gpgcheck=0
13 | # gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
14 |
15 | # [centos-openshift-origin-debuginfo]
16 | # name=CentOS OpenShift Origin DebugInfo
17 | # baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
18 | # enabled=0
19 | # gpgcheck=1
20 | # gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
21 |
22 | # [centos-openshift-origin-source]
23 | # name=CentOS OpenShift Origin Source
24 | # baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin/
25 | # enabled=0
26 | # gpgcheck=1
27 | # gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
28 |
--------------------------------------------------------------------------------
/roles/openshift_hosted_templates/sync-templates.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Utility script to update the ansible repo with the latest templates for
4 | # metrics and logging
5 | #
6 | # This script should be run from
7 | # openshift-ansible/roles/openshift_hosted_templates
8 |
9 | ORIGIN_VERSION=v1.4
10 | EXAMPLES_BASE=$(pwd)/files/${ORIGIN_VERSION}
11 | find ${EXAMPLES_BASE} -name '*.json' -delete
12 | TEMP=`mktemp -d`
13 | pushd $TEMP
14 |
15 | wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/origin/metrics-deployer.yaml
16 | wget https://raw.githubusercontent.com/openshift/origin-metrics/enterprise/metrics.yaml -O ${EXAMPLES_BASE}/enterprise/metrics-deployer.yaml
17 | wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/master/deployer/deployer.yaml -O ${EXAMPLES_BASE}/origin/logging-deployer.yaml
18 | wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/enterprise/deployment/deployer.yaml -O ${EXAMPLES_BASE}/enterprise/logging-deployer.yaml
19 |
20 | popd
21 | git diff files
22 |
--------------------------------------------------------------------------------
/roles/nuage_master/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create directory /usr/share/nuage-openshift-monitor
3 | become: yes
4 | file: path=/usr/share/nuage-openshift-monitor state=directory
5 |
6 | - name: Create the log directory
7 | become: yes
8 | file: path={{ nuage_mon_rest_server_logdir }} state=directory
9 |
10 | - name: Install Nuage Openshift Monitor
11 | become: yes
12 | yum: name={{ nuage_openshift_rpm }} state=present
13 |
14 | - include: serviceaccount.yml
15 |
16 | - name: Download the certs and keys
17 | become: yes
18 | fetch: src={{ cert_output_dir }}/{{ item }} dest=/tmp/{{ item }} flat=yes
19 | with_items:
20 | - ca.crt
21 | - nuage.crt
22 | - nuage.key
23 | - nuage.kubeconfig
24 |
25 | - include: certificates.yml
26 |
27 | - name: Create nuage-openshift-monitor.yaml
28 | become: yes
29 | template: src=nuage-openshift-monitor.j2 dest=/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml owner=root mode=0644
30 | notify:
31 | - restart master
32 | - restart master api
33 | - restart master controllers
34 | - restart nuage-openshift-monitor
35 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-master/restart_services.yml:
--------------------------------------------------------------------------------
1 | - name: Restart master
2 | service:
3 | name: "{{ openshift.common.service_type }}-master"
4 | state: restarted
5 | when: not openshift_master_ha | bool
6 | - name: Restart master API
7 | service:
8 | name: "{{ openshift.common.service_type }}-master-api"
9 | state: restarted
10 | when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker'
11 | - name: Wait for master API to come back online
12 | become: no
13 | local_action:
14 | module: wait_for
15 | host="{{ inventory_hostname }}"
16 | state=started
17 | delay=10
18 | port="{{ openshift.master.api_port }}"
19 | when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker'
20 | - name: Restart master controllers
21 | service:
22 | name: "{{ openshift.common.service_type }}-master-controllers"
23 | state: restarted
24 | # Ignore errrors since it is possible that type != simple for
25 | # pre-3.1.1 installations.
26 | ignore_errors: true
27 | when: openshift_master_ha | bool and openshift.master.cluster_method != 'pacemaker'
28 |
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/list.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate oo_list_hosts group
3 | hosts: localhost
4 | become: no
5 | connection: local
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | tasks:
10 | - set_fact: scratch_group=meta-clusterid_{{ cluster_id }}
11 | when: cluster_id != ''
12 | - set_fact: scratch_group=all
13 | when: cluster_id == ''
14 | - add_host:
15 | name: "{{ item }}"
16 | groups: oo_list_hosts
17 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
18 | ansible_ssh_host: "{{ hostvars[item].ansible_ssh_host | default(item) }}"
19 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
20 | with_items: "{{ groups[scratch_group] | default([]) | difference(['localhost']) }}"
21 |
22 | - name: List Hosts
23 | hosts: oo_list_hosts
24 |
25 | - name: List Hosts
26 | hosts: localhost
27 | become: no
28 | connection: local
29 | gather_facts: no
30 | vars_files:
31 | - vars.yml
32 | tasks:
33 | - debug:
34 | msg: "{{ hostvars | oo_select_keys(groups[scratch_group] | default([])) | oo_pretty_print_cluster('meta-') }}"
35 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/pre/verify_docker_upgrade_targets.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Verify docker upgrade targets
3 | hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
4 | tasks:
5 | # Only check if docker upgrade is required if docker_upgrade is not
6 | # already set to False.
7 | - include: ../docker/upgrade_check.yml
8 | when: docker_upgrade is not defined or docker_upgrade | bool and not openshift.common.is_atomic | bool
9 |
10 | # Additional checks for Atomic hosts:
11 |
12 | - name: Determine available Docker
13 | shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker"
14 | register: g_atomic_docker_version_result
15 | when: openshift.common.is_atomic | bool
16 |
17 | - set_fact:
18 | l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}"
19 | when: openshift.common.is_atomic | bool
20 |
21 | - fail:
22 | msg: This playbook requires access to Docker 1.10 or later
23 | when: openshift.common.is_atomic | bool and l_docker_version.avail_version | default(l_docker_version.curr_version, true) | version_compare('1.10','<')
24 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/cluster_hosts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | g_all_hosts: "{{ groups['tag_clusterid_' ~ cluster_id] | default([])
3 | | intersect(groups['tag_environment_' ~ cluster_env] | default([])) }}"
4 |
5 | g_etcd_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_etcd'] | default([])) }}"
6 |
7 | g_lb_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_lb'] | default([])) }}"
8 |
9 | g_nfs_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_nfs'] | default([])) }}"
10 |
11 | g_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_master'] | default([])) }}"
12 |
13 | g_new_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_new_master'] | default([])) }}"
14 |
15 | g_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_node'] | default([])) }}"
16 |
17 | g_new_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_new_node'] | default([])) }}"
18 |
19 | g_infra_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type_infra'] | default([])) }}"
20 |
21 | g_compute_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type_compute'] | default([])) }}"
22 |
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/cluster_hosts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | g_all_hosts: "{{ groups['tag_clusterid-' ~ cluster_id] | default([])
3 | | intersect(groups['tag_environment-' ~ cluster_env] | default([])) }}"
4 |
5 | g_etcd_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-etcd'] | default([])) }}"
6 |
7 | g_lb_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-lb'] | default([])) }}"
8 |
9 | g_nfs_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-nfs'] | default([])) }}"
10 |
11 | g_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-master'] | default([])) }}"
12 |
13 | g_new_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-new-master'] | default([])) }}"
14 |
15 | g_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-node'] | default([])) }}"
16 |
17 | g_new_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-new-node'] | default([])) }}"
18 |
19 | g_infra_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type-infra'] | default([])) }}"
20 |
21 | g_compute_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type-compute'] | default([])) }}"
22 |
--------------------------------------------------------------------------------
/roles/kube_nfs_volumes/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - fail:
3 | msg: "This role is not yet supported on atomic hosts"
4 | when: openshift.common.is_atomic | bool
5 |
6 | - name: Install pyparted (RedHat/Fedora)
7 | action: "{{ ansible_pkg_mgr }} name=pyparted,python-httplib2 state=present"
8 | when: not openshift.common.is_containerized | bool
9 |
10 | - name: partition the drives
11 | partitionpool: disks={{ disks }} force={{ force }} sizes={{ sizes }}
12 |
13 | - name: create filesystem
14 | filesystem: fstype=ext4 dev=/dev/{{ item.name }}
15 | with_items: "{{ partition_pool }}"
16 |
17 | - name: mount
18 | mount: name={{mount_dir}}/{{ item.name }} src=/dev/{{ item.name }} state=mounted fstype=ext4 passno=2
19 | with_items: "{{ partition_pool }}"
20 |
21 | - include: nfs.yml
22 |
23 | - name: export physical volumes
24 | uri:
25 | url: "{{ kubernetes_url }}/api/{{ kube_api_version }}/persistentvolumes"
26 | method: POST
27 | body: "{{ lookup('template', kube_req_template) }}"
28 | body_format: json
29 | status_code: 201
30 | HEADER_Authorization: "Bearer {{ kubernetes_token }}"
31 | with_items: "{{ partition_pool }}"
32 |
--------------------------------------------------------------------------------
/utils/README.md:
--------------------------------------------------------------------------------
1 | # Running Tests (NEW)
2 |
3 | Run the command:
4 |
5 | make ci
6 |
7 | to run an array of unittests locally.
8 |
9 | You will get errors if the log files already exist and can not be
10 | written to by the current user (`/tmp/ansible.log` and
11 | `/tmp/installer.txt`). *We're working on it.*
12 |
13 | # Running From Source
14 |
15 | You will need to setup a **virtualenv** to run from source:
16 |
17 | $ virtualenv oo-install
18 | $ source ./oo-install/bin/activate
19 | $ virtualenv --relocatable ./oo-install/
20 | $ python setup.py install
21 |
22 | The virtualenv `bin` directory should now be at the start of your
23 | `$PATH`, and `oo-install` is ready to use from your shell.
24 |
25 | You can exit the virtualenv with:
26 |
27 | $ deactivate
28 |
29 | # Testing (OLD)
30 |
31 | *This section is deprecated, but still works*
32 |
33 | First, run the **virtualenv setup steps** described above.
34 |
35 | Install some testing libraries: (we cannot do this via setuptools due to the version virtualenv bundles)
36 |
37 | $ pip install mock nose
38 |
39 | Then run the tests with:
40 |
41 | $ oo-install/bin/nosetests
42 |
--------------------------------------------------------------------------------
/playbooks/libvirt/openshift-cluster/cluster_hosts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | g_all_hosts: "{{ groups['tag_clusterid-' ~ cluster_id] | default([])
3 | | intersect(groups['tag_environment-' ~ cluster_env] | default([])) }}"
4 |
5 | g_etcd_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-etcd'] | default([])) }}"
6 |
7 | g_lb_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-lb'] | default([])) }}"
8 |
9 | g_nfs_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-nfs'] | default([])) }}"
10 |
11 | g_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-master'] | default([])) }}"
12 |
13 | g_new_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-new-master'] | default([])) }}"
14 |
15 | g_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-node'] | default([])) }}"
16 |
17 | g_new_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type-new-node'] | default([])) }}"
18 |
19 | g_infra_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type-infra'] | default([])) }}"
20 |
21 | g_compute_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type-compute'] | default([])) }}"
22 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Call same systemctl command for openshift on all instance(s)
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | - cluster_hosts.yml
10 | tasks:
11 | - fail: msg="cluster_id is required to be injected in this playbook"
12 | when: cluster_id is not defined
13 |
14 | - name: Evaluate g_service_masters
15 | add_host:
16 | name: "{{ item }}"
17 | groups: g_service_masters
18 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
19 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
20 | with_items: "{{ master_hosts | default([]) }}"
21 |
22 | - name: Evaluate g_service_nodes
23 | add_host:
24 | name: "{{ item }}"
25 | groups: g_service_nodes
26 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
27 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
28 | with_items: "{{ node_hosts | default([]) }}"
29 |
30 | - include: ../../common/openshift-node/service.yml
31 | - include: ../../common/openshift-master/service.yml
32 |
--------------------------------------------------------------------------------
/playbooks/openstack/openshift-cluster/cluster_hosts.yml:
--------------------------------------------------------------------------------
1 | ---
2 | g_all_hosts: "{{ groups['meta-clusterid_' ~ cluster_id] | default([])
3 | | intersect(groups['meta-environment_' ~ cluster_env] | default([])) }}"
4 |
5 | g_etcd_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_etcd'] | default([])) }}"
6 |
7 | g_lb_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_lb'] | default([])) }}"
8 |
9 | g_nfs_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_nfs'] | default([])) }}"
10 |
11 | g_master_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_master'] | default([])) }}"
12 |
13 | g_new_master_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_new_master'] | default([])) }}"
14 |
15 | g_node_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_node'] | default([])) }}"
16 |
17 | g_new_node_hosts: "{{ g_all_hosts | intersect(groups['meta-host-type_new_node'] | default([])) }}"
18 |
19 | g_infra_hosts: "{{ g_node_hosts | intersect(groups['meta-sub-host-type_infra'] | default([])) }}"
20 |
21 | g_compute_hosts: "{{ g_node_hosts | intersect(groups['meta-sub-host-type_compute'] | default([])) }}"
22 |
--------------------------------------------------------------------------------
/roles/openshift_repos/files/origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS:
--------------------------------------------------------------------------------
1 | -----BEGIN PGP PUBLIC KEY BLOCK-----
2 | Version: GnuPG v2.0.22 (GNU/Linux)
3 |
4 | mQENBFc8iwUBCADadBGYmA2nFvq79/5uxUQOiPqC/QflWcPX1B6SQKniUhyqaSes
5 | gNMJsPppKRV4NZKITcL8lZ90+Gds0fmL3b5xz1r5Rfm3ilSItEqeGlLIJZBvANyx
6 | rAT3q8EgkkVRyhZPseUMZj04O8OKnt1jrHakVkOp0lJClqhZ+bs/7yLRmaLXTcum
7 | +ouqUKzQoAEDnqe9nJmmJhC6n2vg7o0PCo/9qOf/scQbv4FNoJfmkcVLRmwmqzgh
8 | bGj6QaOgij3sl94pZ3HFop4f+eU0kNbyt9J18fKI8X0DdHkDW8kO1UwwHT2ibJ1t
9 | mBaUsE1zZ0DvfyFad1xXAgm+SIlJgdpPvPNLABEBAAG0WUNlbnRPUyBQYWFTIFNJ
10 | RyAoaHR0cHM6Ly93aWtpLmNlbnRvcy5vcmcvU3BlY2lhbEludGVyZXN0R3JvdXAv
11 | UGFhUykgPHNlY3VyaXR5QGNlbnRvcy5vcmc+iQE5BBMBAgAjBQJXPIsFAhsDBwsJ
12 | CAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQw0xb1C8pfsyT2gf9FqJoc8oZ+T5A
13 | 8cZslMyCWziPi0o7kd/Rw91T7dkV+VIC+sFlVga7fkPEAiD8U7JFE+a1IlcjfGuY
14 | my4S6UH8K5zL36CRg2MF112HE5TWoBxF3KZg9nOJQ2NLapJowaP8uITYG4vlgV3g
15 | GJD2OC191tjcqmelFnhAN0EBdxrRrBJ7tr3OCtL6bJ6NPQ0bXPI2Fjbm7SbxTfpE
16 | ggEU8R7WZQApYgl8zRfyS12SfpFV8ZU+lIBmJaU1qaY4/BmNgG6e7clmq8xVZQLg
17 | ZH9qi9+HPh+80+8/WhJUddlVXc2g6c4VjnnFpZfsrMdTAFuEsrjkyaxqeBjXCgbb
18 | pzGjTg0LXg==
19 | =CVSF
20 | -----END PGP PUBLIC KEY BLOCK-----
21 |
--------------------------------------------------------------------------------
/roles/openshift_builddefaults/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Set builddefaults
3 | openshift_facts:
4 | role: builddefaults
5 | # TODO: add ability to define builddefaults env vars sort of like this
6 | # may need to move the config generation to a filter however.
7 | # openshift_env: "{{ hostvars
8 | # | oo_merge_hostvars(vars, inventory_hostname)
9 | # | oo_openshift_env }}"
10 | # openshift_env_structures:
11 | # - 'openshift.builddefaults.env.*'
12 | local_facts:
13 | http_proxy: "{{ openshift_builddefaults_http_proxy | default(None) }}"
14 | https_proxy: "{{ openshift_builddefaults_https_proxy | default(None) }}"
15 | no_proxy: "{{ openshift_builddefaults_no_proxy | default(None) }}"
16 | git_http_proxy: "{{ openshift_builddefaults_git_http_proxy | default(None) }}"
17 | git_https_proxy: "{{ openshift_builddefaults_git_https_proxy | default(None) }}"
18 |
19 | - name: Set builddefaults config structure
20 | openshift_facts:
21 | role: builddefaults
22 | local_facts:
23 | config: "{{ openshift_builddefaults_json | default(builddefaults_yaml) }}"
24 |
25 |
--------------------------------------------------------------------------------
/roles/openshift_node/tasks/storage_plugins/nfs.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install NFS storage plugin dependencies
3 | action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present"
4 | when: not openshift.common.is_atomic | bool
5 |
6 | - name: Check for existence of seboolean
7 | command: getsebool {{ item }}
8 | register: getsebool_status
9 | when: ansible_selinux and ansible_selinux.status == "enabled"
10 | failed_when: false
11 | changed_when: false
12 | with_items:
13 | - virt_use_nfs
14 | - virt_sandbox_use_nfs
15 |
16 | - name: Set seboolean to allow nfs storage plugin access from containers
17 | seboolean:
18 | name: "{{ item.item }}"
19 | state: yes
20 | persistent: yes
21 | # We need to detect whether or not the boolean is an alias, since `seboolean`
22 | # will error if it is an alias. We do this by inspecting stdout for the boolean name,
23 | # since getsebool prints the resolved name. (At some point Ansible's seboolean module
24 | # should learn to deal with aliases)
25 | when: ansible_selinux and ansible_selinux.status == "enabled" and item.rc == 0 and item.stdout.find(item.item) != -1
26 | with_items: "{{ getsebool_status.results }}"
27 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-node/scaleup.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include: ../openshift-cluster/evaluate_groups.yml
3 |
4 | - name: Gather facts
5 | hosts: oo_etcd_to_config:oo_masters_to_config:oo_nodes_to_config
6 | roles:
7 | - openshift_facts
8 |
9 | - name: Gather and set facts for first master
10 | hosts: oo_first_master
11 | vars:
12 | openshift_master_count: "{{ groups.oo_masters | length }}"
13 | pre_tasks:
14 | - set_fact:
15 | openshift_master_default_subdomain: "{{ lookup('oo_option', 'openshift_master_default_subdomain') | default(None, true) }}"
16 | when: openshift_master_default_subdomain is not defined
17 | roles:
18 | - openshift_master_facts
19 |
20 | - name: Configure docker hosts
21 | hosts: oo_nodes_to_config
22 | vars:
23 | docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}"
24 | docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}"
25 | docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}"
26 | roles:
27 | - openshift_facts
28 | - openshift_docker
29 |
30 | - include: ../openshift-node/config.yml
31 |
--------------------------------------------------------------------------------
/BUILD.md:
--------------------------------------------------------------------------------
1 | # openshift-ansible RPM Build instructions
2 | We use tito to make building and tracking revisions easy.
3 |
4 | For more information on tito, please see the [Tito home page](https://github.com/dgoodwin/tito "Tito home page").
5 |
6 |
7 | ## Build openshift-ansible-bin
8 | - Change into openshift-ansible
9 | ```
10 | cd openshift-ansible
11 | ```
12 | - Build a test package (no tagging needed)
13 | ```
14 | tito build --test --rpm
15 | ```
16 | - Tag a new build (bumps version number and adds log entries)
17 | ```
18 | tito tag
19 | ```
20 | - Follow the on screen tito instructions to push the tags
21 | - Build a new package based on the latest tag information
22 | ```
23 | tito build --rpm
24 | ```
25 |
26 |
27 | ## Build openshift-ansible-inventory
28 | - Change into openshift-ansible/inventory
29 | ```
30 | cd openshift-ansible/inventory
31 | ```
32 | - Build a test package (no tagging needed)
33 | ```
34 | tito build --test --rpm
35 | ```
36 | - Tag a new build (bumps version number and adds log entries)
37 | ```
38 | tito tag
39 | ```
40 | - Follow the on screen tito instructions to push the tags
41 | - Build a new package based on the latest tag information
42 | ```
43 | tito build --rpm
44 | ```
45 |
--------------------------------------------------------------------------------
/roles/openshift_certificate_expiry/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Check cert expirys on host
3 | openshift_cert_expiry:
4 | warning_days: "{{ openshift_certificate_expiry_warning_days|int }}"
5 | config_base: "{{ openshift_certificate_expiry_config_base }}"
6 | show_all: "{{ openshift_certificate_expiry_show_all|bool }}"
7 | register: check_results
8 |
9 | - name: Generate expiration report HTML
10 | become: no
11 | run_once: yes
12 | template:
13 | src: cert-expiry-table.html.j2
14 | dest: "{{ openshift_certificate_expiry_html_report_path }}"
15 | delegate_to: localhost
16 | when: "{{ openshift_certificate_expiry_generate_html_report|bool }}"
17 |
18 | - name: Generate the result JSON string
19 | run_once: yes
20 | set_fact: json_result_string="{{ hostvars|oo_cert_expiry_results_to_json(play_hosts) }}"
21 | when: "{{ openshift_certificate_expiry_save_json_results|bool }}"
22 |
23 | - name: Generate results JSON file
24 | become: no
25 | run_once: yes
26 | template:
27 | src: save_json_results.j2
28 | dest: "{{ openshift_certificate_expiry_json_results_path }}"
29 | delegate_to: localhost
30 | when: "{{ openshift_certificate_expiry_save_json_results|bool }}"
31 |
--------------------------------------------------------------------------------
/playbooks/aws/openshift-cluster/scaleup.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - hosts: localhost
4 | gather_facts: no
5 | connection: local
6 | become: no
7 | vars_files:
8 | - vars.yml
9 | tasks:
10 | - name: Evaluate oo_hosts_to_update
11 | add_host:
12 | name: "{{ item }}"
13 | groups: oo_hosts_to_update
14 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
15 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
16 | with_items: "{{ groups.nodes_to_add }}"
17 |
18 | - include: ../../common/openshift-cluster/update_repos_and_packages.yml
19 |
20 | - include: ../../common/openshift-cluster/scaleup.yml
21 | vars_files:
22 | - ../../aws/openshift-cluster/vars.yml
23 | - ../../aws/openshift-cluster/cluster_hosts.yml
24 | vars:
25 | g_new_node_hosts: "{{ groups.nodes_to_add }}"
26 | g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
27 | g_sudo: "{{ deployment_vars[deployment_type].become }}"
28 | g_nodeonmaster: true
29 | openshift_cluster_id: "{{ cluster_id }}"
30 | openshift_debug_level: "{{ debug_level }}"
31 | openshift_deployment_type: "{{ deployment_type }}"
32 | openshift_public_hostname: "{{ ec2_ip_address }}"
33 |
--------------------------------------------------------------------------------
/roles/openshift_master/templates/master_docker/master.docker.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | After=docker.service
3 | Requires=docker.service
4 | PartOf=docker.service
5 | After=etcd_container.service
6 | Wants=etcd_container.service
7 |
8 | [Service]
9 | EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master
10 | ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master
11 | ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS
12 | ExecStartPost=/usr/bin/sleep 10
13 | ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master
14 | Restart=always
15 | RestartSec=5s
16 |
17 | [Install]
18 | WantedBy=docker.service
19 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/additional_config.yml:
--------------------------------------------------------------------------------
1 | - name: Additional master configuration
2 | hosts: oo_first_master
3 | vars:
4 | cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}"
5 | etcd_urls: "{{ openshift.master.etcd_urls }}"
6 | openshift_master_ha: "{{ groups.oo_masters | length > 1 }}"
7 | omc_cluster_hosts: "{{ groups.oo_masters | join(' ')}}"
8 | roles:
9 | - role: openshift_master_cluster
10 | when: openshift_master_ha | bool and openshift.master.cluster_method == "pacemaker"
11 | - role: openshift_examples
12 | registry_url: "{{ openshift.master.registry_url }}"
13 | when: openshift.common.install_examples | bool
14 | - role: openshift_hosted_templates
15 | registry_url: "{{ openshift.master.registry_url }}"
16 | - role: openshift_manageiq
17 | when: openshift.common.use_manageiq | bool
18 | - role: cockpit
19 | when: not openshift.common.is_atomic and ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and
20 | (osm_use_cockpit | bool or osm_use_cockpit is undefined ) and ( openshift.common.deployment_subtype != 'registry' )
21 | - role: flannel_register
22 | when: openshift.common.use_flannel | bool
23 |
--------------------------------------------------------------------------------
/playbooks/gce/openshift-cluster/service.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Call same systemctl command for openshift on all instance(s)
3 | hosts: localhost
4 | connection: local
5 | become: no
6 | gather_facts: no
7 | vars_files:
8 | - vars.yml
9 | - cluster_hosts.yml
10 | tasks:
11 | - fail: msg="cluster_id is required to be injected in this playbook"
12 | when: cluster_id is not defined
13 |
14 | - add_host:
15 | name: "{{ item }}"
16 | groups: g_service_nodes
17 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
18 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
19 | with_items: "{{ node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"
20 |
21 | - add_host:
22 | name: "{{ item }}"
23 | groups: g_service_masters
24 | ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
25 | ansible_become: "{{ deployment_vars[deployment_type].become }}"
26 | with_items: "{{ master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"
27 |
28 | - include: ../../common/openshift-node/service.yml
29 | - include: ../../common/openshift-master/service.yml
30 |
--------------------------------------------------------------------------------
/roles/openshift_hosted/tasks/registry/storage/persistent_volume.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - set_fact:
3 | registry_volume_claim: "{{ openshift.hosted.registry.storage.volume.name }}-claim"
4 |
5 | - name: Determine if volume is already attached to dc/docker-registry
6 | command: >
7 | {{ openshift.common.client_binary }}
8 | --config={{ openshift_hosted_kubeconfig }}
9 | --namespace={{ openshift.hosted.registry.namespace | default('default') }}
10 | get -o template dc/docker-registry --template=\\{\\{.spec.template.spec.volumes\\}\\} --output-version=v1
11 | changed_when: false
12 | failed_when: false
13 | register: registry_volumes_output
14 |
15 | - set_fact:
16 | volume_attached: "{{ registry_volume_claim in (registry_volumes_output).stdout | default(['']) }}"
17 |
18 | - name: Add volume to dc/docker-registry
19 | command: >
20 | {{ openshift.common.client_binary }}
21 | --config={{ openshift_hosted_kubeconfig }}
22 | --namespace={{ openshift.hosted.registry.namespace | default('default') }}
23 | volume dc/docker-registry
24 | --add --overwrite -t persistentVolumeClaim --claim-name={{ registry_volume_claim }}
25 | --name=registry-storage
26 | when: not volume_attached | bool
27 |
--------------------------------------------------------------------------------
/playbooks/common/openshift-cluster/upgrades/pre/verify_control_plane_running.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Verify master processes
3 | hosts: oo_masters_to_config
4 | roles:
5 | - openshift_facts
6 | tasks:
7 | - openshift_facts:
8 | role: master
9 | local_facts:
10 | ha: "{{ groups.oo_masters_to_config | length > 1 }}"
11 |
12 | - name: Ensure Master is running
13 | service:
14 | name: "{{ openshift.common.service_type }}-master"
15 | state: started
16 | enabled: yes
17 | when: openshift.master.ha is defined and not openshift.master.ha | bool and openshift.common.is_containerized | bool
18 |
19 | - name: Ensure HA Master is running
20 | service:
21 | name: "{{ openshift.common.service_type }}-master-api"
22 | state: started
23 | enabled: yes
24 | when: openshift.master.ha is defined and openshift.master.ha | bool and openshift.common.is_containerized | bool
25 |
26 | - name: Ensure HA Master is running
27 | service:
28 | name: "{{ openshift.common.service_type }}-master-controllers"
29 | state: started
30 | enabled: yes
31 | when: openshift.master.ha is defined and openshift.master.ha | bool and openshift.common.is_containerized | bool
32 |
--------------------------------------------------------------------------------