Merge pull request #6851 from kwoodson/upgrade_dns_push

Automatic merge from submit-queue.

Upgrade to migrate to using push to DNS for registries.

This is the beginning of the migration to push to docker-registry by DNS.  This migrates users by rerolling their certificates and then redeploying the registry so that hosts can push to the registries with the newly created certificates.

3 files changed, 19 insertions, 12 deletions

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 41f2ee2a5..680e4a4ff 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -137,17 +137,8 @@
   - item.clientCA | default('') != ''
   with_items: "{{ openshift.master.identity_providers }}"
 
-# This is an ugly hack to verify settings are in a file without modifying them with lineinfile.
-# The template file will stomp any other settings made.
-- block:
-  - name: check whether our docker-registry setting exists in the env file
-    command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift_service_type }}-master"
-    failed_when: false
-    changed_when: false
-    register: l_already_set
-
-  - set_fact:
-      openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout is match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}"
+- name: Include push_via_dns.yml
+  include_tasks: push_via_dns.yml
 
 - name: Set fact of all etcd host IPs
   openshift_facts:
diff --git a/roles/openshift_master/tasks/push_via_dns.yml b/roles/openshift_master/tasks/push_via_dns.yml
new file mode 100644
index 000000000..c5876130a
--- /dev/null
+++ b/roles/openshift_master/tasks/push_via_dns.yml
@@ -0,0 +1,13 @@
+---
+# This is an ugly hack to verify settings are in a file without modifying them with lineinfile.
+# The template file will stomp any other settings made.
+- when: openshift_push_via_dns is not defined
+  block:
+  - name: check whether our docker-registry setting exists in the env file
+    shell: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift_service_type }}-master*"
+    failed_when: false
+    changed_when: false
+    register: l_already_set
+
+  - set_fact:
+      openshift_push_via_dns: "{{ openshift.common.version_gte_3_6 or (l_already_set.stdout is defined and l_already_set.stdout is match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}"
diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml
index 870ab7c57..aeff64983 100644
--- a/roles/openshift_master/tasks/systemd_units.yml
+++ b/roles/openshift_master/tasks/systemd_units.yml
@@ -1,6 +1,8 @@
 ---
 # systemd_units.yml is included both in the openshift_master role and in the upgrade
 # playbooks.
+- name: include push_via_dns.yml tasks
+  include_tasks: push_via_dns.yml
 
 - name: Set HA Service Info for containerized installs
   set_fact:
@@ -9,7 +11,8 @@
   when:
   - openshift_is_containerized | bool
 
-- include_tasks: registry_auth.yml
+- name: include registry_auth tasks
+  include_tasks: registry_auth.yml
 
 - name: Disable the legacy master service if it exists
   systemd: