summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README_OSE.md142
-rw-r--r--ansible.cfg23
-rw-r--r--inventory/byo/group_vars/all28
-rw-r--r--inventory/byo/hosts10
-rw-r--r--playbooks/byo/config.yml6
l---------playbooks/byo/filter_plugins1
-rw-r--r--playbooks/byo/openshift-master/config.yml9
l---------playbooks/byo/openshift-master/filter_plugins1
l---------playbooks/byo/openshift-master/roles1
-rw-r--r--playbooks/byo/openshift-node/config.yml79
l---------playbooks/byo/openshift-node/filter_plugins1
l---------playbooks/byo/openshift-node/roles1
l---------playbooks/byo/roles1
-rw-r--r--roles/openshift_node/tasks/main.yml1
14 files changed, 304 insertions, 0 deletions
diff --git a/README_OSE.md b/README_OSE.md
new file mode 100644
index 000000000..6ebdb7f99
--- /dev/null
+++ b/README_OSE.md
@@ -0,0 +1,142 @@
+# Installing OSEv3 from dev puddles using ansible
+
+* [Requirements](#requirements)
+* [Caveats](#caveats)
+* [Known Issues](#known-issues)
+* [Configuring the host inventory](#configuring-the-host-inventory)
+* [Creating the default variables for the hosts and host groups](#creating-the-default-variables-for-the-hosts-and-host-groups)
+* [Running the ansible playbooks](#running-the-ansible-playbooks)
+* [Post-ansible steps](#post-ansible-steps)
+
+## Requirements
+* ansible
+ * Tested using ansible-1.8.2-1.fc20.noarch, but should work with version 1.8+
+ * Available in Fedora channels
+ * Available for EL with EPEL and Optional channel
+* One or more RHEL 7.1 VMs
+* ssh key based auth for the root user needs to be pre-configured from the host
+ running ansible to the remote hosts
+* A checkout of openshift-ansible from https://github.com/openshift/openshift-ansible/
+
+ ```sh
+ git clone https://github.com/openshift/openshift-ansible.git
+ cd openshift-ansible
+ ```
+
+## Caveats
+This ansible repo is currently under heavy revision for providing OSE support;
+the following items are highly likely to change before the OSE support is
+merged into the upstream repo:
+ * the current git branch for testing
+ * how the inventory file should be configured
+ * variables that need to be set
+ * bootstrapping steps
+ * other configuration steps
+
+## Known Issues
+* Host subscriptions are not configurable yet, the hosts need to be
+ pre-registered with subscription-manager or have the RHEL base repo
+ pre-configured. If using subscription-manager the following commands will
+ disable all but the rhel-7-server rhel-7-server-extras and
+ rhel-server7-ose-beta repos:
+```sh
+subscription-manager repos --disable="*"
+subscription-manager repos \
+--enable="rhel-7-server-rpms" \
+--enable="rhel-7-server-extras-rpms" \
+--enable="rhel-server-7-ose-beta-rpms"
+```
+* Configuration of router is not automated yet
+* Configuration of docker-registry is not automated yet
+* End-to-end testing has not been completed yet using this module
+* root user is used for all ansible actions; eventually we will support using
+ a non-root user with sudo.
+
+## Configuring the host inventory
+[Ansible docs](http://docs.ansible.com/intro_inventory.html)
+
+Example inventory file for configuring one master and two nodes for the test
+environment. This can be configured in the default inventory file
+(/etc/ansible/hosts), or using a custom file and passing the --inventory
+option to ansible-playbook.
+
+/etc/ansible/hosts:
+```ini
+# This is an example of a bring your own (byo) host inventory
+
+# host group for masters
+[masters]
+ose3-master.example.com
+
+# host group for nodes
+[nodes]
+ose3-node[1:2].example.com
+```
+
+The hostnames above should resolve both from the hosts themselves and
+the host where ansible is running (if different).
+
+## Creating the default variables for the hosts and host groups
+[Ansible docs](http://docs.ansible.com/intro_inventory.html#id9)
+
+#### Group vars for all hosts
+/etc/ansible/group_vars/all:
+```yaml
+---
+# Assume that we want to use the root as the ssh user for all hosts
+ansible_ssh_user: root
+
+# Default debug level for all OpenShift hosts
+openshift_debug_level: 4
+
+# Set the OpenShift deployment type for all hosts
+openshift_deployment_type: enterprise
+
+# Override the default registry for development
+openshift_registry_url: docker-buildvm-rhose.usersys.redhat.com:5000/openshift3_beta/ose-${component}:${version}
+
+# To use the latest OpenShift Enterprise Errata puddle:
+#openshift_additional_repos:
+#- id: ose-devel
+# name: ose-devel
+# baseurl: http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterpriseErrata/3.0/latest/RH7-RHOSE-3.0/$basearch/os
+# enabled: 1
+# gpgcheck: 0
+# To use the latest OpenShift Enterprise Whitelist puddle:
+openshift_additional_repos:
+- id: ose-devel
+ name: ose-devel
+ baseurl: http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os
+ enabled: 1
+ gpgcheck: 0
+
+```
+
+## Running the ansible playbooks
+From the openshift-ansible checkout run:
+```sh
+ansible-playbook playbooks/byo/config.yml
+```
+**Note:** this assumes that the host inventory is /etc/ansible/hosts and the
+group_vars are defined in /etc/ansible/group_vars, if using a different
+inventory file (and a group_vars directory that is in the same directory as
+the directory as the inventory) use the -i option for ansible-playbook.
+
+## Post-ansible steps
+#### Create the default router
+On the master host:
+```sh
+systemctl restart openshift-sdn-master
+openshift ex router --create=true \
+ --credentials=/var/lib/openshift/openshift.local.certificates/openshift-client/.kubeconfig \
+ --images='docker-buildvm-rhose.usersys.redhat.com:5000/openshift3_beta/ose-${component}:${version}'
+```
+
+#### Create the default docker-registry
+On the master host:
+```sh
+openshift ex registry --create=true \
+ --credentials=/var/lib/openshift/openshift.local.certificates/openshift-client/.kubeconfig \
+ --images='docker-buildvm-rhose.usersys.redhat.com:5000/openshift3_beta/ose-${component}:${version}' \
+ --mount-host=/var/lib/openshift/docker-registry
+```
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 000000000..6a7722ad8
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,23 @@
+# config file for ansible -- http://ansible.com/
+# ==============================================
+
+# This config file provides examples for running
+# the OpenShift playbooks with the provided
+# inventory scripts. Only global defaults are
+# left uncommented
+
+[defaults]
+# Add the roles directory to the roles path
+roles_path = roles/
+
+# Set the log_path
+log_path = /tmp/ansible.log
+
+# Uncomment to use the provided BYO inventory
+#hostfile = inventory/byo/hosts
+
+# Uncomment to use the provided GCE dynamic inventory script
+#hostfile = inventory/gce/gce.py
+
+# Uncomment to use the provided AWS dynamic inventory script
+#hostfile = inventory/aws/ec2.py
diff --git a/inventory/byo/group_vars/all b/inventory/byo/group_vars/all
new file mode 100644
index 000000000..d63e96668
--- /dev/null
+++ b/inventory/byo/group_vars/all
@@ -0,0 +1,28 @@
+---
+# lets assume that we want to use the root as the ssh user for all hosts
+ansible_ssh_user: root
+
+# default debug level for all OpenShift hosts
+openshift_debug_level: 4
+
+# set the OpenShift deployment type for all hosts
+openshift_deployment_type: enterprise
+
+# Override the default registry for development
+openshift_registry_url: docker-buildvm-rhose.usersys.redhat.com:5000/openshift3_beta/ose-${component}:${version}
+
+# Use latest Errata puddle as an additional repo:
+#openshift_additional_repos:
+#- id: ose-devel
+# name: ose-devel
+# baseurl: http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterpriseErrata/3.0/latest/RH7-RHOSE-3.0/$basearch/os
+# enabled: 1
+# gpgcheck: 0
+
+# Use latest Whitelist puddle as an additional repo:
+openshift_additional_repos:
+- id: ose-devel
+ name: ose-devel
+ baseurl: http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os
+ enabled: 1
+ gpgcheck: 0
diff --git a/inventory/byo/hosts b/inventory/byo/hosts
new file mode 100644
index 000000000..2dd854778
--- /dev/null
+++ b/inventory/byo/hosts
@@ -0,0 +1,10 @@
+# This is an example of a bring your own (byo) host inventory
+
+# host group for masters
+[masters]
+ose3-master-ansible.test.example.com
+
+# host group for nodes
+[nodes]
+ose3-node[1:2]-ansible.test.example.com
+
diff --git a/playbooks/byo/config.yml b/playbooks/byo/config.yml
new file mode 100644
index 000000000..dce49d32f
--- /dev/null
+++ b/playbooks/byo/config.yml
@@ -0,0 +1,6 @@
+---
+- name: Run the openshift-master config playbook
+ include: openshift-master/config.yml
+
+- name: Run the openshift-node config playbook
+ include: openshift-node/config.yml
diff --git a/playbooks/byo/filter_plugins b/playbooks/byo/filter_plugins
new file mode 120000
index 000000000..a4f518f07
--- /dev/null
+++ b/playbooks/byo/filter_plugins
@@ -0,0 +1 @@
+../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-master/config.yml b/playbooks/byo/openshift-master/config.yml
new file mode 100644
index 000000000..706f9285c
--- /dev/null
+++ b/playbooks/byo/openshift-master/config.yml
@@ -0,0 +1,9 @@
+---
+- name: Gather facts for node hosts
+ hosts: nodes
+
+- name: Configure master instances
+ hosts: masters
+ roles:
+ - openshift_master
+ - openshift_sdn_master
diff --git a/playbooks/byo/openshift-master/filter_plugins b/playbooks/byo/openshift-master/filter_plugins
new file mode 120000
index 000000000..99a95e4ca
--- /dev/null
+++ b/playbooks/byo/openshift-master/filter_plugins
@@ -0,0 +1 @@
+../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-master/roles b/playbooks/byo/openshift-master/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/byo/openshift-master/roles
@@ -0,0 +1 @@
+../../../roles \ No newline at end of file
diff --git a/playbooks/byo/openshift-node/config.yml b/playbooks/byo/openshift-node/config.yml
new file mode 100644
index 000000000..69ad7a840
--- /dev/null
+++ b/playbooks/byo/openshift-node/config.yml
@@ -0,0 +1,79 @@
+---
+- name: Gather facts for node hosts
+ hosts: nodes
+ roles:
+ - openshift_facts
+ tasks:
+ # Since the master is registering the nodes before they are configured, we
+ # need to make sure to set the node properties beforehand if we do not want
+ # the defaults
+ - openshift_facts:
+ role: 'node'
+ local_facts:
+ hostname: "{{ openshift_hostname | default(None) }}"
+ external_id: "{{ openshift_node_external_id | default(None) }}"
+ resources_cpu: "{{ openshfit_node_resources_cpu | default(None) }}"
+ resources_memory: "{{ openshfit_node_resources_memory | default(None) }}"
+ pod_cidr: "{{ openshfit_node_pod_cidr | default(None) }}"
+ labels: "{{ openshfit_node_labels | default(None) }}"
+ annotations: "{{ openshfit_node_annotations | default(None) }}"
+
+
+- name: Register nodes
+ hosts: masters[0]
+ vars:
+ openshift_nodes: "{{ hostvars | oo_select_keys(groups['nodes']) }}"
+ roles:
+ - openshift_register_nodes
+ tasks:
+ - name: Create local temp directory for syncing certs
+ local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
+ register: mktemp
+
+ - name: Sync master certs to localhost
+ synchronize:
+ mode: pull
+ checksum: yes
+ src: /var/lib/openshift/openshift.local.certificates
+ dest: "{{ mktemp.stdout }}"
+
+
+- name: Configure node instances
+ hosts: nodes
+ vars:
+ sync_tmpdir: "{{ hostvars[groups['masters'][0]].mktemp.stdout }}"
+ cert_parent_rel_path: openshift.local.certificates
+ cert_rel_path: "{{ cert_parent_rel_path }}/node-{{ openshift.common.hostname }}"
+ cert_base_path: /var/lib/openshift
+ cert_parent_path: "{{ cert_base_path }}/{{ cert_parent_rel_path }}"
+ cert_path: "{{ cert_base_path }}/{{ cert_rel_path }}"
+ openshift_sdn_master_url: http://{{ hostvars[groups['masters'][0]].openshift.common.hostname }}:4001
+ pre_tasks:
+ - name: Ensure certificate directories exists
+ file:
+ path: "{{ item }}"
+ state: directory
+ with_items:
+ - "{{ cert_path }}"
+ - "{{ cert_parent_path }}/ca"
+
+ # TODO: notify restart openshift-node and/or restart openshift-sdn-node,
+ # possibly test service started time against certificate/config file
+ # timestamps in openshift-node or openshift-sdn-node to trigger notify
+ - name: Sync certs to nodes
+ synchronize:
+ checksum: yes
+ src: "{{ item.src }}"
+ dest: "{{ item.dest }}"
+ owner: no
+ group: no
+ with_items:
+ - src: "{{ sync_tmpdir }}/{{ cert_rel_path }}"
+ dest: "{{ cert_parent_path }}"
+ - src: "{{ sync_tmpdir }}/{{ cert_parent_rel_path }}/ca/cert.crt"
+ dest: "{{ cert_parent_path }}/ca/cert.crt"
+ - local_action: file name={{ sync_tmpdir }} state=absent
+ run_once: true
+ roles:
+ - openshift_node
+ - openshift_sdn_node
diff --git a/playbooks/byo/openshift-node/filter_plugins b/playbooks/byo/openshift-node/filter_plugins
new file mode 120000
index 000000000..99a95e4ca
--- /dev/null
+++ b/playbooks/byo/openshift-node/filter_plugins
@@ -0,0 +1 @@
+../../../filter_plugins \ No newline at end of file
diff --git a/playbooks/byo/openshift-node/roles b/playbooks/byo/openshift-node/roles
new file mode 120000
index 000000000..20c4c58cf
--- /dev/null
+++ b/playbooks/byo/openshift-node/roles
@@ -0,0 +1 @@
+../../../roles \ No newline at end of file
diff --git a/playbooks/byo/roles b/playbooks/byo/roles
new file mode 120000
index 000000000..b741aa3db
--- /dev/null
+++ b/playbooks/byo/roles
@@ -0,0 +1 @@
+../../roles \ No newline at end of file
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 8cfef0e15..e3c04585b 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -1,6 +1,7 @@
---
# TODO: allow for overriding default ports where possible
# TODO: trigger the external service when restart is needed
+
- name: Set node OpenShift facts
openshift_facts:
role: 'node'