summaryrefslogtreecommitdiffstats
path: root/playbooks
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks')
-rw-r--r--playbooks/common/openshift-cluster/openshift_hosted.yml103
-rw-r--r--playbooks/common/openshift-node/config.yml4
2 files changed, 3 insertions, 104 deletions
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
index e688556b3..2ba7fded5 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted.yml
+++ b/playbooks/common/openshift-cluster/openshift_hosted.yml
@@ -65,105 +65,4 @@
openshift_hosted_logging_elasticsearch_ops_pvc_prefix: "{{ 'logging-es' if openshift.hosted.logging.storage_kind | default(none) is not none else '' }}"
- role: cockpit-ui
- when: openshift.common.deployment_subtype == 'registry'
-
-- name: Configure all masters for logging
- serial: 1
- handlers:
- - include: ../../../roles/openshift_master/handlers/main.yml
- static: yes
- hosts: oo_masters
- tasks:
- - openshift_facts:
- role: master
- local_facts:
- logging_public_url: "https://{{ openshift_hosted_logging_hostname | default('kibana.' ~ openshift_master_default_subdomain) }}"
- when: openshift.hosted.logging.deploy | default(openshift.common.version_gte_3_3_or_1_3)
- - modify_yaml:
- dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
- yaml_key: assetConfig.loggingPublicURL
- yaml_value: "{{ openshift.master.logging_public_url }}"
- notify: restart master
- when: openshift.hosted.logging.deploy | default(openshift.common.version_gte_3_3_or_1_3)
-
-- name: Configure CA certificate for secure registry
- hosts: oo_nodes_to_config
- tags:
- - hosted
- tasks:
- - name: Create temp directory for kubeconfig
- command: mktemp -d /tmp/openshift-ansible-XXXXXX
- register: mktemp
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - set_fact:
- openshift_hosted_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
- when: openshift.common.deployment_subtype == 'registry'
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Copy the admin client config(s)
- command: >
- cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{ openshift_hosted_kubeconfig }}
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Retrieve docker-registry route
- command: >
- {{ openshift.common.client_binary }} get route docker-registry
- --template='{{ '{{' }} .spec.host {{ '}}' }}'
- --config={{ openshift_hosted_kubeconfig }}
- -n default
- register: docker_registry_route
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Retrieve registry service IP
- command: >
- {{ openshift.common.client_binary }} get service docker-registry
- --template='{{ '{{' }} .spec.clusterIP {{ '}}' }}'
- --config={{ openshift_hosted_kubeconfig }}
- -n default
- register: docker_registry_service_ip
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: false
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- - name: Create registry CA directories
- file:
- path: "/etc/docker/certs.d/{{ item }}"
- state: directory
- with_items:
- - "{{ docker_registry_service_ip.stdout }}:5000"
- - "{{ docker_registry_route.stdout }}"
- - "docker-registry.default.svc.cluster.local:5000"
- when: openshift.common.deployment_subtype == 'registry'
- - name: Copy CA to registry CA directories
- copy:
- src: "{{ openshift.common.config_base }}/node/ca.crt"
- dest: "/etc/docker/certs.d/{{ item }}"
- remote_src: yes
- force: yes
- with_items:
- - "{{ docker_registry_service_ip.stdout }}:5000"
- - "{{ docker_registry_route.stdout }}"
- - "docker-registry.default.svc.cluster.local:5000"
- when: openshift.common.deployment_subtype == 'registry'
- notify:
- - Restart docker
- - name: Delete temp directory
- file:
- name: "{{ mktemp.stdout }}"
- state: absent
- when: openshift.common.deployment_subtype == 'registry'
- changed_when: False
- delegate_to: "{{ groups.oo_first_master.0 }}"
- run_once: true
- handlers:
- - name: Restart docker
- service:
- name: docker
- state: restarted
+ when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool )
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index f718dbfbd..364a62dd0 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -60,12 +60,12 @@
when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
openshift_generate_no_proxy_hosts | default(True) | bool }}"
roles:
+ - role: openshift_common
- role: openshift_clock
- role: openshift_docker
- role: openshift_node_certificates
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- - role: openshift_common
- role: openshift_node_dnsmasq
when: openshift.common.use_dnsmasq
- role: os_firewall
@@ -99,12 +99,12 @@
when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
openshift_generate_no_proxy_hosts | default(True) | bool }}"
roles:
+ - role: openshift_common
- role: openshift_clock
- role: openshift_docker
- role: openshift_node_certificates
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- - role: openshift_common
- role: openshift_node_dnsmasq
when: openshift.common.use_dnsmasq
- role: os_firewall