summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_metrics/README.md28
-rw-r--r--roles/openshift_metrics/defaults/main.yaml27
-rw-r--r--roles/openshift_metrics/tasks/cleanup.yaml4
-rw-r--r--roles/openshift_metrics/tasks/generate_certificates.yaml8
-rw-r--r--roles/openshift_metrics/tasks/generate_rolebindings.yaml2
-rw-r--r--roles/openshift_metrics/tasks/install_hawkular.yaml18
-rw-r--r--roles/openshift_metrics/tasks/main.yaml12
-rw-r--r--roles/openshift_metrics/templates/hawkular_cassandra_rc.j26
-rw-r--r--roles/openshift_metrics/templates/hawkular_metrics_rc.j210
-rw-r--r--roles/openshift_metrics/templates/heapster.j214
-rw-r--r--roles/openshift_metrics/vars/main.yaml2
11 files changed, 66 insertions, 65 deletions
diff --git a/roles/openshift_metrics/README.md b/roles/openshift_metrics/README.md
index ac5353886..b79b472d3 100644
--- a/roles/openshift_metrics/README.md
+++ b/roles/openshift_metrics/README.md
@@ -8,9 +8,9 @@ Requirements
The following variables need to be set and will be validated:
-- `metrics_hostname`: hostname used on the hawkular metrics route.
+- `openshift_metrics_hostname`: hostname used on the hawkular metrics route.
-- `metrics_project`: project (i.e. namespace) where the components will be
+- `openshift_metrics_project`: project (i.e. namespace) where the components will be
deployed.
@@ -19,45 +19,45 @@ Role Variables
For default values, see [`defaults/main.yaml`](defaults/main.yaml).
-- `image_prefix`: Specify prefix for metrics components; e.g for
+- `openshift_metrics_image_prefix`: Specify prefix for metrics components; e.g for
"openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-".
-- `image_version`: Specify version for metrics components; e.g. for
+- `openshift_metrics_image_version`: Specify version for metrics components; e.g. for
"openshift/origin-metrics-deployer:v1.1", set version "v1.1".
-- `master_url`: Internal URL for the master, for authentication retrieval.
+- `openshift_metrics_master_url`: Internal URL for the master, for authentication retrieval.
-- `hawkular_user_write_access`: If user accounts should be able to write
+- `openshift_metrics_hawkular_user_write_access`: If user accounts should be able to write
metrics. Defaults to 'false' so that only Heapster can write metrics and not
individual users. It is recommended to disable user write access, if enabled
any user will be able to write metrics to the system which can affect
performance and use Cassandra disk usage to unpredictably increase.
-- `hawkular_cassandra_nodes`: The number of Cassandra Nodes to deploy for the
+- `openshift_metrics_hawkular_cassandra_nodes`: The number of Cassandra Nodes to deploy for the
initial cluster.
-- `hawkular_cassandra_storage_type`: Use `emptydir` for ephemeral storage (for
+- `openshift_metrics_hawkular_cassandra_storage_type`: Use `emptydir` for ephemeral storage (for
testing), `pv` to use persistent volumes (which need to be created before the
installation) or `dynamic` for dynamic persistent volumes.
-- `hawkular_cassandra_pv_prefix`: The name of persistent volume claims created
+- `openshift_metrics_hawkular_cassandra_pv_prefix`: The name of persistent volume claims created
for cassandra will be this with a serial number appended to the end, starting
from 1.
-- `hawkular_cassandra_pv_size`: The persistent volume size for each of the
+- `openshift_metrics_hawkular_cassandra_pv_size`: The persistent volume size for each of the
Cassandra nodes.
-- `heapster_standalone`: Deploy only heapster, without the Hawkular Metrics and
+- `openshift_metrics_heapster_standalone`: Deploy only heapster, without the Hawkular Metrics and
Cassandra components.
-- `heapster_allowed_users`: A comma-separated list of CN to accept. By
+- `openshift_metrics_heapster_allowed_users`: A comma-separated list of CN to accept. By
default, this is set to allow the OpenShift service proxy to connect. If you
override this, make sure to add `system:master-proxy` to the list in order to
allow horizontal pod autoscaling to function properly.
-- `metrics_duration`: How many days metrics should be stored for.
+- `openshift_metrics_duration`: How many days metrics should be stored for.
-- `metrics_resolution`: How often metrics should be gathered.
+- `openshift_metrics_resolution`: How often metrics should be gathered.
Dependencies
diff --git a/roles/openshift_metrics/defaults/main.yaml b/roles/openshift_metrics/defaults/main.yaml
index cb4fbdee2..8d2ff8a62 100644
--- a/roles/openshift_metrics/defaults/main.yaml
+++ b/roles/openshift_metrics/defaults/main.yaml
@@ -1,17 +1,18 @@
---
-image_prefix: docker.io/openshift/origin-
-image_version: latest
-master_url: https://kubernetes.default.svc.cluster.local
+openshift_metrics_image_prefix: docker.io/openshift/origin-
+openshift_metrics_image_version: latest
+openshift_metrics_master_url: https://kubernetes.default.svc.cluster.local
+openshift_metrics_project: openshift-infra
-hawkular_user_write_access: False
-hawkular_cassandra_nodes: 1
-hawkular_cassandra_storage_type: emptydir
-hawkular_cassandra_pv_prefix: metrics-cassandra
-hawkular_cassandra_pv_size: 10Gi
+openshift_metrics_hawkular_user_write_access: False
+openshift_metrics_hawkular_cassandra_nodes: 1
+openshift_metrics_hawkular_cassandra_storage_type: emptydir
+openshift_metrics_hawkular_cassandra_pv_prefix: metrics-cassandra
+openshift_metrics_hawkular_cassandra_pv_size: 10Gi
-heapster_standalone: False
-heapster_allowed_users: system:master-proxy
+openshift_metrics_heapster_standalone: False
+openshift_metrics_heapster_allowed_users: system:master-proxy
-metrics_duration: 7
-metrics_resolution: 15s
-metrics_node_id: nodename
+openshift_metrics_duration: 7
+openshift_metrics_resolution: 15s
+openshift_metrics_node_id: nodename
diff --git a/roles/openshift_metrics/tasks/cleanup.yaml b/roles/openshift_metrics/tasks/cleanup.yaml
index a61fed7b4..a29faef31 100644
--- a/roles/openshift_metrics/tasks/cleanup.yaml
+++ b/roles/openshift_metrics/tasks/cleanup.yaml
@@ -1,14 +1,14 @@
---
- name: remove metrics components
command: >
- {{ openshift.common.client_binary }} -n '{{ metrics_project }}'
+ {{ openshift.common.client_binary }} -n '{{ openshift_metrics_project }}'
delete --selector=metrics-infra
all,sa,secrets,templates,routes,pvc,rolebindings,clusterrolebindings
register: delete_metrics
changed_when: "delete_metrics.stdout != 'No resources found'"
- name: remove rolebindings
command: >
- {{ openshift.common.client_binary }} -n {{ metrics_project }}
+ {{ openshift.common.client_binary }} -n {{ openshift_metrics_project }}
delete --ignore-not-found
rolebinding/hawkular-view
clusterrolebinding/heapster-cluster-reader
diff --git a/roles/openshift_metrics/tasks/generate_certificates.yaml b/roles/openshift_metrics/tasks/generate_certificates.yaml
index b1ecf46b9..9f6a3348e 100644
--- a/roles/openshift_metrics/tasks/generate_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_certificates.yaml
@@ -25,14 +25,14 @@
# TODO maybe there's an easier way to get the service accounts' ca crt?
- name: get heapster service account secrets
shell: >
- {{ openshift.common.client_binary }} -n '{{ metrics_project }}'
+ {{ openshift.common.client_binary }} -n '{{ openshift_metrics_project }}'
get serviceaccount/default
--template '{{ '{{range .secrets}}{{println .name}}{{end}}' }}'
| grep ^default-token-
register: sa_secret
- name: get heapster service account ca
command: >
- {{ openshift.common.client_binary }} -n '{{ metrics_project }}'
+ {{ openshift.common.client_binary }} -n '{{ openshift_metrics_project }}'
get 'secret/{{ sa_secret.stdout }}'
--template '{{ '{{index .data "ca.crt"}}' }}'
register: sa_secret
@@ -54,12 +54,12 @@
heapster.cert: "{{ heapster_secret.results[0].stdout }}"
heapster.key: "{{ heapster_secret.results[1].stdout }}"
heapster.client-ca: "{{ sa_secret.stdout }}"
- heapster.allowed-users: "{{ heapster_allowed_users|b64encode }}"
+ heapster.allowed-users: "{{ openshift_metrics_heapster_allowed_users|b64encode }}"
- name: generate hawkular-metrics certificates
include: setup_certificate.yaml
vars:
component: hawkular-metrics
- hostnames: "hawkular-metrics,{{ hawkular_metrics_hostname }}"
+ hostnames: "hawkular-metrics,{{ openshift_metrics_hawkular_metrics_hostname }}"
- name: generate hawkular-cassandra certificates
include: setup_certificate.yaml
vars:
diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
index d1bc7374a..9a72b24fe 100644
--- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml
+++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
@@ -27,4 +27,4 @@
subjects:
- kind: ServiceAccount
name: heapster
- namespace: "{{ metrics_project }}"
+ namespace: "{{ openshift_metrics_project }}"
diff --git a/roles/openshift_metrics/tasks/install_hawkular.yaml b/roles/openshift_metrics/tasks/install_hawkular.yaml
index 670396f6e..9a39cce34 100644
--- a/roles/openshift_metrics/tasks/install_hawkular.yaml
+++ b/roles/openshift_metrics/tasks/install_hawkular.yaml
@@ -10,35 +10,35 @@
vars:
node: "{{ item }}"
master: "{{ (item == '1')|string|lower }}"
- with_sequence: count={{ hawkular_cassandra_nodes }}
+ with_sequence: count={{ openshift_metrics_hawkular_cassandra_nodes }}
- name: generate hawkular-cassandra persistent volume claims
template:
src: pvc.j2
dest: "{{ mktemp.stdout }}/templates/hawkular-cassandra-pvc{{ item }}.yaml"
vars:
- obj_name: "{{ hawkular_cassandra_pv_prefix }}-{{ item }}"
+ obj_name: "{{ openshift_metrics_hawkular_cassandra_pv_prefix }}-{{ item }}"
labels:
metrics-infra: hawkular-cassandra
access_modes:
- ReadWriteOnce
- size: "{{ hawkular_cassandra_pv_size }}"
- with_sequence: count={{ hawkular_cassandra_nodes }}
- when: hawkular_cassandra_storage_type == 'pv'
+ size: "{{ openshift_metrics_hawkular_cassandra_pv_size }}"
+ with_sequence: count={{ openshift_metrics_hawkular_cassandra_nodes }}
+ when: openshift_metrics_hawkular_cassandra_storage_type == 'pv'
- name: generate hawkular-cassandra persistent volume claims (dynamic)
template:
src: pvc.j2
dest: "{{ mktemp.stdout }}/templates/hawkular-cassandra-pvc{{ item }}.yaml"
vars:
- obj_name: "{{ hawkular_cassandra_pv_prefix }}-{{ item }}"
+ obj_name: "{{ openshift_metrics_hawkular_cassandra_pv_prefix }}-{{ item }}"
labels:
metrics-infra: hawkular-cassandra
annotations:
volume.alpha.kubernetes.io/storage-class: dynamic
access_modes:
- ReadWriteOnce
- size: "{{ hawkular_cassandra_pv_size }}"
- with_sequence: count={{ hawkular_cassandra_nodes }}
- when: hawkular_cassandra_storage_type == 'dynamic'
+ size: "{{ openshift_metrics_hawkular_cassandra_pv_size }}"
+ with_sequence: count={{ openshift_metrics_hawkular_cassandra_nodes }}
+ when: openshift_metrics_hawkular_cassandra_storage_type == 'dynamic'
- name: generate the hawkular-metrics route
template:
src: route.j2
diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml
index e9a5fbebd..79aae1e0b 100644
--- a/roles/openshift_metrics/tasks/main.yaml
+++ b/roles/openshift_metrics/tasks/main.yaml
@@ -1,13 +1,13 @@
---
- name: check that hawkular_metrics_hostname is set
- fail: msg='the hawkular_metrics_hostname variable is required'
- when: "{{ hawkular_metrics_hostname is not defined }}"
-- name: check the value of hawkular_cassandra_storage_type
+ fail: msg='the openshift_metrics_hawkular_metrics_hostname variable is required'
+ when: "{{ openshift_metrics_hawkular_metrics_hostname is not defined }}"
+- name: check the value of openshift_metrics_hawkular_cassandra_storage_type
fail:
msg: >
- hawkular_cassandra_storage_type ({{ hawkular_cassandra_storage_type }})
+ openshift_metrics_hawkular_cassandra_storage_type ({{ openshift_metrics_hawkular_cassandra_storage_type }})
is invalid, must be one of: emptydir, pv, dynamic
- when: hawkular_cassandra_storage_type not in hawkular_cassandra_storage_types
+ when: openshift_metrics_hawkular_cassandra_storage_type not in openshift_metrics_hawkular_cassandra_storage_types
- name: Install Metrics
include: "{{ role_path }}/tasks/install_{{ include_file }}.yaml"
with_items:
@@ -18,7 +18,7 @@
loop_var: include_file
- name: create objects
command: >
- {{ openshift.common.client_binary }} -n '{{ metrics_project }}'
+ {{ openshift.common.client_binary }} -n '{{ openshift_metrics_project }}'
apply -f {{ item }}
with_fileglob:
- "{{ mktemp.stdout }}/templates/*.yaml"
diff --git a/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2 b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
index bb8866263..525f32859 100644
--- a/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
+++ b/roles/openshift_metrics/templates/hawkular_cassandra_rc.j2
@@ -20,7 +20,7 @@ spec:
spec:
serviceAccount: cassandra
containers:
- - image: "{{ image_prefix }}metrics-cassandra:{{ image_version }}"
+ - image: "{{ openshift_metrics_image_prefix }}metrics-cassandra:{{ openshift_metrics_image_version }}"
name: hawkular-cassandra-{{ node }}
ports:
- name: cql-port
@@ -83,11 +83,11 @@ spec:
terminationGracePeriodSeconds: 1800
volumes:
- name: cassandra-data
-{% if hawkular_cassandra_storage_type == 'emptydir' %}
+{% if openshift_metrics_hawkular_cassandra_storage_type == 'emptydir' %}
emptyDir: {}
{% else %}
persistentVolumeClaim:
- claimName: "{{ hawkular_cassandra_pv_prefix }}-{{ node }}"
+ claimName: "{{ openshift_metrics_hawkular_cassandra_pv_prefix }}-{{ node }}"
{% endif %}
- name: hawkular-cassandra-secrets
secret:
diff --git a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2 b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
index bcfe9dc84..6f1275809 100644
--- a/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
+++ b/roles/openshift_metrics/templates/hawkular_metrics_rc.j2
@@ -18,7 +18,7 @@ spec:
spec:
serviceAccount: hawkular
containers:
- - image: {{image_prefix}}metrics-hawkular-metrics:{{image_version}}
+ - image: {{openshift_metrics_image_prefix}}metrics-hawkular-metrics:{{openshift_metrics_image_version}}
name: hawkular-metrics
ports:
- name: http-endpoint
@@ -36,7 +36,7 @@ spec:
- "-Dhawkular.metrics.openshift.auth-methods=openshift-oauth,htpasswd"
- "-Dhawkular.metrics.openshift.htpasswd-file=/secrets/hawkular-metrics.htpasswd.file"
- "-Dhawkular.metrics.allowed-cors-access-control-allow-headers=authorization"
- - "-Dhawkular.metrics.default-ttl={{metrics_duration}}"
+ - "-Dhawkular.metrics.default-ttl={{openshift_metrics_duration}}"
- "-Dhawkular-alerts.cassandra-nodes=hawkular-cassandra"
- "-Dhawkular-alerts.cassandra-use-ssl"
- "-Dhawkular.alerts.openshift.auth-methods=openshift-oauth,htpasswd"
@@ -44,8 +44,8 @@ spec:
- "-Dhawkular.alerts.allowed-cors-access-control-allow-headers=authorization"
- "-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"
- "-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
- - "-DKUBERNETES_MASTER_URL={{master_url}}"
- - "-DUSER_WRITE_ACCESS={{hawkular_user_write_access}}"
+ - "-DKUBERNETES_MASTER_URL={{openshift_metrics_master_url}}"
+ - "-DUSER_WRITE_ACCESS={{openshift_metrics_hawkular_user_write_access}}"
- "--hmw.keystore=/secrets/hawkular-metrics.keystore"
- "--hmw.truststore=/secrets/hawkular-metrics.truststore"
- "--hmw.keystore_password_file=/secrets/hawkular-metrics.keystore.password"
@@ -59,7 +59,7 @@ spec:
fieldRef:
fieldPath: metadata.namespace
- name: MASTER_URL
- value: "{{ master_url }}"
+ value: "{{ openshift_metrics_master_url }}"
- name: OPENSHIFT_KUBE_PING_NAMESPACE
valueFrom:
fieldRef:
diff --git a/roles/openshift_metrics/templates/heapster.j2 b/roles/openshift_metrics/templates/heapster.j2
index 779be0145..e4b4b9739 100644
--- a/roles/openshift_metrics/templates/heapster.j2
+++ b/roles/openshift_metrics/templates/heapster.j2
@@ -20,29 +20,29 @@ spec:
serviceAccountName: heapster
containers:
- name: heapster
- image: {{image_prefix}}metrics-heapster:{{image_version}}
+ image: {{openshift_metrics_image_prefix}}metrics-heapster:{{openshift_metrics_image_version}}
ports:
- containerPort: 8082
name: "http-endpoint"
command:
- "heapster-wrapper.sh"
- "--wrapper.allowed_users_file=/secrets/heapster.allowed-users"
- - "--source=kubernetes:{{master_url}}?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250"
+ - "--source=kubernetes:{{openshift_metrics_master_url}}?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250"
- "--tls_cert=/secrets/heapster.cert"
- "--tls_key=/secrets/heapster.key"
- "--tls_client_ca=/secrets/heapster.client-ca"
- "--allowed_users=%allowed_users%"
- - "--metric_resolution={{metrics_resolution}}"
-{% if not heapster_standalone %}
+ - "--metric_resolution={{openshift_metrics_resolution}}"
+{% if not openshift_metrics_heapster_standalone %}
- "--wrapper.username_file=/hawkular-account/hawkular-metrics.username"
- "--wrapper.password_file=/hawkular-account/hawkular-metrics.password"
- "--wrapper.endpoint_check=https://hawkular-metrics:443/hawkular/metrics/status"
- - "--sink=hawkular:https://hawkular-metrics:443?tenant=_system&labelToTenant=pod_namespace&labelNodeId={{metrics_node_id}}&caCert=/hawkular-cert/hawkular-metrics-ca.certificate&user=%username%&pass=%password%&filter=label(container_name:^system.slice.*|^user.slice)"
+ - "--sink=hawkular:https://hawkular-metrics:443?tenant=_system&labelToTenant=pod_namespace&labelNodeId={{openshift_metrics_node_id}}&caCert=/hawkular-cert/hawkular-metrics-ca.certificate&user=%username%&pass=%password%&filter=label(container_name:^system.slice.*|^user.slice)"
{% endif %}
volumeMounts:
- name: heapster-secrets
mountPath: "/secrets"
-{% if not heapster_standalone %}
+{% if not openshift_metrics_heapster_standalone %}
- name: hawkular-metrics-certificate
mountPath: "/hawkular-cert"
- name: hawkular-metrics-account
@@ -56,7 +56,7 @@ spec:
- name: heapster-secrets
secret:
secretName: heapster-secrets
-{% if not heapster_standalone %}
+{% if not openshift_metrics_heapster_standalone %}
- name: hawkular-metrics-certificate
secret:
secretName: hawkular-metrics-certificate
diff --git a/roles/openshift_metrics/vars/main.yaml b/roles/openshift_metrics/vars/main.yaml
index eb02a87fd..25307c23c 100644
--- a/roles/openshift_metrics/vars/main.yaml
+++ b/roles/openshift_metrics/vars/main.yaml
@@ -1,4 +1,4 @@
-hawkular_cassandra_storage_types:
+openshift_metrics_hawkular_cassandra_storage_types:
- emptydir
- pv
- dynamic