From ce4034672fa8f2371b8bbf52ff04747583b4edda Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 10 Nov 2016 17:02:24 -0500
Subject: Add updates for containerized

---
 README_CONTAINERIZED_INSTALLATION.md               | 10 +++---
 .../upgrades/etcd/containerized_tasks.yml          | 39 ++++++++++++++++++++++
 .../upgrades/etcd/files/etcdctl.sh                 |  1 +
 .../openshift-cluster/upgrades/etcd/main.yml       | 21 ++++++++----
 roles/etcd/etcdctl.sh                              | 11 ++++++
 roles/openshift_facts/library/openshift_facts.py   |  6 ++--
 6 files changed, 74 insertions(+), 14 deletions(-)
 create mode 100644 playbooks/common/openshift-cluster/upgrades/etcd/containerized_tasks.yml
 create mode 120000 playbooks/common/openshift-cluster/upgrades/etcd/files/etcdctl.sh
 create mode 100644 roles/etcd/etcdctl.sh

diff --git a/README_CONTAINERIZED_INSTALLATION.md b/README_CONTAINERIZED_INSTALLATION.md
index c615154ef..0a0ebb836 100644
--- a/README_CONTAINERIZED_INSTALLATION.md
+++ b/README_CONTAINERIZED_INSTALLATION.md
@@ -31,7 +31,7 @@ native clients.
 The wrapper scripts mount a limited subset of paths, _~/.kube_, _/etc/origin/_,
 and _/tmp_. Be mindful of this when passing in files to be processed by `oc` or
  `oadm`. You may find it easier to redirect input like this :
- 
+
  `oc create -f - < my_file.json`
 
 ## Technical Notes
@@ -48,18 +48,18 @@ before attempting to pull any of the following images.
         openshift/origin
         openshift/node (node + openshift-sdn + openvswitch rpm for client tools)
         openshift/openvswitch (centos7 + openvswitch rpm, runs ovsdb ovsctl processes)
-        registry.access.redhat.com/rhel7/etcd
+        registry.access.redhat.com/rhel7/etcd3
     OpenShift Enterprise
         openshift3/ose
         openshift3/node
         openshift3/openvswitch
-        registry.access.redhat.com/rhel7/etcd
+        registry.access.redhat.com/rhel7/etcd3
     Atomic Enterprise Platform
         aep3/aep
         aep3/node
         aep3/openvswitch
-        registry.access.redhat.com/rhel7/etcd
-        
+        registry.access.redhat.com/rhel7/etcd3
+
   * note openshift3/* and aep3/* images come from registry.access.redhat.com and
 rely on the --additional-repository flag being set appropriately.
 
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/containerized_tasks.yml b/playbooks/common/openshift-cluster/upgrades/etcd/containerized_tasks.yml
new file mode 100644
index 000000000..2cbe3b729
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/etcd/containerized_tasks.yml
@@ -0,0 +1,39 @@
+---
+- name: Verify cluster is healthy pre-upgrade
+  command: "etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://{{ openshift.common.hostname }}:2379 cluster-health"
+
+- name: Update systemd unit
+  openshift_facts:
+    role: etcd
+
+- name: Set etcd3 image name
+  set_fact:
+    new_etcd_image: "{{ openshift.etcd.etcd_image | regex_replace('/etcd$','/etcd3') }}"
+
+- name: Pull new etcd image
+  command: "docker pull {{ new_etcd_image }}"
+
+- name: Update to latest etcd image
+  replace:
+    dest: /etc/systemd/system/etcd_container.service
+    regexp: "{{ openshift.etcd.etcd_image }}$"
+    replace: "{{ new_etcd_image }}"
+
+- name: Update etcd package not excluding etcd3
+  systemd:
+    name: etcd_container
+    daemon_reload: yes
+    state: restarted
+
+- name: Verify cluster is healthy
+  command: "etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://{{ openshift.common.hostname }}:2379 cluster-health"
+  register: etcdctl
+  until: etcdctl.rc == 0
+  retries: 3
+  delay: 10
+
+- name: Store new etcd_image
+  openshift_facts:
+    role: etcd
+    local_facts:
+    - etcd_image: "{{ new_etcd_image }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/files/etcdctl.sh b/playbooks/common/openshift-cluster/upgrades/etcd/files/etcdctl.sh
new file mode 120000
index 000000000..641e04e44
--- /dev/null
+++ b/playbooks/common/openshift-cluster/upgrades/etcd/files/etcdctl.sh
@@ -0,0 +1 @@
+../roles/etcd/files/etcdctl.sh
\ No newline at end of file
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml b/playbooks/common/openshift-cluster/upgrades/etcd/main.yml
index e1c092dbe..22af9e7e2 100644
--- a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml
+++ b/playbooks/common/openshift-cluster/upgrades/etcd/main.yml
@@ -34,8 +34,10 @@
   hosts: etcd_hosts_to_upgrade
   tasks:
   - name: Record etcd version
-    command: rpm -q --qf '%{version}' etcd
+    command: rpm -qa --qf '%{version}' etcd\*
     register: etcd_installed_version
+    failed_when: false
+    when: not openshift.common.is_containerized | bool
 
 # I really dislike this copy/pasta but I wasn't able to find a way to get it to loop
 # through hosts, then loop through tasks only when appropriate
@@ -46,7 +48,7 @@
     upgrade_version: '2.1'
   tasks:
   - include: rhel_tasks.yml
-    when: etcd_installed_version.stdout | version_compare('2.1','<') and ansible_distribution == 'RedHat'
+    when: etcd_installed_version.stdout | default('99') | version_compare('2.1','<') and ansible_distribution == 'RedHat' and not openshift.common.is_containerized | bool
 
 - name: Upgrade to 2.2
   hosts: etcd_hosts_to_upgrade
@@ -55,7 +57,7 @@
     upgrade_version: '2.2'
   tasks:
   - include: rhel_tasks.yml
-    when: etcd_installed_version.stdout | version_compare('2.2','<') and ansible_distribution == 'RedHat'
+    when: etcd_installed_version.stdout | default('99') | version_compare('2.2','<') and ansible_distribution == 'RedHat' and not openshift.common.is_containerized | bool
 
 - name: Upgrade to 2.3
   hosts: etcd_hosts_to_upgrade
@@ -64,7 +66,7 @@
     upgrade_version: '2.3'
   tasks:
   - include: rhel_tasks.yml
-    when: etcd_installed_version.stdout | version_compare('2.3','<') and ansible_distribution == 'RedHat'
+    when: etcd_installed_version.stdout | default('99') | version_compare('2.3','<') and ansible_distribution == 'RedHat' and not openshift.common.is_containerized | bool
 
 - name: Upgrade to 3.0
   hosts: etcd_hosts_to_upgrade
@@ -73,14 +75,21 @@
     upgrade_version: '3.0'
   tasks:
   - include: rhel_tasks.yml
-    when: etcd_installed_version.stdout | version_compare('3.0','<') and ansible_distribution == 'RedHat'
+    when: etcd_installed_version.stdout | default('99') | version_compare('3.0','<') and ansible_distribution == 'RedHat' and not openshift.common.is_containerized | bool
 
 - name: Upgrade fedora to latest
   hosts: etcd_hosts_to_upgrade
   serial: 1
   tasks:
   - include: fedora_tasks.yml
-    when: ansible_distribution == 'Fedora'
+    when: ansible_distribution == 'Fedora' and not openshift.common.is_containerized | bool
+
+- name: Upgrade containerized hosts to etcd3 image
+  hosts: etcd_hosts_to_upgrade
+  serial: 1
+  tasks:
+  - include: containerized_tasks.yml
+    when: openshift.common.is_containerized | bool
 
 - name: Backup etcd
   include: backup.yml
diff --git a/roles/etcd/etcdctl.sh b/roles/etcd/etcdctl.sh
new file mode 100644
index 000000000..0e324a8a9
--- /dev/null
+++ b/roles/etcd/etcdctl.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because
+# command flags are different between the two. Should work on stand
+# alone etcd hosts and master + etcd hosts too because we use the peer keys.
+etcdctl2() {
+ /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@}
+}
+
+etcdctl3() {
+ ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@}
+}
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index a28b58e85..d797eb4d3 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1595,7 +1595,7 @@ def set_container_facts_if_unset(facts):
         cli_image = master_image
         node_image = 'openshift3/node'
         ovs_image = 'openshift3/openvswitch'
-        etcd_image = 'registry.access.redhat.com/rhel7/etcd'
+        etcd_image = 'registry.access.redhat.com/rhel7/etcd3'
         pod_image = 'openshift3/ose-pod'
         router_image = 'openshift3/ose-haproxy-router'
         registry_image = 'openshift3/ose-docker-registry'
@@ -1605,7 +1605,7 @@ def set_container_facts_if_unset(facts):
         cli_image = master_image
         node_image = 'aep3_beta/node'
         ovs_image = 'aep3_beta/openvswitch'
-        etcd_image = 'registry.access.redhat.com/rhel7/etcd'
+        etcd_image = 'registry.access.redhat.com/rhel7/etcd3'
         pod_image = 'aep3_beta/aep-pod'
         router_image = 'aep3_beta/aep-haproxy-router'
         registry_image = 'aep3_beta/aep-docker-registry'
@@ -1615,7 +1615,7 @@ def set_container_facts_if_unset(facts):
         cli_image = master_image
         node_image = 'openshift/node'
         ovs_image = 'openshift/openvswitch'
-        etcd_image = 'registry.access.redhat.com/rhel7/etcd'
+        etcd_image = 'registry.access.redhat.com/rhel7/etcd3'
         pod_image = 'openshift/origin-pod'
         router_image = 'openshift/origin-haproxy-router'
         registry_image = 'openshift/origin-docker-registry'
-- 
cgit v1.2.1