Remove an option to install 4.0 on Atomic Hosts

README_CONTAINERIZED_INSTALLATION.md

@@ -1,99 +0,0 @@
-# Overview
-
-Users may now deploy containerized versions of OpenShift Origin, OpenShift
-Enterprise on [Atomic Host](https://projectatomic.io) or RHEL, Centos, and
-Fedora. This includes OpenvSwitch based SDN.
-
-
-## Installing on Atomic Host
-
-When installing on Atomic Host you will automatically have containerized
-installation methods selected for you based on detection of _/run/ostree-booted_
-
-## Installing on RHEL, Centos, or Fedora
-
-Currently the default installation method for traditional operating systems is
-via RPMs. If you wish to deploy using containerized installation you may set the
-ansible variable 'containerized=true' on a per host basis. This means that you
-may easily deploy environments mixing containerized and RPM based installs. At
-this point we don't suggest deploying heterogeneous environments.
-
-## CLI Wrappers
-
-When using containerized installations openshift-ansible will deploy a wrapper
-script on each master located in _/usr/local/bin/openshift_ and a set of
-symbolic links _/usr/local/bin/oc_, _/usr/local/bin/oadm_, and
-_/usr/local/bin/kubectl_ to ease administrative tasks. The wrapper script spawns
-a new container on each invocation so you may notice it's slightly slower than
-native clients.
-
-The wrapper scripts mount a limited subset of paths, _~/.kube_, _/etc/origin/_,
-and _/tmp_. Be mindful of this when passing in files to be processed by `oc` or
- `oadm`. You may find it easier to redirect input like this :
-
- `oc create -f - < my_file.json`
-
-## Technical Notes
-
-### Requisite Images
-
-Based on your `openshift_deployment_type` the installer will make use of the following
-images. Because you may make use of a private repository we've moved the
-configuration of docker additional, insecure, and blocked registries to the
-beginning of the installation process ensuring that these settings are applied
-before attempting to pull any of the following images.
-
-    Origin
-        docker.io/openshift/origin
-        docker.io/openshift/node (node + openshift-sdn + openvswitch rpm for client tools)
-        docker.io/openshift/openvswitch (centos7 + openvswitch rpm, runs ovsdb ovsctl processes)
-        registry.redhat.io/rhel7/etcd
-    OpenShift Container Platform
-        registry.redhat.io/openshift3/ose
-        registry.redhat.io/openshift3/node
-        registry.redhat.io/openshift3/openvswitch
-        registry.redhat.io/rhel7/etcd
-
-  * note openshift3/* images come from registry.redhat.io and
-rely on the --additional-repository flag being set appropriately.
-
-### Starting and Stopping Containers
-
-The installer will create relevant systemd units which can be used to start,
-stop, and poll services via normal systemctl commands. These unit names match
-those of an RPM installation with the exception of the etcd service which will
-be named 'etcd_container'. This change is necessary as currently Atomic Host
-ships with etcd package installed as part of Atomic Host and we will instead use
-a containerized version. The installer will disable the built in etcd service.
-etcd is slated to be removed from os-tree in the future.
-
-### File Paths
-
-All configuration files are placed in the same locations as RPM based
-installations and will survive os-tree upgrades.
-
-The examples are installed into _/etc/origin/examples_ rather than
-_/usr/share/openshift/examples_ because that is read-only on Atomic Host.
-
-
-### Storage Requirements
-
-Atomic Host installs by default have a small root filesystem. However
-the etcd, master, and node containers will persist data in
-`/var/lib`. Please ensure that you have enough space on the root
-filesystem.  This is usually handled by
-[docker-storage-setup](https://github.com/projectatomic/docker-storage-setup/);
-set e.g. `ROOT_SIZE=20G` in `/etc/sysconfig/docker-storage-setup` in
-early host boot, such as inside a `cloud-init` boot hook.
-
-### OpenvSwitch SDN Initialization
-
-OpenShift SDN initialization requires that the docker bridge be reconfigured and
-docker is restarted. This complicates the situation when the node is running
-within a container. When using the OVS SDN you'll see the node start,
-reconfigure docker, restart docker which will restart all containers, and
-finally start successfully.
-
-The node service may fail to start and be restarted a few times because the
-master services are also restarted along with docker. We currently work around
-this by relying on Restart=always in the docker based systemd units.

playbooks/adhoc/uninstall_docker.yml

@@ -7,19 +7,6 @@
 #    images
 #    RPMs
 ---
-- hosts: OSEv3:children
-  become: yes
-  tasks:
-  - name: Detecting Operating System
-    shell: ls /run/ostree-booted
-    ignore_errors: yes
-    failed_when: false
-    register: ostree_output
-
-  # Since we're not calling openshift_facts we'll do this for now
-  - set_fact:
-      openshift_is_atomic: "{{ ostree_output.rc == 0 }}"
-
 - hosts: nodes:masters
   become: yes
   tasks:

playbooks/adhoc/uninstall_openshift.yml

@@ -7,19 +7,6 @@
 #    images
 #    RPMs
 ---
-- hosts: OSEv3:children
-  become: yes
-  tasks:
-  - name: Detecting Operating System
-    shell: ls /run/ostree-booted
-    ignore_errors: yes
-    failed_when: false
-    register: ostree_output
-
-  # Since we're not calling openshift_facts we'll do this for now
-  - set_fact:
-      openshift_is_atomic: "{{ ostree_output.rc == 0 }}"
-
 # Stop services on all hosts prior to removing files.
 - hosts: nodes
   become: yes
@@ -83,58 +70,55 @@
   - when: openshift_remove_all | default(true) | bool
     block:
 
-    - when: not openshift_is_atomic | bool
-      block:
-
-      - name: Remove packages
-        package:
-          name: "{{ pkg_list | join(',') }} "
-          state: absent
-        vars:
-          pkg_list:
-          - atomic-openshift
-          - atomic-openshift-clients
-          - atomic-openshift-excluder
-          - atomic-openshift-docker-excluder
-          - atomic-openshift-node
-          - atomic-openshift-sdn-ovs
-          - atomic-openshift-hyperkube
-          - cockpit-bridge
-          - cockpit-docker
-          - cockpit-system
-          - cockpit-ws
-          - kubernetes-client
-          - openshift
-          - openshift-node
-          - openshift-sdn
-          - openshift-sdn-ovs
-          - origin
-          - origin-excluder
-          - origin-docker-excluder
-          - origin-clients
-          - origin-node
-          - origin-sdn-ovs
-          - origin-hyperkube
-          - tuned-profiles-atomic-openshift-node
-          - tuned-profiles-origin-node
-        register: result
-        until: result is succeeded
-
-      - name: Remove OVS package
-        package:
-          name: openvswitch
-          state: absent
-        register: result
-        until: result is succeeded
-        when: openshift_use_openshift_sdn | default(True) | bool
-
-      - name: Remove flannel package
-        package:
-          name: flannel
-          state: absent
-        when: openshift_use_flannel | default(false) | bool
-        register: result
-        until: result is succeeded
+    - name: Remove packages
+      package:
+        name: "{{ pkg_list | join(',') }} "
+        state: absent
+      vars:
+        pkg_list:
+        - atomic-openshift
+        - atomic-openshift-clients
+        - atomic-openshift-excluder
+        - atomic-openshift-docker-excluder
+        - atomic-openshift-node
+        - atomic-openshift-sdn-ovs
+        - atomic-openshift-hyperkube
+        - cockpit-bridge
+        - cockpit-docker
+        - cockpit-system
+        - cockpit-ws
+        - kubernetes-client
+        - openshift
+        - openshift-node
+        - openshift-sdn
+        - openshift-sdn-ovs
+        - origin
+        - origin-excluder
+        - origin-docker-excluder
+        - origin-clients
+        - origin-node
+        - origin-sdn-ovs
+        - origin-hyperkube
+        - tuned-profiles-atomic-openshift-node
+        - tuned-profiles-origin-node
+      register: result
+      until: result is succeeded
+
+    - name: Remove OVS package
+      package:
+        name: openvswitch
+        state: absent
+      register: result
+      until: result is succeeded
+      when: openshift_use_openshift_sdn | default(True) | bool
+
+    - name: Remove flannel package
+      package:
+        name: flannel
+        state: absent
+      when: openshift_use_flannel | default(false) | bool
+      register: result
+      until: result is succeeded
 
     - shell: systemctl reset-failed
       changed_when: False
@@ -321,7 +305,6 @@
       name: "{{ pkg_list | join(',') }}"
       state: absent
     when:
-    - not openshift_is_atomic | bool
     - openshift_remove_all | default(True) | bool
     vars:
       pkg_list:
@@ -435,7 +418,6 @@
       name: "{{ pkg_list | join(',') }}"
       state: absent
     when:
-    - not openshift_is_atomic | bool
     - openshift_remove_all | default(True) | bool
     vars:
       pkg_list:
@@ -500,7 +482,6 @@
       name: haproxy
       state: absent
     when:
-    - not openshift_is_atomic | bool
     - openshift_remove_all | default(True) | bool
     register: result
     until: result is succeeded

playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml

@@ -31,10 +31,6 @@
   roles:
   - openshift_facts
   tasks:
-  - fail:
-      msg: Cannot upgrade Docker on Atomic operating systems.
-    when: openshift_is_atomic | bool
-
   - import_role:
       name: container_runtime
       tasks_from: docker_upgrade_check.yml

playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml

@@ -10,39 +10,31 @@
     tasks_from: registry_auth.yml
   when: oreg_auth_user is defined
 
-- name: Verify containers are available for upgrade
-  command: "{{ openshift_container_cli }} pull {{ openshift_cli_image }}"
-  register: pull_result
-  changed_when: "'Downloaded newer image' in pull_result.stdout"
-  when: openshift_is_atomic | bool
+- name: Check latest available OpenShift RPM version
+  repoquery:
+    name: "{{ openshift_service_type }}{{ '-' ~ openshift_version ~ '*' }}"
+    ignore_excluders: true
+  register: repoquery_out
 
-- when: not openshift_is_atomic | bool
-  block:
-  - name: Check latest available OpenShift RPM version
-    repoquery:
-      name: "{{ openshift_service_type }}{{ '-' ~ openshift_version ~ '*' }}"
-      ignore_excluders: true
-    register: repoquery_out
-
-  - name: Fail when unable to determine available OpenShift RPM version
-    fail:
-      msg: "Unable to determine available OpenShift RPM version"
-    when:
-    - not repoquery_out.results.package_found
+- name: Fail when unable to determine available OpenShift RPM version
+  fail:
+    msg: "Unable to determine available OpenShift RPM version"
+  when:
+  - not repoquery_out.results.package_found
 
-  - name: Set fact avail_openshift_version
-    set_fact:
-      avail_openshift_version: "{{ repoquery_out.results.versions.available_versions_full.0 }}"
-  - name: Set openshift_pkg_version when not specified
-    set_fact:
-      openshift_pkg_version: "-{{ repoquery_out.results.versions.available_versions_full.0 }}"
-    when: openshift_pkg_version | default('') == ''
+- name: Set fact avail_openshift_version
+  set_fact:
+    avail_openshift_version: "{{ repoquery_out.results.versions.available_versions_full.0 }}"
+- name: Set openshift_pkg_version when not specified
+  set_fact:
+    openshift_pkg_version: "-{{ repoquery_out.results.versions.available_versions_full.0 }}"
+  when: openshift_pkg_version | default('') == ''
 
-  - name: Verify OpenShift RPMs are available for upgrade
-    fail:
-      msg: "OpenShift {{ avail_openshift_version }} is available, but {{ openshift_upgrade_target }} or greater is required"
-    when:
-    - (openshift_pkg_version | default('-0.0', True)).split('-')[1] is version(openshift_upgrade_target, '<')
+- name: Verify OpenShift RPMs are available for upgrade
+  fail:
+    msg: "OpenShift {{ avail_openshift_version }} is available, but {{ openshift_upgrade_target }} or greater is required"
+  when:
+  - (openshift_pkg_version | default('-0.0', True)).split('-')[1] is version(openshift_upgrade_target, '<')
 
 - name: Fail when openshift version does not meet minimum requirement for Origin upgrade
   fail:

playbooks/init/base_packages.yml

@@ -11,8 +11,6 @@
     failed_when: false
     register: chrony_installed
 
-  # chrony is installed on atomic host by default, so no need to worry about
-  # atomic here.
   - name: Install ntp package
     package:
       name: ntp
@@ -27,24 +25,21 @@
     command: timedatectl set-ntp true
     when: openshift_clock_enabled | default(True) | bool
 
-  - when:
-    - not openshift_is_atomic | bool
-    block:
-    - name: Ensure openshift-ansible installer package deps are installed
-      package:
-        name: "{{ pkg_list | join(',') }}"
-        state: present
-      vars:
-        pkg_list_temp:
-        - iproute
-        - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}"
-        - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}"
-        - libsemanage-python
-        - yum-utils
-        - "{{ 'python3-docker' if ansible_distribution == 'Fedora' else 'python-docker' }}"
-        pkg_list_non_fedora:
-        - 'python-ipaddress'
-        pkg_list_use_non_fedora: "{{ ansible_distribution != 'Fedora' | bool }}"
-        pkg_list: "{{ pkg_list_non_fedora | ternary(pkg_list_non_fedora, []) + pkg_list_temp }}"
-      register: result
-      until: result is succeeded
+  - name: Ensure openshift-ansible installer package deps are installed
+    package:
+      name: "{{ pkg_list | join(',') }}"
+      state: present
+    vars:
+      pkg_list_temp:
+      - iproute
+      - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}"
+      - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}"
+      - libsemanage-python
+      - yum-utils
+      - "{{ 'python3-docker' if ansible_distribution == 'Fedora' else 'python-docker' }}"
+      pkg_list_non_fedora:
+      - 'python-ipaddress'
+      pkg_list_use_non_fedora: "{{ ansible_distribution != 'Fedora' | bool }}"
+      pkg_list: "{{ pkg_list_non_fedora | ternary(pkg_list_non_fedora, []) + pkg_list_temp }}"
+    register: result
+    until: result is succeeded

playbooks/init/basic_facts.yml

@@ -32,32 +32,6 @@
     - openshift_deployment_type is undefined
     - deployment_type is defined
 
-  - name: initialize_facts set fact openshift_is_atomic
-    set_fact:
-      openshift_is_atomic: "{{ ostree_booted.stat.exists }}"
-
-  # TODO: Should this be moved into health checks??
-  # Seems as though any check that happens with a corresponding fail should move into health_checks
-  # Fail as early as possible if Atomic and old version of Docker
-  - when:
-    - openshift_is_atomic | bool
-    block:
-
-    # See https://access.redhat.com/articles/2317361
-    # and https://github.com/ansible/ansible/issues/15892
-    # NOTE: the "'s can not be removed at this level else the docker command will fail
-    # NOTE: When ansible >2.2.1.x is used this can be updated per
-    # https://github.com/openshift/openshift-ansible/pull/3475#discussion_r103525121
-    - name: Determine Atomic Host Docker Version
-      shell: 'CURLY="{"; docker version --format "$CURLY{json .Server.Version}}"'
-      register: l_atomic_docker_version
-
-    - name: assert atomic host docker version is 1.12 or later
-      assert:
-        that:
-        - l_atomic_docker_version.stdout | replace('"', '') is version('1.12','>=')
-        msg: Installation on Atomic Host requires Docker 1.12 or later. Please upgrade and restart the Atomic Host.
-
 - name: Retrieve existing master configs and validate
   hosts: oo_masters_to_config
   gather_facts: no

playbooks/openshift-etcd/private/config.yml

@@ -21,14 +21,6 @@
   hosts: oo_etcd_to_config
   any_errors_fatal: true
   tasks:
-  - fail:
-      msg: >
-        etcd stand-alone hosts on atomic is no longer supported. Please
-        co-locate your etcd hosts with masters.
-    when:
-    - openshift_is_atomic | bool
-    - not inventory_hostname in groups['oo_masters']
-
   - import_role:
       name: etcd
       tasks_from: set_facts.yml

playbooks/openshift-master/private/additional_config.yml

@@ -37,7 +37,6 @@
     when: openshift_use_manageiq | default(true) | bool
   - role: cockpit
     when:
-    - not openshift_is_atomic | bool
     - openshift_deployment_type == 'openshift-enterprise'
     - osm_use_cockpit is undefined or osm_use_cockpit | bool
     - (openshift_deployment_subtype | default('')) != 'registry'

playbooks/openshift-node/private/network_manager.yml

@@ -3,19 +3,12 @@
   hosts: oo_all_hosts
   become: yes
   tasks:
-  - name: Detecting Operating System
-    shell: ls /run/ostree-booted
-    ignore_errors: yes
-    failed_when: false
-    register: ostree_output
-
   - name: install NetworkManager
     package:
       name: 'NetworkManager'
       state: present
     register: result
     until: result is succeeded
-    when: ostree_output.rc != 0
 
   - name: configure NetworkManager
     lineinfile:

roles/cockpit/tasks/main.yml

@@ -13,7 +13,6 @@
     - cockpit-bridge
     - cockpit-docker
     - "{{ cockpit_plugins | join(',') }}"
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 
@@ -22,4 +21,3 @@
     name: cockpit.socket
     enabled: true
     state: started
-  when: not openshift_is_atomic | bool

roles/container_runtime/tasks/common/atomic_proxy.yml

@@ -1,32 +0,0 @@
----
-# Set http_proxy, https_proxy, and no_proxy in /etc/atomic.conf
-# regexp: the line starts with or without #, followed by the string
-#         http_proxy, then either : or =
-- block:
-
-    - name: Add http_proxy to /etc/atomic.conf
-      lineinfile:
-        dest: /etc/atomic.conf
-        regexp: "^#?http_proxy[:=]{1}"
-        line: "http_proxy: {{ openshift.common.http_proxy | default('') }}"
-      when:
-        - openshift.common.http_proxy is defined
-        - openshift.common.http_proxy != ''
-
-    - name: Add https_proxy to /etc/atomic.conf
-      lineinfile:
-        dest: /etc/atomic.conf
-        regexp: "^#?https_proxy[:=]{1}"
-        line: "https_proxy: {{ openshift.common.https_proxy | default('') }}"
-      when:
-        - openshift.common.https_proxy is defined
-        - openshift.common.https_proxy != ''
-
-    - name: Add no_proxy to /etc/atomic.conf
-      lineinfile:
-        dest: /etc/atomic.conf
-        regexp: "^#?no_proxy[:=]{1}"
-        line: "no_proxy: {{ openshift.common.no_proxy | default('') }}"
-      when:
-        - openshift.common.no_proxy is defined
-        - openshift.common.no_proxy != ''

roles/container_runtime/tasks/docker_upgrade_check.yml

@@ -21,7 +21,6 @@
   retries: 4
   until: curr_docker_version is succeeded
   changed_when: false
-  when: not openshift_is_atomic | bool
 
 - name: Get latest available version of Docker
   command: >
@@ -31,17 +30,15 @@
   until: avail_docker_version is succeeded
   # Don't expect docker rpm to be available on hosts that don't already have it installed:
   when:
-    - not openshift_is_atomic | bool
     - pkg_check.rc == 0
   failed_when: false
   changed_when: false
 
-- name: Required docker version not available (non-atomic)
+- name: Required docker version not available
   fail:
     msg: "This playbook requires access to Docker {{ l_required_docker_version }} or later"
   # Disable the 1.12 requirement if the user set a specific Docker version
   when:
-    - not openshift_is_atomic | bool
     - docker_version is not defined
     - docker_upgrade | bool
     - pkg_check.rc == 0
@@ -55,7 +52,6 @@
 - set_fact:
     docker_version: "{{ avail_docker_version.stdout }}"
   when:
-    - not openshift_is_atomic | bool
     - pkg_check.rc == 0
     - docker_version is not defined
 
@@ -63,23 +59,5 @@
   set_fact:
     l_docker_upgrade: True
   when:
-    - not openshift_is_atomic | bool
     - pkg_check.rc == 0
     - curr_docker_version.stdout is version(docker_version,'<')
-
-# Additional checks for Atomic hosts:
-- name: Determine available Docker
-  shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker"
-  register: g_atomic_docker_version_result
-  when: openshift_is_atomic | bool
-
-- set_fact:
-    l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}"
-  when: openshift_is_atomic | bool
-
-- name: Required docker version is unavailable (atomic)
-  fail:
-    msg: "This playbook requires access to Docker {{ l_required_docker_version }} or later"
-  when:
-    - openshift_is_atomic | bool
-    - l_docker_version.avail_version | default(l_docker_version.curr_version, true) is version(l_required_docker_version,'<')

roles/container_runtime/tasks/package_crio.yml

@@ -1,9 +1,4 @@
 ---
-- name: Fail if Atomic Host since this is an rpm request
-  fail: msg='Cannot use CRI-O as a package on Atomic Host'
-  when:
-    - openshift_is_atomic | bool
-
 - import_tasks: common/pre.yml
 
 - name: Check that overlay is in the kernel

roles/container_runtime/tasks/package_docker.yml

@@ -1,14 +1,8 @@
 ---
 - import_tasks: common/pre.yml
 
-# In some cases, some services may be run as containers and docker may still
-# be installed via rpm.
-- import_tasks: common/atomic_proxy.yml
-  when: openshift_is_atomic
-
 - name: Get current installed Docker version
   command: "{{ repoquery_installed }} --qf '%{version}' docker"
-  when: not openshift_is_atomic | bool
   register: curr_docker_version
   retries: 4
   until: curr_docker_version is succeeded
@@ -24,8 +18,6 @@
   package:
     name: "{{ pkg_list | join(',') }}"
     state: present
-  when:
-  - not (openshift_is_atomic | bool)
   register: result
   until: result is succeeded
   vars:

roles/contiv/tasks/packageManagerInstall.yml

@@ -4,7 +4,7 @@
     did_install: false
 
 - include_tasks: pkgMgrInstallers/centos-install.yml
-  when: ansible_os_family == "RedHat" and not openshift_is_atomic | bool
+  when: ansible_os_family == "RedHat"
 
 - name: Package Manager | Set fact saying we did CentOS package install
   set_fact:

roles/contiv_facts/tasks/main.yml

@@ -60,4 +60,4 @@
   when: contiv_has_rpm
 
 - include_tasks: fedora-install.yml
-  when: not openshift_is_atomic and ansible_distribution == "Fedora"
+  when: ansible_distribution == "Fedora"

roles/etcd/defaults/main.yaml

@@ -63,7 +63,6 @@ r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt
 # etcd server & certificate vars
 etcd_hostname: "{{ openshift.common.hostname }}"
 etcd_ip: "{{ openshift.common.ip }}"
-etcd_is_atomic: "{{ openshift_is_atomic }}"
 etcd_is_thirdparty: False
 
 # etcd dir vars

roles/etcd/tasks/certificates/deploy_ca.yml

@@ -3,7 +3,6 @@
   package:
     name: openssl
     state: present
-  when: not etcd_is_atomic | bool
   delegate_to: "{{ etcd_ca_host }}"
   run_once: true
   register: result

roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml

@@ -3,8 +3,6 @@
   package:
     name: "etcd"
     state: present
-  when:
-  - not etcd_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/flannel/tasks/main.yml

@@ -4,7 +4,6 @@
   package:
     name: flannel
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/lib_openshift/library/oc_atomic_container.py

@@ -1,225 +0,0 @@
-#!/usr/bin/env python
-# pylint: disable=missing-docstring
-# flake8: noqa: T001
-#     ___ ___ _  _ ___ ___    _ _____ ___ ___
-#    / __| __| \| | __| _ \  /_\_   _| __|   \
-#   | (_ | _|| .` | _||   / / _ \| | | _|| |) |
-#    \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
-#   |   \ / _ \  | \| |/ _ \_   _| | __|   \_ _|_   _|
-#   | |) | (_) | | .` | (_) || |   | _|| |) | |  | |
-#   |___/ \___/  |_|\_|\___/ |_|   |___|___/___| |_|
-#
-# Copyright 2016 Red Hat, Inc. and/or its affiliates
-# and other contributors as indicated by the @author tags.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# -*- -*- -*- Begin included fragment: doc/atomic_container -*- -*- -*-
-
-DOCUMENTATION = '''
----
-module: oc_atomic_container
-short_description: Manage the container images on the atomic host platform
-description:
-    - Manage the container images on the atomic host platform
-    - Allows to execute the commands on the container images
-requirements:
-  - atomic
-  - "python >= 2.6"
-options:
-    name:
-        description:
-          - Name of the container
-        required: True
-        default: null
-    image:
-        description:
-          - The image to use to install the container
-        required: True
-        default: null
-    state:
-        description:
-          - State of the container
-        required: True
-        choices: ["latest", "absent", "latest", "rollback"]
-        default: "latest"
-    values:
-        description:
-          - Values for the installation of the container
-        required: False
-        default: None
-'''
-
-# -*- -*- -*- End included fragment: doc/atomic_container -*- -*- -*-
-
-# -*- -*- -*- Begin included fragment: ansible/oc_atomic_container.py -*- -*- -*-
-
-# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error
-import json
-import os
-
-from distutils.version import StrictVersion
-
-from ansible.module_utils.basic import AnsibleModule
-
-
-def _install(module, container, image, values_list):
-    ''' install a container using atomic CLI.  values_list is the list of --set arguments.
-    container is the name given to the container.  image is the image to use for the installation. '''
-    # NOTE: system-package=no is hardcoded. This should be changed to an option in the future.
-    args = ['atomic', 'install', '--system', '--system-package=no',
-            '--name=%s' % container] + values_list + [image]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        return rc, out, err, False
-    else:
-        changed = "Extracting" in out or "Copying blob" in out
-        return rc, out, err, changed
-
-def _uninstall(module, name):
-    ''' uninstall an atomic container by its name. '''
-    args = ['atomic', 'uninstall', name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    return rc, out, err, False
-
-def _ensure_service_file_is_removed(container):
-    '''atomic install won't overwrite existing service file, so it needs to be removed'''
-    service_path = '/etc/systemd/system/{}.service'.format(container)
-    if not os.path.exists(service_path):
-        return
-    os.remove(service_path)
-
-def do_install(module, container, image, values_list):
-    ''' install a container and exit the module. '''
-    _ensure_service_file_is_removed(container)
-
-    rc, out, err, changed = _install(module, container, image, values_list)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        module.exit_json(msg=out, changed=changed)
-
-
-def do_uninstall(module, name):
-    ''' uninstall a container and exit the module. '''
-    rc, out, err, changed = _uninstall(module, name)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    module.exit_json(msg=out, changed=changed)
-
-
-def do_update(module, container, old_image, image, values_list):
-    ''' update a container and exit the module.  If the container uses a different
-    image than the current installed one, then first uninstall the old one '''
-
-    # the image we want is different than the installed one
-    if old_image != image:
-        rc, out, err, _ = _uninstall(module, container)
-        if rc != 0:
-            module.fail_json(rc=rc, msg=err)
-        return do_install(module, container, image, values_list)
-
-    # if the image didn't change, use "atomic containers update"
-    args = ['atomic', 'containers', 'update'] + values_list + [container]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        changed = "Extracting" in out or "Copying blob" in out
-        module.exit_json(msg=out, changed=changed)
-
-
-def do_rollback(module, name):
-    ''' move to the previous deployment of the container, if present, and exit the module. '''
-    args = ['atomic', 'containers', 'rollback', name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        changed = "Rolling back" in out
-        module.exit_json(msg=out, changed=changed)
-
-
-def core(module):
-    ''' entrypoint for the module. '''
-    name = module.params['name']
-    image = module.params['image']
-    values = module.params['values']
-    state = module.params['state']
-
-    module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
-    out = {}
-    err = {}
-    rc = 0
-
-    values_list = ["--set=%s" % x for x in values] if values else []
-
-    args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-        return
-
-    # NOTE: "or '[]' is a workaround until atomic containers list --json
-    # provides an empty list when no containers are present.
-    containers = json.loads(out or '[]')
-    present = len(containers) > 0
-    old_image = containers[0]["image_name"] if present else None
-
-    if state == 'present' and present:
-        module.exit_json(msg=out, changed=False)
-    elif (state in ['latest', 'present']) and not present:
-        do_install(module, name, image, values_list)
-    elif state == 'latest':
-        do_update(module, name, old_image, image, values_list)
-    elif state == 'absent':
-        if not present:
-            module.exit_json(msg="", changed=False)
-        else:
-            do_uninstall(module, name)
-    elif state == 'rollback':
-        do_rollback(module, name)
-
-
-def main():
-    module = AnsibleModule(
-        argument_spec=dict(
-            name=dict(default=None, required=True),
-            image=dict(default=None, required=True),
-            state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']),
-            values=dict(type='list', default=[]),
-            ),
-        )
-
-    # Verify that the platform supports atomic command
-    rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
-    if rc != 0:
-        module.fail_json(msg="Error in running atomic command", err=err)
-    # This module requires atomic version 1.17.2 or later
-    atomic_version = StrictVersion(version_out.replace('\n', ''))
-    if atomic_version < StrictVersion('1.17.2'):
-        module.fail_json(
-            msg="atomic version 1.17.2+ is required",
-            err=str(atomic_version))
-
-    try:
-        core(module)
-    except Exception as e:  # pylint: disable=broad-except
-        module.fail_json(msg=str(e))
-
-
-if __name__ == '__main__':
-    main()
-
-# -*- -*- -*- End included fragment: ansible/oc_atomic_container.py -*- -*- -*-

roles/lib_openshift/src/ansible/oc_atomic_container.py

@@ -1,159 +0,0 @@
-# pylint: skip-file
-# flake8: noqa
-
-# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error
-import json
-import os
-
-from distutils.version import StrictVersion
-
-from ansible.module_utils.basic import AnsibleModule
-
-
-def _install(module, container, image, values_list):
-    ''' install a container using atomic CLI.  values_list is the list of --set arguments.
-    container is the name given to the container.  image is the image to use for the installation. '''
-    # NOTE: system-package=no is hardcoded. This should be changed to an option in the future.
-    args = ['atomic', 'install', '--system', '--system-package=no',
-            '--name=%s' % container] + values_list + [image]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        return rc, out, err, False
-    else:
-        changed = "Extracting" in out or "Copying blob" in out
-        return rc, out, err, changed
-
-def _uninstall(module, name):
-    ''' uninstall an atomic container by its name. '''
-    args = ['atomic', 'uninstall', name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    return rc, out, err, False
-
-def _ensure_service_file_is_removed(container):
-    '''atomic install won't overwrite existing service file, so it needs to be removed'''
-    service_path = '/etc/systemd/system/{}.service'.format(container)
-    if not os.path.exists(service_path):
-        return
-    os.remove(service_path)
-
-def do_install(module, container, image, values_list):
-    ''' install a container and exit the module. '''
-    _ensure_service_file_is_removed(container)
-
-    rc, out, err, changed = _install(module, container, image, values_list)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        module.exit_json(msg=out, changed=changed)
-
-
-def do_uninstall(module, name):
-    ''' uninstall a container and exit the module. '''
-    rc, out, err, changed = _uninstall(module, name)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    module.exit_json(msg=out, changed=changed)
-
-
-def do_update(module, container, old_image, image, values_list):
-    ''' update a container and exit the module.  If the container uses a different
-    image than the current installed one, then first uninstall the old one '''
-
-    # the image we want is different than the installed one
-    if old_image != image:
-        rc, out, err, _ = _uninstall(module, container)
-        if rc != 0:
-            module.fail_json(rc=rc, msg=err)
-        return do_install(module, container, image, values_list)
-
-    # if the image didn't change, use "atomic containers update"
-    args = ['atomic', 'containers', 'update'] + values_list + [container]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        changed = "Extracting" in out or "Copying blob" in out
-        module.exit_json(msg=out, changed=changed)
-
-
-def do_rollback(module, name):
-    ''' move to the previous deployment of the container, if present, and exit the module. '''
-    args = ['atomic', 'containers', 'rollback', name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-    else:
-        changed = "Rolling back" in out
-        module.exit_json(msg=out, changed=changed)
-
-
-def core(module):
-    ''' entrypoint for the module. '''
-    name = module.params['name']
-    image = module.params['image']
-    values = module.params['values']
-    state = module.params['state']
-
-    module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
-    out = {}
-    err = {}
-    rc = 0
-
-    values_list = ["--set=%s" % x for x in values] if values else []
-
-    args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name]
-    rc, out, err = module.run_command(args, check_rc=False)
-    if rc != 0:
-        module.fail_json(rc=rc, msg=err)
-        return
-
-    # NOTE: "or '[]' is a workaround until atomic containers list --json
-    # provides an empty list when no containers are present.
-    containers = json.loads(out or '[]')
-    present = len(containers) > 0
-    old_image = containers[0]["image_name"] if present else None
-
-    if state == 'present' and present:
-        module.exit_json(msg=out, changed=False)
-    elif (state in ['latest', 'present']) and not present:
-        do_install(module, name, image, values_list)
-    elif state == 'latest':
-        do_update(module, name, old_image, image, values_list)
-    elif state == 'absent':
-        if not present:
-            module.exit_json(msg="", changed=False)
-        else:
-            do_uninstall(module, name)
-    elif state == 'rollback':
-        do_rollback(module, name)
-
-
-def main():
-    module = AnsibleModule(
-        argument_spec=dict(
-            name=dict(default=None, required=True),
-            image=dict(default=None, required=True),
-            state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']),
-            values=dict(type='list', default=[]),
-            ),
-        )
-
-    # Verify that the platform supports atomic command
-    rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
-    if rc != 0:
-        module.fail_json(msg="Error in running atomic command", err=err)
-    # This module requires atomic version 1.17.2 or later
-    atomic_version = StrictVersion(version_out.replace('\n', ''))
-    if atomic_version < StrictVersion('1.17.2'):
-        module.fail_json(
-            msg="atomic version 1.17.2+ is required",
-            err=str(atomic_version))
-
-    try:
-        core(module)
-    except Exception as e:  # pylint: disable=broad-except
-        module.fail_json(msg=str(e))
-
-
-if __name__ == '__main__':
-    main()

roles/lib_openshift/src/doc/atomic_container

@@ -1,36 +0,0 @@
-# flake8: noqa
-# pylint: skip-file
-
-DOCUMENTATION = '''
----
-module: oc_atomic_container
-short_description: Manage the container images on the atomic host platform
-description:
-    - Manage the container images on the atomic host platform
-    - Allows to execute the commands on the container images
-requirements:
-  - atomic
-  - "python >= 2.6"
-options:
-    name:
-        description:
-          - Name of the container
-        required: True
-        default: null
-    image:
-        description:
-          - The image to use to install the container
-        required: True
-        default: null
-    state:
-        description:
-          - State of the container
-        required: True
-        choices: ["latest", "absent", "latest", "rollback"]
-        default: "latest"
-    values:
-        description:
-          - Values for the installation of the container
-        required: False
-        default: None
-'''

roles/lib_openshift/src/sources.yml

@@ -83,12 +83,6 @@ oc_adm_router.py:
 - class/oc_adm_router.py
 - ansible/oc_adm_router.py
 
-oc_atomic_container.py:
-- doc/generated
-- doc/license
-- doc/atomic_container
-- ansible/oc_atomic_container.py
-
 oc_configmap.py:
 - doc/generated
 - doc/license

roles/lib_utils/library/openshift_container_binary_sync.py

@@ -1,202 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# pylint: disable=missing-docstring,invalid-name
-
-import random
-import tempfile
-import shutil
-import os.path
-
-# pylint: disable=redefined-builtin,wildcard-import,unused-wildcard-import
-from ansible.module_utils.basic import *  # noqa: F403
-
-
-DOCUMENTATION = '''
----
-module: openshift_container_binary_sync
-short_description: Copies OpenShift binaries out of the given image tag to host system.
-'''
-
-
-class BinarySyncError(Exception):
-    def __init__(self, msg):
-        super(BinarySyncError, self).__init__(msg)
-        self.msg = msg
-
-
-# pylint: disable=too-few-public-methods,too-many-instance-attributes
-class BinarySyncer(object):
-    """
-    Syncs the openshift, oc, and kubectl binaries/symlinks out of
-    a container onto the host system.
-    """
-
-    def __init__(self, module, image, backend):
-        self.module = module
-        self.changed = False
-        self.output = []
-        self.bin_dir = '/usr/local/bin'
-        self._image = image
-        self.backend = backend
-        self.temp_dir = None  # TBD
-
-    def sync(self):
-        if self.backend == 'atomic':
-            return self._sync_atomic()
-
-        return self._sync_docker()
-
-    def _sync_atomic(self):
-        self.temp_dir = tempfile.mkdtemp()
-        temp_dir_mount = tempfile.mkdtemp()
-        try:
-            image_spec = self.image
-            rc, stdout, stderr = self.module.run_command(['atomic', 'mount',
-                                                          '--storage', "ostree",
-                                                          image_spec, temp_dir_mount])
-            if rc:
-                raise BinarySyncError("Error mounting image. stdout=%s, stderr=%s" %
-                                      (stdout, stderr))
-            for i in ["openshift", "oc"]:
-                src_file = os.path.join(temp_dir_mount, "usr/bin", i)
-                shutil.copy(src_file, self.temp_dir)
-
-            self._sync_binaries()
-        finally:
-            self.module.run_command(['atomic', 'umount', temp_dir_mount])
-            shutil.rmtree(temp_dir_mount)
-            shutil.rmtree(self.temp_dir)
-
-    def _sync_docker(self):
-        container_name = "openshift-cli-%s" % random.randint(1, 100000)
-        rc, stdout, stderr = self.module.run_command(['docker', 'create', '--name',
-                                                      container_name, self.image])
-        if rc:
-            raise BinarySyncError("Error creating temporary docker container. stdout=%s, stderr=%s" %
-                                  (stdout, stderr))
-        self.output.append(stdout)
-        try:
-            self.temp_dir = tempfile.mkdtemp()
-            self.output.append("Using temp dir: %s" % self.temp_dir)
-
-            rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/openshift" % container_name,
-                                                          self.temp_dir])
-            if rc:
-                raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" %
-                                      (stdout, stderr))
-
-            rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/oc" % container_name,
-                                                          self.temp_dir])
-            if rc:
-                raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" %
-                                      (stdout, stderr))
-
-            self._sync_binaries()
-        finally:
-            shutil.rmtree(self.temp_dir)
-            self.module.run_command(['docker', 'rm', container_name])
-
-    def _sync_binaries(self):
-        self._sync_binary('openshift')
-
-        # In older versions, oc was a symlink to openshift:
-        if os.path.islink(os.path.join(self.temp_dir, 'oc')):
-            self._sync_symlink('oc', 'openshift')
-        else:
-            self._sync_binary('oc')
-
-        # Ensure correct symlinks created:
-        self._sync_symlink('kubectl', 'oc')
-
-        # Remove old oadm binary
-        if os.path.exists(os.path.join(self.bin_dir, 'oadm')):
-            os.remove(os.path.join(self.bin_dir, 'oadm'))
-
-    def _sync_symlink(self, binary_name, link_to):
-        """ Ensure the given binary name exists and links to the expected binary. """
-
-        # The symlink we are creating:
-        link_path = os.path.join(self.bin_dir, binary_name)
-
-        # The expected file we should be linking to:
-        link_dest = os.path.join(self.bin_dir, link_to)
-
-        if not os.path.exists(link_path) or \
-                not os.path.islink(link_path) or \
-                os.path.realpath(link_path) != os.path.realpath(link_dest):
-            if os.path.exists(link_path):
-                os.remove(link_path)
-            os.symlink(link_to, os.path.join(self.bin_dir, binary_name))
-            self.output.append("Symlinked %s to %s." % (link_path, link_dest))
-            self.changed = True
-
-    def _sync_binary(self, binary_name):
-        src_path = os.path.join(self.temp_dir, binary_name)
-        dest_path = os.path.join(self.bin_dir, binary_name)
-        incoming_checksum = self.module.run_command(['sha256sum', src_path])[1]
-        if not os.path.exists(dest_path) or self.module.run_command(['sha256sum', dest_path])[1] != incoming_checksum:
-
-            # See: https://github.com/openshift/openshift-ansible/issues/4965
-            if os.path.islink(dest_path):
-                os.unlink(dest_path)
-                self.output.append('Removed old symlink {} before copying binary.'.format(dest_path))
-            shutil.move(src_path, dest_path)
-            self.output.append("Moved %s to %s." % (src_path, dest_path))
-            self.changed = True
-
-    @property
-    def raw_image(self):
-        """
-        Returns the image as it was originally passed in to the instance.
-
-        .. note::
-           This image string will only work directly with the atomic command.
-
-        :returns: The original image passed in.
-        :rtype: str
-        """
-        return self._image
-
-    @property
-    def image(self):
-        """
-        Returns the image without atomic prefixes used to map to skopeo args.
-
-        :returns: The image string without prefixes
-        :rtype: str
-        """
-        image = self._image
-        for remove in ('oci:', 'http:', 'https:'):
-            if image.startswith(remove):
-                image = image.replace(remove, '')
-        return image
-
-
-def main():
-    module = AnsibleModule(  # noqa: F405
-        argument_spec=dict(
-            image=dict(required=True),
-            backend=dict(required=True),
-        ),
-        supports_check_mode=True
-    )
-
-    image = module.params['image']
-    backend = module.params['backend']
-
-    if backend not in ["docker", "atomic"]:
-        module.fail_json(msg="unknown backend")
-
-    binary_syncer = BinarySyncer(module, image, backend)
-
-    try:
-        binary_syncer.sync()
-    except BinarySyncError as ex:
-        module.fail_json(msg=ex.msg)
-
-    return module.exit_json(changed=binary_syncer.changed,
-                            output=binary_syncer.output)
-
-
-if __name__ == '__main__':
-    main()

roles/nickhammond.logrotate/tasks/main.yml

@@ -3,7 +3,6 @@
   package:
     name: logrotate
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/nuage_ca/tasks/main.yaml

@@ -3,7 +3,6 @@
   package:
     name: openssl
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/nuage_common/tasks/main.yml

@@ -1,19 +1,4 @@
 ---
-- name: Set the Nuage plugin openshift directory fact to handle Atomic host install
-  set_fact:
-    nuage_node_plugin_dir: /var/usr/share/vsp-openshift
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage CNI network config directory fact to handle Atomic host install
-  set_fact:
-    nuage_node_cni_netconf_dir: /var/etc/cni/net.d/
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage CNI binary directory fact to handle Atomic host install
-  set_fact:
-    nuage_node_cni_bin_dir: /var/opt/cni/bin/
-  when: openshift_is_atomic | bool
-
 - name: Assure CNI plugin config dir exists before daemon set install
   become: yes
   file: path="{{ nuage_node_plugin_dir }}" state=directory

roles/nuage_master/tasks/main.yaml

@@ -2,26 +2,6 @@
 - name: setup firewall
   import_tasks: firewall.yml
 
-- name: Set the Nuage certificate directory fact for Atomic hosts
-  set_fact:
-    cert_output_dir: /var/usr/share/nuage-openshift-monitor
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage kubeconfig file path fact for Atomic hosts
-  set_fact:
-    kube_config: /var/usr/share/nuage-openshift-monitor/nuage.kubeconfig
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage monitor yaml location fact for Atomic hosts
-  set_fact:
-    kubemon_yaml: /var/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage monitor certs location fact for Atomic hosts
-  set_fact:
-    nuage_master_crt_dir: /var/usr/share/nuage-openshift-monitor/
-  when: openshift_is_atomic | bool
-
 - name: Set the Nuage master config directory for daemon sets install
   set_fact:
     nuage_master_config_dsets_mount_dir: /var/usr/share/
@@ -32,36 +12,11 @@
     nuage_node_config_dsets_mount_dir: /var/usr/share/
   when: slave_host_type == "is_atomic"
 
-- name: Set the Nuage CNI plugin binary directory for daemon sets install
-  set_fact:
-    nuage_cni_bin_dsets_mount_dir: /var/opt/cni/bin
-  when: openshift_is_atomic | bool
-
 - name: Set the Nuage VRS mount dir for daemon sets install
   set_fact:
     nuage_vrs_mount_dir: /etc/default
   when: nuage_personality == "evdf"
 
-- name: Create directory /usr/share/nuage-openshift-monitor
-  become: yes
-  file: path=/usr/share/nuage-openshift-monitor state=directory
-  when: not openshift_is_atomic | bool
-
-- name: Create directory /var/usr/share/nuage-openshift-monitor
-  become: yes
-  file: path=/var/usr/share/nuage-openshift-monitor state=directory
-  when: openshift_is_atomic | bool
-
-- name: Create directory /var/usr/bin for monitor binary on atomic
-  become: yes
-  file: path=/var/usr/bin state=directory
-  when: openshift_is_atomic | bool
-
-- name: Create CNI bin directory /var/opt/cni/bin
-  become: yes
-  file: path=/var/opt/cni/bin state=directory
-  when: openshift_is_atomic | bool
-
 - name: Create the log directory
   become: yes
   file: path={{ nuage_mon_rest_server_logdir }} state=directory

roles/nuage_node/tasks/main.yaml

@@ -1,19 +1,4 @@
 ---
-- name: Set the Nuage plugin openshift directory fact for Atomic hosts
-  set_fact:
-    vsp_openshift_dir: /var/usr/share/vsp-openshift
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage CNI binary directory fact for Atomic hosts
-  set_fact:
-    cni_bin_dir: /var/opt/cni/bin/
-  when: openshift_is_atomic | bool
-
-- name: Set the Nuage plugin certs directory fact for Atomic hosts
-  set_fact:
-    nuage_plugin_crt_dir: /var/usr/share/vsp-openshift
-  when: openshift_is_atomic | bool
-
 - name: Assure CNI conf dir exists
   become: yes
   file: path="{{ cni_conf_dir }}" state=directory
@@ -33,11 +18,6 @@
 
 - include_tasks: certificates.yml
 
-- name: Add additional Docker mounts for Nuage for atomic hosts
-  become: yes
-  lineinfile: dest="{{ openshift_atomic_node_config_file }}" line="{{ nuage_atomic_docker_additional_mounts }}"
-  when: openshift_is_atomic | bool
-
 - name: Restart node services
   command: /bin/true
   notify:

roles/openshift_ca/tasks/main.yml

@@ -7,7 +7,6 @@
   package:
     name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
     state: present
-  when: not hostvars[openshift_ca_host].openshift_is_atomic | bool
   register: install_result
   until: install_result is succeeded
   delegate_to: "{{ openshift_ca_host }}"

roles/openshift_cli/defaults/main.yml

@@ -1,2 +1 @@
 ---
-l_openshift_cli_image_backend: "{{ (openshift_use_crio_only | bool) | ternary('atomic', 'docker') }}"

roles/openshift_cli/tasks/main.yml

@@ -3,34 +3,18 @@
   package:
     name: "{{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }}"
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 
 - block:
-  - name: Pull CLI Image (docker)
+  - name: Pull CLI Image
     docker_image:
       name: "{{ openshift_cli_image }}"
     when: not openshift_use_crio_only | bool
 
-  - name: Pull CLI Image (atomic)
-    command: >
-      atomic pull --storage ostree {{ system_openshift_cli_image }}
-    register: pull_result
-    changed_when: "'Pulling layer' in pull_result.stdout"
-    when: openshift_use_crio_only | bool
-
-  # openshift_container_binary_sync is a custom module in lib_utils
-  - name: Copy client binaries/symlinks out of CLI image for use on the host
-    openshift_container_binary_sync:
-      image: "{{ openshift_cli_image }}"
-      backend: "{{ l_openshift_cli_image_backend }}"
-  when: openshift_is_atomic | bool
-
 - name: Install bash completion for oc tools
   package:
     name: bash-completion
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded

roles/openshift_control_plane/tasks/htpass_provider.yml

@@ -5,7 +5,6 @@
     state: present
   when:
   - item.kind == 'HTPasswdPasswordIdentityProvider'
-  - not openshift_is_atomic | bool
   with_items: "{{ openshift_master_identity_providers }}"
   register: result
   until: result is succeeded

roles/openshift_control_plane/tasks/main.yml

@@ -38,19 +38,11 @@
     src: "recycler_pod.yaml.j2"
     dest: "/etc/origin/master/recycler_pod.yaml"
 
-- name: Create flexvolume directory when on atomic hosts
-  file:
-    state: directory
-    path: "/etc/origin/kubelet-plugins/volume/exec"
-    mode: '0750'
-  when: openshift_is_atomic | bool
-
-- name: Flex volume directory on non-atomic host
+- name: Create flex volume directory on host
   file:
     state: directory
     path: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/"
     mode: '0750'
-  when: not openshift_is_atomic | bool
 
 - name: Create the policy file if it does not already exist
   command: >

roles/openshift_control_plane/tasks/static.yml

@@ -45,16 +45,6 @@
     - key: spec.containers[0].readinessProbe.httpGet.port
       value: "{{ openshift_master_api_port }}"
 
-- name: Update controller-manager static pod on atomic host
-  yedit:
-    src: "{{ mktemp.stdout }}/controller.yaml"
-    edits:
-    - key: spec.volumes[3].hostPath.path
-      value: "/etc/origin/kubelet-plugins"
-    - key: spec.containers[0].volumeMounts[3].mountPath
-      value: "/etc/origin/kubelet-plugins"
-  when: openshift_is_atomic | bool
-
 - name: ensure pod location exists
   file:
     path: "{{ openshift_control_plane_static_pod_location }}"

roles/openshift_control_plane/templates/master.yaml.v1.j2

@@ -87,10 +87,6 @@ kubernetesMasterConfig:
     - "/etc/origin/master/recycler_pod.yaml"
     pv-recycler-pod-template-filepath-hostpath:
     - "/etc/origin/master/recycler_pod.yaml"
-{% if openshift_is_atomic | bool %}
-    flex-volume-plugin-dir:
-    - "/etc/origin/kubelet-plugins/volume/exec"
-{% endif %}
 {% if openshift_master_use_persistentlocalvolumes | bool %}
     feature-gates:
     - PersistentLocalVolumes=true

roles/openshift_examples/defaults/main.yml

@@ -6,7 +6,7 @@ openshift_examples_load_db_templates: true
 openshift_examples_load_xpaas: "{{ openshift_deployment_type != 'origin' }}"
 openshift_examples_load_quickstarts: true
 
-examples_base: "{{ openshift.common.config_base if openshift_is_atomic | bool else '/usr/share/openshift' }}/examples"
+examples_base: "/usr/share/openshift/examples"
 image_streams_base: "{{ examples_base }}/image-streams"
 centos_image_streams:
   - "{{ image_streams_base }}/image-streams-centos7.json"

roles/openshift_excluder/tasks/exclude.yml

@@ -1,30 +1,28 @@
 ---
-- block:
-  - name: Check for docker-excluder
-    stat:
-      path: /sbin/{{ r_openshift_excluder_service_type }}-docker-excluder
-      get_checksum: false
-      get_attributes: false
-      get_mime: false
-    register: docker_excluder_stat
+- name: Check for docker-excluder
+  stat:
+    path: /sbin/{{ r_openshift_excluder_service_type }}-docker-excluder
+    get_checksum: false
+    get_attributes: false
+    get_mime: false
+  register: docker_excluder_stat
 
-  - name: Check for openshift excluder
-    stat:
-      path: /sbin/{{ r_openshift_excluder_service_type }}-excluder
-      get_checksum: false
-      get_attributes: false
-      get_mime: false
-    register: openshift_excluder_stat
+- name: Check for openshift excluder
+  stat:
+    path: /sbin/{{ r_openshift_excluder_service_type }}-excluder
+    get_checksum: false
+    get_attributes: false
+    get_mime: false
+  register: openshift_excluder_stat
 
-  - name: Enable docker excluder
-    command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder exclude"
-    when:
-    - r_openshift_excluder_enable_docker_excluder | bool
-    - docker_excluder_stat.stat.exists
+- name: Enable docker excluder
+  command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder exclude"
+  when:
+  - r_openshift_excluder_enable_docker_excluder | bool
+  - docker_excluder_stat.stat.exists
 
-  - name: Enable openshift excluder
-    command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder exclude"
-    when:
-    - r_openshift_excluder_enable_openshift_excluder | bool
-    - openshift_excluder_stat.stat.exists
-  when: not openshift_is_atomic | bool
+- name: Enable openshift excluder
+  command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder exclude"
+  when:
+  - r_openshift_excluder_enable_openshift_excluder | bool
+  - openshift_excluder_stat.stat.exists

roles/openshift_excluder/tasks/install.yml

@@ -1,7 +1,6 @@
 ---
 
 - when:
-  - not openshift_is_atomic | bool
   - r_openshift_excluder_install_ran is not defined
 
   block:

roles/openshift_excluder/tasks/main.yml

@@ -1,28 +1,23 @@
 ---
-- block:
+- name: Debug r_openshift_excluder_enable_docker_excluder
+  debug:
+    var: r_openshift_excluder_enable_docker_excluder
 
-  - name: Debug r_openshift_excluder_enable_docker_excluder
-    debug:
-      var: r_openshift_excluder_enable_docker_excluder
+- name: Debug r_openshift_excluder_enable_openshift_excluder
+  debug:
+    var: r_openshift_excluder_enable_openshift_excluder
 
-  - name: Debug r_openshift_excluder_enable_openshift_excluder
-    debug:
-      var: r_openshift_excluder_enable_openshift_excluder
-
-  - name: Fail if invalid openshift_excluder_action provided
-    fail:
-      msg: "openshift_excluder role can only be called with 'enable' or 'disable'"
-    when: r_openshift_excluder_action not in ['enable', 'disable']
-
-  - name: Fail if r_openshift_excluder_upgrade_target is not defined
-    fail:
-      msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades"
-    when:
-    - r_openshift_excluder_verify_upgrade | bool
-    - r_openshift_excluder_upgrade_target is not defined
-
-  - name: Include main action task file
-    include_tasks: "{{ r_openshift_excluder_action }}.yml"
+- name: Fail if invalid openshift_excluder_action provided
+  fail:
+    msg: "openshift_excluder role can only be called with 'enable' or 'disable'"
+  when: r_openshift_excluder_action not in ['enable', 'disable']
 
+- name: Fail if r_openshift_excluder_upgrade_target is not defined
+  fail:
+    msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades"
   when:
-  - not openshift_is_atomic
+  - r_openshift_excluder_verify_upgrade | bool
+  - r_openshift_excluder_upgrade_target is not defined
+
+- name: Include main action task file
+  include_tasks: "{{ r_openshift_excluder_action }}.yml"

roles/openshift_expand_partition/tasks/main.yml

@@ -3,17 +3,9 @@
   package:
     name: cloud-utils-growpart
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 
-- name: Determine if growpart is installed
-  command: "rpm -q cloud-utils-growpart"
-  register: has_growpart
-  failed_when: has_growpart.rc != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout
-  changed_when: false
-  when: openshift_is_atomic | bool
-
 - name: Grow the partitions
   command: "growpart {{oep_drive}} {{oep_partition}}"
 

roles/openshift_facts/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-openshift_client_binary: "{{ (openshift_is_atomic | bool) | ternary('/usr/local/bin/oc', 'oc') }}"
+openshift_client_binary: "oc"
 
 system_images_registry_dict:
   openshift-enterprise: "registry.redhat.io"

roles/openshift_health_checker/defaults/main.yml

@@ -9,9 +9,8 @@ l_node_image_list:
 - "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'deployer') }}"
 - "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'pod') }}"
 
-l_atomic_node_required_images: "{{ (openshift_is_atomic | bool) | ternary([osn_image], []) }}"
 l_etcd_required_images: "{{ (l_host_is_master and l_host_is_etcd) | ternary([etcd_image], []) }}"
 l_master_required_images: "{{ l_host_is_master | ternary([osm_image], []) }}"
 l_cockpit_images: "{{ (openshift_hosted_manage_registry_console | bool) | ternary([openshift_cockpit_deployer_image], []) }}"
 l_required_node_images: "{{ l_host_is_node | ternary(l_node_image_list, [])}}"
-openshift_health_check_required_images: "{{ [] + l_required_node_images + l_cockpit_images + l_master_required_images + l_etcd_required_images + l_atomic_node_required_images }}"
+openshift_health_check_required_images: "{{ [] + l_required_node_images + l_cockpit_images + l_master_required_images + l_etcd_required_images }}"

roles/openshift_health_checker/openshift_checks/disk_availability.py

@@ -20,13 +20,6 @@ class DiskAvailability(OpenShiftCheck):
             'oo_nodes_to_config': 15 * 10**9,
             'oo_etcd_to_config': 20 * 10**9,
         },
-        # Used to copy client binaries into,
-        # see roles/lib_utils/library/openshift_container_binary_sync.py.
-        '/usr/local/bin': {
-            'oo_masters_to_config': 1 * 10**9,
-            'oo_nodes_to_config': 1 * 10**9,
-            'oo_etcd_to_config': 1 * 10**9,
-        },
         # Used as temporary storage in several cases.
         tempfile.gettempdir(): {
             'oo_masters_to_config': 1 * 10**9,

roles/openshift_health_checker/openshift_checks/etcd_traffic.py

@@ -20,13 +20,10 @@ class EtcdTraffic(OpenShiftCheck):
         return super(EtcdTraffic, self).is_active() and valid_group_names and valid_version
 
     def run(self):
-        openshift_is_atomic = self.get_var("openshift_is_atomic")
-        unit = "etcd_container" if openshift_is_atomic else "etcd"
-
         log_matchers = [{
             "start_regexp": r"Starting Etcd Server",
             "regexp": r"etcd: sync duration of [^,]+, expected less than 1s",
-            "unit": unit
+            "unit": "etcd"
         }]
 
         match = self.execute_module("search_journalctl", {"log_matchers": log_matchers})

roles/openshift_health_checker/openshift_checks/mixins.py

@@ -3,17 +3,6 @@ Mixin classes meant to be used with subclasses of OpenShiftCheck.
 """
 
 
-class NotContainerizedMixin(object):
-    """Mixin for checks that are only active when not in containerized mode."""
-    # permanent # pylint: disable=too-few-public-methods
-    # Reason: The mixin is not intended to stand on its own as a class.
-
-    def is_active(self):
-        """Only run on non-containerized hosts."""
-        openshift_is_atomic = self.get_var("openshift_is_atomic")
-        return super(NotContainerizedMixin, self).is_active() and not openshift_is_atomic
-
-
 class DockerHostMixin(object):
     """Mixin for checks that are only active on hosts that require Docker."""
 
@@ -27,13 +16,9 @@ class DockerHostMixin(object):
 
     def ensure_dependencies(self):
         """
-        Ensure that docker-related packages exist, but not on atomic hosts
-        (which would not be able to install but should already have them).
+        Ensure that docker-related packages exist.
         Returns: msg, failed
         """
-        if self.get_var("openshift_is_atomic"):
-            return "", False
-
         # NOTE: we would use the "package" module but it's actually an action plugin
         # and it's not clear how to invoke one of those. This is about the same anyway:
         result = self.execute_module_with_retries(

roles/openshift_health_checker/openshift_checks/package_availability.py

@@ -1,10 +1,9 @@
 """Check that required RPM packages are available."""
 
 from openshift_checks import OpenShiftCheck
-from openshift_checks.mixins import NotContainerizedMixin
 
 
-class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
+class PackageAvailability(OpenShiftCheck):
     """Check that required RPM packages are available."""
 
     name = "package_availability"

roles/openshift_health_checker/openshift_checks/package_update.py

@@ -1,9 +1,8 @@
 """Check that a yum update would not run into conflicts with available packages."""
 from openshift_checks import OpenShiftCheck
-from openshift_checks.mixins import NotContainerizedMixin
 
 
-class PackageUpdate(NotContainerizedMixin, OpenShiftCheck):
+class PackageUpdate(OpenShiftCheck):
     """Check that a yum update would not run into conflicts with available packages."""
 
     name = "package_update"

roles/openshift_health_checker/openshift_checks/package_version.py

@@ -1,10 +1,9 @@
 """Check that available RPM packages match the required versions."""
 
 from openshift_checks import OpenShiftCheck
-from openshift_checks.mixins import NotContainerizedMixin
 
 
-class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
+class PackageVersion(OpenShiftCheck):
     """Check that available RPM packages match the required versions."""
 
     name = "package_version"

roles/openshift_health_checker/test/docker_storage_test.py

@@ -4,23 +4,18 @@ from openshift_checks import OpenShiftCheckException
 from openshift_checks.docker_storage import DockerStorage
 
 
-@pytest.mark.parametrize('openshift_is_atomic, group_names, is_active', [
-    (False, ["oo_masters_to_config", "oo_etcd_to_config"], False),
-    (False, ["oo_masters_to_config", "oo_nodes_to_config"], True),
-    (True, ["oo_etcd_to_config"], False),
+@pytest.mark.parametrize('group_names, is_active', [
+    (["oo_masters_to_config", "oo_etcd_to_config"], False),
+    (["oo_masters_to_config", "oo_nodes_to_config"], True),
+    (["oo_etcd_to_config"], False),
 ])
-def test_is_active(openshift_is_atomic, group_names, is_active):
+def test_is_active(group_names, is_active):
     task_vars = dict(
-        openshift_is_atomic=openshift_is_atomic,
         group_names=group_names,
     )
     assert DockerStorage(None, task_vars).is_active() == is_active
 
 
-def non_atomic_task_vars():
-    return {"openshift_is_atomic": False}
-
-
 @pytest.mark.parametrize('docker_info, failed, expect_msg', [
     (
         dict(failed=True, msg="Error connecting: Error while fetching server API version"),
@@ -100,7 +95,7 @@ def test_check_storage_driver(docker_info, failed, expect_msg):
             raise ValueError("not expecting module " + module_name)
         return docker_info
 
-    check = DockerStorage(execute_module, non_atomic_task_vars())
+    check = DockerStorage(execute_module, {})
     check.check_dm_usage = lambda status: dict()  # stub out for this test
     check.check_overlay_usage = lambda info: dict()  # stub out for this test
     result = check.run()
@@ -292,7 +287,7 @@ ansible_mounts_zero_size = [{
     ),
 ])
 def test_overlay_usage(ansible_mounts, threshold, expect_fail, expect_msg):
-    task_vars = non_atomic_task_vars()
+    task_vars = {}
     task_vars["ansible_mounts"] = ansible_mounts
     if threshold is not None:
         task_vars["max_overlay_usage_percent"] = threshold

roles/openshift_health_checker/test/etcd_traffic_test.py

@@ -36,7 +36,6 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words)
 
     task_vars = dict(
         group_names=group_names,
-        openshift_is_atomic=False,
         openshift_service_type="origin"
     )
 
@@ -46,24 +45,3 @@ def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words)
         assert word in result.get("msg", "")
 
     assert result.get("failed", False) == failed
-
-
-@pytest.mark.parametrize('openshift_is_atomic,expected_unit_value', [
-    (False, "etcd"),
-    (True, "etcd_container"),
-])
-def test_systemd_unit_matches_deployment_type(openshift_is_atomic, expected_unit_value):
-    task_vars = dict(
-        openshift_is_atomic=openshift_is_atomic
-    )
-
-    def execute_module(module_name, args, *_):
-        assert module_name == "search_journalctl"
-        matchers = args["log_matchers"]
-
-        for matcher in matchers:
-            assert matcher["unit"] == expected_unit_value
-
-        return {"failed": False}
-
-    EtcdTraffic(execute_module, task_vars).run()

roles/openshift_health_checker/test/mixins_test.py

@@ -1,23 +0,0 @@
-import pytest
-
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException
-from openshift_checks.mixins import NotContainerizedMixin
-
-
-class NotContainerizedCheck(NotContainerizedMixin, OpenShiftCheck):
-    name = "not_containerized"
-    run = NotImplemented
-
-
-@pytest.mark.parametrize('task_vars,expected', [
-    (dict(openshift_is_atomic=False), True),
-    (dict(openshift_is_atomic=True), False),
-])
-def test_is_active(task_vars, expected):
-    assert NotContainerizedCheck(None, task_vars).is_active() == expected
-
-
-def test_is_active_missing_task_vars():
-    with pytest.raises(OpenShiftCheckException) as excinfo:
-        NotContainerizedCheck().is_active()
-    assert 'openshift_is_atomic' in str(excinfo.value)

roles/openshift_health_checker/test/package_availability_test.py

@@ -3,16 +3,13 @@ import pytest
 from openshift_checks.package_availability import PackageAvailability
 
 
-@pytest.mark.parametrize('pkg_mgr,openshift_is_atomic,is_active', [
-    ('yum', False, True),
-    ('yum', True, False),
-    ('dnf', True, False),
-    ('dnf', False, False),
+@pytest.mark.parametrize('pkg_mgr,is_active', [
+    ('yum', True),
+    ('dnf', False),
 ])
-def test_is_active(pkg_mgr, openshift_is_atomic, is_active):
+def test_is_active(pkg_mgr, is_active):
     task_vars = dict(
         ansible_pkg_mgr=pkg_mgr,
-        openshift_is_atomic=openshift_is_atomic,
     )
     assert PackageAvailability(None, task_vars).is_active() == is_active
 

roles/openshift_health_checker/test/package_version_test.py

@@ -45,21 +45,18 @@ def test_package_version(openshift_release):
     assert result == return_value
 
 
-@pytest.mark.parametrize('group_names,openshift_is_atomic,is_active', [
-    (['oo_masters_to_config'], False, True),
-    # ensure check is skipped on containerized installs
-    (['oo_masters_to_config'], True, False),
-    (['oo_nodes_to_config'], False, True),
-    (['oo_masters_to_config', 'oo_nodes_to_config'], False, True),
-    (['oo_masters_to_config', 'oo_etcd_to_config'], False, True),
-    ([], False, False),
-    (['oo_etcd_to_config'], False, False),
-    (['lb'], False, False),
-    (['nfs'], False, False),
+@pytest.mark.parametrize('group_names,is_active', [
+    (['oo_masters_to_config'], True),
+    (['oo_nodes_to_config'], True),
+    (['oo_masters_to_config', 'oo_nodes_to_config'], True),
+    (['oo_masters_to_config', 'oo_etcd_to_config'], True),
+    ([], False),
+    (['oo_etcd_to_config'], False),
+    (['lb'], False),
+    (['nfs'], False),
 ])
-def test_package_version_skip_when_not_master_nor_node(group_names, openshift_is_atomic, is_active):
+def test_package_version_skip_when_not_master_nor_node(group_names, is_active):
     task_vars = dict(
         group_names=group_names,
-        openshift_is_atomic=openshift_is_atomic,
     )
     assert PackageVersion(None, task_vars).is_active() == is_active

roles/openshift_health_checker/test/sdn_tests.py

@@ -227,6 +227,5 @@ def test_no_nodes():
 def test_sdn_skip_when_not_master_nor_node(group_names, expected):
     task_vars = dict(
         group_names=group_names,
-        openshift_is_atomic=True,
     )
     assert SDNCheck(None, task_vars).is_active() == expected

roles/openshift_loadbalancer/tasks/main.yml

@@ -1,9 +1,4 @@
 ---
-- name: Fail if atomic
-  fail:
-    msg: "Load balancers on atomic host are no longer supported"
-  when: openshift_is_atomic
-
 - name: setup firewall
   import_tasks: firewall.yml
 

roles/openshift_loadbalancer/templates/haproxy.cfg.j2

@@ -3,9 +3,6 @@
 global
     maxconn     {{ openshift_loadbalancer_global_maxconn | default(20000) }}
     log         /dev/log local0 info
-{% if openshift_is_atomic | bool %}
-    stats socket /var/lib/haproxy/run/haproxy.sock mode 600 level admin
-{% else %}
     chroot      /var/lib/haproxy
     pidfile     /var/run/haproxy.pid
     user        haproxy
@@ -14,7 +11,6 @@ global
 
     # turn on stats unix socket
     stats socket /var/lib/haproxy/stats
-{% endif %}
 
 #---------------------------------------------------------------------
 # common defaults that all the 'listen' and 'backend' sections will

roles/openshift_manage_node/tasks/main.yml

@@ -1,27 +1,4 @@
 ---
-# Necessary because when you're on a node that's also a master the master will be
-# restarted after the node restarts docker and it will take up to 60 seconds for
-# systemd to start the master again
-- name: Wait for master API to become available before proceeding
-  # Using curl here since the uri module requires python-httplib2 and
-  # wait_for port doesn't provide health information.
-  command: >
-    curl --silent --tlsv1.2 --max-time 2
-    --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
-    {{ openshift_node_master_api_url }}/healthz/ready
-  args:
-    # Disables the following warning:
-    # Consider using get_url or uri module rather than running curl
-    warn: no
-  register: api_available_output
-  until: api_available_output.stdout == 'ok'
-  retries: 120
-  delay: 1
-  changed_when: false
-  when: openshift_is_atomic | bool
-  delegate_to: "{{ openshift_master_host }}"
-  run_once: true
-
 - name: Wait for Node Registration
   oc_obj:
     name: "{{ l_kubelet_node_name | lower }}"

roles/openshift_node/defaults/main.yml

@@ -101,7 +101,6 @@ r_openshift_node_os_firewall_allow: "{{ default_r_openshift_node_os_firewall_all
 
 # oreg_url is defined by user input
 oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
-l_bind_docker_reg_auth: False
 
 openshift_docker_service_name: "docker"
 

roles/openshift_node/tasks/bootstrap.yml

@@ -1,7 +1,6 @@
 ---
 - name: include package installs
   import_tasks: install_rpms.yml
-  when: not (openshift_is_atomic | default(False) | bool)
 
 - name: create the directory for node
   file:

roles/openshift_node/tasks/config.yml

@@ -16,13 +16,6 @@
     state: directory
     mode: 0755
 
-- name: Create flexvolume directory when running on atomic
-  file:
-    state: directory
-    path: "/etc/origin/kubelet-plugins/volume/exec"
-    mode: '0750'
-  when: openshift_is_atomic | bool
-
 - name: include aws provider credentials
   import_tasks: aws.yml
   when: not (openshift_node_use_instance_profiles | default(False))

roles/openshift_node/tasks/copy_image_to_ostree.yml

@@ -1,9 +0,0 @@
----
-- name: Copy node container image to ostree storage
-  command: >
-    atomic pull --storage=ostree docker:{{ osn_image }}
-  register: pull_result
-  retries: 3
-  delay: 5
-  until: pull_result.rc == 0
-  changed_when: "'Pulling layer' in pull_result.stdout"

roles/openshift_node/tasks/dnsmasq_install.yml

@@ -16,7 +16,6 @@
     state: present
   register: result
   until: result is succeeded
-  when: not openshift_is_atomic | bool
 
 - name: ensure origin/node directory exists
   file:

roles/openshift_node/tasks/glusterfs.yml

@@ -3,7 +3,6 @@
   package:
     name: glusterfs-fuse
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/openshift_node/tasks/install.yml

@@ -10,5 +10,3 @@
     - "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
     - "{{ openshift_service_type }}-clients{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
     - conntrack-tools
-  when:
-  - not openshift_is_atomic | bool

roles/openshift_node/tasks/install_rpms.yml

@@ -5,4 +5,3 @@
     state: present
   register: result
   until: result is succeeded
-  when: not (openshift_is_atomic | default(False) | bool)

roles/openshift_node/tasks/main.yml

@@ -61,9 +61,6 @@
 
 - import_tasks: prepull_check.yml
 
-- import_tasks: copy_image_to_ostree.yml
-  when: openshift_is_atomic | bool
-
 - name: include standard node config
   import_tasks: config.yml
 

roles/openshift_node/tasks/node_system_container.yml

@@ -1,27 +0,0 @@
----
-# system containers create their own service unit files based on templates
-# that are part of the container image.
-# oc_atomic_container will create a systemd service unit file in
-# /etc/systemd/system/origin-node.service (origin) or
-# /etc/systemd/system/atomic-openshift-node.service (enterprise)
-
-# TODO: remove when system container is fixed to not include it
-- name: Ensure old system path is set
-  file:
-    state: directory
-    path: "{{ item }}"
-    mode: '0750'
-  with_items:
-  - "/etc/origin/openvswitch"
-  - "/var/lib/kubelet"
-  - "/opt/cni/bin"
-
-- import_tasks: node_system_container_install.yml
-
-# TODO: network manager on RHEL is failing to execute 99-origin-dns.sh with signal 13, an immediate
-# restart seems to allow the job to configure. Only occurs with system containers.
-- name: Restart network manager to ensure networking configuration is in place
-  systemd:
-    name: NetworkManager
-    enabled: yes
-    state: restarted

roles/openshift_node/tasks/node_system_container_install.yml

@@ -1,28 +0,0 @@
----
-- name: Install or Update node system container
-  oc_atomic_container:
-    name: "{{ openshift_service_type }}-node"
-    image: "{{ system_osn_image }}"
-    values:
-    - "DNS_DOMAIN={{ openshift.common.dns_domain }}"
-    - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service"
-    - 'ADDTL_MOUNTS={{ l_node_syscon_add_mounts2 }}'
-    state: latest
-  vars:
-    # We need to evaluate some variables here to ensure
-    # l_bind_docker_reg_auth is evaluated after registry_auth.yml has been
-    # processed.
-
-    # Determine if we want to include auth credentials mount.
-    l_node_syscon_auth_mounts_l: "{{ l_bind_docker_reg_auth | ternary(openshift_node_syscon_auth_mounts_l,[]) }}"
-
-    # Join any user-provided mounts and auth_mounts into a combined list.
-    l_node_syscon_add_mounts_l: "{{ openshift_node_syscon_add_mounts_l | union(l_node_syscon_auth_mounts_l) }}"
-
-    # We must prepend a ',' here to ensure the value is inserted properly into an
-    # existing json list in the container's config.json
-    # lib_utils_oo_l_of_d_to_csv is a custom filter plugin in roles/lib_utils/oo_filters.py
-    l_node_syscon_add_mounts: ",{{ l_node_syscon_add_mounts_l | lib_utils_oo_l_of_d_to_csv }}"
-    # if we have just a ',' then both mount lists were empty, we don't want to add
-    # anything to config.json
-    l_node_syscon_add_mounts2: "{{ (l_node_syscon_add_mounts != ',') | bool | ternary(l_node_syscon_add_mounts,'') }}"

roles/openshift_node/tasks/prepull_check.yml

@@ -6,7 +6,6 @@
   until: job_result.finished
   when:
   - node_image.stdout_lines == []
-  - not openshift_is_atomic | bool
   retries: 20
   delay: 30
   failed_when: false

roles/openshift_node/tasks/registry_auth.yml

@@ -49,11 +49,3 @@
   until: node_additional_registry_creds is succeeded
   with_items:
     "{{ openshift_additional_registry_credentials }}"
-
-# Container images may need the registry credentials
-- name: Setup ro mount of /root/.docker for containerized hosts
-  set_fact:
-    l_bind_docker_reg_auth: True
-  when:
-    - openshift_is_atomic | bool
-    - oreg_auth_user is defined or openshift_additional_registry_credentials != [] or ('stat' in node_oreg_auth_credentials_stat and node_oreg_auth_credentials_stat.stat.exists)

roles/openshift_node/tasks/storage_plugins/ceph.yml

@@ -3,6 +3,5 @@
   package:
     name: ceph-common
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded

roles/openshift_node/tasks/storage_plugins/iscsi.yml

@@ -3,7 +3,6 @@
   package:
     name: "{{ pkg_list | join(',') }}"
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
   vars:
@@ -16,7 +15,6 @@
     name: "{{ item }}"
     state: started
     enabled: True
-  when: not openshift_is_atomic | bool
   with_items:
     - multipathd
     - rpcbind
@@ -27,9 +25,7 @@
     dest: "/etc/multipath.conf"
     src: multipath.conf.j2
     backup: true
-  when: not openshift_is_atomic | bool
 
 #enable multipath
 - name: Enable and start multipath
   command: "mpathconf --enable --with_multipathd y"
-  when: not openshift_is_atomic | bool

roles/openshift_node/tasks/storage_plugins/nfs.yml

@@ -3,7 +3,6 @@
   package:
     name: nfs-utils
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/openshift_node/tasks/systemd_units.yml

@@ -9,13 +9,8 @@
   template:
     dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service"
     src: "node.service.j2"
-  when: not openshift_is_atomic | bool
   notify:
   - reload systemd units
 
-- name: Install node system container
-  import_tasks: node_system_container.yml
-  when: openshift_is_atomic | bool
-
 - import_tasks: config/configure-node-settings.yml
 - import_tasks: configure-proxy-settings.yml

roles/openshift_node/tasks/upgrade.yml

@@ -1,7 +1,6 @@
 ---
 # input variables:
 # - l_docker_upgrade
-# - openshift_is_atomic
 # - node_config_hook
 # - openshift_pkg_version
 
@@ -51,7 +50,6 @@
 
 - name: install pre-pulled rpms.
   import_tasks: upgrade/rpm_upgrade_install.yml
-  when: not openshift_is_atomic | bool
 
 # TODO(michaelgugino): Remove in 3.12
 - import_tasks: selinux_container_cgroup.yml

roles/openshift_node/tasks/upgrade/rpm_upgrade.yml

@@ -3,7 +3,6 @@
 # - openshift_service_type
 # - component
 # - openshift_pkg_version
-# - openshift_is_atomic
 
 # When we update package "a-${version}" and a requires b >= ${version} if we
 # don't specify the version of b yum will choose the latest version of b

roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml

@@ -3,7 +3,6 @@
 # - openshift_service_type
 # - component
 # - openshift_pkg_version
-# - openshift_is_atomic
 
 # When we update package "a-${version}" and a requires b >= ${version} if we
 # don't specify the version of b yum will choose the latest version of b

roles/openshift_node/tasks/upgrade_pre.yml

@@ -14,7 +14,6 @@
   command: "{{ ansible_pkg_mgr }} makecache"
   register: result
   until: result is succeeded
-  when: not openshift_is_atomic | bool
 
 # Prepull the rpms for docker upgrade, but don't install
 - name: download docker upgrade rpm
@@ -37,9 +36,5 @@
     - "cri-tools"
 
 - import_tasks: upgrade/rpm_upgrade.yml
-  when: not openshift_is_atomic | bool
 
 - import_tasks: prepull_check.yml
-
-- import_tasks: copy_image_to_ostree.yml
-  when: openshift_is_atomic | bool

roles/openshift_node_group/templates/node-config.yaml.j2

@@ -20,10 +20,6 @@ imageConfig:
   latest: false
 iptablesSyncPeriod: "{{ openshift_node_iptables_sync_period }}"
 kubeletArguments:
-{% if openshift_is_atomic | bool %}
-  volume-plugin-dir:
-  - "/etc/origin/kubelet-plugins/volume/exec"
-{% endif %}
 {% if openshift_use_crio | bool %}
   container-runtime:
   - remote

roles/openshift_repos/tasks/main.yaml

@@ -1,63 +1,61 @@
 ---
 
-- when: not (openshift_is_atomic | default(False))
+# TODO: This needs to be removed and placed into a role
+- name: Ensure libselinux-python is installed
+  package:
+    name: libselinux-python
+    state: present
+  register: result
+  until: result is succeeded
+
+- name: Remove openshift_additional.repo file
+  file:
+    dest: /etc/yum.repos.d/openshift_additional.repo
+    state: absent
+
+- name: Create any additional repos that are defined
+  yum_repository:
+    description: "{{ item.description | default(item.name | default(item.id)) }}"
+    name: "{{ item.name | default(item.id) }}"
+    baseurl: "{{ item.baseurl }}"
+    gpgkey: "{{ item.gpgkey | default(omit)}}"
+    gpgcheck: "{{ item.gpgcheck | default(1) }}"
+    sslverify: "{{ item.sslverify | default(1) }}"
+    sslclientkey: "{{ item.sslclientkey | default(omit) }}"
+    sslclientcert: "{{ item.sslclientcert | default(omit) }}"
+    sslcacert: "{{ item.sslcacert | default(omit) }}"
+    file: "{{ item.name }}"
+    enabled: "{{ item.enabled | default('no')}}"
+  with_items: "{{ openshift_additional_repos }}"
+  when: openshift_additional_repos | length > 0
+  notify: refresh cache
+
+# Singleton block
+- when: r_openshift_repos_has_run is not defined
   block:
-  # TODO: This needs to be removed and placed into a role
-  - name: Ensure libselinux-python is installed
-    package:
-      name: libselinux-python
-      state: present
-    register: result
-    until: result is succeeded
 
-  - name: Remove openshift_additional.repo file
-    file:
-      dest: /etc/yum.repos.d/openshift_additional.repo
-      state: absent
-
-  - name: Create any additional repos that are defined
-    yum_repository:
-      description: "{{ item.description | default(item.name | default(item.id)) }}"
-      name: "{{ item.name | default(item.id) }}"
-      baseurl: "{{ item.baseurl }}"
-      gpgkey: "{{ item.gpgkey | default(omit)}}"
-      gpgcheck: "{{ item.gpgcheck | default(1) }}"
-      sslverify: "{{ item.sslverify | default(1) }}"
-      sslclientkey: "{{ item.sslclientkey | default(omit) }}"
-      sslclientcert: "{{ item.sslclientcert | default(omit) }}"
-      sslcacert: "{{ item.sslcacert | default(omit) }}"
-      file: "{{ item.name }}"
-      enabled: "{{ item.enabled | default('no')}}"
-    with_items: "{{ openshift_additional_repos }}"
-    when: openshift_additional_repos | length > 0
+  - include_tasks: rhel_repos.yml
+    when:
+    - ansible_distribution == 'RedHat'
+    - openshift_deployment_type == 'openshift-enterprise'
+    - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined)
+
+  - include_tasks: centos_repos.yml
+    when:
+    - ansible_os_family == "RedHat"
+    - ansible_distribution != "Fedora"
+    - openshift_deployment_type == 'origin'
+    - openshift_enable_origin_repo | default(true) | bool
+
+  - name: Ensure clean repo cache in the event repos have been changed manually
+    debug:
+      msg: "First run of openshift_repos"
+    changed_when: true
     notify: refresh cache
 
-  # Singleton block
-  - when: r_openshift_repos_has_run is not defined
-    block:
-
-    - include_tasks: rhel_repos.yml
-      when:
-      - ansible_distribution == 'RedHat'
-      - openshift_deployment_type == 'openshift-enterprise'
-      - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined)
-
-    - include_tasks: centos_repos.yml
-      when:
-      - ansible_os_family == "RedHat"
-      - ansible_distribution != "Fedora"
-      - openshift_deployment_type == 'origin'
-      - openshift_enable_origin_repo | default(true) | bool
-
-    - name: Ensure clean repo cache in the event repos have been changed manually
-      debug:
-        msg: "First run of openshift_repos"
-      changed_when: true
-      notify: refresh cache
-
-    - name: Record that openshift_repos already ran
-      set_fact:
-        r_openshift_repos_has_run: True
+  - name: Record that openshift_repos already ran
+    set_fact:
+      r_openshift_repos_has_run: True
 
   # Force running ALL handlers now, because we expect repo cache to be cleared
   # if changes have been made.

roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml

@@ -4,7 +4,6 @@
     name: heketi-client
     state: present
   when:
-  - not openshift_is_atomic | bool
   - not glusterfs_heketi_is_native | bool
   register: result
   until: result is succeeded

roles/openshift_storage_glusterfs/tasks/glusterfs_uninstall.yml

@@ -140,7 +140,6 @@
   with_items: "{{ glusterfs_nodes | default([]) }}"
   when:
   - not glusterfs_is_native | bool
-  - not openshift_is_atomic | bool
 
 - name: Get GlusterFS storage devices state
   command: "pvdisplay -C --noheadings -o pv_name,vg_name {% for device in hostvars[item].glusterfs_devices %}{{ device }} {% endfor %}"

roles/openshift_storage_glusterfs/tasks/kernel_modules.yml

@@ -9,7 +9,6 @@
   shell: "dnf install kernel-modules-$(uname -r) -y"
   when:
   - ansible_distribution == "Fedora"
-  - not (openshift_is_atomic | bool)
 
 - name: load kernel modules
   systemd:

roles/openshift_storage_nfs_lvm/tasks/main.yml

@@ -1,9 +1,4 @@
 ---
-# TODO -- this may actually work on atomic hosts
-- fail:
-    msg: "openshift_storage_nfs_lvm is not compatible with atomic host"
-  when: openshift_is_atomic | bool
-
 - name: Create lvm volumes
   lvol: vg={{osnl_volume_group}} lv={{ item }} size={{osnl_volume_size}}G
   with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d

roles/openshift_storage_nfs_lvm/tasks/nfs.yml

@@ -3,7 +3,6 @@
   package:
     name: nfs-utils
     state: present
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/os_firewall/README.md

@@ -4,9 +4,6 @@ OS Firewall
 OS Firewall manages firewalld and iptables installation.
 case.
 
-Note: firewalld is not supported on Atomic Host
-https://bugzilla.redhat.com/show_bug.cgi?id=1403331
-
 Requirements
 ------------
 

roles/os_firewall/defaults/main.yml

@@ -1,5 +1,3 @@
 ---
 os_firewall_enabled: True
-# firewalld is not supported on Atomic Host
-# https://bugzilla.redhat.com/show_bug.cgi?id=1403331
 os_firewall_use_firewalld: False

roles/os_firewall/tasks/firewalld.yml

@@ -1,18 +1,10 @@
 ---
-- name: Fail - Firewalld is not supported on Atomic Host
-  fail:
-    msg: "Firewalld is not supported on Atomic Host"
-  when:
-    - openshift_is_atomic | bool
-    - not openshift_enable_unsupported_configurations | default(false)
-
 - name: Install firewalld packages
   package:
     name: firewalld
     state: present
   register: result
   until: result is succeeded
-  when: not openshift_is_atomic | bool
 
 - name: Ensure iptables services are not enabled
   systemd:

roles/os_firewall/tasks/iptables.yml

@@ -24,7 +24,6 @@
     pkg_list:
       - iptables
       - iptables-services
-  when: not openshift_is_atomic | bool
   register: result
   until: result is succeeded
 

roles/tuned/defaults/main.yml

@@ -3,3 +3,4 @@ tuned_etc_directory: '/etc/tuned'
 tuned_templates_source: '../templates'
 openshift_fs_inotify_max_user_watches: 65536
 openshift_fs_inotify_max_user_instances: 8192
+openshift_tuned_guest_profile: "virtual-guest"

roles/tuned/tasks/main.yml

@@ -9,10 +9,6 @@
 
 - name: Tuned service setup
   block:
-  - name: Set tuned OpenShift variables
-    set_fact:
-      openshift_tuned_guest_profile: "{{ 'atomic-guest' if openshift_is_atomic else 'virtual-guest' }}"
-
   - name: Ensure directory structure exists
     file:
       state: directory