Browse Source

Remove openshift_etcd_facts role

Much of openshift_etcd_facts currently conflicts
with values in etcd role.  This commit refactors
plays and roles to eliminate the need for
openshift_etcd_facts.
Michael Gugino 7 years ago
parent
commit
4953ab5b57

+ 0 - 1
playbooks/openshift-etcd/private/ca.yml

@@ -3,7 +3,6 @@
   hosts: oo_first_etcd
   roles:
   - role: openshift_clock
-  - role: openshift_etcd_facts
   tasks:
   - import_role:
       name: etcd

+ 0 - 1
playbooks/openshift-etcd/private/master_etcd_certificates.yml

@@ -3,7 +3,6 @@
   hosts: oo_masters_to_config
   any_errors_fatal: true
   roles:
-    - role: openshift_etcd_facts
     - role: openshift_etcd_client_certificates
       etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}"
       etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"

+ 4 - 25
playbooks/openshift-etcd/private/scaleup.yml

@@ -1,34 +1,12 @@
 ---
-- name: Gather facts
-  hosts: oo_etcd_to_config:oo_new_etcd_to_config
-  roles:
-  - openshift_etcd_facts
-  post_tasks:
-  - set_fact:
-      etcd_hostname: "{{ etcd_hostname }}"
-      etcd_ip: "{{ etcd_ip }}"
-
 - name: Configure etcd
   hosts: oo_new_etcd_to_config
   serial: 1
   any_errors_fatal: true
   pre_tasks:
-  - name: Add new etcd members to cluster
-    command: >
-      {{ r_etcd_common_etcdctl_command }}
-                       --cert-file {{ etcd_peer_cert_file }}
-                       --key-file {{ etcd_peer_key_file }}
-                       --ca-file {{ etcd_peer_ca_file }}
-                       -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }}
-                       member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}
-    delegate_to: "{{ etcd_ca_host }}"
-    failed_when:
-    - etcd_add_check.rc == 1
-    - ("peerURL exists" not in etcd_add_check.stderr)
-    register: etcd_add_check
-    retries: 3
-    delay: 10
-    until: etcd_add_check.rc == 0
+  - import_role:
+      name: etcd
+      tasks_from: add_new_member.yml
   - import_role:
       name: etcd
       tasks_from: server_certificates.yml
@@ -48,6 +26,7 @@
   - role: nickhammond.logrotate
     when: etcd_add_check.rc == 0
   post_tasks:
+  # etcd_hostname fact is set in add_new_member.yml called above.
   - name: Verify cluster is stable
     command: >
       {{ r_etcd_common_etcdctl_command }}

+ 0 - 2
playbooks/openshift-etcd/private/server_certificates.yml

@@ -2,8 +2,6 @@
 - name: Create etcd server certificates for etcd hosts
   hosts: oo_etcd_to_config
   any_errors_fatal: true
-  roles:
-    - role: openshift_etcd_facts
   post_tasks:
     - import_role:
         name: etcd

+ 1 - 3
playbooks/openshift-etcd/private/upgrade_backup.yml

@@ -1,9 +1,7 @@
 ---
 - name: Backup etcd
   hosts: oo_etcd_hosts_to_backup
-  roles:
-  - role: openshift_etcd_facts
-  post_tasks:
+  tasks:
   - import_role:
       name: etcd
       tasks_from: backup.yml

+ 0 - 2
playbooks/openshift-node/private/etcd_client_config.yml

@@ -2,8 +2,6 @@
 - name: etcd_client node config
   hosts: "{{ openshift_node_scale_up_group | default('this_group_does_not_exist') }}"
   roles:
-  - role: openshift_facts
-  - role: openshift_etcd_facts
   - role: openshift_etcd_client_certificates
     etcd_cert_prefix: flannel.etcd-
     etcd_cert_subdir: "openshift-node-{{ openshift.common.hostname }}"

+ 10 - 6
roles/etcd/defaults/main.yaml

@@ -23,6 +23,7 @@ etcd_conf_dir: '/etc/etcd'
 etcd_conf_file: "{{ etcd_conf_dir }}/etcd.conf"
 etcd_ca_file: "{{ etcd_conf_dir }}/ca.crt"
 etcd_cert_file: "{{ etcd_conf_dir }}/server.crt"
+etcd_cert_subdir: "etcd-{{ openshift.common.hostname }}"
 etcd_key_file: "{{ etcd_conf_dir }}/server.key"
 etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt"
 etcd_peer_cert_file: "{{ etcd_conf_dir }}/peer.crt"
@@ -31,6 +32,8 @@ etcd_peer_key_file: "{{ etcd_conf_dir }}/peer.key"
 # etcd ca vars
 etcd_ca_dir: "{{ etcd_conf_dir}}/ca"
 etcd_generated_certs_dir: "{{ etcd_conf_dir }}/generated_certs"
+etcd_cert_prefix: ''
+etcd_cert_config_dir: "/etc/etcd"
 etcd_ca_cert: "{{ etcd_ca_dir }}/ca.crt"
 etcd_ca_key: "{{ etcd_ca_dir }}/ca.key"
 etcd_openssl_conf: "{{ etcd_ca_dir }}/openssl.cnf"
@@ -52,10 +55,9 @@ r_etcd_common_master_peer_key_file: /etc/origin/master/master.etcd-client.key
 r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt
 
 # etcd server & certificate vars
-etcd_hostname: "{{ inventory_hostname }}"
-etcd_ip: "{{ ansible_default_ipv4.address }}"
-etcd_is_atomic: False
-etcd_is_containerized: False
+etcd_hostname: "{{ openshift.common.hostname }}"
+etcd_ip: "{{ openshift.common.ip }}"
+etcd_is_atomic: "{{ openshift_is_atomic }}"
 etcd_is_thirdparty: False
 
 # etcd dir vars
@@ -64,8 +66,8 @@ etcd_data_dir: "/var/lib/etcd/"
 # etcd ports and protocols
 etcd_client_port: 2379
 etcd_peer_port: 2380
-etcd_url_scheme: http
-etcd_peer_url_scheme: http
+etcd_url_scheme: https
+etcd_peer_url_scheme: https
 
 etcd_initial_cluster_state: new
 etcd_initial_cluster_token: etcd-cluster-1
@@ -98,3 +100,5 @@ r_etcd_os_firewall_allow:
 etcd_quota_backend_bytes: 4294967296
 
 openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False) | bool) else 'docker' }}"
+
+etcd_ca_host: "{{ groups['oo_etcd_to_config'].0 }}"

+ 20 - 0
roles/etcd/tasks/add_new_member.yml

@@ -0,0 +1,20 @@
+---
+# Set some facts to reference from hostvars
+- import_tasks: set_facts.yml
+
+- name: Add new etcd members to cluster
+  command: >
+    {{ r_etcd_common_etcdctl_command }}
+                     --cert-file {{ etcd_peer_cert_file }}
+                     --key-file {{ etcd_peer_key_file }}
+                     --ca-file {{ etcd_peer_ca_file }}
+                     -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }}
+                     member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}
+  delegate_to: "{{ etcd_ca_host }}"
+  failed_when:
+  - etcd_add_check.rc == 1
+  - ("peerURL exists" not in etcd_add_check.stderr)
+  register: etcd_add_check
+  retries: 3
+  delay: 10
+  until: etcd_add_check.rc == 0

+ 2 - 6
roles/etcd/tasks/rpm.yml

@@ -1,10 +1,6 @@
 ---
-- name: Set hostname and ip facts
-  set_fact:
-    # Store etcd_hostname and etcd_ip such that they will be available
-    # in hostvars. Defaults for these variables are set in etcd_common.
-    etcd_hostname: "{{ etcd_hostname }}"
-    etcd_ip: "{{ etcd_ip }}"
+# Set some facts to reference from hostvars
+- import_tasks: set_facts.yml
 
 - name: setup firewall
   import_tasks: firewall.yml

+ 5 - 0
roles/etcd/tasks/set_facts.yml

@@ -0,0 +1,5 @@
+---
+- name: set etcd host and ip facts
+  set_fact:
+    etcd_ip: "{{ etcd_ip }}"
+    etcd_hostname: "{{ etcd_hostname }}"

+ 2 - 6
roles/etcd/tasks/static.yml

@@ -1,10 +1,6 @@
 ---
-- name: Set hostname and ip facts
-  set_fact:
-    # Store etcd_hostname and etcd_ip such that they will be available
-    # in hostvars. Defaults for these variables are set in etcd_common.
-    etcd_hostname: "{{ etcd_hostname }}"
-    etcd_ip: "{{ etcd_ip }}"
+# Set some facts to reference from hostvars
+- import_tasks: set_facts.yml
 
 - name: setup firewall
   import_tasks: firewall.yml

+ 0 - 1
roles/nuage_master/tasks/etcd_certificates.yml

@@ -7,7 +7,6 @@
   vars:
     etcd_cert_prefix: nuageEtcd-
     etcd_cert_config_dir: "{{ cert_output_dir }}"
-    etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
     etcd_cert_subdir: "openshift-nuage-{{ openshift.common.hostname }}"
 
 

+ 0 - 1
roles/openshift_etcd/meta/main.yml

@@ -12,6 +12,5 @@ galaxy_info:
   categories:
   - cloud
 dependencies:
-- role: openshift_etcd_facts
 - role: etcd
 - role: lib_utils

+ 1 - 0
roles/openshift_etcd_client_certificates/meta/main.yml

@@ -13,3 +13,4 @@ galaxy_info:
   - cloud
 dependencies:
 - role: lib_utils
+- role: openshift_facts

+ 0 - 2
roles/openshift_etcd_facts/defaults/main.yml

@@ -1,2 +0,0 @@
----
-etcd_ca_host_group: "oo_etcd_to_config"

+ 0 - 16
roles/openshift_etcd_facts/meta/main.yml

@@ -1,16 +0,0 @@
----
-galaxy_info:
-  author: Andrew Butcher
-  description: OpenShift etcd Facts
-  company: Red Hat, Inc.
-  license: Apache License, Version 2.0
-  min_ansible_version: 1.9
-  platforms:
-  - name: EL
-    versions:
-    - 7
-  categories:
-  - cloud
-dependencies:
-- role: openshift_facts
-- role: lib_utils

+ 0 - 2
roles/openshift_etcd_facts/tasks/main.yml

@@ -1,2 +0,0 @@
----
-- import_tasks: set_etcd_ca_host.yml

+ 0 - 44
roles/openshift_etcd_facts/tasks/set_etcd_ca_host.yml

@@ -1,44 +0,0 @@
----
-- name: Check for CA indicator files
-  stat:
-    path: "{{ item.0 }}"
-  delegate_to: "{{ item.1 }}"
-  with_nested:
-  - - /etc/etcd/ca
-    - /etc/etcd/generated_certs
-  - "{{ groups[etcd_ca_host_group] }}"
-  register: __etcd_ca_host_stat
-  run_once: true
-
-# Collect ansible_host (inventory hostname) of hosts with /etc/etcd/ca
-# and /etc/etcd/generated_certs directories.
-- set_fact:
-    __etcd_ca_dir_hosts: "{{ __etcd_ca_host_stat.results
-                             | lib_utils_oo_collect('_ansible_delegated_vars.inventory_hostname',
-                                                    filters={'stat.path':'/etc/etcd/ca','stat.exists':True}) }}"
-    __etcd_generated_certs_dir_hosts: "{{ __etcd_ca_host_stat.results
-                                          | lib_utils_oo_collect('_ansible_delegated_vars.inventory_hostname',
-                                                                 filters={'stat.path':'/etc/etcd/generated_certs','stat.exists':True}) }}"
-  run_once: true
-
-# __etcd_ca_hosts is the intersection of hosts which have /etc/etcd/ca
-# and /etc/etcd/generated_certs directories.
-- set_fact:
-    __etcd_ca_hosts: "{{ __etcd_ca_dir_hosts | intersect(__etcd_generated_certs_dir_hosts) }}"
-  run_once: true
-
-# __etcd_ca_hosts should only contain one host. If more than one host
-# is able to be an etcd CA host then we will use the first.
-- set_fact:
-    etcd_ca_host: "{{ __etcd_ca_hosts[0] }}"
-  when:
-  - __etcd_ca_hosts | length > 0
-  - etcd_ca_host is not defined
-
-# No etcd_ca_host was found in __etcd_ca_hosts. This is probably a
-# fresh installation so we will default to the first member of the
-# etcd host group.
-- set_fact:
-    etcd_ca_host: "{{ groups[etcd_ca_host_group].0 }}"
-  when:
-  - etcd_ca_host is not defined

+ 0 - 10
roles/openshift_etcd_facts/vars/main.yml

@@ -1,10 +0,0 @@
----
-etcd_is_containerized: "{{ openshift_is_containerized | bool }}"
-etcd_is_atomic: "{{ openshift_is_atomic }}"
-etcd_hostname: "{{ openshift.common.hostname }}"
-etcd_ip: "{{ openshift.common.ip }}"
-etcd_cert_subdir: "etcd-{{ openshift.common.hostname }}"
-etcd_cert_prefix:
-etcd_cert_config_dir: "/etc/etcd"
-etcd_peer_url_scheme: https
-etcd_url_scheme: https