6 éve · 6489793076
--- a/playbooks/openstack/configuration.md
+++ b/playbooks/openstack/configuration.md
@@ -136,7 +136,11 @@ configuration file locally and specify it in `inventory/group_vars/OSEv3.yml`:
 
				 ## OpenStack With SSL Configuration
			
 
				 
			
 
				 In order to configure your OpenShift cluster to work properly with OpenStack with
			
 
				-SSL-endpoints, add the following to `inventory/group_vars/OSEv3.yml`:
			
 
				+SSL-endpoints, set the following in `inventory/group_vars/all.yml`:
			
 
				+
			
 
				+* `openshift_use_openstack_ssl`: True
			
 
				+
			
 
				+Then add the following to `inventory/group_vars/OSEv3.yml`:
			
 
				 
			
 
				 ```
			
 
				 openshift_certificates_redeploy: true
			
@@ -269,6 +273,7 @@ do not have it either. Nor should they use any other internal DNS server.
 
				 Put this in your `inventory/group_vars/all.yml`:
			
 
				 
			
 
				 ```yaml
			
 
				+openshift_openstack_use_neutron_internal_dns: True
			
 
				 openshift_openstack_fqdn_nodes: false
			
 
				 openshift_openstack_dns_nameservers: []
			
 
				 ```
			
@@ -304,6 +309,8 @@ are created, but before we install anything on them).
 
				 Add this to your `inventory/group_vars/all.yml`:
			
 
				 
			
 
				 ```
			
 
				+    openshift_openstack_use_nsupdate: True
			
 
				+
			
 
				     openshift_openstack_external_nsupdate_keys:
			
 
				       private:
			
 
				         key_secret: <some nsupdate key>
			
@@ -484,6 +491,7 @@ You must do this from inside the "bastion" host created in the previous step.
 
				 Put the following to `inventory/group_vars/all.yml`:
			
 
				 
			
 
				 ```yaml
			
 
				+openshift_openstack_use_no_floating_ip: True
			
 
				 openshift_openstack_router_name: openshift-router
			
 
				 openshift_openstack_node_subnet_name: openshift
			
 
				 openshift_openstack_master_floating_ip: false
			
@@ -500,10 +508,10 @@ And then run the `playbooks/openstack/openshift-cluster/*.yml` as usual.
 
				 If you want to deploy OpenShift on a single node (e.g. for quick evaluation),
			
 
				 you can do so with a few configuration changes.
			
 
				 
			
 
				-First, set the node counts and labels like so in
			
 
				-`inventory/group_vars/all.yml`:
			
 
				+First, set the following in `inventory/group_vars/all.yml`:
			
 
				 
			
 
				 ```
			
 
				+openshift_use_all_in_one_cluster_deployment: True
			
 
				 openshift_openstack_num_masters: 1
			
 
				 openshift_openstack_num_infra: 0
			
 
				 openshift_openstack_num_nodes: 0
			
@@ -835,12 +843,17 @@ resolve each other by name.
 
				 
			
 
				 In `inventory/group_vars/all.yml`:
			
 
				 
			
 
				+* `openshift_openstack_use_provider_network` True
			
 
				 * `openshift_openstack_provider_network_name` Provider network name. Setting this will cause the `openshift_openstack_external_network_name` and `openshift_openstack_private_network_name` parameters to be ignored.
			
 
				 
			
 
				 
			
 
				 ## Cinder-Backed Persistent Volumes Configuration
			
 
				 
			
 
				-In addition to [setting up an OpenStack cloud provider](#openstack-cloud-provider-configuration),
			
 
				+Set the following in `inventory/group_vars/all.yml`:
			
 
				+
			
 
				+* `openshift_use_cinder_persistent_volume`: True
			
 
				+
			
 
				+Then, in addition to [setting up an OpenStack cloud provider](#openstack-cloud-provider-configuration),
			
 
				 you must set the following in `inventory/group_vars/OSEv3.yml`:
			
 
				 
			
 
				 * `openshift_cloudprovider_openstack_blockstorage_version`: v2
			
@@ -882,7 +895,11 @@ openstack volume create --size <volume size in gb> <volume name>
 
				 Alternatively, the playbooks can create the volume created automatically if you
			
 
				 specify its name and size.
			
 
				 
			
 
				-In either case, you have to [set up an OpenStack cloud provider](#openstack-cloud-provider-configuration),
			
 
				+Then, set the following in `inventory/group_vars/all.yml`:
			
 
				+
			
 
				+* `openshift_use_cinder_registry`: True
			
 
				+
			
 
				+And [set up an OpenStack cloud provider](#openstack-cloud-provider-configuration),
			
 
				 and then set the following in `inventory/group_vars/OSEv3.yml`:
			
 
				 
			
 
				 * `openshift_hosted_registry_storage_kind`: openstack
			
@@ -909,7 +926,11 @@ infra nodes when the registry pod gets started.
 
				 ## Swift or Ceph Rados GW Backed Registry Configuration
			
 
				 
			
 
				 You can use OpenStack Swift or Ceph Rados GW to store your OpenShift registry.
			
 
				-In order to do so, set the following in `inventory/group_vars/OSEv3.yml`:
			
 
				+In order to do so, set the following in `inventory/group_vars/all.yml`:
			
 
				+
			
 
				+* `openshift_use_swift_registry`: true
			
 
				+
			
 
				+And the following in `inventory/group_vars/OSEv3.yml`:
			
 
				 
			
 
				 * `openshift_hosted_registry_storage_kind`: object
			
 
				 * `openshift_hosted_registry_storage_provider`: swift
			
--- a/playbooks/openstack/sample-inventory/group_vars/all.yml
+++ b/playbooks/openstack/sample-inventory/group_vars/all.yml
@@ -1,4 +1,25 @@
 
				 ---
			
 
				+# Uncomment if you plan on using these features. Doing so is not required,
			
 
				+# but enables pre-requisites checks that will confirm that the right parameters
			
 
				+# are set.
			
 
				+
			
 
				+# Note that these features require other parameters to be set in the inventory.
			
 
				+# It is highly recommended that you read the configuration documentation.
			
 
				+
			
 
				+#openshift_use_all_in_one_cluster_deployment: False
			
 
				+#openshift_use_cinder_persistent_volume: False
			
 
				+#openshift_use_cinder_registry: False
			
 
				+#openshift_use_kuryr: False
			
 
				+#openshift_use_openstack_ssl: False
			
 
				+#openshift_use_swift_registry: False
			
 
				+
			
 
				+#openshift_openstack_use_neutron_internal_dns: False
			
 
				+#openshift_openstack_use_no_floating_ip: False
			
 
				+#openshift_openstack_use_nsupdate: True
			
 
				+#openshift_openstack_use_provider_network: False
			
 
				+
			
 
				+############
			
 
				+
			
 
				 openshift_openstack_clusterid: "openshift"
			
 
				 openshift_openstack_public_dns_domain: "example.com"
			
 
				 openshift_openstack_dns_nameservers: []
			
@@ -25,7 +46,6 @@ openshift_openstack_external_network_name: "public"
 
				 #openshift_openstack_kuryr_service_subnet_cidr: "172.30.0.0/16"
			
 
				 
			
 
				 ## You should set the following if you want to use Kuryr/Neutron as your SDN
			
 
				-#openshift_use_kuryr: True
			
 
				 #openshift_use_openshift_sdn: False
			
 
				 
			
 
				 # NOTE: you must uncomment these for Kuryr to work properly as well:
			
@@ -170,6 +190,9 @@ openshift_openstack_pool_end: "192.168.99.254"
 
				 #rhsub_pool: '<pool name>'
			
 
				 
			
 
				 
			
 
				+# This parameter may need to be set if your nsupdate zone differs from the full OpenShift DNS name
			
 
				+#openshift_openstack_nsupdate_zone: example.com
			
 
				+
			
 
				 # # Roll-your-own DNS
			
 
				 #openshift_openstack_external_nsupdate_keys:
			
 
				 #  public:
			
--- a/roles/openshift_openstack/defaults/main.yml
+++ b/roles/openshift_openstack/defaults/main.yml
@@ -1,4 +1,16 @@
 
				 ---
			
 
				+openshift_use_all_in_one_cluster_deployment: False
			
 
				+openshift_use_cinder_persistent_volume: False
			
 
				+openshift_use_cinder_registry: False
			
 
				+openshift_use_kuryr: False
			
 
				+openshift_use_openstack_ssl: False
			
 
				+openshift_use_swift_registry: False
			
 
				+
			
 
				+openshift_openstack_use_neutron_internal_dns: False
			
 
				+openshift_openstack_use_no_floating_ip: False
			
 
				+openshift_openstack_use_nsupdate: True
			
 
				+openshift_openstack_use_provider_network: False
			
 
				+
			
 
				 openshift_openstack_stack_state: 'present'
			
 
				 
			
 
				 openshift_openstack_ssh_ingress_cidr: 0.0.0.0/0
			
@@ -16,7 +28,6 @@ openshift_openstack_use_lbaas_load_balancer: false
 
				 openshift_openstack_lbaasv2_provider: Octavia
			
 
				 openshift_openstack_use_vm_load_balancer: false
			
 
				 
			
 
				-
			
 
				 # container-storage-setup
			
 
				 openshift_openstack_container_storage_setup:
			
 
				   docker_dev: "/dev/sdb"
			
--- a/roles/openshift_openstack/tasks/check-prerequisites.yml
+++ b/roles/openshift_openstack/tasks/check-prerequisites.yml
@@ -17,6 +17,39 @@
 
				     that: 'shade_result.rc == 0'
			
 
				     msg: "Python module shade is not installed"
			
 
				 
			
 
				+- include_tasks: prerequisites/provider-network-check.yml
			
 
				+  when: openshift_openstack_use_provider_network
			
 
				+
			
 
				+- include_tasks: prerequisites/neutron-internal-dns-check.yml
			
 
				+  when: openshift_openstack_use_neutron_internal_dns
			
 
				+
			
 
				+- include_tasks: prerequisites/nsupdate-check.yml
			
 
				+  when: openshift_openstack_use_nsupdate
			
 
				+
			
 
				+- include_tasks: prerequisites/no-floating-ip-check.yml
			
 
				+  when: openshift_openstack_use_no_floating_ip
			
 
				+
			
 
				+- include_tasks: prerequisites/cloud-provider-check.yml
			
 
				+  when: openshift_use_cinder_persistent_volume or openshift_use_cinder_registry or openshift_use_kuryr
			
 
				+
			
 
				+- include_tasks: prerequisites/openstack-ssl-check.yml
			
 
				+  when: openshift_use_openstack_ssl
			
 
				+
			
 
				+- include_tasks: prerequisites/kuryr-check.yml
			
 
				+  when: openshift_use_kuryr
			
 
				+
			
 
				+- include_tasks: prerequisites/all-in-one-cluster-deployment-check.yml
			
 
				+  when: openshift_use_all_in_one_cluster_deployment
			
 
				+
			
 
				+- include_tasks: prerequisites/cinder-persistent-volume-check.yml
			
 
				+  when: openshift_use_cinder_persistent_volume
			
 
				+
			
 
				+- include_tasks: prerequisites/cinder-registry-check.yml
			
 
				+  when: openshift_use_cinder_registry
			
 
				+
			
 
				+- include_tasks: prerequisites/swift-registry-check.yml
			
 
				+  when: openshift_use_swift_registry
			
 
				+
			
 
				 # Gather Neutron extension facts
			
 
				 - name: Check for Neutron trunk support
			
 
				   os_network_extensions:
			
@@ -91,7 +124,7 @@
 
				     msg: "Keypair {{ openshift_openstack_keypair_name }} is not available"
			
 
				 
			
 
				 # Check flavors and images
			
 
				-- include_tasks: image-and-flavor-check.yml
			
 
				+- include_tasks: prerequisites/image-and-flavor-check.yml
			
 
				   with_items:
			
 
				   - { image: "{{ openshift_openstack_default_image_name }}", flavor: "{{ openshift_openstack_default_flavor }}" }
			
 
				   - { image: "{{ openshift_openstack_master_image }}", flavor: "{{ openshift_openstack_master_flavor }}" }
			
--- a/roles/openshift_openstack/tasks/prerequisites/all-in-one-cluster-deployment-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/all-in-one-cluster-deployment-check.yml
@@ -0,0 +1,34 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check number of master nodes is greater than 0
			
 
				+  assert:
			
 
				+    that: openshift_openstack_num_masters > 0
			
 
				+    msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_masters must be greater than 0"
			
 
				+
			
 
				+- name: Check number of infra nodes is equal to 0
			
 
				+  assert:
			
 
				+    that: openshift_openstack_num_infra == 0
			
 
				+    msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_infra must be 0"
			
 
				+
			
 
				+- name: Check number of app nodes is equal to 0
			
 
				+  assert:
			
 
				+    that: openshift_openstack_num_nodes == 0
			
 
				+    msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_nodes must be 0"
			
 
				+
			
 
				+- name: Check openshift_openstack_master_group_name is set to node-config-all-in-one
			
 
				+  assert:
			
 
				+    that: openshift_openstack_master_group_name == 'node-config-all-in-one'
			
 
				+    msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_nodes must be set to node-config-all-in-one"
			
 
				+
			
 
				+- name: Check openshift_node_groups contains node-config-all-in-one entry
			
 
				+  assert:
			
 
				+    that: openshift_node_groups | selectattr('name', 'equalto', 'node-config-all-in-one') | list | count > 0
			
 
				+    msg: "openshift_use_all_in_one_cluster_deployment: openshift_node_groups must contain a node-config-all-in-one entry"
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory
			
--- a/roles/openshift_openstack/tasks/prerequisites/cinder-persistent-volume-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/cinder-persistent-volume-check.yml
@@ -0,0 +1,14 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_openstack_blockstorage_version
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_blockstorage_version == 'v2'
			
 
				+    msg: "openshift_use_cinder_persistent_volume: openshift_cloudprovider_openstack_blockstorage_version must be set to v2"
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory
			
--- a/roles/openshift_openstack/tasks/prerequisites/cinder-registry-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/cinder-registry-check.yml
@@ -0,0 +1,34 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_kind value
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_kind == 'openstack'
			
 
				+    msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_kind must be set to openstack"
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_access_modes is set
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_access_modes is defined
			
 
				+    msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_access_modes must be defined"
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_openstack_filesystem is set
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_openstack_filesystem is defined
			
 
				+    msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_openstack_filesystem must be defined"
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_volume_size is set
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_volume_size is defined
			
 
				+    msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_volume_size must be defined"
			
 
				+
			
 
				+- name: Either openshift_hosted_registry_storage_openstack_volumeID or openshift_hosted_registry_storage_volume_name must be defined
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_openstack_volumeID is defined or openshift_hosted_registry_storage_volume_name is defined
			
 
				+    msg: "openshift_use_cinder_registry: Either openshift_hosted_registry_storage_openstack_volumeID or openshift_hosted_registry_storage_volume_name must be defined"
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory
			
--- a/roles/openshift_openstack/tasks/prerequisites/cloud-provider-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/cloud-provider-check.yml
@@ -0,0 +1,39 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_kind value
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_kind == 'openstack'
			
 
				+    msg: "openshift_use_cloud_provider: openshift_cloudprovider_kind must be set to openstack"
			
 
				+  when: openshift_cloudprovider_openstack_conf_file is not defined
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_openstack_auth_url is defined
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_auth_url is defined
			
 
				+    msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_auth_url must be defined"
			
 
				+  when: openshift_cloudprovider_openstack_conf_file is not defined
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_openstack_username is defined
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_username is defined
			
 
				+    msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_username must be defined"
			
 
				+  when: openshift_cloudprovider_openstack_conf_file is not defined
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_openstack_password is defined
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_password is defined
			
 
				+    msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_password must be defined"
			
 
				+  when: openshift_cloudprovider_openstack_conf_file is not defined
			
 
				+
			
 
				+- name: Check that a openshift_cloudprovider_openstack tenant parameter is defined
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_tenant_id is defined or openshift_cloudprovider_openstack_tenant_name is defined
			
 
				+    msg: "openshift_use_cloud_provider: either openshift_cloudprovider_openstack_tenant_id or openshift_cloudprovider_openstack_tenant_name must be defined"
			
 
				+  when: openshift_cloudprovider_openstack_conf_file is not defined
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory
			
--- a/roles/openshift_openstack/tasks/prerequisites/image-and-flavor-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/image-and-flavor-check.yml
--- a/roles/openshift_openstack/tasks/prerequisites/kuryr-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/kuryr-check.yml
@@ -0,0 +1,35 @@
 
				+---
			
 
				+- name: Check openshift_use_openshift_sdn is false
			
 
				+  assert:
			
 
				+    that: not openshift_use_openshift_sdn
			
 
				+    msg: "openshift_use_kuryr: openshift_use_openshift_sdn must be false"
			
 
				+
			
 
				+- name: Check use_trunk_ports is true
			
 
				+  assert:
			
 
				+    that: use_trunk_ports
			
 
				+    msg: "openshift_use_kuryr: use_trunk_ports must be true"
			
 
				+
			
 
				+- name: Check os_sdn_network_plugin_name is set to cni
			
 
				+  assert:
			
 
				+    that: os_sdn_network_plugin_name == 'cni'
			
 
				+    msg: "openshift_use_kuryr: os_sdn_network_plugin_name must be set to cni"
			
 
				+
			
 
				+- name: Check openshift_node_proxy_mode is set to userspace
			
 
				+  assert:
			
 
				+    that: openshift_node_proxy_mode == 'userspace'
			
 
				+    msg: "openshift_use_kuryr: openshift_node_proxy_mode must be set to userspace"
			
 
				+
			
 
				+- name: Check openshift_master_open_ports is set
			
 
				+  assert:
			
 
				+    that: openshift_master_open_ports is defined
			
 
				+    msg: "openshift_use_kuryr: openshift_master_open_ports must be defined"
			
 
				+
			
 
				+- name: Check openshift_node_open_ports is set
			
 
				+  assert:
			
 
				+    that: openshift_node_open_ports is defined
			
 
				+    msg: "openshift_use_kuryr: openshift_node_open_ports must be defined"
			
 
				+
			
 
				+- name: Check kuryr_openstack_public_net_id is set
			
 
				+  assert:
			
 
				+    that: kuryr_openstack_public_net_id is defined
			
 
				+    msg: "openshift_use_kuryr: kuryr_openstack_public_net_id must be defined"
			
--- a/roles/openshift_openstack/tasks/prerequisites/neutron-internal-dns-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/neutron-internal-dns-check.yml
@@ -0,0 +1,15 @@
 
				+---
			
 
				+- name: Check openshift_openstack_fqdn_nodes is false
			
 
				+  assert:
			
 
				+    that: not openshift_openstack_fqdn_nodes
			
 
				+    msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_fqdn_nodes must be false"
			
 
				+
			
 
				+- name: Check openshift_openstack_dns_nameservers is empty
			
 
				+  assert:
			
 
				+    that: openshift_openstack_dns_nameservers | count == 0
			
 
				+    msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_dns_nameservers must be empty"
			
 
				+
			
 
				+- name: Check openshift_openstack_external_nsupdate_keys does not contain private entry
			
 
				+  assert:
			
 
				+    that: openshift_openstack_external_nsupdate_keys.private is not defined
			
 
				+    msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_external_nsupdate_keys must not contain a private entry"
			
--- a/roles/openshift_openstack/tasks/prerequisites/no-floating-ip-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/no-floating-ip-check.yml
@@ -0,0 +1,10 @@
 
				+---
			
 
				+- name: Check openshift_openstack_router_name is defined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_router_name is defined and openshift_openstack_router_name
			
 
				+    msg: "openshift_openstack_use_no_floating_ip: openshift_openstack_router_name must be defined"
			
 
				+
			
 
				+- name: Check openshift_openstack_node_subnet_name is defined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name
			
 
				+    msg: "openshift_openstack_use_no_floating_ip: openshift_openstack_node_subnet_name must be defined"
			
--- a/roles/openshift_openstack/tasks/prerequisites/nsupdate-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/nsupdate-check.yml
@@ -0,0 +1,16 @@
 
				+---
			
 
				+- name: Check openshift_openstack_nsupdate_zone is defined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_nsupdate_zone is defined and openshift_openstack_nsupdate_zone
			
 
				+    msg: "openshift_openstack_use_nsupdate: openshift_openstack_nsupdate_zone must be defined"
			
 
				+
			
 
				+- name: Check that there is a public or private entry in openshift_openstack_external_nsupdate_keys
			
 
				+  assert:
			
 
				+    that: openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined
			
 
				+    msg: "openshift_openstack_use_nsupdate: openshift_openstack_external_nsupdate_keys must have at least one of a public or private entry"
			
 
				+
			
 
				+- name: Check that either openshift_openstack_public_hostname_suffix or openshift_openstack_private_hostname_suffix is defined
			
 
				+  assert:
			
 
				+    that: (openshift_openstack_public_hostname_suffix is defined and openshift_openstack_public_hostname_suffix) or (openshift_openstack_private_hostname_suffix is defined and openshift_openstack_private_hostname_suffix)
			
 
				+    msg: "openshift_openstack_use_nsupdate: either openshift_openstack_public_hostname_suffix or openshift_openstack_private_hostname_suffix must be defined"
			
 
				+  when: openshift_openstack_external_nsupdate_keys.private is defined and openshift_openstack_external_nsupdate_keys.public is defined
			
--- a/roles/openshift_openstack/tasks/prerequisites/openstack-ssl-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/openstack-ssl-check.yml
@@ -0,0 +1,30 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check openshift_certificates_redeploy is true
			
 
				+  assert:
			
 
				+    that: openshift_certificates_redeploy
			
 
				+    msg: "openshift_use_openstack_ssl: openshift_certificates_redeploy must be true"
			
 
				+
			
 
				+- name: Check openshift_additional_ca is defined
			
 
				+  assert:
			
 
				+    that: openshift_additional_ca is defined and openshift_additional_ca
			
 
				+    msg: "openshift_use_openstack_ssl: openshift_additional_ca must be defined"
			
 
				+
			
 
				+- name: Check kuryr_openstack_ca is defined
			
 
				+  assert:
			
 
				+    that: kuryr_openstack_ca is defined and kuryr_openstack_ca
			
 
				+    msg: "openshift_use_openstack_ssl: kuryr_openstack_ca must be defined"
			
 
				+  when: openshift_use_kuryr
			
 
				+
			
 
				+- name: Check openshift_cloudprovider_openstack_ca_file is defined
			
 
				+  assert:
			
 
				+    that: openshift_cloudprovider_openstack_ca_file is defined and openshift_cloudprovider_openstack_ca_file
			
 
				+    msg: "openshift_use_openstack_ssl: openshift_cloudprovider_openstack_ca_file must be defined"
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory
			
--- a/roles/openshift_openstack/tasks/prerequisites/provider-network-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/provider-network-check.yml
@@ -0,0 +1,15 @@
 
				+---
			
 
				+- name: Check openshift_openstack_provider_network_name is defined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_provider_network_name is defined and openshift_openstack_provider_network_name
			
 
				+    msg: "openshift_openstack_use_provider_network: openshift_openstack_provider_network_name must be defined"
			
 
				+
			
 
				+- name: Check openshift_openstack_external_network_name is undefined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_external_network_name is undefined or not openshift_openstack_external_network_name
			
 
				+    msg: "openshift_openstack_use_provider_network: openshift_openstack_external_network_name must not be defined"
			
 
				+
			
 
				+- name: Check openshift_openstack_private_network_name is undefined
			
 
				+  assert:
			
 
				+    that: openshift_openstack_private_network_name is undefined or not openshift_openstack_private_network_name
			
 
				+    msg: "openshift_openstack_use_provider_network: openshift_openstack_private_network_name must not be defined"
			
--- a/roles/openshift_openstack/tasks/prerequisites/swift-registry-check.yml
+++ b/roles/openshift_openstack/tasks/prerequisites/swift-registry-check.yml
@@ -0,0 +1,24 @@
 
				+---
			
 
				+# add localhost to OSEv3 so we can access OSEv3 inventory variables
			
 
				+- name: Add localhost to OSEv3
			
 
				+  add_host:
			
 
				+    hostname: 'localhost'
			
 
				+    groupname: 'OSEv3'
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_kind value
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_kind == 'object'
			
 
				+    msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_kind must be set to object"
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_provider value
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_provider == 'swift'
			
 
				+    msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_provider must be set to swift"
			
 
				+
			
 
				+- name: Check openshift_hosted_registry_storage_swift_container is set
			
 
				+  assert:
			
 
				+    that: openshift_hosted_registry_storage_swift_container is defined
			
 
				+    msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_swift_container must be defined"
			
 
				+
			
 
				+- name: Clear inventory
			
 
				+  meta: refresh_inventory