Modified base debug statements. Fixed oc_secret debug/verbose flag. Added reencrypt for route.

roles/lib_openshift/library/oadm_manage_node.py

@@ -1283,8 +1283,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1304,8 +1304,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_adm_ca_server_cert.py

@@ -1291,8 +1291,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1312,8 +1312,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_adm_registry.py

@@ -1387,8 +1387,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1408,8 +1408,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)
@@ -1985,6 +1985,7 @@ class Service(Yedit):
     port_path = "spec.ports"
     portal_ip = "spec.portalIP"
     cluster_ip = "spec.clusterIP"
+    selector_path = 'spec.selector'
     kind = 'Service'
 
     def __init__(self, content):
@@ -1995,6 +1996,10 @@ class Service(Yedit):
         ''' get a list of ports '''
         return self.get(Service.port_path) or []
 
+    def get_selector(self):
+        ''' get the service selector'''
+        return self.get(Service.selector_path) or {}
+
     def add_ports(self, inc_ports):
         ''' add a port object to the ports list '''
         if not isinstance(inc_ports, list):
@@ -2243,7 +2248,7 @@ class Registry(OpenShiftCLI):
             if result['returncode'] == 0 and part['kind'] == 'dc':
                 self.deploymentconfig = DeploymentConfig(result['results'][0])
             elif result['returncode'] == 0 and part['kind'] == 'svc':
-                self.service = Yedit(content=result['results'][0])
+                self.service = Service(result['results'][0])
 
             if result['returncode'] != 0:
                 rval = result['returncode']
@@ -2313,6 +2318,9 @@ class Registry(OpenShiftCLI):
         if self.portal_ip:
             service.put('spec.portalIP', self.portal_ip)
 
+        # the dry-run doesn't apply the selector correctly
+        service.put('spec.selector', self.service.get_selector())
+
         # need to create the service and the deploymentconfig
         service_file = Utils.create_tmp_file_from_contents('service', service.yaml_dict)
         deployment_file = Utils.create_tmp_file_from_contents('deploymentconfig', deploymentconfig.yaml_dict)

roles/lib_openshift/library/oc_adm_router.py

@@ -1412,8 +1412,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1433,8 +1433,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)
@@ -1558,6 +1558,7 @@ class Service(Yedit):
     port_path = "spec.ports"
     portal_ip = "spec.portalIP"
     cluster_ip = "spec.clusterIP"
+    selector_path = 'spec.selector'
     kind = 'Service'
 
     def __init__(self, content):
@@ -1568,6 +1569,10 @@ class Service(Yedit):
         ''' get a list of ports '''
         return self.get(Service.port_path) or []
 
+    def get_selector(self):
+        ''' get the service selector'''
+        return self.get(Service.selector_path) or {}
+
     def add_ports(self, inc_ports):
         ''' add a port object to the ports list '''
         if not isinstance(inc_ports, list):

roles/lib_openshift/library/oc_edit.py

@@ -1311,8 +1311,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1332,8 +1332,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_env.py

@@ -1278,8 +1278,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1299,8 +1299,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_label.py

@@ -1287,8 +1287,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1308,8 +1308,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_obj.py

@@ -1290,8 +1290,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1311,8 +1311,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_process.py

@@ -1279,8 +1279,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1300,8 +1300,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_route.py

@@ -1321,8 +1321,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1342,8 +1342,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)
@@ -1595,7 +1595,7 @@ class OCRoute(OpenShiftCLI):
     def update(self):
         '''update the object'''
         # when the host attribute is being updated, we need to delete and recreate
-        if self.config.host != self.route.host:
+        if self.config.host != self.route.get_host():
             import time
             self.delete()
             time.sleep(3)

roles/lib_openshift/library/oc_scale.py

@@ -1265,8 +1265,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1286,8 +1286,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_secret.py

@@ -1311,8 +1311,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1332,8 +1332,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_service.py

@@ -1317,8 +1317,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1338,8 +1338,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)
@@ -1463,6 +1463,7 @@ class Service(Yedit):
     port_path = "spec.ports"
     portal_ip = "spec.portalIP"
     cluster_ip = "spec.clusterIP"
+    selector_path = 'spec.selector'
     kind = 'Service'
 
     def __init__(self, content):
@@ -1473,6 +1474,10 @@ class Service(Yedit):
         ''' get a list of ports '''
         return self.get(Service.port_path) or []
 
+    def get_selector(self):
+        ''' get the service selector'''
+        return self.get(Service.selector_path) or {}
+
     def add_ports(self, inc_ports):
         ''' add a port object to the ports list '''
         if not isinstance(inc_ports, list):
@@ -1546,7 +1551,7 @@ class OCService(OpenShiftCLI):
                  kubeconfig='/etc/origin/master/admin.kubeconfig',
                  verbose=False):
         ''' Constructor for OCVolume '''
-        super(OCService, self).__init__(namespace, kubeconfig)
+        super(OCService, self).__init__(namespace, kubeconfig, verbose)
         self.namespace = namespace
         self.config = ServiceConfig(sname, namespace, ports, selector, labels,
                                     cluster_ip, portal_ip, session_affinity, service_type)
@@ -1617,7 +1622,9 @@ class OCService(OpenShiftCLI):
                            params['portalip'],
                            params['ports'],
                            params['session_affinity'],
-                           params['service_type'])
+                           params['service_type'],
+                           params['kubeconfig'],
+                           params['debug'])
 
         state = params['state']
 

roles/lib_openshift/library/oc_serviceaccount.py

@@ -1263,8 +1263,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1284,8 +1284,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_serviceaccount_secret.py

@@ -1263,8 +1263,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1284,8 +1284,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/library/oc_version.py

@@ -1235,8 +1235,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -1256,8 +1256,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/src/class/oc_adm_registry.py

@@ -109,7 +109,7 @@ class Registry(OpenShiftCLI):
             if result['returncode'] == 0 and part['kind'] == 'dc':
                 self.deploymentconfig = DeploymentConfig(result['results'][0])
             elif result['returncode'] == 0 and part['kind'] == 'svc':
-                self.service = Yedit(content=result['results'][0])
+                self.service = Service(result['results'][0])
 
             if result['returncode'] != 0:
                 rval = result['returncode']
@@ -179,6 +179,9 @@ class Registry(OpenShiftCLI):
         if self.portal_ip:
             service.put('spec.portalIP', self.portal_ip)
 
+        # the dry-run doesn't apply the selector correctly
+        service.put('spec.selector', self.service.get_selector())
+
         # need to create the service and the deploymentconfig
         service_file = Utils.create_tmp_file_from_contents('service', service.yaml_dict)
         deployment_file = Utils.create_tmp_file_from_contents('deploymentconfig', deploymentconfig.yaml_dict)

roles/lib_openshift/src/class/oc_route.py

@@ -56,7 +56,7 @@ class OCRoute(OpenShiftCLI):
     def update(self):
         '''update the object'''
         # when the host attribute is being updated, we need to delete and recreate
-        if self.config.host != self.route.host:
+        if self.config.host != self.route.get_host():
             import time
             self.delete()
             time.sleep(3)

roles/lib_openshift/src/class/oc_service.py

@@ -22,7 +22,7 @@ class OCService(OpenShiftCLI):
                  kubeconfig='/etc/origin/master/admin.kubeconfig',
                  verbose=False):
         ''' Constructor for OCVolume '''
-        super(OCService, self).__init__(namespace, kubeconfig)
+        super(OCService, self).__init__(namespace, kubeconfig, verbose)
         self.namespace = namespace
         self.config = ServiceConfig(sname, namespace, ports, selector, labels,
                                     cluster_ip, portal_ip, session_affinity, service_type)
@@ -93,7 +93,9 @@ class OCService(OpenShiftCLI):
                            params['portalip'],
                            params['ports'],
                            params['session_affinity'],
-                           params['service_type'])
+                           params['service_type'],
+                           params['kubeconfig'],
+                           params['debug'])
 
         state = params['state']
 

roles/lib_openshift/src/lib/base.py

@@ -523,8 +523,8 @@ class Utils(object):
                     elif value != user_def[key]:
                         if debug:
                             print('value should be identical')
-                            print(value)
                             print(user_def[key])
+                            print(value)
                         return False
 
             # recurse on a dictionary
@@ -544,8 +544,8 @@ class Utils(object):
                 if api_values != user_values:
                     if debug:
                         print("keys are not equal in dict")
-                        print(api_values)
                         print(user_values)
+                        print(api_values)
                     return False
 
                 result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)

roles/lib_openshift/src/lib/service.py

@@ -67,6 +67,7 @@ class Service(Yedit):
     port_path = "spec.ports"
     portal_ip = "spec.portalIP"
     cluster_ip = "spec.clusterIP"
+    selector_path = 'spec.selector'
     kind = 'Service'
 
     def __init__(self, content):
@@ -77,6 +78,10 @@ class Service(Yedit):
         ''' get a list of ports '''
         return self.get(Service.port_path) or []
 
+    def get_selector(self):
+        ''' get the service selector'''
+        return self.get(Service.selector_path) or {}
+
     def add_ports(self, inc_ports):
         ''' add a port object to the ports list '''
         if not isinstance(inc_ports, list):

roles/openshift_hosted/tasks/registry/registry.yml

@@ -92,7 +92,6 @@
 
 - name: Create OpenShift registry
   oc_adm_registry:
-#debug: True
     name: "{{ openshift_hosted_registry_name }}"
     namespace: "{{ openshift_hosted_registry_namespace }}"
     selector: "{{ openshift_hosted_registry_selector }}"

roles/openshift_hosted/tasks/registry/secure.yml

@@ -4,17 +4,10 @@
     docker_registry_route_hostname: "{{ 'docker-registry-default.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true)) }}"
   run_once: true
 
-#- name: Create passthrough route for docker-registry
-#  oc_route:
-#    name: docker-registry
-#    namespace: "{{ openshift_hosted_registry_namespace }}"
-#    service_name: docker-registry
-#    tls_termination: passthrough
-#    host: "{{ docker_registry_route_hostname }}"
-#  run_once: true
 - name: Get the certificate contents for registry
-  local_action:
-    module: slurp
+  copy:
+    backup: True
+    dest: "/etc/origin/master/named_certificates/{{ item | basename }}"
     src: "{{ item }}"
   register: openshift_hosted_registry_certificate_content
   with_items:
@@ -23,8 +16,7 @@
   - "{{ (openshift_hosted_registry_route_certificates | default({'cafile':none})).cafile }}"
   when: openshift_hosted_registry_route_certificates
 
-- debug: var=openshift_hosted_registry_certificate_content
-  when: openshift_hosted_registry_route_certificates
+- debug: var=openshift_hosted_registry_route_termination
 
 - name: Create passthrough route for docker-registry
   oc_route:
@@ -34,10 +26,10 @@
     host: "{{ docker_registry_route_hostname }}"
     tls_termination: "{{ openshift_hosted_registry_route_termination }}"
     host: "{{ openshift_hosted_registry_route_host | default(docker_registry_route_hostname) }}"
-    cert_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content,omit) }}"
-    key_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content, omit) }}"
-    cacert_content: "{{ openshift_hosted_registry_certificate_content is defined | ternary(openshift_hosted_registry_certificate_content.results[0].content, omit) }}"
-    dest_cacert_path: "{{ openshift_hosted_registry_certificate_content is defined | ternary('/etc/origin/master/ca.crt', omit) }}"
+    cert_path: "{{ ('certfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.certfile | basename), omit) }}"
+    key_path: "{{ ('keyfile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.keyfile | basename), omit) }}"
+    cacert_path: "{{ ('cafile' in openshift_hosted_registry_route_certificates) | ternary('/etc/origin/master/named_certificates/' ~ (openshift_hosted_registry_route_certificates.cafile | basename), omit) }}"
+    dest_cacert_path: "{{ (openshift_hosted_registry_route_termination == 'reencrypt') | ternary('/etc/origin/master/ca.crt', omit) }}"
   run_once: true
 
 - name: Retrieve registry service IP

roles/openshift_hosted/tasks/router/router.yml

@@ -71,9 +71,6 @@
     - key: spec.strategy.rollingParams.updatePeriodSeconds
       value: 1
       action: put
-    - key: spec.strategy.activeDeadlineSeconds
-      value: 21600
-      action: put
   register: routerout
 
 # This should probably move to module