- Rename minion to node

- Update playbooks to support latest code

README_GCE.md

@@ -72,5 +72,5 @@ Test The Setup
 
 3. Try to create an instance:
 ```
-  ./cloud.rb gce launch -n ${USER}-minion1 -e int --type os3-minion
+  ./cloud.rb gce launch -n ${USER}-node1 -e int --type os3-node
 ```

cluster.sh

@@ -1,6 +1,6 @@
 #!/bin/bash -eu
 
-MINIONS=2
+NODES=2
 MASTERS=1
 
 # If the environment variable OO_PROVDER is defined, it used for the provider
@@ -13,10 +13,10 @@ fi
 UPPER_CASE_PROVIDER=$(echo $PROVIDER | tr '[:lower:]' '[:upper:]')
 
 
-# Use OO_MASTER_PLAYBOOK/OO_MINION_PLAYBOOK environment variables for playbooks if defined,
+# Use OO_MASTER_PLAYBOOK/OO_NODE_PLAYBOOK environment variables for playbooks if defined,
 # otherwise use openshift default values.
 MASTER_PLAYBOOK=${OO_MASTER_PLAYBOOK:-'openshift-master'}
-MINION_PLAYBOOK=${OO_MINION_PLAYBOOK:-'openshift-minion'}
+NODE_PLAYBOOK=${OO_NODE_PLAYBOOK:-'openshift-node'}
 
 
 # @formatter:off
@@ -29,10 +29,10 @@ function usage {
         $([ $? -ne 0 ] && echo "No supported environment tags found for ${PROVIDER}")
 
         Optional arguments for create:
-        [-p|--provider, -m|--masters, -n|--minions, --master-playbook, --minion-playbook]
+        [-p|--provider, -m|--masters, -n|--nodes, --master-playbook, --node-playbook]
 
         Optional arguments for terminate|update:
-        [-p|--provider, --master-playbook, --minion-playbook]
+        [-p|--provider, --master-playbook, --node-playbook]
 EOT
 }
 # @formatter:on
@@ -40,21 +40,21 @@ EOT
 function create_cluster {
     ./cloud.rb "${PROVIDER}" launch -e "${ENV}" --type=$MASTER_PLAYBOOK -c $MASTERS
 
-    ./cloud.rb "${PROVIDER}" launch -e "${ENV}" --type=$MINION_PLAYBOOK -c $MINIONS
+    ./cloud.rb "${PROVIDER}" launch -e "${ENV}" --type=$NODE_PLAYBOOK -c $NODES
 
     update_cluster
 
-    echo -e "\nCreated ${MASTERS}/${MASTER_PLAYBOOK} masters and ${MINIONS}/${MINION_PLAYBOOK} minions using ${PROVIDER} provider\n"
+    echo -e "\nCreated ${MASTERS}/${MASTER_PLAYBOOK} masters and ${NODES}/${NODE_PLAYBOOK} nodes using ${PROVIDER} provider\n"
 }
 
 function update_cluster {
     ./cloud.rb "${PROVIDER}" config -e "${ENV}" --type=$MASTER_PLAYBOOK
-    ./cloud.rb "${PROVIDER}" config -e "${ENV}" --type=$MINION_PLAYBOOK
+    ./cloud.rb "${PROVIDER}" config -e "${ENV}" --type=$NODE_PLAYBOOK
 }
 
 function terminate_cluster {
     ./cloud.rb "${PROVIDER}" terminate -e "${ENV}" --type=$MASTER_PLAYBOOK
-    ./cloud.rb "${PROVIDER}" terminate -e "${ENV}" --type=$MINION_PLAYBOOK
+    ./cloud.rb "${PROVIDER}" terminate -e "${ENV}" --type=$NODE_PLAYBOOK
 }
 
 [ -f ./cloud.rb ] || (echo 1>&2 'Cannot find ./cloud.rb' && exit 1)
@@ -68,7 +68,7 @@ function check_argval {
 }
 
 # Using GNU getopt to support both small and long formats
-OPTIONS=`getopt -o p:m:n:h --long provider:,masters:,minions:,master-playbook:,minion-playbook:,help \
+OPTIONS=`getopt -o p:m:n:h --long provider:,masters:,nodes:,master-playbook:,node-playbook:,help \
 	        -n "$0" -- "$@"`
 eval set -- "$OPTIONS"
 
@@ -77,9 +77,9 @@ while true; do
         -h|--help) (usage; exit 1) ; shift ;;
         -p|--provider) PROVIDER="$2" ; check_argval $2 ; shift 2 ;;
         -m|--masters) MASTERS="$2" ; check_argval $2 ; shift 2 ;;
-        -n|--minions) MINIONS="$2" ; check_argval $2 ; shift 2 ;;
+        -n|--nodes) NODES="$2" ; check_argval $2 ; shift 2 ;;
         --master-playbook) MASTER_PLAYBOOK="$2" ; check_argval $2 ; shift 2 ;;
-        --minion-playbook) MINION_PLAYBOOK="$2" ; check_argval $2 ; shift 2 ;;
+        --node-playbook) NODE_PLAYBOOK="$2" ; check_argval $2 ; shift 2 ;;
         --) shift ; break ;;
         *) break ;;
     esac

playbooks/aws/openshift-master/config.yml

@@ -7,8 +7,8 @@
     with_items: "{{ oo_host_group_exp | default('') }}"
     when: oo_host_group_exp is defined
 
-- name: "Gather facts for minions in {{ oo_env }}"
-  hosts: "tag_env-host-type_{{ oo_env }}-openshift-minion"
+- name: "Gather facts for nodes in {{ oo_env }}"
+  hosts: "tag_env-host-type_{{ oo_env }}-openshift-node"
   connection: ssh
   user: root
 
@@ -16,12 +16,12 @@
   hosts: localhost
   gather_facts: no
   tasks:
-    - name: Setting oo_minion_ips fact on localhost
+    - name: Setting oo_node_ips fact on localhost
       set_fact:
-        oo_minion_ips: "{{ hostvars
-            | oo_select_keys(groups['tag_env-host-type_' + oo_env + '-openshift-minion'])
+        oo_node_ips: "{{ hostvars
+            | oo_select_keys(groups['tag_env-host-type_' + oo_env + '-openshift-node'])
             | oo_collect(attribute='ansible_eth0.ipv4.address') }}"
-      when: groups['tag_env-host-type_' + oo_env + '-openshift-minion'] is defined
+      when: groups['tag_env-host-type_' + oo_env + '-openshift-node'] is defined
 
 - name: "Configure instances"
   hosts: oo_hosts_to_config
@@ -34,7 +34,7 @@
     - ../../../roles/repos
     - {
         role: ../../../roles/openshift_master,
-        oo_minion_ips: "{{ hostvars['localhost'].oo_minion_ips | default(['']) }}",
+        oo_node_ips: "{{ hostvars['localhost'].oo_node_ips | default(['']) }}",
         oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}"
       }
     - ../../../roles/pods

playbooks/aws/openshift-minion/config.yml

@@ -34,7 +34,7 @@
     - ../../../roles/repos
     - ../../../roles/docker
     - {
-        role: ../../../roles/openshift_minion,
+        role: ../../../roles/openshift_node,
         oo_master_ips: "{{ hostvars['localhost'].oo_master_ips | default(['']) }}",
         oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}"
       }

playbooks/gce/openshift-master/config.yml

@@ -7,8 +7,8 @@
     with_items: "{{ oo_host_group_exp | default('') }}"
     when: oo_host_group_exp is defined
 
-- name: "Gather facts for minions in {{ oo_env }}"
-  hosts: "tag_env-host-type-{{ oo_env }}-openshift-minion"
+- name: "Gather facts for nodes in {{ oo_env }}"
+  hosts: "tag_env-host-type-{{ oo_env }}-openshift-node"
   connection: ssh
   user: root
 
@@ -16,12 +16,12 @@
   hosts: localhost
   gather_facts: no
   tasks:
-    - name: Setting oo_minion_ips fact on localhost
+    - name: Setting oo_node_ips fact on localhost
       set_fact:
-        oo_minion_ips: "{{ hostvars
-            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-minion'])
+        oo_node_ips: "{{ hostvars
+            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-node'])
             | oo_collect(attribute='ansible_eth0.ipv4.address') }}"
-      when: groups['tag_env-host-type-' + oo_env + '-openshift-minion'] is defined
+      when: groups['tag_env-host-type-' + oo_env + '-openshift-node'] is defined
 
 - name: "Configure instances"
   hosts: oo_hosts_to_config
@@ -34,7 +34,8 @@
     - ../../../roles/repos
     - {
         role: ../../../roles/openshift_master,
-        oo_minion_ips: "{{ hostvars['localhost'].oo_minion_ips | default(['']) }}",
-        oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}"
+        oo_node_ips: "{{ hostvars['localhost'].oo_node_ips | default(['']) }}",
+        oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}",
+        oo_public_ip: "{{ gce_public_ip }}"
       }
     - ../../../roles/pods

playbooks/gce/openshift-minion/config.yml

@@ -22,6 +22,19 @@
             | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-master'])
             | oo_collect(attribute='ansible_eth0.ipv4.address') }}"
       when: groups['tag_env-host-type-' + oo_env + '-openshift-master'] is defined
+    - name: Setting oo_master_public_ips fact on localhost
+      set_fact:
+        oo_master_public_ips: "{{ hostvars
+            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-master'])
+            | oo_collect(attribute='gce_public_ip') }}"
+      when: groups['tag_env-host-type-' + oo_env + '-openshift-master'] is defined
+
+- name: "Debug hostvars"
+  hosts: oo_hosts_to_config
+  connection: ssh
+  user: root
+  tasks:
+    - debug: var=hostvars
 
 - name: "Configure instances"
   hosts: oo_hosts_to_config
@@ -34,7 +47,9 @@
     - ../../../roles/repos
     - ../../../roles/docker
     - {
-        role: ../../../roles/openshift_minion,
+        role: ../../../roles/openshift_node,
         oo_master_ips: "{{ hostvars['localhost'].oo_master_ips | default(['']) }}",
-        oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}"
+        oo_master_public_ips: "{{ hostvars['localhost'].oo_master_public_ips | default(['']) }}",
+        oo_bind_ip: "{{ hostvars[inventory_hostname].ansible_eth0.ipv4.address | default(['']) }}",
+        oo_public_ip: "{{ hostvars[inventory_hostname].ansible_ssh_host }}"
       }

playbooks/gce/openshift-minion/terminate.yml

@@ -16,7 +16,7 @@
   hosts: localhost
   connection: local
   tasks:
-    - name: Terminate minion instances
+    - name: Terminate node instances
       gce:
         service_account_email: "{{ gce_service_account_email }}"
         pem_file: "{{ gce_pem_file }}"

roles/docker/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 # tasks file for docker
 - name: Install docker
-  yum: pkg=docker
+  yum: pkg=docker-io
 
 - name: enable docker service
   command: /usr/bin/systemctl enable docker.service

roles/kubernetes_apiserver/tasks/main.yml

@@ -9,7 +9,7 @@
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
-    - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_minion_ips | join(",") }}\"' }
+    - { regex: '^KUBE_API_MACHINES=', line: 'KUBE_API_MACHINES=\"{{ oo_node_ips | join(",") }}\"' }
     - { regex: '^KUBE_API_ADDRESS=',  line: 'KUBE_API_ADDRESS=\"0.0.0.0\"' }
   notify:
     - restart kubernetes-apiserver

roles/openshift_master/handlers/main.yml

@@ -1,4 +1,4 @@
 ---
 # handlers file for openshift_master
 - name: restart openshift-master
-  service: name=openshift state=restarted
+  service: name=openshift-master state=restarted

roles/openshift_master/tasks/main.yml

@@ -1,20 +1,19 @@
 ---
 # tasks file for openshift_master
 - name: Install Origin
-  yum: pkg=origin state=installed
+  yum: pkg=openshift-master state=installed
 
-  # fixme: Once openshift stops resolving hostnames for minion queries remove this...
+  # fixme: Once openshift stops resolving hostnames for node queries remove this...
 - name: Set hostname to IP Addr (WORKAROUND)
   command: /usr/bin/hostname {{ oo_bind_ip }}
 
 - name: Configure OpenShift Master settings
   lineinfile:
-    dest: /etc/sysconfig/openshift
+    dest: /etc/sysconfig/openshift-master
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
-    - { regex: '^ROLE=', line: 'ROLE=\"master\"' }
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--nodes={{ oo_minion_ips | join(",") }}  --loglevel=5\"' }
+    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--public-master={{ oo_public_ip }} --nodes={{ oo_node_ips | join(",") }}  --loglevel=5\"' }
   notify:
     - restart openshift-master
 
@@ -31,4 +30,4 @@
   firewalld: port=8080/tcp permanent=true state=enabled
 
 - name: Enable OpenShift
-  service: name=openshift enabled=yes state=started
+  service: name=openshift-master enabled=yes state=started

roles/openshift_minion/defaults/main.yml

@@ -1,2 +0,0 @@
----
-# defaults file for openshift_minion

roles/openshift_minion/handlers/main.yml

@@ -1,4 +0,0 @@
----
-# handlers file for openshift_minion
-- name: restart openshift-minion
-  service: name=openshift state=restarted

roles/openshift_minion/tasks/main.yml

@@ -1,29 +0,0 @@
----
-# tasks file for openshift_minion
-- name: Install OpenShift
-  yum: pkg=origin state=installed
-
-  # fixme: Once openshift stops resolving hostnames for minion queries remove this...
-- name: Set hostname to IP Addr (WORKAROUND)
-  command: /usr/bin/hostname {{ oo_bind_ip }}
-
-- name: Configure OpenShift Minion settings
-  lineinfile:
-    dest: /etc/sysconfig/openshift
-    regexp: "{{ item.regex }}"
-    line: "{{ item.line }}"
-  with_items:
-    - { regex: '^ROLE=', line: 'ROLE=\"node\"' }
-    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080  --loglevel=5\"' }
-  notify:
-    - restart openshift-minion
-
-- name: Open firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=false state=enabled
-
-- name: Save firewalld port for OpenShift
-  firewalld: port=10250/tcp permanent=true state=enabled
-
-- name: Enable OpenShift
-  service: name=openshift enabled=yes state=started
-

roles/openshift_minion/vars/main.yml

@@ -1,2 +0,0 @@
----
-# vars file for openshift_minion

roles/openshift_node/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for openshift_node

roles/openshift_node/files/sysconfig/kubeconfig

@@ -0,0 +1,40 @@
+apiVersion: v1
+clusters:
+- cluster:
+    api-version: v1beta1
+    server: http://cow.org:8080
+  name: cow-cluster
+- cluster:
+    certificate-authority: path/to/my/cafile
+    server: https://horse.org:4443
+  name: horse-cluster
+- cluster:
+    insecure-skip-tls-verify: true
+    server: https://pig.org:443
+  name: pig-cluster
+contexts:
+- context:
+    cluster: horse-cluster
+    namespace: chisel-ns
+    user: green-user
+  name: federal-context
+- context:
+    cluster: pig-cluster
+    namespace: saw-ns
+    user: black-user
+  name: queen-anne-context
+current-context: federal-context
+kind: Config
+preferences:
+  colors: true
+users:
+- name: black-user
+  user:
+    auth-path: path/to/my/existing/.kubernetes_auth_file
+- name: blue-user
+  user:
+    token: blue-token
+- name: green-user
+  user:
+    client-certificate: path/to/my/client/cert
+    client-key: path/to/my/client/key

roles/openshift_node/handlers/main.yml

@@ -0,0 +1,4 @@
+---
+# handlers file for openshift_node
+- name: restart openshift-node
+  service: name=openshift-node state=restarted

roles/openshift_node/tasks/main.yml

@@ -0,0 +1,38 @@
+---
+# tasks file for openshift_node
+- name: Install OpenShift
+  yum: pkg=openshift-node state=installed
+
+  # fixme: Once openshift stops resolving hostnames for node queries remove this...
+- name: Set hostname to IP Addr (WORKAROUND)
+  command: /usr/bin/hostname {{ oo_bind_ip }}
+
+- name: Retrieve OpenShift Master credentials
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' root@{{ oo_master_public_ips[0] }}:/var/lib/openshift/openshift.local.certificates/admin/ /tmp/openshift
+  ignore_errors: yes
+
+- file: path=/var/lib/openshift/openshift.local.certificates/admin state=directory
+
+- name: Store OpenShift Master credentials
+  local_action: command /usr/bin/rsync --compress --archive --rsh 'ssh  -S none -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' /tmp/openshift/ root@{{ oo_public_ip }}:/var/lib/openshift/openshift.local.certificates/admin
+  ignore_errors: yes
+
+- name: Configure OpenShift Node settings
+  lineinfile:
+    dest: /etc/sysconfig/openshift-node
+    regexp: "{{ item.regex }}"
+    line: "{{ item.line }}"
+  with_items:
+    - { regex: '^OPTIONS=', line: 'OPTIONS=\"--master=http://{{ oo_master_ips[0] }}:8080  --loglevel=5\"' }
+  notify:
+    - restart openshift-node
+
+- name: Open firewalld port for OpenShift
+  firewalld: port=10250/tcp permanent=false state=enabled
+
+- name: Save firewalld port for OpenShift
+  firewalld: port=10250/tcp permanent=true state=enabled
+
+- name: Enable OpenShift
+  service: name=openshift-node enabled=yes state=started
+

roles/openshift_node/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for openshift_node

roles/repos/files/oso-rhui-rhel-7-server.repo

@@ -1,13 +1,45 @@
-[oso-rhel-7-server]
-name=Red Hat Enterprise Linux 7 Server from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases
+[oso-rhui-rhel-server-releases]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases/
 enabled=1
 gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
 
-[oso-rhel-7-server-optional]
-name=Red Hat Enterprise Linux 7 Server - Optional from RHUI (RPMs)
-baseurl=http://10.240.169.148/mirror/rhui-rhel-server-7-releases-optional
+[oso-rhui-rhel-server-releases-optional]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux $majorrelease - Optional
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-releases-optional/
 enabled=1
 gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+gpgkey=file:///srv/libra/keys/RPM-GPG-KEY-redhat-release
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+
+[oso-rhui-rhel-server-extras-htb]
+name=OpenShift Online RHUI Mirror RH Enterprise Linux - Extras HTB
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+        https://mirror.ops.rhcloud.com/libra/rhui-rhel-server-$majorrelease-extras-htb/
+enabled=0
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem

roles/repos/tasks/main.yaml

@@ -10,4 +10,7 @@
   copy: src=epel7-kubernetes.repo dest=/etc/yum.repos.d/epel7-kubernetes.repo
 
 - name: Ensure the origin repo is available
-  copy: src=epel7-origin.repo dest=/etc/yum.repos.d/epel7-origin.repo
+  copy: src=epel7-openshift.repo dest=/etc/yum.repos.d/epel7-openshift.repo
+
+- name: Ensure the rhel repo is available
+  copy: src=oso-rhui-rhel-7-server.repo dest=/etc/yum.repos.d/oso-rhui-rhel-7-server.repo