Add possibility to enable Persistent Local Storage using Ansible

inventory/hosts.example

@@ -619,6 +619,11 @@ debug_level=2
 # openshift_storageclass_name=gp2
 # openshift_storageclass_parameters={'type': 'gp2', 'encrypted': 'false'}
 #
+# PersistentLocalStorage
+# If Persistent Local Storage is wanted, this boolean can be defined to True.
+# This will create all necessary configuration to use persistent storage on nodes.
+#openshift_persistentlocalstorage_enabled=False
+#openshift_persistentlocalstorage_classes=[]
 
 # Logging deployment
 #

playbooks/openshift-hosted/private/create_persistent_volumes.yml

@@ -3,3 +3,26 @@
   hosts: oo_first_master
   roles:
   - role: openshift_persistent_volumes
+
+- name: Create Hosted Resources - Persistent Local Storage Provider
+  hosts: oo_first_master
+  vars:
+    persistentlocalstorage_project: "{{ openshift_persistentlocalstorage_project | default('local-storage') }}"
+    persistentlocalstorage_classes: "{{ openshift_persistentlocalstorage_classes | default([]) }}"
+  roles:
+  - role: openshift_persistentlocalstorage
+    when: openshift_persistentlocalstorage_enabled | bool
+
+- name: Create Hosted Resources - Persistent Local Storage Classes
+  hosts: nodes
+  tasks:
+  - name: Create Persistent Local Storage Classes Directories
+    file:
+      path: "/mnt/local-storage/{{ item }}"
+      owner: root
+      group: root
+      mode: 0770
+      state: directory
+      setype: svirt_sandbox_file_t
+    with_items: "{{ openshift_persistentlocalstorage_classes }}"
+    when: openshift_persistentlocalstorage_classes | default([]) | length > 0 and openshift_persistentlocalstorage_enabled | bool

roles/openshift_control_plane/README.md

@@ -25,6 +25,7 @@ From this role:
 | openshift_master_console_port                     | UNDEF                 |                                                                               |
 | openshift_master_api_url                          | UNDEF                 |                                                                               |
 | openshift_master_console_url                      | UNDEF                 |                                                                               |
+| openshift_persistentlocalstorage_enabled          | false                 | Enable the persistent local storage                                           |
 | openshift_master_public_api_url                   | UNDEF                 |                                                                               |
 | openshift_master_public_console_url               | UNDEF                 |                                                                               |
 | openshift_master_saconfig_limit_secret_references | false                 |                                                                               |

roles/openshift_control_plane/defaults/main.yml

@@ -128,6 +128,8 @@ r_openshift_master_data_dir: "{{ r_openshift_master_data_dir_default }}"
 r_openshift_master_sdn_network_plugin_name_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"
 r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_plugin_name_default }}"
 
+openshift_master_use_persistentlocalvolumes: "{{ openshift_persistentlocalstorage_enabled | default(False) }}"
+
 openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
 openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
 

roles/openshift_control_plane/templates/master.yaml.v1.j2

@@ -82,7 +82,15 @@ kubernetesMasterConfig:
     - etcd3
     storage-media-type:
     - application/vnd.kubernetes.protobuf
+{% if openshift_master_use_persistentlocalvolumes | bool %}
+    feature-gates:
+    - PersistentLocalVolumes=true
+{% endif %}
   controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
+{% if openshift_master_use_persistentlocalvolumes | bool %}
+    feature-gates:
+    - PersistentLocalVolumes=true
+{% endif %}
   masterCount: {{ openshift_master_count | default(groups.oo_masters | length) }}
   masterIP: {{ openshift.common.ip }}
   podEvictionTimeout: {{ openshift_master_pod_eviction_timeout }}

roles/openshift_node/README.md

@@ -15,11 +15,12 @@ Role Variables
 --------------
 From this role:
 
-| Name                         | Default value         |                                                          |
-|------------------------------|-----------------------|----------------------------------------------------------|
-| openshift_node_start_options | UNDEF (Optional)      | Options to pass to node start cmdline                    |
-| oreg_url                     | UNDEF (Optional)      | Default docker registry to use                           |
-| oreg_url_node                | UNDEF (Optional)      | Default docker registry to use, specifically on the node |
+| Name                                     | Default value         |                                                          |
+|------------------------------------------|-----------------------|----------------------------------------------------------|
+| openshift_node_start_options             | UNDEF (Optional)      | Options to pass to node start cmdline                    |
+| oreg_url                                 | UNDEF (Optional)      | Default docker registry to use                           |
+| oreg_url_node                            | UNDEF (Optional)      | Default docker registry to use, specifically on the node |
+| openshift_persistentlocalstorage_enabled | false                 | Enable the persistent local storage                      |
 
 openshift_node_start_options can be used for passing any start node option, e.g.:
 

roles/openshift_node/defaults/main.yml

@@ -230,4 +230,7 @@ openshift_node_config_dir: "{{ openshift_node_config_dir_default }}"
 openshift_node_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
 openshift_node_image_config_latest: "{{ openshift_node_image_config_latest_default }}"
 
+
 openshift_node_use_instance_profiles: False
+
+openshift_node_use_persistentlocalvolumes: "{{ openshift_persistentlocalstorage_enabled | default(False) }}"

roles/openshift_node/templates/node.yaml.v1.j2

@@ -22,6 +22,10 @@ kubeletArguments: {{  l2_openshift_node_kubelet_args  | default(None) | lib_util
   runtime-request-timeout:
   - 10m
 {% endif %}
+{% if openshift_node_use_persistentlocalvolumes | bool %}
+  feature-gates:
+  - PersistentLocalVolumes=true
+{% endif %}
 masterClientConnectionOverrides:
   acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
   contentType: application/vnd.kubernetes.protobuf

roles/openshift_node_group/templates/node-config.yaml.j2

@@ -50,6 +50,10 @@ kubeletArguments:
   - "{{ openshift_node_group_labels | join(',') }}"
   enable-controller-attach-detach:
   - 'true'
+{% if openshift_node_use_persistentlocalvolumes | bool %}
+  feature-gates:
+  - PersistentLocalVolumes=true
+{% endif %}
 masterClientConnectionOverrides:
   acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
   burst: 40

roles/openshift_persistent_volumes/README.md

@@ -42,6 +42,7 @@ Example Playbook
       capacity: "5Gi"
       access_modes:
       - "ReadWriteMany"
+    openshift_persistentlocalstorage_enabled: True
   roles:
   - role: openshift_persistent_volumes
 ```

roles/openshift_persistentlocalstorage/README.md

@@ -0,0 +1,44 @@
+OpenShift Persistent Local Volumes
+==================================
+
+OpenShift Persistent Local Volumes
+
+Requirements
+------------
+
+Role Variables
+--------------
+
+| Name                           | Default value |                                                                           |
+|--------------------------------|---------------|---------------------------------------------------------------------------|
+| persistentlocalstorage_project | local-storage | The namespace where the Persistent Local Volume Provider will be deployed |
+| persistentlocalstorage_classes | []            | Storage classes that will be created                                      |
+
+Dependencies
+------------
+
+
+Example Playbook
+----------------
+
+```
+- name: Create persistent Local Storage Provider
+  hosts: oo_first_master
+  vars:
+    persistentlocalstorage_project: local-storage
+    persistentlocalstorage_classes:
+    - ssd
+    - hdd
+  roles:
+  - role: openshift_persistentlocalstorage
+```
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Diego Abelenda (diego.abelenda@camptocamp.com)

roles/openshift_persistentlocalstorage/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+persistentlocalstorage_project: local-storage
+persistentlocalstorage_classes: []

roles/openshift_persistentlocalstorage/meta/main.yml

@@ -0,0 +1,13 @@
+---
+galaxy_info:
+  author: Diego Abelenda
+  description: OpenShift Persistent Local Volumes
+  company: Camptocamp
+  license: Apache License, Version 2.0
+  min_ansible_version: 1.9
+  platforms:
+  - name: EL
+    versions:
+    - 7
+dependencies:
+- role: lib_openshift

roles/openshift_persistentlocalstorage/tasks/main.yml

@@ -0,0 +1,129 @@
+---
+- name: Create Namespace for Persistent Local Storage
+  oc_project:
+    name: "{{ persistentlocalstorage_project }}"
+    node_selector: ""
+
+- name: Create temp directory for template
+  command: mktemp -d /tmp/openshift-ansible-XXXXXXX
+  register: g_persistentstorage_mktemp
+  changed_when: false
+
+- template:
+    src: local-persistent-volume-config.j2
+    dest: "{{g_persistentstorage_mktemp.stdout}}/local-persistent-volume-config"
+  changed_when: no
+
+- slurp:
+    src: "{{g_persistentstorage_mktemp.stdout}}/local-persistent-volume-config"
+  register: local_persistent_volume_config
+
+- name: Create ConfigMap for Persistent Local Storage Provisioner
+  oc_obj:
+    name: "local-volume-provisioner-config"
+    namespace: "{{ persistentlocalstorage_project }}"
+    kind: ConfigMap
+    content:
+      path: /tmp/cmplspout
+      data: "{{ local_persistent_volume_config.content | b64decode | from_yaml }}"
+
+- name: Create ServiceAccount for Persistent Local Storage Provisioner
+  oc_serviceaccount:
+    name: "local-volume-provisioner"
+    namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Add SecurityContextContraint for Local Storage Provisioner
+  oc_adm_policy_user:
+    user: "system:serviceaccount:{{ persistentlocalstorage_project }}:local-volume-provisioner"
+    namespace: "{{ persistentlocalstorage_project }}"
+    resource_kind: scc
+    resource_name: hostmount-anyuid
+    state: present
+
+- name: Give rights to local-volume-provisioner to manage volumes
+  oc_obj:
+    state: present
+    kind: ClusterRoleBinding
+    name: local-storage:provisioner-pv-binding
+    content:
+      path: /tmp/crblvpout
+      data:
+        apiVersion: v1
+        kind: ClusterRoleBinding
+        metadata:
+          name: local-storage:provisioner-pv-binding
+        roleRef:
+          apiGroup: rbac.authorization.k8s.io
+          kind: ClusterRole
+          name: system:persistent-volume-provisioner
+        subjects:
+        - kind: ServiceAccount
+          name: local-volume-provisioner
+          namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Give rights to local-volume-provisioner to list nodes
+  oc_obj:
+    state: present
+    kind: ClusterRoleBinding
+    name: local-storage:provisioner-node-binding
+    content:
+      path: /tmp/ls-provnode
+      data:
+        apiVersion: v1
+        kind: ClusterRoleBinding
+        metadata:
+          name: local-storage:provisioner-node-binding
+        roleRef:
+          apiGroup: rbac.authorization.k8s.io
+          kind: ClusterRole
+          name: system:node
+        subjects:
+        - kind: ServiceAccount
+          name: local-volume-provisioner
+          namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Create Application Persistent Local Storage Provisioner
+  oc_obj:
+    kind: DaemonSet
+    namespace: "{{ persistentlocalstorage_project }}"
+    state: present
+    name: local-volume-provisioner
+    content:
+      path: /tmp/plsprovout
+      data:
+        apiVersion: extensions/v1beta1
+        kind: DaemonSet
+        metadata:
+          name: local-volume-provisioner
+        spec:
+          template:
+            metadata:
+              labels:
+                app: local-volume-provisioner
+            spec:
+              containers:
+              - env:
+                - name: MY_NODE_NAME
+                  valueFrom:
+                    fieldRef:
+                      apiVersion: v1
+                      fieldPath: spec.nodeName
+                - name: MY_NAMESPACE
+                  valueFrom:
+                    fieldRef:
+                      apiVersion: v1
+                      fieldPath: metadata.namespace
+                - name: VOLUME_CONFIG_NAME
+                  value: local-volume-provisioner-config
+                image: quay.io/external_storage/local-volume-provisioner:v1.0.1
+                name: provisioner
+                securityContext:
+                  runAsUser: 0
+                volumeMounts:
+                - mountPath: /mnt/local-storage
+                  name: local-storage
+              serviceAccountName: local-volume-provisioner
+              volumes:
+              - hostPath:
+                  path: /mnt/local-storage
+                name: local-storage

roles/openshift_persistentlocalstorage/templates/local-persistent-volume-config.j2

@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+data:
+{% for class in persistentlocalstorage_classes %}
+  {{class}}: '{ "hostDir": "/mnt/local-storage/{{ class }}", "mountDir" : "/mnt/local-storage/{{ class }}" }'
+{% endfor %}
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: local-volume-provisioner-config