Various fixes

- playbooks/gce/openshift-cluster:
  - Remove some stray debugging statements
  - Some minor formatting fixes
    - removing un-necessary quotes
    - cleaning up some jinja templates for readability
  - add a play to the launch playbook to apply the os_update_latest role on
    all hosts in the new environment
  - improve setting groups and gce_public_ip when using add_host module
    - set gce_public_ip as a variable for the host using the returned gce instance_data
    - add a group for each tag configured on the host (pre-pending tag_ to the
      tag name)
  - update the openshift-master/config.yml and openshift-node/config.yml
    includes to use the tag_env-host-type groups

- openshift-{master,node}/config.yml
  - Some cleanup
    - remove some extraneous quotes
    - remove connection: ssh from remote hosts, since it is the default
    - remove user: root and instead set ansible_ssh_user in
      inventory/gce/group_vars/all
    - set openshift_public_ip and openshift_env to templated values in
      inventory/gce/group_vars/all as well
    - no longer set openshift_node_ips for the master host, since nodes will
      register themselves now when they are configured (prevent reboot on
      adding nodes)
    - move setting openshift_master_ips and openshift_public_master_ips using
      set_fact and instead use the vars: of the 'Configure Instances' play

inventory/gce/group_vars/all

@@ -0,0 +1,4 @@
+---
+ansible_ssh_user: root
+openshift_public_ip: "{{ gce_public_ip }}"
+openshift_env: "{{ oo_env }}"

playbooks/gce/openshift-cluster/launch.yml

@@ -3,21 +3,19 @@
   hosts: localhost
   connection: local
   gather_facts: no
-
   vars_files:
       - vars.yml
-
   tasks:
     - set_fact: k8s_type="master"
 
-    - name: "Generate master instance names(s)"
-      set_fact: scratch="{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' |format( 1048576 |random) }}"
+    - name: Generate master instance names(s)
+      set_fact: scratch={{ cluster_id }}-{{ k8s_type }}-{{ '%05x' |format( 1048576 |random) }}
       register: instance_names_output
       with_sequence: start=1 end={{ masters }}
 
     # These set_fact's cannot be combined
     - set_fact:
-        instance_names_string: "{% for item in instance_names_output.results %}{{item.ansible_facts.scratch}} {% endfor %}"
+        instance_names_string: "{% for item in instance_names_output.results %}{{ item.ansible_facts.scratch }} {% endfor %}"
 
     - set_fact:
         master_names: "{{ instance_names_string.strip().split(' ') }}"
@@ -31,14 +29,14 @@
 
     - set_fact: k8s_type="node"
 
-    - name: "Generate node instance names(s)"
-      set_fact: scratch="{{ cluster_id }}-{{ k8s_type }}-{{ '%05x' |format( 1048576 |random) }}"
+    - name: Generate node instance names(s)
+      set_fact: scratch={{ cluster_id }}-{{ k8s_type }}-{{ '%05x' |format( 1048576 |random) }}
       register: instance_names_output
       with_sequence: start=1 end={{ nodes }}
 
     # These set_fact's cannot be combined
     - set_fact:
-        instance_names_string: "{% for item in instance_names_output.results %}{{item.ansible_facts.scratch}} {% endfor %}"
+        instance_names_string: "{% for item in instance_names_output.results %}{{ item.ansible_facts.scratch }} {% endfor %}"
 
     - set_fact:
         node_names: "{{ instance_names_string.strip().split(' ') }}"
@@ -48,15 +46,17 @@
         instances: "{{ node_names }}"
         cluster: "{{ cluster_id }}"
         type: "{{ k8s_type }}"
-        group_name: "tag_env-host-type-{{ cluster_id }}-openshift-node"
 
+- hosts: "tag_env-{{ cluster_id }}"
+  roles:
+  - os_update_latest
 
 - include: ../openshift-master/config.yml
   vars:
-    oo_host_group_exp: "{{ master_names }}"
+    oo_host_group_exp: "groups[\"tag_env-host-type-{{ cluster_id }}-openshift-master\"]"
     oo_env: "{{ cluster_id }}"
 
 - include: ../openshift-node/config.yml
   vars:
-    oo_host_group_exp: "{{ node_names }}"
+    oo_host_group_exp: "groups[\"tag_env-host-type-{{ cluster_id }}-openshift-node\"]"
     oo_env: "{{ cluster_id }}"

playbooks/gce/openshift-cluster/launch_instances.yml

@@ -19,15 +19,17 @@
   register: gce
 
 - name: Add new instances public IPs
-  add_host: "hostname={{ item.name }} ansible_ssh_host={{ item.public_ip }} groups={{ group_name }}"
+  add_host:
+    hostname: "{{ item.name }}"
+    ansible_ssh_host: "{{ item.public_ip }}"
+    groups: "{{ item.tags | oo_prepend_strings_in_list('tag_') | join(',') }}"
+    gce_public_ip: "{{ item.public_ip }}"
   with_items: gce.instance_data
 
 - name: Wait for ssh
   wait_for: "port=22 host={{ item.public_ip }}"
   with_items: gce.instance_data
 
-- debug: var=gce
-
 - name: Wait for root user setup
   command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup"
   register: result

playbooks/gce/openshift-master/config.yml

@@ -1,50 +1,20 @@
-- name: "master/config.yml, populate oo_hosts_to_config host group if needed"
+- name: master/config.yml, populate oo_masters_to_config host group if needed
   hosts: localhost
   gather_facts: no
   tasks:
   - name: "Evaluate oo_host_group_exp if it's set"
-    add_host: "name={{ item }} groups=oo_hosts_to_config"
+    add_host: "name={{ item }} groups=oo_masters_to_config"
     with_items: "{{ oo_host_group_exp | default('') }}"
     when: oo_host_group_exp is defined
 
 - name: "Gather facts for nodes in {{ oo_env }}"
   hosts: "tag_env-host-type-{{ oo_env }}-openshift-node"
-  connection: ssh
-  user: root
-
-- name: "Retrieve public ip"
-  hosts: oo_hosts_to_config
-  connection: ssh
-  user: root
-  gather_facts: yes
-  tasks:
-    - command: 'curl "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip" -H "Metadata-Flavor: Google"'
-      register: output
-    - set_fact: gce_public_ip="{{ output.stdout }}"
-
-- name: "Set Origin specific facts on localhost (for later use)"
-  hosts: localhost
-  gather_facts: no
-  tasks:
-    - name: Setting openshift_node_ips fact on localhost
-      set_fact:
-        openshift_node_ips: "{{ hostvars
-            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-node'])
-            | oo_collect(attribute='ansible_default_ipv4.address') }}"
-      when: groups['tag_env-host-type-' + oo_env + '-openshift-node'] is defined
 
 - name: "Configure instances"
-  hosts: oo_hosts_to_config
-  connection: ssh
-  user: root
+  hosts: oo_masters_to_config
   vars_files:
-    - vars.yml
+  - vars.yml
   roles:
-    - {
-        role: openshift_master,
-        openshift_node_ips: "{{ hostvars['localhost'].openshift_node_ips | default(['']) }}",
-        openshift_public_ip: "{{ gce_public_ip }}",
-        openshift_env: "{{ oo_env }}",
-      }
+    - openshift_master
     - pods
     - os_env_extras

playbooks/gce/openshift-node/config.yml

@@ -1,56 +1,124 @@
-- name: "node/config.yml, populate oo_hosts_to_config host group if needed"
+- name: node/config.yml, populate oo_nodes_to_config host group if needed
   hosts: localhost
   gather_facts: no
   tasks:
   - name: Evaluate oo_host_group_exp
-    add_host: "name={{ item }} groups=oo_hosts_to_config"
+    add_host: "name={{ item }} groups=oo_nodes_to_config"
     with_items: "{{ oo_host_group_exp | default('') }}"
     when: oo_host_group_exp is defined
+ - name: Find masters for env
+    add_host: "name={{ item }} groups=oo_masters_for_node_config"
+    with_items: groups['tag_env-host-type-' + oo_env + '-openshift-master']
 
-- name: "Gather facts for masters in {{ oo_env }}"
+- name: Gather facts for masters in {{ oo_env }}
   hosts: "tag_env-host-type-{{ oo_env }}-openshift-master"
-  connection: ssh
-  user: root
-  gather_facts: yes
   tasks:
-    - command: 'curl "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip" -H "Metadata-Flavor: Google"'
-      register: output
-    - set_fact: gce_public_ip="{{ output.stdout }}"
+  - set_fact:
+      openshift_master_ip: "{{ openshift_ip }}"
+      openshift_master_api_url: "{{ openshift_api_url }}"
+      openshift_master_webui_url: "{{ openshift_webui_url }}"
+      openshift_master_hostname: "{{ openshift_hostname }}"
+      openshift_master_public_ip: "{{ openshift_public_ip }}"
+      openshift_master_api_public_url: "{{ openshift_api_public_url }}"
+      openshift_master_webui_public_url: "{{ openshift_webui_public_url }}"
+      openshift_master_public_hostnames: "{{ openshift_public_hostname }}"
 
-- name: "Set OO sepcific facts on localhost (for later use)"
-  hosts: localhost
-  gather_facts: no
+- name: Gather facts for hosts to configure
+  hosts: tag_env-host-type-{{ oo_env }}-openshift-node
   tasks:
-    - name: Setting openshift_master_ips fact on localhost
-      set_fact:
-        openshift_master_ips: "{{ hostvars
-            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-master'])
-            | oo_collect(attribute='ansible_default_ipv4.address') }}"
-      when: groups['tag_env-host-type-' + oo_env + '-openshift-master'] is defined
-    - name: Setting openshift_master_public_ips fact on localhost
-      set_fact:
-        openshift_master_public_ips: "{{ hostvars
-            | oo_select_keys(groups['tag_env-host-type-' + oo_env + '-openshift-master'])
-            | oo_collect(attribute='gce_public_ip') }}"
-      when: groups['tag_env-host-type-' + oo_env + '-openshift-master'] is defined
-
-- name: "Configure instances"
-  hosts: oo_hosts_to_config
-  connection: ssh
-  user: root
-  vars_files:
-    - vars.yml
+  - set_fact:
+      openshift_node_hostname: "{{ openshift_hostname }}"
+      openshift_node_name: "{{ openshift_hostname }}"
+      openshift_node_cpu: "{{ openshift_node_cpu if openshift_node_cpu else ansible_processor_cores }}"
+      openshift_node_memory: "{{ openshift_node_memory if openshift_node_memory else (ansible_memtotal_mb|int * 1024 * 1024 * 0.75)|int }}"
+      openshift_node_pod_cidr: "{{ openshift_node_pod_cidr if openshift_node_pod_cidr else None }}"
+      openshift_node_host_ip: "{{ openshift_ip }}"
+      openshift_node_labels: "{{ openshift_node_labels if openshift_node_labels else {} }}"
+      openshift_node_annotations: "{{ openshift_node_annotations if openshift_node_annotations else {} }}"
 
+- name: Register nodes
+  hosts: tag_env-host-type-{{ oo_env }}-openshift-master[0]
+  vars:
+    openshift_node_group: tag_env-host-type-{{ oo_env }}-openshift-node
+    openshift_nodes: "{{ hostvars
+          | oo_select_keys(groups[openshift_node_group]) }}"
+    openshift_master_group: tag_env-host-type-{{ oo_env }}-openshift-master
+    openshift_master_urls: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_api_url') }}"
+    openshift_master_public_urls: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_api_public_url') }}"
+  pre_tasks:
+  roles:
+  - openshift_register_nodes
   tasks:
-    - debug: var=gce_public_ip
+  - name: Create local temp directory for syncing certs
+    local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
+    register: mktemp
 
+  - name: Sync master certs to localhost
+    synchronize:
+      mode: pull
+      checksum: yes
+      src: /var/lib/openshift/openshift.local.certificates
+      dest: "{{ mktemp.stdout }}"
+
+# TODO: sync generated certs between masters
+#
+- name: Configure instances
+  hosts: oo_nodes_to_config
+  vars_files:
+  - vars.yml
+  vars:
+    openshift_master_group: tag_env-host-type-{{ oo_env }}-openshift-master
+    openshift_master_ips: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_ip') }}"
+    openshift_master_hostnames: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_hostname') }}"
+    openshift_master_public_ips: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_public_ip') }}"
+    openshift_master_public_hostnames: "{{ hostvars
+          | oo_select_keys(groups[openshift_master_group])
+          | oo_collect(attribute='openshift_master_public_hostname') }}"
+    cert_parent_rel_path: openshift.local.certificates
+    cert_rel_path: "{{ cert_parent_rel_path }}/node-{{ openshift_node_name }}"
+    cert_base_path: /var/lib/openshift
+    cert_parent_path: "{{ cert_base_path }}/{{ cert_parent_rel_path }}"
+    cert_path: "{{ cert_base_path }}/{{ cert_rel_path }}"
+  pre_tasks:
+  - name: Ensure certificate directories exists
+    file:
+      path: "{{ item }}"
+      state: directory
+    with_items:
+    - "{{ cert_path }}"
+    - "{{ cert_parent_path }}/ca"
+
+  # TODO: only sync to a node if it's certs have been updated
+  # TODO: notify restart openshift-node and/or restart openshift-sdn-node,
+  # possibly test service started time against certificate/config file
+  # timestamps in openshift-node or openshift-sdn-node to trigger notify
+  # TODO: also copy ca cert: /var/lib/openshift/openshift.local.certificates/ca/cert.crt
+  - name: Sync certs to nodes
+    synchronize:
+      checksum: yes
+      src: "{{ item.src }}"
+      dest: "{{ item.dest }}"
+      owner: no
+      group: no
+    with_items:
+    - src: "{{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }}/{{ cert_rel_path }}"
+      dest: "{{ cert_parent_path }}"
+    - src: "{{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }}/{{ cert_parent_rel_path }}/ca/cert.crt"
+      dest: "{{ cert_parent_path }}/ca/cert.crt"
+  - local_action: file name={{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }} state=absent
+    run_once: true
   roles:
-    - {
-        role: openshift_node,
-        openshift_master_ips: "{{ hostvars['localhost'].openshift_master_ips | default(['']) }}",
-        openshift_master_public_ips: "{{ hostvars['localhost'].openshift_master_public_ips | default(['']) }}",
-        openshift_public_ip: "{{ gce_public_ip }}",
-        openshift_env: "{{ oo_env }}",
-      }
-    - docker
+    - openshift_node
     - os_env_extras
+    - os_env_extras_node
+