Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #3179 from jcantrill/logging_pull_secret

openshift_logging link pull secret to serviceaccounts
Scott Dodson 8 years ago
parent
986dc852f3 0ec048fb99
commit
98d6f51425
3 changed files with 30 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      roles/openshift_logging/README.md
  2. 22 0
      roles/openshift_logging/tasks/install_logging.yaml
  3. 7 0
      roles/openshift_logging/tasks/oc_secret.yaml

+ 1 - 0
roles/openshift_logging/README.md
View File 

@@ -36,6 +36,7 @@ When both `openshift_logging_install_logging` and `openshift_logging_upgrade_log
 
 - `openshift_logging_curator_cpu_limit`: The amount of CPU to allocate to Curator. Default is '100m'.
 
 - `openshift_logging_curator_memory_limit`: The amount of memory to allocate to Curator. Unset if not specified.
 
 - `openshift_logging_curator_nodeselector`: A map of labels (e.g. {"node":"infra","region":"west"} to select the nodes where the curator pod will land.
 
+- `openshift_logging_image_pull_secret`: The name of an existing pull secret to link to the logging service accounts
 
 
 - `openshift_logging_kibana_hostname`: The Kibana hostname. Defaults to 'kibana.example.com'.
 
 - `openshift_logging_kibana_cpu_limit`: The amount of CPU to allocate to Kibana or unset if not specified.

+ 22 - 0
roles/openshift_logging/tasks/install_logging.yaml
View File 

@@ -57,6 +57,28 @@
 
     loop_var: file
 
   when: ansible_check_mode
 
 
+  # TODO replace task with oc_secret module that supports
 
+  # linking when available
 
+- name: Link Pull Secrets With Service Accounts
 
+  include: oc_secret.yaml
 
+  vars:
 
+    kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig"
 
+    subcommand: link
 
+    service_account: "{{sa_account}}"
 
+    secret_name: "{{openshift_logging_image_pull_secret}}"
 
+    add_args: "--for=pull"
 
+  with_items:
 
+    - default
 
+    - aggregated-logging-elasticsearch
 
+    - aggregated-logging-kibana
 
+    - aggregated-logging-fluentd
 
+    - aggregated-logging-curator
 
+  register: link_pull_secret
 
+  loop_control:
 
+    loop_var: sa_account
 
+  when: openshift_logging_image_pull_secret is defined
 
+  failed_when: link_pull_secret.rc != 0
 
+
 
 - name: Scaling up cluster
 
   include: start_cluster.yaml
 
   when: start_cluster | default(true) | bool

+ 7 - 0
roles/openshift_logging/tasks/oc_secret.yaml
View File 

@@ -0,0 +1,7 @@
 
+---
 
+- command: >
 
+    {{ openshift.common.client_binary }}
 
+    --config={{ kubeconfig }}
 
+    secret {{subcommand}} {{service_account}} {{secret_name}}
 
+    {{add_args}}
 
+    -n {{openshift_logging_namespace}}