Run DNS and RHN tasks on new masters only

The master-scaleup playbook now runs nsupdate and system subscription tasks
only on the newly-added nodes.

The DNS tasks had to be reworked to support this.

playbooks/openstack/openshift-cluster/master-scaleup.yml

@@ -11,17 +11,63 @@
       openshift_openstack_existing: "{{ groups }}"
 
 - name: Create the new OpenStack resources
-  import_playbook: provision.yml
+  import_playbook: provision_resources.yml
 
 - name: Set the new_nodes and new_masters groups
   import_playbook: evaluate_groups.yml
 
-# TODO: run DNS update and RHEL registration only on new_nodes here. That
-# means we can call `provision_resources.yml` above.
+- name: Evaluate remaining cluster groups
+  import_playbook: ../../init/evaluate_groups.yml
+
+- name: Wait for the new nodes and gather their facts
+  any_errors_fatal: true
+  hosts: new_nodes:new_masters:new_etcd
+  become: yes
+  # NOTE: The nodes may not be up yet, don't gather facts here.
+  # They'll be collected after `wait_for_connection`.
+  gather_facts: no
+  tasks:
+  - name: Wait for the the new nodes to come up
+    wait_for_connection:
+
+  - name: Gather facts for the new nodes
+    setup:
+
+
+- name: Populate the DNS entries for the new nodes
+  any_errors_fatal: true
+  hosts: localhost
+  tasks:
+  - name: Add DNS records for the newly created nodes
+    import_role:
+      name: openshift_openstack
+      tasks_from: populate-dns.yml
+    vars:
+      l_openshift_openstack_dns_update_nodes: "{{ groups.new_nodes }}"
+    when:
+    - openshift_openstack_external_nsupdate_keys is defined
+    - openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined
+
+- import_playbook: ../../init/basic_facts.yml
+
+- name: Optionally subscribe the RHEL nodes
+  any_errors_fatal: true
+  hosts: new_nodes:new_masters:new_etcd
+  become: yes
+  gather_facts: yes
+  tasks:
+  - name: Subscribe RHEL instances
+    import_role:
+      name: rhel_subscribe
+    when:
+    - ansible_distribution == "RedHat"
+    - rhsub_user is defined
+    - rhsub_pass is defined
 
 - name: Configure the new OpenStack nodes
   import_playbook: configure-new-nodes.yml
 
+
 - import_playbook: ../../prerequisites.yml
   vars:
     l_scale_up_hosts: "oo_nodes_to_config:oo_masters_to_config"
@@ -34,3 +80,6 @@
     l_openshift_version_set_hosts: "oo_masters_to_config:oo_nodes_to_config:!oo_first_master"
 
 - import_playbook: ../../openshift-master/private/scaleup.yml
+
+- name: Show information about the deployed cluster
+  import_playbook: cluster-info.yml

playbooks/openstack/openshift-cluster/provision.yml

@@ -30,10 +30,12 @@
   any_errors_fatal: true
   hosts: localhost
   tasks:
-  - name: Populate DNS entries
+  - name: Add the DNS records
     import_role:
       name: openshift_openstack
       tasks_from: populate-dns.yml
+    vars:
+      l_openshift_openstack_dns_update_nodes: "{{ groups.OSEv3 }}"
     when:
     - openshift_openstack_external_nsupdate_keys is defined
     - openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined

playbooks/openstack/openshift-cluster/uninstall.yml

@@ -24,7 +24,10 @@
   - name: Clean DNS entries
     import_role:
       name: openshift_openstack
-      tasks_from: clean-dns.yml
+      tasks_from: populate-dns.yml
+    vars:
+      l_openshift_openstack_dns_update_nodes: "{{ groups.OSEv3 }}"
+      l_dns_record_state: absent
     when:
     - openshift_openstack_external_nsupdate_keys is defined
     - openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined

roles/openshift_openstack/tasks/clean-dns.yml

@@ -1,22 +0,0 @@
----
-- name: Generate DNS records
-  include_tasks: generate-dns.yml
-
-- name: "Remove DNS A records"
-  nsupdate:
-    key_name: "{{ item.0.key_name }}"
-    key_secret: "{{ item.0.key_secret }}"
-    key_algorithm: "{{ item.0.key_algorithm }}"
-    server: "{{ item.0.server }}"
-    zone: "{{ item.0.zone }}"
-    record: "{{ item.1.fqdn | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
-    value: "{{ item.1.ip }}"
-    type: "{{ item.1.type }}"
-    state: absent
-  with_subelements:
-    - "{{ openshift_openstack_dns_records | default([]) }}"
-    - entries
-  register: nsupdate_remove_result
-  until: nsupdate_remove_result is succeeded
-  retries: 10
-  delay: 1

roles/openshift_openstack/tasks/generate-dns.yml

@@ -1,111 +0,0 @@
----
-- name: "Generate list of private A records"
-  set_fact:
-    private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'fqdn': hostvars[item]['ansible_hostname'] + openshift_openstack_private_hostname_suffix + '.' + openshift_openstack_full_dns_domain, 'ip': hostvars[item]['private_v4'] } ] }}"
-  with_items: "{{ groups['OSEv3'] }}"
-  when:
-    - hostvars[item]['private_v4'] is defined
-    - hostvars[item]['private_v4'] is not none
-    - hostvars[item]['private_v4'] | string
-
-- name: "Add wildcard records to the private A records for infrahosts"
-  set_fact:
-    private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'fqdn': '*.' + hostvars[groups.masters[0]].openshift_master_default_subdomain, 'ip': hostvars[item]['private_v4'] } ] }}"
-  with_items: "{{ groups['openstack_infra_nodes'] }}"
-  when:
-    - groups.masters
-    - hostvars[groups.masters[0]].openshift_master_default_subdomain is defined
-    - openshift_openstack_public_router_ip is defined
-    - openshift_openstack_public_router_ip is not none
-    - openshift_openstack_public_router_ip | string
-
-- debug: var=openshift_openstack_private_api_ip
-- name: "Add public master cluster hostname records to the private A records"
-  set_fact:
-    private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'fqdn': hostvars[groups.masters[0]].openshift_master_cluster_public_hostname, 'ip': openshift_openstack_private_api_ip } ] }}"
-  when:
-    - groups.masters
-    - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
-    - openshift_openstack_private_api_ip is defined
-    - openshift_openstack_private_api_ip is not none
-    - openshift_openstack_private_api_ip | string
-
-- name: "Set the private DNS server to use the external value (if provided)"
-  set_fact:
-    nsupdate_server_private: "{{ openshift_openstack_external_nsupdate_keys['private']['server'] }}"
-    nsupdate_key_secret_private: "{{ openshift_openstack_external_nsupdate_keys['private']['key_secret'] }}"
-    nsupdate_key_algorithm_private: "{{ openshift_openstack_external_nsupdate_keys['private']['key_algorithm'] }}"
-    nsupdate_private_key_name: "{{ openshift_openstack_external_nsupdate_keys['private']['key_name'] }}"
-  when:
-    - openshift_openstack_external_nsupdate_keys['private'] is defined
-
-
-- name: "Generate the private Add section for DNS"
-  set_fact:
-    private_named_records:
-      - view: "private"
-        zone: "{{ openshift_openstack_nsupdate_zone }}"
-        server: "{{ nsupdate_server_private }}"
-        key_name: "{{ nsupdate_private_key_name }}"
-        key_secret: "{{ nsupdate_key_secret_private }}"
-        key_algorithm: "{{ nsupdate_key_algorithm_private | lower }}"
-        entries: "{{ private_records }}"
-  when:
-    - openshift_openstack_external_nsupdate_keys['private'] is defined
-    - private_records is defined
-
-- name: "Generate list of public A records"
-  set_fact:
-    public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'fqdn': hostvars[item]['ansible_hostname'] + openshift_openstack_public_hostname_suffix + '.' + openshift_openstack_full_dns_domain, 'ip': hostvars[item]['public_v4'] } ] }}"
-  with_items: "{{ groups['OSEv3'] }}"
-  when:
-    - hostvars[item]['public_v4'] is defined
-    - hostvars[item]['public_v4'] | string
-
-- name: "Add wildcard record to the public A records"
-  set_fact:
-    public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'fqdn': '*.' + hostvars[groups.masters[0]].openshift_master_default_subdomain, 'ip': openshift_openstack_public_router_ip } ] }}"
-  when:
-    - groups.masters
-    - hostvars[groups.masters[0]].openshift_master_default_subdomain is defined
-    - openshift_openstack_public_router_ip is defined
-    - openshift_openstack_public_router_ip is not none
-    - openshift_openstack_public_router_ip | string
-
-- name: "Add the public API entry point record"
-  set_fact:
-    public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'fqdn': hostvars[groups.masters[0]].openshift_master_cluster_public_hostname, 'ip': openshift_openstack_public_api_ip } ] }}"
-  when:
-    - groups.masters
-    - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
-    - openshift_openstack_public_api_ip is defined
-    - openshift_openstack_public_api_ip is not none
-    - openshift_openstack_public_api_ip | string
-
-- name: "Set the public DNS server details to use the external value (if provided)"
-  set_fact:
-    nsupdate_server_public: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}"
-    nsupdate_key_secret_public: "{{ openshift_openstack_external_nsupdate_keys['public']['key_secret'] }}"
-    nsupdate_key_algorithm_public: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] }}"
-    nsupdate_public_key_name: "{{ openshift_openstack_external_nsupdate_keys['public']['key_name'] }}"
-  when:
-    - openshift_openstack_external_nsupdate_keys['public'] is defined
-
-- name: "Generate the public Add section for DNS"
-  set_fact:
-    public_named_records:
-      - view: "public"
-        zone: "{{ openshift_openstack_nsupdate_zone }}"
-        server: "{{ nsupdate_server_public }}"
-        key_name: "{{ nsupdate_public_key_name }}"
-        key_secret: "{{ nsupdate_key_secret_public }}"
-        key_algorithm: "{{ nsupdate_key_algorithm_public | lower }}"
-        entries: "{{ public_records }}"
-  when:
-    - openshift_openstack_external_nsupdate_keys['public'] is defined
-    - public_records is defined
-
-
-- name: "Generate the final openshift_openstack_dns_records"
-  set_fact:
-    openshift_openstack_dns_records: "{{ private_named_records|default([]) + public_named_records|default([]) }}"

roles/openshift_openstack/tasks/populate-dns.yml

@@ -1,22 +1,91 @@
 ---
-- name: Generate DNS records
-  include_tasks: generate-dns.yml
+- name: Add private node records
+  nsupdate:
+    key_name: "{{ openshift_openstack_external_nsupdate_keys['private']['key_name'] }}"
+    key_secret: "{{ openshift_openstack_external_nsupdate_keys['private']['key_secret'] }}"
+    key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['private']['key_algorithm'] | lower }}"
+    server: "{{ openshift_openstack_external_nsupdate_keys['private']['server'] }}"
+    zone: "{{ openshift_openstack_nsupdate_zone }}"
+    record: "{{ hostvars[item]['ansible_hostname'] + openshift_openstack_private_hostname_suffix + '.' + openshift_openstack_full_dns_domain | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
+    value: "{{ hostvars[item]['private_v4'] }}"
+    type: "A"
+    state: "{{ l_dns_record_state | default('present') }}"
+  with_items: "{{ l_openshift_openstack_dns_update_nodes }}"
+  register: nsupdate_add_result
+  until: nsupdate_add_result is succeeded
+  retries: 10
+  when:
+    - openshift_openstack_external_nsupdate_keys['private'] is defined
+    - hostvars[item]['private_v4'] is defined
+    - hostvars[item]['private_v4'] is not none
+    - hostvars[item]['private_v4'] | string
+  delay: 1
+
+
+- name: Add public node records
+  nsupdate:
+    key_name: "{{ openshift_openstack_external_nsupdate_keys['public']['key_name'] }}"
+    key_secret: "{{ openshift_openstack_external_nsupdate_keys['public']['key_secret'] }}"
+    key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] | lower }}"
+    server: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}"
+    zone: "{{ openshift_openstack_nsupdate_zone }}"
+    record: "{{ hostvars[item]['ansible_hostname'] + openshift_openstack_public_hostname_suffix + '.' + openshift_openstack_full_dns_domain | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
+    value: "{{ hostvars[item]['public_v4'] }}"
+    type: "A"
+    state: "{{ l_dns_record_state | default('present') }}"
+  with_items: "{{ l_openshift_openstack_dns_update_nodes }}"
+  register: nsupdate_add_result
+  until: nsupdate_add_result is succeeded
+  retries: 10
+  when:
+    - openshift_openstack_external_nsupdate_keys['public'] is defined
+    - hostvars[item]['public_v4'] is defined
+    - hostvars[item]['public_v4'] is not none
+    - hostvars[item]['public_v4'] | string
+  delay: 1
+
+- name: Add public wildcard record
+  nsupdate:
+    key_name: "{{ openshift_openstack_external_nsupdate_keys['public']['key_name'] }}"
+    key_secret: "{{ openshift_openstack_external_nsupdate_keys['public']['key_secret'] }}"
+    key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] | lower }}"
+    server: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}"
+    zone: "{{ openshift_openstack_nsupdate_zone }}"
+    record: "{{ '*.' + hostvars[groups.masters[0]].openshift_master_default_subdomain | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
+    value: "{{ openshift_openstack_public_router_ip }}"
+    type: "A"
+    state: "{{ l_dns_record_state | default('present') }}"
+  register: nsupdate_add_result
+  until: nsupdate_add_result is succeeded
+  retries: 10
+  delay: 1
+  when:
+    - openshift_openstack_external_nsupdate_keys['public'] is defined
+    - groups.masters
+    - hostvars[groups.masters[0]].openshift_master_default_subdomain is defined
+    - openshift_openstack_public_router_ip is defined
+    - openshift_openstack_public_router_ip is not none
+    - openshift_openstack_public_router_ip | string
+
 
-- name: "Add DNS A records"
+- name: Add public API record
   nsupdate:
-    key_name: "{{ item.0.key_name }}"
-    key_secret: "{{ item.0.key_secret }}"
-    key_algorithm: "{{ item.0.key_algorithm }}"
-    server: "{{ item.0.server }}"
-    zone: "{{ item.0.zone }}"
-    record: "{{ item.1.fqdn | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
-    value: "{{ item.1.ip }}"
-    type: "{{ item.1.type }}"
-    state: present
-  with_subelements:
-    - "{{ openshift_openstack_dns_records | default([]) }}"
-    - entries
+    key_name: "{{ openshift_openstack_external_nsupdate_keys['public']['key_name'] }}"
+    key_secret: "{{ openshift_openstack_external_nsupdate_keys['public']['key_secret'] }}"
+    key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] | lower }}"
+    server: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}"
+    zone: "{{ openshift_openstack_nsupdate_zone }}"
+    record: "{{ hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace('.' + openshift_openstack_nsupdate_zone, '') }}"
+    value: "{{ openshift_openstack_public_api_ip }}"
+    type: "A"
+    state: "{{ l_dns_record_state | default('present') }}"
   register: nsupdate_add_result
   until: nsupdate_add_result is succeeded
   retries: 10
   delay: 1
+  when:
+    - groups.masters
+    - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
+    - openshift_openstack_public_api_ip is defined
+    - openshift_openstack_public_api_ip is not none
+    - openshift_openstack_public_api_ip | string