7 years ago · a64fd19492
--- a/playbooks/openstack/inventory.py
+++ b/playbooks/openstack/inventory.py
@@ -59,6 +59,7 @@ def base_openshift_inventory(cluster_hosts):
 
				     inventory['glusterfs'] = {'hosts': cns}
			
 
				     inventory['dns'] = {'hosts': dns}
			
 
				     inventory['lb'] = {'hosts': load_balancers}
			
 
				+    inventory['localhost'] = {'ansible_connection': 'local'}
			
 
				 
			
 
				     return inventory
			
 
				 
			
@@ -144,10 +145,9 @@ def build_inventory():
 
				 
			
 
				     stout = _get_stack_outputs(cloud)
			
 
				     if stout is not None:
			
 
				-        inventory['_meta']['hostvars']['localhost'] = {
			
 
				-            'openshift_openstack_api_lb_provider': stout['api_lb_provider'],
			
 
				-            'openshift_openstack_api_lb_port_id': stout['api_lb_vip_port_id'],
			
 
				-            'openshift_openstack_api_lb_sg_id': stout['api_lb_sg_id']}
			
 
				+        inventory['localhost']['openshift_openstack_api_lb_provider'] = stout['api_lb_provider']
			
 
				+        inventory['localhost']['openshift_openstack_api_lb_port_id'] = stout['api_lb_vip_port_id']
			
 
				+        inventory['localhost']['openshift_openstack_api_lb_sg_id'] = stout['api_lb_sg_id']
			
 
				         kuryr_vars = _get_kuryr_vars(cloud, stout)
			
 
				         if kuryr_vars:
			
 
				             inventory['OSEv3']['vars'] = kuryr_vars
			
--- a/playbooks/openstack/sample-inventory/group_vars/all.yml
+++ b/playbooks/openstack/sample-inventory/group_vars/all.yml
@@ -35,6 +35,19 @@ openshift_openstack_external_network_name: "public"
 
				 ## You should set the following if you want to use Kuryr/Neutron as your SDN
			
 
				 #openshift_use_kuryr: True
			
 
				 #openshift_use_openshift_sdn: False
			
 
				+
			
 
				+# NOTE: you must uncomment these for Kuryr to work properly as well:
			
 
				+# openshift_master_open_ports:
			
 
				+# - service: dns tcp
			
 
				+#   port: 53/tcp
			
 
				+# - service: dns udp
			
 
				+#   port: 53/udp
			
 
				+# openshift_node_open_ports:
			
 
				+# - service: dns tcp
			
 
				+#   port: 53/tcp
			
 
				+# - service: dns udp
			
 
				+#   port: 53/udp
			
 
				+
			
 
				 #use_trunk_ports: True
			
 
				 #os_sdn_network_plugin_name: cni
			
 
				 #openshift_node_proxy_mode: userspace
			
--- a/roles/openshift_openstack/tasks/node-network.yml
+++ b/roles/openshift_openstack/tasks/node-network.yml
@@ -15,5 +15,4 @@
 
				     name: NetworkManager
			
 
				     state: restarted
			
 
				     enabled: yes
			
 
				-
			
 
				 # TODO(shadower): add the flannel interface tasks from post-provision-openstack.yml
			
--- a/roles/openshift_openstack/tasks/provision.yml
+++ b/roles/openshift_openstack/tasks/provision.yml
@@ -81,17 +81,18 @@
 
				   when:
			
 
				   - stack_create|failed
			
 
				 
			
 
				+- name: Add the new nodes to the inventory
			
 
				+  meta: refresh_inventory
			
 
				+
			
 
				 - name: Legacy LBaaSv2 SG OpenShift API correction
			
 
				   os_port:
			
 
				     state: present
			
 
				-    name: openshift_openstack_api_lb_port_id
			
 
				-    security_groups: openshift_openstack_api_lb_sg_id
			
 
				+    name: "{{ openshift_openstack_api_lb_port_id }}"
			
 
				+    security_groups:
			
 
				+    - "{{ openshift_openstack_api_lb_sg_id }}"
			
 
				   when:
			
 
				   - openshift_openstack_api_lb_provider == "haproxy"
			
 
				 
			
 
				-- name: Add the new nodes to the inventory
			
 
				-  meta: refresh_inventory
			
 
				-
			
 
				 - name: CleanUp
			
 
				   include_tasks: cleanup.yml
			
 
				   when:
			
--- a/roles/openshift_openstack/templates/heat_stack.yaml.j2
+++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2
@@ -73,7 +73,7 @@ outputs:
 
				 
			
 
				   api_lb_vip_port_id:
			
 
				     description: Id of the OpenShift API load balancer VIP port
			
 
				-    value: { get_resource: api_lb }
			
 
				+    value: { get_attr: [api_lb, vip_port_id] }
			
 
				 
			
 
				   api_lb_sg_id:
			
 
				     description: Security Group Id of the OpenShift API load balancer VIP port
			
@@ -516,6 +516,15 @@ resources:
 
				           params:
			
 
				             cluster_id: {{ openshift_openstack_stack_name }}
			
 
				       rules:
			
 
				+        # NOTE(shadower): the 53 rules are needed for Kuryr
			
 
				+        - direction: ingress
			
 
				+          protocol: tcp
			
 
				+          port_range_min: 53
			
 
				+          port_range_max: 53
			
 
				+        - direction: ingress
			
 
				+          protocol: udp
			
 
				+          port_range_min: 53
			
 
				+          port_range_max: 53
			
 
				         - direction: ingress
			
 
				           protocol: tcp
			
 
				           port_range_min: 10250
			
@@ -623,6 +632,11 @@ resources:
 
				       rules:
			
 
				       - direction: ingress
			
 
				         protocol: tcp
			
 
				+        port_range_min: 443
			
 
				+        port_range_max: 443
			
 
				+        remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr }}
			
 
				+      - direction: ingress
			
 
				+        protocol: tcp
			
 
				         port_range_min: {{ openshift_master_api_port | default(8443) }}
			
 
				         port_range_max: {{ openshift_master_api_port | default(8443) }}
			
 
				         remote_ip_prefix: {{ openshift_openstack_lb_ingress_cidr }}