Nuage changes for Atomic hosts OSE Integration

roles/nuage_common/defaults/main.yaml

@@ -10,5 +10,8 @@ nuage_ca_serial: "{{ nuage_ca_dir }}/nuageMonCA.serial.txt"
 nuage_master_mon_dir: /usr/share/nuage-openshift-monitor
 nuage_node_plugin_dir: /usr/share/vsp-openshift
 
+nuage_node_cni_bin_dir: /opt/cni/bin
+nuage_node_cni_netconf_dir: /etc/cni/net.d
+
 nuage_mon_rest_server_port: "{{ nuage_openshift_monitor_rest_server_port | default('9443') }}"
 nuage_mon_cert_validity_period: "{{ nuage_cert_validity_period | default('3650') }}"

roles/nuage_common/tasks/main.yml

@@ -0,0 +1,27 @@
+---
+- name: Set the Nuage plugin openshift directory fact to handle Atomic host install
+  set_fact:
+    nuage_node_plugin_dir: /var/usr/share/vsp-openshift
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage CNI network config directory fact to handle Atomic host install
+  set_fact:
+    nuage_node_cni_netconf_dir: /var/etc/cni/net.d/
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage CNI binary directory fact to handle Atomic host install
+  set_fact:
+    nuage_node_cni_bin_dir: /var/opt/cni/bin/
+  when: openshift.common.is_atomic | bool
+
+- name: Assure CNI plugin config dir exists before daemon set install
+  become: yes
+  file: path="{{ nuage_node_plugin_dir }}" state=directory
+
+- name: Assure CNI netconf directory exists before daemon set install
+  become: yes
+  file: path="{{ nuage_node_cni_netconf_dir }}" state=directory
+
+- name: Assure CNI plugin binary directory exists before daemon set install
+  become: yes
+  file: path="{{ nuage_node_cni_bin_dir }}" state=directory

roles/nuage_master/handlers/main.yaml

@@ -1,8 +1,4 @@
 ---
-- name: restart nuage-openshift-monitor
-  become: yes
-  systemd: name=nuage-openshift-monitor state=restarted
-
 - name: restart master api
   systemd: name={{ openshift.common.service_type }}-master-api state=restarted
   when: >

roles/nuage_master/tasks/main.yaml

@@ -3,17 +3,64 @@
   include: firewall.yml
   static: yes
 
+- name: Set the Nuage certificate directory fact for Atomic hosts
+  set_fact:
+    cert_output_dir: /var/usr/share/nuage-openshift-monitor
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage kubeconfig file path fact for Atomic hosts
+  set_fact:
+    kube_config: /var/usr/share/nuage-openshift-monitor/nuage.kubeconfig
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage monitor yaml location fact for Atomic hosts
+  set_fact:
+    kubemon_yaml: /var/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage monitor certs location fact for Atomic hosts
+  set_fact:
+    nuage_master_crt_dir: /var/usr/share/nuage-openshift-monitor/
+  when: openshift.common.is_atomic | bool
+
+- name: Set the Nuage master config directory for daemon sets install
+  set_fact:
+    nuage_master_config_dsets_mount_dir: /var/usr/share/
+  when: master_host_type == "is_atomic"
+
+- name: Set the Nuage node config directory for daemon sets install
+  set_fact:
+    nuage_node_config_dsets_mount_dir: /var/usr/share/
+  when: slave_host_type == "is_atomic"
+
+- name: Set the Nuage CNI plugin binary directory for daemon sets install
+  set_fact:
+    nuage_cni_bin_dsets_mount_dir: /var/opt/cni/bin
+  when: openshift.common.is_atomic | bool
+
 - name: Create directory /usr/share/nuage-openshift-monitor
   become: yes
   file: path=/usr/share/nuage-openshift-monitor state=directory
+  when: not openshift.common.is_atomic | bool
 
-- name: Create the log directory
+- name: Create directory /var/usr/share/nuage-openshift-monitor
   become: yes
-  file: path={{ nuage_mon_rest_server_logdir }} state=directory
+  file: path=/var/usr/share/nuage-openshift-monitor state=directory
+  when: openshift.common.is_atomic | bool
+
+- name: Create directory /var/usr/bin for monitor binary on atomic
+  become: yes
+  file: path=/var/usr/bin state=directory
+  when: openshift.common.is_atomic | bool
 
-- name: Install Nuage Openshift Monitor
+- name: Create CNI bin directory /var/opt/cni/bin
   become: yes
-  yum: name={{ nuage_openshift_rpm }} state=present
+  file: path=/var/opt/cni/bin state=directory
+  when: openshift.common.is_atomic | bool
+
+- name: Create the log directory
+  become: yes
+  file: path={{ nuage_mon_rest_server_logdir }} state=directory
 
 - include: serviceaccount.yml
 
@@ -45,10 +92,32 @@
   become: yes
   copy: src="{{ vsd_user_key_file }}" dest="{{ cert_output_dir }}/{{ vsd_user_key_file | basename }}"
 
-- name: Create nuage-openshift-monitor.yaml
+- name: Create Nuage master daemon set yaml file
+  become: yes
+  template: src=nuage-master-config-daemonset.j2 dest=/etc/nuage-master-config-daemonset.yaml owner=root mode=0644
+
+- name: Create Nuage node daemon set yaml file
   become: yes
-  template: src=nuage-openshift-monitor.j2 dest=/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml owner=root mode=0644
+  template: src=nuage-node-config-daemonset.j2 dest=/etc/nuage-node-config-daemonset.yaml owner=root mode=0644
+
+- name: Add the service account to the privileged scc to have root permissions
+  shell: oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-infra:daemonset-controller
+  ignore_errors: true
+  when: inventory_hostname == groups.oo_first_master.0
+
+- name: Spawn Nuage Master monitor daemon sets pod
+  shell: oc create -f /etc/nuage-master-config-daemonset.yaml
+  ignore_errors: true
+  when: inventory_hostname == groups.oo_first_master.0
+
+- name: Spawn Nuage CNI daemon sets pod
+  shell: oc create -f /etc/nuage-node-config-daemonset.yaml
+  ignore_errors: true
+  when: inventory_hostname == groups.oo_first_master.0
+
+- name: Restart daemons
+  command: /bin/true
   notify:
     - restart master api
     - restart master controllers
-    - restart nuage-openshift-monitor
+  ignore_errors: true

roles/nuage_master/templates/nuage-master-config-daemonset.j2

@@ -0,0 +1,111 @@
+# This ConfigMap is used to configure Nuage VSP configuration on master nodes
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: nuage-master-config
+  namespace: kube-system
+data:
+  # This will generate the required Nuage configuration
+  # on master nodes
+  monitor_yaml_config: |
+
+      # .kubeconfig that includes the nuage service account
+      kubeConfig: {{ nuage_master_crt_dir }}/nuage.kubeconfig
+      # name of the nuage service account, or another account with 'cluster-reader'
+      # permissions
+      # Openshift master config file
+      masterConfig: /etc/origin/master/master-config.yaml
+      # URL of the VSD Architect
+      vsdApiUrl: {{ vsd_api_url }}
+      # API version to query against.  Usually "v3_2"
+      vspVersion: {{ vsp_version }}
+      # Name of the enterprise in which pods will reside
+      enterpriseName: {{ enterprise }}
+      # Name of the domain in which pods will reside
+      domainName: {{ domain }}
+      # VSD generated user certificate file location on master node
+      userCertificateFile: {{ nuage_master_crt_dir }}/{{ vsd_user }}.pem
+      # VSD generated user key file location on master node
+      userKeyFile: {{ nuage_master_crt_dir }}/{{ vsd_user }}-Key.pem
+      # Location where logs should be saved
+      log_dir: /var/log/nuage-openshift-monitor
+      # Monitor rest server parameters
+      # Logging level for the nuage openshift monitor
+      # allowed options are: 0 => INFO, 1 => WARNING, 2 => ERROR, 3 => FATAL
+      logLevel: 0
+      # Parameters related to the nuage monitor REST server
+      nuageMonServer:
+          URL: 0.0.0.0:9443
+          certificateDirectory: {{ nuage_master_crt_dir }}
+      # etcd config required for HA
+      etcdClientConfig:
+          ca: {{ nuage_master_crt_dir }}/nuageMonCA.crt
+          certFile: {{ nuage_master_crt_dir }}/nuageMonServer.crt
+          keyFile: {{ nuage_master_crt_dir }}/master.etcd-client.key
+          urls:
+      {% for etcd_url in openshift.master.etcd_urls %}
+              - {{ etcd_url }}
+      {% endfor %}
+
+---
+
+# This manifest installs Nuage master node configuration on
+# each Nuage master node in a cluster.
+kind: DaemonSet
+apiVersion: extensions/v1beta1
+metadata:
+  name: nuage-master-config
+  namespace: kube-system
+  labels:
+    k8s-app: nuage-master-config
+spec:
+  selector:
+    matchLabels:
+      k8s-app: nuage-master-config
+  template:
+    metadata:
+      labels:
+        k8s-app: nuage-master-config
+    spec:
+      hostNetwork: true
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+          operator: Exists
+      nodeSelector:
+        install-monitor: "true"
+      containers:
+        # This container configures Nuage Master node
+        - name: install-nuage-master-config
+          image: nuage/master:{{ nuage_monitor_container_image_version }}
+          ports:
+            - containerPort: 9443
+              hostPort: 9443
+          command: ["/configure-master.sh"]
+          args: ["ose", "{{ master_host_type }}"]
+          securityContext:
+            privileged: true
+          env:
+            # nuage-openshift-monitor.yaml config to install on each slave node.
+            - name: NUAGE_MASTER_VSP_CONFIG
+              valueFrom:
+                configMapKeyRef:
+                  name: nuage-master-config
+                  key: monitor_yaml_config
+          volumeMounts:
+            - mountPath: /var/log
+              name: cni-log-dir
+            - mountPath: {{ nuage_master_config_dsets_mount_dir }}
+              name: usr-share-dir
+            - mountPath: /etc/origin/
+              name: master-config-dir
+      volumes:
+        - name: cni-log-dir
+          hostPath:
+            path: /var/log
+        - name: usr-share-dir
+          hostPath:
+            path: {{ nuage_master_config_dsets_mount_dir }}
+        - name: master-config-dir
+          hostPath:
+            path: /etc/origin/

roles/nuage_master/templates/nuage-node-config-daemonset.j2

@@ -0,0 +1,206 @@
+# This ConfigMap is used to configure Nuage VSP configuration
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: nuage-config
+  namespace: kube-system
+data:
+  # This will generate the required Nuage vsp-openshift.yaml
+  # config on each slave node
+  plugin_yaml_config: |
+      clientCert: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/client.crt
+      # The key to the certificate in clientCert above
+      clientKey: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/client.key
+      # The certificate authority's certificate for the local kubelet.  Usually the
+      # same as the CA cert used to create the client Cert/Key pair.
+      CACert: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/ca.crt
+      # Name of the enterprise in which pods will reside
+      enterpriseName: {{ enterprise }}
+      # Name of the domain in which pods will reside
+      domainName: {{ domain }}
+      # Name of the VSD user in admin group
+      vsdUser: {{ vsd_user }}
+      # IP address and port number of master API server
+      masterApiServer: {{ api_server_url }}
+      # REST server URL 
+      nuageMonRestServer: {{ nuage_mon_rest_server_url }}
+      # Bridge name for the docker bridge
+      dockerBridgeName: docker0
+      # Certificate for connecting to the openshift monitor REST api
+      nuageMonClientCert: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/nuageMonClient.crt
+      # Key to the certificate in restClientCert
+      nuageMonClientKey: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/nuageMonClient.key
+      # CA certificate for verifying the master's rest server
+      nuageMonServerCA: {{ nuage_node_config_dsets_mount_dir }}/vsp-openshift/nuageMonCA.crt
+      # Nuage vport mtu size
+      interfaceMTU: {{ nuage_vport_mtu  }}
+      # Logging level for the plugin
+      # allowed options are: "dbg", "info", "warn", "err", "emer", "off"
+      logLevel: 3
+
+  # This will generate the required Nuage CNI yaml configuration
+  cni_yaml_config: |
+      vrsendpoint: "/var/run/openvswitch/db.sock"
+      vrsbridge: "alubr0"
+      monitorinterval: 60
+      cniversion: 0.2.0
+      loglevel: "info"
+      portresolvetimer: 60
+      logfilesize: 1
+      vrsconnectionchecktimer: 180
+      mtu: 1450
+      staleentrytimeout: 600
+
+---
+
+# This manifest installs Nuage CNI plugins and network config on
+# each worker node in Openshift cluster
+kind: DaemonSet
+apiVersion: extensions/v1beta1
+metadata:
+  name: nuage-cni-ds
+  namespace: kube-system
+  labels:
+    k8s-app: nuage-cni-ds
+spec:
+  selector:
+    matchLabels:
+      k8s-app: nuage-cni-ds
+  template:
+    metadata:
+      labels:
+        k8s-app: nuage-cni-ds
+    spec:
+      hostNetwork: true
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+          operator: Exists
+      containers:
+        # This container installs Nuage CNI binaries
+        # and CNI network config file on each node.
+        - name: install-nuage-cni
+          image: nuage/cni:{{ nuage_cni_container_image_version }}
+          command: ["/install-cni.sh"]
+          args: ["nuage-cni-openshift", "{{ slave_host_type }}"]
+          securityContext:
+            privileged: true
+          env:
+            # Nuage vsp-openshift.yaml config to install on each slave node.
+            - name: NUAGE_VSP_CONFIG
+              valueFrom:
+                configMapKeyRef:
+                  name: nuage-config
+                  key: plugin_yaml_config
+            # Nuage nuage-cni.yaml config to install on each slave node.
+            - name: NUAGE_CNI_YAML_CONFIG
+              valueFrom:
+                configMapKeyRef:
+                  name: nuage-config
+                  key: cni_yaml_config
+            # Nuage cluster network CIDR for iptables configuration
+            - name: NUAGE_CLUSTER_NW_CIDR
+              value: "{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}"
+          volumeMounts:
+            - mountPath: /host/opt/cni/bin
+              name: cni-bin-dir
+            - mountPath: /host/etc/cni/net.d
+              name: cni-net-dir
+            - mountPath: /etc/default
+              name: cni-yaml-dir
+            - mountPath: /var/run
+              name: var-run-dir
+            - mountPath: /var/log
+              name: cni-log-dir
+            - mountPath: {{ nuage_node_config_dsets_mount_dir }}
+              name: usr-share-dir
+      volumes:
+        - name: cni-bin-dir
+          hostPath:
+            path: {{ nuage_cni_bin_dsets_mount_dir }}
+        - name: cni-net-dir
+          hostPath:
+            path: {{ nuage_cni_netconf_dsets_mount_dir }}
+        - name: cni-yaml-dir
+          hostPath:
+            path: /etc/default
+        - name: var-run-dir
+          hostPath:
+            path: /var/run
+        - name: cni-log-dir
+          hostPath:
+            path: /var/log
+        - name: usr-share-dir
+          hostPath:
+            path: {{ nuage_node_config_dsets_mount_dir }}
+
+---
+
+# This manifest installs Nuage VRS on
+# each worker node in an Openshift cluster.
+kind: DaemonSet
+apiVersion: extensions/v1beta1
+metadata:
+  name: nuage-vrs-ds
+  namespace: kube-system
+  labels:
+    k8s-app: nuage-vrs-ds
+spec:
+  selector:
+    matchLabels:
+      k8s-app: nuage-vrs-ds
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        k8s-app: nuage-vrs-ds
+    spec:
+      hostNetwork: true
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+          operator: Exists
+      containers:
+        # This container installs Nuage VRS running as a
+        # container on each worker node
+        - name: install-nuage-vrs
+          image: nuage/vrs:{{ nuage_vrs_container_image_version }}
+          securityContext:
+            privileged: true
+          env:
+            # Configure parameters for VRS openvswitch file
+            - name: NUAGE_ACTIVE_CONTROLLER
+              value: "{{ vsc_active_ip }}"
+            - name: NUAGE_STANDBY_CONTROLLER
+              value: "{{ vsc_standby_ip }}"
+            - name: NUAGE_PLATFORM
+              value: '"kvm, k8s"'
+            - name: NUAGE_K8S_SERVICE_IPV4_SUBNET
+              value: '192.168.0.0\/16'
+            - name: NUAGE_NETWORK_UPLINK_INTF
+              value: "eth0"
+          volumeMounts:
+            - mountPath: /var/run
+              name: vrs-run-dir
+            - mountPath: /var/log
+              name: vrs-log-dir
+            - mountPath: /sys/module
+              name: sys-mod-dir
+              readOnly: true
+            - mountPath: /lib/modules
+              name: lib-mod-dir
+              readOnly: true
+      volumes:
+        - name: vrs-run-dir
+          hostPath:
+            path: /var/run
+        - name: vrs-log-dir
+          hostPath:
+            path: /var/log
+        - name: sys-mod-dir
+          hostPath:
+            path: /sys/module
+        - name: lib-mod-dir
+          hostPath:
+            path: /lib/modules

roles/nuage_master/templates/nuage-openshift-monitor.j2

@@ -1,41 +0,0 @@
-# .kubeconfig that includes the nuage service account
-kubeConfig: {{ kube_config }}
-# name of the nuage service account, or another account with 'cluster-reader'
-# permissions
-# Openshift master config file
-masterConfig: {{ master_config_yaml }} 
-# URL of the VSD Architect
-vsdApiUrl: {{ vsd_api_url }} 
-# API version to query against.  Usually "v3_2"
-vspVersion: {{ vsp_version }} 
-# File containing a VSP license to install.  Only necessary if no license has
-# been installed on the VSD Architect before, only valid for standalone vsd install
-# licenseFile: "/path/to/base_vsp_license.txt"
-# Name of the enterprise in which pods will reside
-enterpriseName: {{ enterprise }} 
-# Name of the domain in which pods will reside
-domainName: {{ domain }}
-# VSD generated user certificate file location on master node
-userCertificateFile: {{ cert_output_dir }}/{{ vsd_user_cert_file | basename }}
-# VSD generated user key file location on master node
-userKeyFile: {{ cert_output_dir }}/{{ vsd_user_key_file | basename }}
-# Location where logs should be saved
-log_dir: {{ nuage_mon_rest_server_logdir }}
-# Monitor rest server parameters
-# Logging level for the nuage openshift monitor
-# allowed options are: 0 => INFO, 1 => WARNING, 2 => ERROR, 3 => FATAL
-logLevel: {{ nuage_mon_log_level }}
-# Parameters related to the nuage monitor REST server
-nuageMonServer:
-    URL: {{ nuage_mon_rest_server_url }}
-    certificateDirectory: {{ cert_output_dir }}
-# etcd config required for HA
-etcdClientConfig:
-    ca: {{ openshift_master_config_dir }}/{{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }}
-    certFile: {{ openshift_master_config_dir }}/master.etcd-client.crt
-    keyFile: {{ openshift_master_config_dir }}/master.etcd-client.key
-    urls:
-{% for etcd_url in openshift.master.etcd_urls %}
-        - {{ etcd_url }}
-{% endfor %}
-

roles/nuage_master/vars/main.yaml

@@ -22,6 +22,18 @@ nuage_mon_rest_server_host: "{{ openshift.master.cluster_hostname | default(open
 nuage_master_crt_dir: /usr/share/nuage-openshift-monitor
 nuage_service_account: system:serviceaccount:default:nuage
 
+nuage_master_config_dsets_mount_dir: /usr/share/
+nuage_node_config_dsets_mount_dir: /usr/share/
+nuage_cni_bin_dsets_mount_dir: /opt/cni/bin
+nuage_cni_netconf_dsets_mount_dir: /etc/cni/net.d
+nuage_monitor_container_image_version: "{{ nuage_monitor_image_version | default('v5.1.1') }}"
+nuage_vrs_container_image_version: "{{ nuage_vrs_image_version | default('v5.1.1') }}"
+nuage_cni_container_image_version: "{{ nuage_cni_image_version | default('v5.1.1') }}"
+api_server_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}"
+nuage_vport_mtu: "{{ nuage_interface_mtu | default('1460') }}"
+master_host_type: "{{ master_base_host_type | default('is_rhel_server') }}"
+slave_host_type: "{{ slave_base_host_type | default('is_rhel_server') }}"
+
 nuage_tasks:
 - resource_kind: cluster-role
   resource_name: cluster-reader

roles/nuage_node/handlers/main.yaml

@@ -1,8 +1,4 @@
 ---
-- name: restart vrs
-  become: yes
-  systemd: name=openvswitch state=restarted
-
 - name: restart node
   become: yes
   systemd: name={{ openshift.common.service_type }}-node state=restarted

roles/nuage_node/tasks/main.yaml

@@ -1,28 +1,18 @@
 ---
-- name: Install Nuage VRS
-  become: yes
-  yum: name={{ vrs_rpm }} state=present
-
-- name: Set the uplink interface
-  become: yes
-  lineinfile: dest={{ vrs_config }} regexp=^NETWORK_UPLINK_INTF line='NETWORK_UPLINK_INTF={{ uplink_interface }}'
-
-- name: Set the Active Controller
-  become: yes
-  lineinfile: dest={{ vrs_config }} regexp=^ACTIVE_CONTROLLER line='ACTIVE_CONTROLLER={{ vsc_active_ip }}'
-
-- name: Set the K8S/OSE Cluster service CIDR
-  become: yes
-  lineinfile: dest={{ vrs_config }} regexp=^K8S_SERVICE_IPV4_SUBNET line='K8S_SERVICE_IPV4_SUBNET={{ k8s_cluster_service_cidr }}'
+- name: Set the Nuage plugin openshift directory fact for Atomic hosts
+  set_fact:
+    vsp_openshift_dir: /var/usr/share/vsp-openshift
+  when: openshift.common.is_atomic | bool
 
-- name: Set the Standby Controller
-  become: yes
-  lineinfile: dest={{ vrs_config }} regexp=^STANDBY_CONTROLLER line='STANDBY_CONTROLLER={{ vsc_standby_ip }}'
-  when: vsc_standby_ip is defined
+- name: Set the Nuage CNI binary directory fact for Atomic hosts
+  set_fact:
+    cni_bin_dir: /var/opt/cni/bin/
+  when: openshift.common.is_atomic | bool
 
-- name: Install plugin rpm
-  become: yes
-  yum: name={{ plugin_rpm }} state=present
+- name: Set the Nuage plugin certs directory fact for Atomic hosts
+  set_fact:
+    nuage_plugin_crt_dir: /var/usr/share/vsp-openshift
+  when: openshift.common.is_atomic | bool
 
 - name: Assure CNI conf dir exists
   become: yes
@@ -32,13 +22,6 @@
   become: yes
   file: path="{{ cni_bin_dir }}" state=directory
 
-- name: Install CNI loopback plugin
-  become: yes
-  copy:
-    src: "{{ k8s_cni_loopback_plugin }}"
-    dest: "{{ cni_bin_dir }}/{{ k8s_cni_loopback_plugin | basename }}"
-    mode: 0755
-
 - name: Copy the certificates and keys
   become: yes
   copy: src="/tmp/{{ item }}" dest="{{ vsp_openshift_dir }}/{{ item }}"
@@ -50,12 +33,11 @@
 
 - include: certificates.yml
 
-- name: Set the vsp-openshift.yaml
-  become: yes
-  template: src=vsp-openshift.j2 dest={{ vsp_openshift_yaml }} owner=root mode=0644
+- name: Restart node services
+  command: /bin/true
   notify:
-    - restart vrs
     - restart node
+  ignore_errors: true
 
 - include: iptables.yml
 

roles/nuage_node/templates/vsp-openshift.j2

@@ -1,29 +0,0 @@
-clientCert: {{ client_cert }} 
-# The key to the certificate in clientCert above
-clientKey: {{ client_key }}
-# The certificate authority's certificate for the local kubelet.  Usually the
-# same as the CA cert used to create the client Cert/Key pair.
-CACert: {{ ca_cert }} 
-# Name of the enterprise in which pods will reside
-enterpriseName: {{ enterprise }} 
-# Name of the domain in which pods will reside
-domainName: {{ domain }}
-# Name of the VSD user in admin group
-vsdUser: {{ vsd_user }}
-# IP address and port number of master API server
-masterApiServer: {{ api_server }}
-# REST server URL 
-nuageMonRestServer: {{ nuage_mon_rest_server_url }}
-# Bridge name for the docker bridge
-dockerBridgeName: {{ docker_bridge }}
-# Certificate for connecting to the kubemon REST API
-nuageMonClientCert: {{ rest_client_cert }}
-# Key to the certificate in restClientCert
-nuageMonClientKey: {{ rest_client_key }} 
-# CA certificate for verifying the master's rest server
-nuageMonServerCA: {{ rest_server_ca_cert }}
-# Nuage vport mtu size
-interfaceMTU: {{ vport_mtu  }}
-# Logging level for the plugin
-# allowed options are: "dbg", "info", "warn", "err", "emer", "off"
-logLevel: {{ plugin_log_level }}