Merge pull request #8052 from mgugino-upstream-stage/fix-master-api-port

Fix references to openshift_master_api_port

playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml

@@ -52,5 +52,7 @@
   register: result
   until: result is succeeded
 
-- import_tasks: restart.yml
+- import_role:
+    name: container_runtime
+    tasks_from: docker_restart.yml
   when: not skip_docker_restart | default(False) | bool

playbooks/openshift-loadbalancer/private/config.yml

@@ -14,18 +14,19 @@
 - name: Configure load balancers
   hosts: oo_lb_to_config
   vars:
-    openshift_loadbalancer_frontends: "{{ (openshift_master_api_port | default(8443)
+    openshift_loadbalancer_frontends: "{{ (openshift_master_api_port
                                            | lib_utils_oo_loadbalancer_frontends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']),
                                                                                  openshift_use_nuage | default(false),
                                                                                  nuage_mon_rest_server_port | default(none)))
                                            + openshift_loadbalancer_additional_frontends | default([]) }}"
-    openshift_loadbalancer_backends: "{{ (openshift_master_api_port | default(8443)
+    openshift_loadbalancer_backends: "{{ (openshift_master_api_port
                                           | lib_utils_oo_loadbalancer_backends(hostvars | lib_utils_oo_select_keys(groups['oo_masters']),
                                                                                openshift_use_nuage | default(false),
                                                                                nuage_mon_rest_server_port | default(none)))
                                           + openshift_loadbalancer_additional_backends | default([]) }}"
     openshift_image_tag: "{{ hostvars[groups.oo_masters_to_config.0].openshift_image_tag }}"
   roles:
+  - role: openshift_facts
   - role: openshift_loadbalancer
   - role: tuned
 

playbooks/openshift-master/private/config.yml

@@ -59,7 +59,7 @@
   - openshift_facts:
       role: master
       local_facts:
-        api_port: "{{ openshift_master_api_port | default(None) }}"
+        api_port: "{{ openshift_master_api_port }}"
         api_url: "{{ openshift_master_api_url | default(None) }}"
         api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}"
         controllers_port: "{{ openshift_master_controllers_port | default(None) }}"

playbooks/openshift-master/private/restart.yml

@@ -7,7 +7,7 @@
   roles:
   - openshift_facts
   post_tasks:
-  - include_tasks: tasks/restart_hosts.yml
+  - import_tasks: tasks/restart_hosts.yml
     when: openshift_rolling_restart_mode | default('services') == 'system'
   - import_role:
       name: openshift_control_plane

playbooks/openshift-master/private/tasks/restart_hosts.yml

@@ -19,5 +19,5 @@
     host: "{{ openshift.common.hostname }}"
     state: started
     delay: 10
-    port: "{{ openshift.master.api_port }}"
+    port: "{{ openshift_master_api_port }}"
     timeout: 600

playbooks/openshift-node/private/restart.yml

@@ -36,7 +36,7 @@
       host: "{{ openshift.common.hostname }}"
       state: started
       delay: 10
-      port: "{{ openshift.master.api_port }}"
+      port: "{{ openshift_master_api_port }}"
       timeout: 600
     when: inventory_hostname in groups.oo_masters_to_config
 

playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml

@@ -31,6 +31,6 @@
     host: "{{ openshift.common.hostname }}"
     state: started
     delay: 10
-    port: "{{ openshift.master.api_port }}"
+    port: "{{ openshift_master_api_port }}"
     timeout: 600
   when: inventory_hostname in groups.oo_masters_to_config

roles/openshift_aws/defaults/main.yml

@@ -54,7 +54,7 @@ openshift_aws_elb_dict:
       cross_az_load_balancing: False
       health_check:
         ping_protocol: tcp
-        ping_port: "{{ openshift_master_api_port | default(8443) }}"
+        ping_port: "{{ openshift_master_api_port }}"
         response_timeout: 5
         interval: 30
         unhealthy_threshold: 2
@@ -64,11 +64,11 @@ openshift_aws_elb_dict:
       - protocol: tcp
         load_balancer_port: 80
         instance_protocol: ssl
-        instance_port: "{{ openshift_master_api_port | default(8443) }}"
+        instance_port: "{{ openshift_master_api_port }}"
       - protocol: ssl
-        load_balancer_port: "{{ openshift_master_api_port | default(8443) }}"
+        load_balancer_port: "{{ openshift_master_api_port }}"
         instance_protocol: ssl
-        instance_port: "{{ openshift_master_api_port | default(8443) }}"
+        instance_port: "{{ openshift_master_api_port }}"
         ssl_certificate_id: "{{ openshift_aws_elb_cert_arn }}"
       name: "{{ openshift_aws_elb_basename }}-master-external"
       tags: "{{ openshift_aws_kube_tags }}"
@@ -76,7 +76,7 @@ openshift_aws_elb_dict:
       cross_az_load_balancing: False
       health_check:
         ping_protocol: tcp
-        ping_port: "{{ openshift_master_api_port | default(8443) }}"
+        ping_port: "{{ openshift_master_api_port }}"
         response_timeout: 5
         interval: 30
         unhealthy_threshold: 2
@@ -88,9 +88,9 @@ openshift_aws_elb_dict:
         instance_protocol: tcp
         instance_port: 80
       - protocol: tcp
-        load_balancer_port: "{{ openshift_master_api_port | default(8443) }}"
+        load_balancer_port: "{{ openshift_master_api_port }}"
         instance_protocol: tcp
-        instance_port: "{{ openshift_master_api_port | default(8443) }}"
+        instance_port: "{{ openshift_master_api_port }}"
       name: "{{ openshift_aws_elb_basename }}-master-internal"
       tags: "{{ openshift_aws_kube_tags }}"
   infra:
@@ -269,8 +269,8 @@ openshift_aws_node_security_groups:
       to_port: 80
       cidr_ip: 0.0.0.0/0
     - proto: tcp
-      from_port: "{{ openshift_master_api_port | default(8443) }}"
-      to_port: "{{ openshift_master_api_port | default(8443) }}"
+      from_port: "{{ openshift_master_api_port }}"
+      to_port: "{{ openshift_master_api_port }}"
       cidr_ip: 0.0.0.0/0
   compute:
     name: "{{ openshift_aws_clusterid }}_compute"
@@ -284,8 +284,8 @@ openshift_aws_node_security_groups:
       to_port: 80
       cidr_ip: 0.0.0.0/0
     - proto: tcp
-      from_port: "{{ openshift_master_api_port | default(8443) }}"
-      to_port: "{{ openshift_master_api_port | default(8443) }}"
+      from_port: "{{ openshift_master_api_port }}"
+      to_port: "{{ openshift_master_api_port }}"
       cidr_ip: 0.0.0.0/0
     - proto: tcp
       from_port: 30000

roles/openshift_aws/meta/main.yml

@@ -2,3 +2,4 @@
 dependencies:
 - lib_utils
 - lib_openshift
+- openshift_facts

roles/openshift_control_plane/README.md

@@ -21,7 +21,7 @@ From this role:
 | openshift_node_ips                                | []                    | List of the openshift node ip addresses to pre-register when master starts up |
 | oreg_url                                          | UNDEF                 | Default docker registry to use                                                |
 | oreg_url_master                                   | UNDEF                 | Default docker registry to use, specifically on the master                    |
-| openshift_master_api_port                         | UNDEF                 |                                                                               |
+|                                                                               |
 | openshift_master_console_port                     | UNDEF                 |                                                                               |
 | openshift_master_api_url                          | UNDEF                 |                                                                               |
 | openshift_master_console_url                      | UNDEF                 |                                                                               |

roles/openshift_control_plane/defaults/main.yml

@@ -55,7 +55,7 @@ r_openshift_master_os_firewall_enable: true
 r_openshift_master_os_firewall_deny: []
 default_r_openshift_master_os_firewall_allow:
 - service: api server https
-  port: "{{ openshift.master.api_port }}/tcp"
+  port: "{{ openshift_master_api_port }}/tcp"
 - service: api controllers https
   port: "{{ openshift.master.controllers_port }}/tcp"
 - service: skydns tcp

roles/openshift_control_plane/files/apiserver.yaml

@@ -52,4 +52,4 @@ spec:
       path: /etc/origin/cloudprovider
   - name: master-data
     hostPath:
-      path: /var/lib/origin
+      path: /var/lib/origin

roles/openshift_control_plane/tasks/static.yml

@@ -34,6 +34,15 @@
   - apiserver.yaml
   - controller.yaml
 
+- name: Update master static pod (api)
+  yedit:
+    src: "{{ mktemp.stdout }}/apiserver.yaml"
+    edits:
+    - key: spec.containers[0].livenessProbe.httpGet.port
+      value: "{{ openshift_master_api_port }}"
+    - key: spec.containers[0].readinessProbe.httpGet.port
+      value: "{{ openshift_master_api_port }}"
+
 - name: Update master static pods
   copy:
     remote_src: true

roles/openshift_control_plane/templates/master.yaml.v1.j2

@@ -177,7 +177,7 @@ serviceAccountConfig:
   publicKeyFiles:
   - serviceaccounts.public.key
 servingInfo:
-  bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.api_port }}
+  bindAddress: {{ openshift.master.bind_addr }}:{{ openshift_master_api_port }}
   bindNetwork: tcp4
   certFile: master.server.crt
   clientCA: ca.crt

roles/openshift_facts/defaults/main.yml

@@ -94,3 +94,5 @@ openshift_service_type_dict:
   openshift-enterprise: atomic-openshift
 
 openshift_service_type: "{{ openshift_service_type_dict[openshift_deployment_type] }}"
+
+openshift_master_api_port: "8443"

roles/openshift_loadbalancer/defaults/main.yml

@@ -11,7 +11,7 @@ openshift_router_image: "{{ openshift_router_image_default }}"
 haproxy_frontends:
 - name: main
   binds:
-  - "*:{{ openshift_master_api_port | default(8443) }}"
+  - "*:{{ openshift_master_api_port }}"
   default_backend: default
 
 haproxy_backends:
@@ -27,7 +27,7 @@ r_openshift_loadbalancer_os_firewall_allow:
 - service: haproxy stats
   port: "9000/tcp"
 - service: haproxy balance
-  port: "{{ openshift_master_api_port | default(8443) }}/tcp"
+  port: "{{ openshift_master_api_port }}/tcp"
 - service: nuage mon
   port: "{{ nuage_mon_rest_server_port | default(9443) }}/tcp"
   cond: "{{ r_openshift_lb_use_nuage | bool }}"

roles/openshift_logging/README.md

@@ -36,7 +36,7 @@ When `openshift_logging_install_logging` is set to `False` the `openshift_loggin
 - `openshift_logging_mux_image_version`: Setting the image version for Mux image. Defaults to `openshift_logging_image_version`.
 - `openshift_logging_use_ops`: If 'True', set up a second ES and Kibana cluster for infrastructure logs. Defaults to 'False'.
 - `openshift_logging_master_url`: The URL for the Kubernetes master, this does not need to be public facing but should be accessible from within the cluster. Defaults to 'https://kubernetes.default.svc.{{openshift.common.dns_domain}}'.
-- `openshift_logging_master_public_url`: The public facing URL for the Kubernetes master, this is used for Authentication redirection. Defaults to 'https://{{openshift.common.public_hostname}}:{{openshift.master.api_port}}'.
+- `openshift_logging_master_public_url`: The public facing URL for the Kubernetes master, this is used for Authentication redirection. Defaults to 'https://{{openshift.common.public_hostname}}:{{openshift_master_api_port}}'.
 - `openshift_logging_namespace`: The namespace that Aggregated Logging will be installed in. Defaults to 'logging'.
 - `openshift_logging_curator_default_days`: The default minimum age (in days) Curator uses for deleting log records. Defaults to '30'.
 - `openshift_logging_curator_run_hour`: The hour of the day that Curator will run at. Defaults to '0'.
@@ -274,7 +274,7 @@ $ docker inspect ff2e249fc45a
             "Labels": {
                 . . .
                 "build-date": "2017-10-12T14:38:22.414827",
-                . . . 
+                . . .
                 "release": "0.143.3.0",
                 . . .
                 "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/openshift3/logging-fluentd/images/v3.7.0-0.143.3.0",
@@ -293,13 +293,13 @@ $ docker pull <registry>/openshift3/logging-fluentd:v3.7
 If there was an update, you need to run the `docker pull` on each node.
 
 It is recommended that you now rerun the `openshift_logging` playbook to ensure that any necessary config changes are also picked up.
- 
+
 To manually redeploy your pod you can do the following:
 - for a DC you can do:
 ```
 oc rollout latest <dc_name>
 ```
-     
+
 - for a RC you can scale down and scale back up
 ```
 oc scale --replicas=0 <rc_name>
@@ -320,4 +320,4 @@ Tue Oct 26, 2017
 - Make CPU request equal limit if limit is greater then request
 
 Tue Oct 10, 2017
-- Default imagePullPolicy changed from Always to IfNotPresent 
+- Default imagePullPolicy changed from Always to IfNotPresent

roles/openshift_logging/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 openshift_logging_use_ops: False
 openshift_logging_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}"
-openshift_logging_master_public_url: "{{ 'https://' + openshift_master_cluster_public_hostname | default(openshift.common.public_hostname) + ':' ~ (openshift_master_api_port | default('8443', true)) }}"
+openshift_logging_master_public_url: "{{ 'https://' + openshift_master_cluster_public_hostname | default(openshift.common.public_hostname) + ':' ~ openshift_master_api_port) }}"
 openshift_logging_nodeselector: null
 openshift_logging_labels: {}
 openshift_logging_label_key: ""

roles/openshift_logging_elasticsearch/defaults/main.yml

@@ -55,7 +55,7 @@ openshift_logging_es_config: {}
 
 
 openshift_logging_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}"
-openshift_logging_master_public_url: "{{ openshift_hosted_logging_master_public_url | default('https://' + openshift.common.public_hostname + ':' ~ (openshift_master_api_port | default('8443', true))) }}"
+openshift_logging_master_public_url: "{{ openshift_hosted_logging_master_public_url | default('https://' + openshift.common.public_hostname + ':' ~ openshift_master_api_port) }}"
 openshift_logging_es_host: logging-es
 openshift_logging_es_port: 9200
 openshift_logging_es_ca: /etc/fluent/keys/ca

roles/openshift_logging_mux/defaults/main.yml

@@ -2,7 +2,7 @@
 ### General logging settings
 openshift_logging_mux_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}"
 openshift_logging_mux_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}"
-openshift_logging_mux_master_public_url: "{{ openshift_hosted_logging_master_public_url | default('https://' + openshift.common.public_hostname + ':' ~ (openshift_master_api_port | default('8443', true))) }}"
+openshift_logging_mux_master_public_url: "{{ openshift_hosted_logging_master_public_url | default('https://' + openshift.common.public_hostname + ':' ~ openshift_master_api_port) }}"
 openshift_logging_mux_namespace: logging
 
 ### Common settings

roles/openshift_management/tasks/add_container_provider.yml

@@ -69,5 +69,5 @@
           endpoint: {role: default, security_protocol: ssl-without-validation, verify_ssl: 0}
       hostname: "{{ l_cluster_hostname }}"
       name: "{{ openshift_management_project }}"
-      port: "{{ openshift.master.api_port }}"
+      port: "{{ openshift_master_api_port }}"
       type: "ManageIQ::Providers::Openshift::ContainerManager"

roles/openshift_master_facts/tasks/main.yml

@@ -27,7 +27,7 @@
     local_facts:
       cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}"
       cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}"
-      api_port: "{{ openshift_master_api_port | default(None) }}"
+      api_port: "{{ openshift_master_api_port }}"
       api_url: "{{ openshift_master_api_url | default(None) }}"
       api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}"
       public_api_url: "{{ openshift_master_public_api_url | default(None) }}"

roles/openshift_node/meta/main.yml

@@ -14,3 +14,4 @@ galaxy_info:
 dependencies:
 - role: lib_openshift
 - role: lib_utils
+- role: openshift_facts

roles/openshift_node/tasks/upgrade/restart.yml

@@ -3,7 +3,7 @@
 # - openshift_service_type
 # - openshift_is_containerized
 # - openshift.common.hostname
-# - openshift.master.api_port
+# - openshift_master_api_port
 
 # NOTE: This is needed to make sure we are using the correct set
 #       of systemd unit files. The RPMs lay down defaults but
@@ -42,6 +42,6 @@
     host: "{{ openshift.common.hostname }}"
     state: started
     delay: 10
-    port: "{{ openshift.master.api_port }}"
+    port: "{{ openshift_master_api_port }}"
     timeout: 600
   when: inventory_hostname in groups.oo_masters_to_config

roles/openshift_openstack/defaults/main.yml

@@ -126,8 +126,8 @@ openshift_openstack_master_secgroup_rules:
     port_range_max: 4001
   - direction: ingress
     protocol: tcp
-    port_range_min: "{{ openshift_master_api_port|default(8443) }}"
-    port_range_max: "{{ openshift_master_api_port|default(8443) }}"
+    port_range_min: "{{ openshift_master_api_port }}"
+    port_range_max: "{{ openshift_master_api_port }}"
   - direction: ingress
     protocol: tcp
     port_range_min: "{{ openshift_master_console_port|default(8443) }}"
@@ -273,8 +273,8 @@ openshift_openstack_lb_base_secgroup_rules:
     remote_ip_prefix: "{{ openshift_openstack_lb_ingress_cidr }}"
   - direction: ingress
     protocol: tcp
-    port_range_min: "{{ openshift_master_api_port | default(8443) }}"
-    port_range_max: "{{ openshift_master_api_port | default(8443) }}"
+    port_range_min: "{{ openshift_master_api_port }}"
+    port_range_max: "{{ openshift_master_api_port }}"
     remote_ip_prefix: "{{ openshift_openstack_lb_ingress_cidr }}"
 openshift_openstack_lb_console_secgroup_rules:
   - direction: ingress

roles/openshift_openstack/meta/main.yml

@@ -0,0 +1,5 @@
+---
+dependencies:
+- lib_utils
+- lib_openshift
+- openshift_facts

roles/openshift_openstack/templates/heat_stack.yaml.j2

@@ -138,7 +138,7 @@ resources:
             cluster_id: {{ openshift_openstack_full_dns_domain }}
       loadbalancer: { get_resource: api_lb }
       protocol: HTTPS
-      protocol_port: {{ openshift_master_api_port|default(8443) }}
+      protocol_port: {{ openshift_master_api_port }}
 
   api_lb_pool:
     type: OS::Neutron::LBaaS::Pool

roles/openshift_openstack/templates/heat_stack_server.yaml.j2

@@ -337,7 +337,7 @@ resources:
       not: {equals: [{get_param: api_lb_pool}, ""]}
     properties:
       pool: { get_param: api_lb_pool }
-      protocol_port: {{ openshift_master_api_port|default(8443) }}
+      protocol_port: {{ openshift_master_api_port }}
       address: { get_attr: [server, first_address]}
       subnet: { get_param: subnet }
 

roles/openshift_sanitize_inventory/meta/main.yml

@@ -15,3 +15,4 @@ galaxy_info:
 dependencies:
 - role: lib_utils
 - role: lib_openshift
+- role: openshift_facts

roles/openshift_sanitize_inventory/tasks/main.yml

@@ -114,4 +114,4 @@
       server, please open a support ticket.
   when:
     - openshift_master_console_port is defined
-    - openshift_master_console_port != (openshift_master_api_port | default(8443))
+    - openshift_master_console_port != openshift_master_api_port