Merge of 4.1 development

.coveragerc

@@ -1,20 +0,0 @@
-[run]
-branch = True
-omit =
-    */lib/python*/site-packages/*
-    */lib/python*/*
-    /usr/*
-    */setup.py
-    # TODO(rhcarvalho): this is used to ignore test files from coverage report.
-    # We can make this less generic when we stick with a single test pattern in
-    # the repo.
-    */conftest.py
-    */test_*.py
-    */*_tests.py
-    */test/*
-
-[report]
-fail_under = 28
-
-[html]
-directory = cover

.flake8

@@ -3,3 +3,5 @@
 exclude=.tox,inventory
 max_line_length = 120
 ignore = E501,T003
+per-file-ignores =
+    setup.py : T001

.gitignore

@@ -24,3 +24,13 @@ multi_ec2.yaml
 *.egg-info
 .eggs
 cover/
+test/libvirt/install-config.yml
+test/libvirt/.openshift_install_state.json
+test/libvirt/.openshift_install.log
+test/libvirt/*.ign
+test/libvirt/install-config-ansible.yml
+test/libvirt/terraform/terraform.tfvars
+test/libvirt/terraform/.terraform
+*.tfstate
+*.tfstate.backup
+test/libvirt/inventory.txt

.travis.yml

@@ -14,7 +14,7 @@ python:
 
 install:
   - pip install --upgrade pip
-  - pip install tox-travis coveralls
+  - pip install tox-travis
 
 script:
   - tox
@@ -32,6 +32,3 @@ after_failure:
   - pip_debug_log=/home/travis/.cache/pip/log/debug.log
   - echo Outputting pip debug log from $pip_debug_log
   - cat $pip_debug_log
-
-after_success:
-  - coveralls

README.md

@@ -9,6 +9,11 @@ Master branch is closed! A major refactor is ongoing in devel-40.
 Changes for 3.x should be made directly to the latest release branch they're
 relevant to and backported from there.
 
+WARNING
+=======
+
+This branch is under heavy development.  If you are interested in deploying a
+working cluster, please utilize a release branch.
 
 # OpenShift Ansible
 
@@ -16,13 +21,6 @@ This repository contains [Ansible](https://www.ansible.com/) roles and
 playbooks to install, upgrade, and manage
 [OpenShift](https://www.openshift.com/) clusters.
 
-**Note**: the Ansible playbooks in this repository require an RPM
-package that provides `docker`. Currently, the RPMs from
-[dockerproject.org](https://dockerproject.org/) do not provide this
-requirement, though they may in the future. This limitation is being
-tracked by
-[#2720](https://github.com/openshift/openshift-ansible/issues/2720).
-
 ## Getting the correct version
 When choosing an openshift release, ensure that the necessary origin packages
 are available in your distribution's repository.  By default, openshift-ansible
@@ -69,7 +67,7 @@ Install base dependencies:
 
 Requirements:
 
-- Ansible >= 2.6.5, Ansible 2.7 is not yet supported and known to fail
+- Ansible >= 2.7.8
 - Jinja >= 2.7
 - pyOpenSSL
 - python-lxml
@@ -82,17 +80,6 @@ Fedora:
 dnf install -y ansible pyOpenSSL python-cryptography python-lxml
 ```
 
-Additional requirements:
-
-Logging:
-
-- java-1.8.0-openjdk-headless
-- patch
-
-Metrics:
-
-- httpd-tools
-
 ## Simple all-in-one localhost Installation
 This assumes that you've installed the base dependencies and you're running on
 Fedora or RHEL
@@ -102,62 +89,85 @@ cd openshift-ansible
 sudo ansible-playbook -i inventory/hosts.localhost playbooks/prerequisites.yml
 sudo ansible-playbook -i inventory/hosts.localhost playbooks/deploy_cluster.yml
 ```
-## Node Group Definition and Mapping
-In 3.10 and newer all members of the [nodes] inventory group must be assigned an
-`openshift_node_group_name`. This value is used to select the configmap that
-configures each node. By default there are three configmaps created; one for
-each node group defined in `openshift_node_groups` and they're named
-`node-config-master` `node-config-infra` `node-config-compute`. It's important
-to note that the configmap is also the authoritative definition of node labels,
-the old `openshift_node_labels` value is effectively ignored.
-
-There are also two configmaps that label nodes into multiple roles, these are
-not recommended for production clusters, however they're named
-`node-config-all-in-one` and `node-config-master-infra` if you'd like to use
-them to deploy non production clusters.
-
-The default set of node groups is defined in
-[roles/openshift_facts/defaults/main.yml] like so
 
-```
-openshift_node_groups:
-  - name: node-config-master
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-    edits: []
-  - name: node-config-infra
-    labels:
-      - 'node-role.kubernetes.io/infra=true'
-    edits: []
-  - name: node-config-compute
-    labels:
-      - 'node-role.kubernetes.io/compute=true'
-    edits: []
-  - name: node-config-master-infra
-    labels:
-      - 'node-role.kubernetes.io/infra=true,node-role.kubernetes.io/master=true'
-    edits: []
-  - name: node-config-all-in-one
-    labels:
-      - 'node-role.kubernetes.io/infra=true,node-role.kubernetes.io/master=true,node-role.kubernetes.io/compute=true'
-    edits: []
+# Quickstart
+
+Install the new installer from https://www.github.com/openshift/installer
+
+Construct a proper install-config.yml, and make a copy called
+install-config-ansible.yml.
+
+## Hosts
+You will need the following hosts
+
+### Boostrap host
+This is a special host that is not part of the cluster but is required to be
+available to help the cluster bootstrap itself.  This is not a bastion host,
+it will initially be part of the cluster and should be able to communicate with
+the masters in the cluster.
+
+### Masters
+You need 1 or 3 masters.
+
+### Workers
+You need 0 or more workers.  Note, by default, masters are unschedulable so
+you will need one or more workers if you want to schedule workloads.
+
+## DNS
+4.x installs require specific dns records to be in place, and there is no way
+to complete an install without working DNS.  You are in charge of ensuring the
+following DNS records are resolvable from your cluster, the openshift-ansible
+installer will not make any attempt to do any of this for you.
+
+First, the output of ```hostname``` on each host must be resolvable to other hosts.
+The nodes will communicate with each other based on this value.
+
+install-config.yml value of 'baseDomain' must be a working domain.
+
+### A records
+```sh
+<clustername>-api.<baseDomain> # ex: mycluster-api.example.com
+<clustername>-master-0.<baseDomain> # ex: mycluster-master-0.example.com
+<clustername>-etcd-0.<baseDomain> # ex: mycluster-etcd-0.example.com
+<clustername>-bootstrap.<baseDomain> # ex: mycluster-bootstrap.example.com
 ```
 
-When configuring this in the INI based inventory this must be translated into a
-Python dictionary. Here's an example of a group named `node-config-all-in-one`
-which is suitable for an All-In-One installation with
-kubeletArguments.pods-per-core set to 20
+Note: There should be a master/etcd record for each master host in your cluster
+(either 1 or 3).  etcd hosts must be master hosts, and the records must resolve
+to the same host for each master/etcd record, respectively.
 
+### SRV records
+```sh
+SRV _etcd-client-ssl._tcp.<clustername>.<baseDomain> '1 1 2379 <clustername>-etcd-0.<baseDomain>'
+SRV _etcd-server-ssl._tcp.<clustername>.<baseDomain> '1 1 2380 <clustername>-etcd-0.<baseDomain>'
+...
+SRV _etcd-client-ssl._tcp.<clustername>.<baseDomain> '1 1 2379 <clustername>-etcd-<N-1>.<baseDomain>'
+SRV _etcd-server-ssl._tcp.<clustername>.<baseDomain> '1 1 2380 <clustername>-etcd-<N-1>.<baseDomain>'
+
+# ex: _etcd-client-ssl._tcp.mycluster.example.com '1 1 2379 mycluster-etcd-0.example.com'
 ```
-openshift_node_groups=[{'name': 'node-config-all-in-one', 'labels': ['node-role.kubernetes.io/master=true', 'node-role.kubernetes.io/infra=true', 'node-role.kubernetes.io/compute=true'], 'edits': [{ 'key': 'kubeletArguments.pods-per-core','value': ['20']}]}]
+
+Consult with your DNS provider about the proper way to create SRV records.  In
+any case, there should be a client and server SRV record for each etcd backend,
+and you MUST use the etcd FQDN you created earlier, not the master or any other
+record.
+
+## Inventory
+Check out inventory/40_basic_inventory.ini for an example.
+
+## Generate ignition configs
+Use the openshift-install command to generate ignition configs utilizing the
+install-config.yml you created earlier.  This will consume the install-config.yml
+file, so ensure you have copied the file as mentioned previously.
+
+```sh
+openshift-install create ignition-configs
 ```
 
-For upgrades, the upgrade process will block until you have the required
-configmaps in the openshift-node namespace. Please define
-`openshift_node_groups` as explained above or accept the defaults and run the
-playbooks/openshift-master/openshift_node_group.yml playbook to have them
-created for you automatically.
+## Run playbook
+playbooks/deploy_cluster_40.yml
 
+# Further reading
 
 ## Complete Production Installation Documentation:
 

conftest.py

@@ -1,6 +0,0 @@
-"""pytest configuration"""
-
-
-def pytest_ignore_collect(path):
-    """Hook to ignore symlink files and directories."""
-    return path.islink()

images/installer/Dockerfile

@@ -4,40 +4,31 @@ MAINTAINER OpenShift Team <dev@lists.openshift.redhat.com>
 
 USER root
 
-# Add origin repo for including the oc client
-COPY images/installer/origin-extra-root /
-
-# install ansible and deps
-RUN INSTALL_PKGS="python-lxml python-dns pyOpenSSL python2-cryptography openssl python2-passlib httpd-tools openssh-clients origin-clients iproute patch" \
- && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS \
- && EPEL_PKGS="ansible-2.7.4 python2-boto python2-crypto which python2-pip.noarch python2-scandir python2-packaging azure-cli-2.0.46" \
- && yum install -y epel-release \
- && yum install -y --setopt=tsflags=nodocs $EPEL_PKGS \
- && if [ "$(uname -m)" == "x86_64" ]; then yum install -y https://sdodson.fedorapeople.org/google-cloud-sdk-183.0.0-3.el7.x86_64.rpm ; fi \
- && yum install -y java-1.8.0-openjdk-headless \
- && rpm -V $INSTALL_PKGS $EPEL_PKGS $EPEL_TESTING_PKGS \
- && pip install 'apache-libcloud~=2.2.1' 'SecretStorage<3' 'ansible[azure]' 'boto3==1.4.6' \
- && yum clean all
-
 LABEL name="openshift/origin-ansible" \
       summary="OpenShift's installation and configuration tool" \
-      description="A containerized openshift-ansible image to let you run playbooks to install, upgrade, maintain and check an OpenShift cluster" \
+      description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \
       url="https://github.com/openshift/openshift-ansible" \
       io.k8s.display-name="openshift-ansible" \
-      io.k8s.description="A containerized openshift-ansible image to let you run playbooks to install, upgrade, maintain and check an OpenShift cluster" \
+      io.k8s.description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \
       io.openshift.expose-services="" \
       io.openshift.tags="openshift,install,upgrade,ansible" \
       atomic.run="once"
 
 ENV USER_UID=1001 \
-    HOME=/opt/app-root/src \
+    HOME=/opt/app-root/src/ \
     WORK_DIR=/usr/share/ansible/openshift-ansible \
     OPTS="-v"
 
 # Add image scripts and files for running as a system container
 COPY images/installer/root /
-# Include playbooks, roles, plugins, etc. from this repo
-COPY . ${WORK_DIR}
+# Add origin repo for including the oc client
+COPY images/installer/origin-extra-root /
+# Install openshift-ansible RPMs
+RUN yum install -y epel-release && \
+    yum-config-manager --enable built > /dev/null && \
+    yum install --setopt=tsflags=nodocs -y \
+      openshift-ansible-test openshift-clients && \
+    yum clean all
 
 RUN /usr/local/bin/user_setup \
  && rm /usr/local/bin/usage.ocp

images/installer/Dockerfile.ci

@@ -1,41 +0,0 @@
-FROM centos:7
-
-MAINTAINER OpenShift Team <dev@lists.openshift.redhat.com>
-
-USER root
-
-LABEL name="openshift/origin-ansible" \
-      summary="OpenShift's installation and configuration tool" \
-      description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \
-      url="https://github.com/openshift/openshift-ansible" \
-      io.k8s.display-name="openshift-ansible" \
-      io.k8s.description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \
-      io.openshift.expose-services="" \
-      io.openshift.tags="openshift,install,upgrade,ansible" \
-      atomic.run="once"
-
-ENV USER_UID=1001 \
-    HOME=/opt/app-root/src \
-    WORK_DIR=/usr/share/ansible/openshift-ansible \
-    OPTS="-v"
-
-# Add image scripts and files for running as a system container
-COPY images/installer/root /
-# Add origin repo for including the oc client
-COPY images/installer/origin-extra-root /
-# Install openshift-ansible RPMs
-RUN yum install -y epel-release && \
-    rm -rf /etc/yum.repos.d/centos-openshift-origin.repo && \
-    yum-config-manager --enable built > /dev/null && \
-    INSTALL_PKGS="openssh google-cloud-sdk azure-cli-2.0.46" \
-    yum install --setopt=tsflags=nodocs -y $INSTALL_PKGS openshift-ansible-test && \
-    yum clean all
-
-RUN /usr/local/bin/user_setup \
- && rm /usr/local/bin/usage.ocp
-
-USER ${USER_UID}
-
-WORKDIR ${WORK_DIR}
-ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
-CMD [ "/usr/local/bin/run" ]

images/installer/origin-extra-root/etc/yum.repos.d/azure-cli.repo

@@ -1,6 +0,0 @@
-[azure-cli]
-name=Azure CLI
-baseurl=https://packages.microsoft.com/yumrepos/azure-cli
-enabled=1
-gpgcheck=1
-gpgkey=https://packages.microsoft.com/keys/microsoft.asc

images/installer/origin-extra-root/etc/yum.repos.d/centos-ansible27.repo

@@ -1,6 +1,6 @@
 
-[centos-ansible26-testing]
-name=CentOS Ansible 2.6 testing repo
+[centos-ansible27-testing]
+name=CentOS Ansible 2.7 testing repo
 baseurl=https://cbs.centos.org/repos/configmanagement7-ansible-27-testing/x86_64/os/
 enabled=1
 gpgcheck=0

images/installer/origin-extra-root/etc/yum.repos.d/centos-openshift-origin.repo

@@ -1,7 +0,0 @@
-
-[centos-openshift-origin]
-name=CentOS OpenShift Origin
-baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

images/installer/origin-extra-root/etc/yum.repos.d/google-cloud-sdk.repo

@@ -1,8 +0,0 @@
-[google-cloud-sdk]
-name=google-cloud-sdk
-baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
-enabled=1
-gpgcheck=1
-repo_gpgcheck=1
-gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
-       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

images/installer/origin-extra-root/etc/yum.repos.d/openshift-origin-4.0-ci.repo

@@ -0,0 +1,6 @@
+
+[openshift-origin-4.0-ci]
+name=OpenShift Origin 4.0 CI packages
+baseurl=https://rpms.svc.ci.openshift.org/openshift-origin-v4.0/
+enabled=1
+gpgcheck=0

inventory/40_basic_inventory.ini

@@ -0,0 +1,24 @@
+[nodes:children]
+bootstrap
+masters
+workers
+
+[nodes:vars]
+ansible_ssh_user=centos
+ansible_become=True
+
+openshift_install_config_path="~/install-config-ansible.yml"
+openshift_deployment_type=origin
+openshift_release=v4.0
+
+[bootstrap]
+mycluster-bootstrap.example.com
+
+[bootstrap:vars]
+openshift_ignition_file_path="~/bootstrap.ign"
+
+[masters]
+mycluster-master-0.example.com
+
+[workers]
+mycluster-worker-0.example.com

inventory/dynamic/aws/ansible.cfg

@@ -0,0 +1,48 @@
+# config file for ansible -- http://ansible.com/
+# ==============================================
+
+# This config file provides examples for running
+# the OpenShift playbooks with the provided
+# inventory scripts.
+
+[defaults]
+# Set the log_path
+#log_path = /tmp/ansible.log
+
+private_key_file = $HOME/.ssh/id_rsa
+
+# Additional default options for OpenShift Ansible
+forks = 50
+host_key_checking = False
+retry_files_enabled = False
+retry_files_save_path = ~/ansible-installer-retries
+nocows = True
+remote_user = ec2-user
+roles_path = ../../../roles/
+gathering = smart
+fact_caching = jsonfile
+fact_caching_connection = $HOME/ansible/facts
+fact_caching_timeout = 600
+callback_whitelist = profile_tasks
+inventory_ignore_extensions = secrets.py, .pyc, .cfg, .crt
+# work around privilege escalation timeouts in ansible:
+timeout = 30
+
+stdout_callback = yaml
+
+# Uncomment to use the provided example inventory
+inventory = inventory
+
+[inventory]
+# fail more helpfully when the inventory file does not parse (Ansible 2.4+)
+unparsed_is_failed=true
+
+# Additional ssh options for OpenShift Ansible
+[ssh_connection]
+retries = 10
+pipelining = True
+ssh_args = -o ControlMaster=auto -o ControlPersist=600s
+timeout = 10
+# shorten the ControlPath which is often too long; when it is,
+# ssh connection reuse silently fails, making everything slower.
+control_path = %(directory)s/%%h-%%r

inventory/dynamic/aws/group_vars/all/00_defaults.yml

@@ -0,0 +1,3 @@
+---
+ansible_become: yes
+openshift_deployment_type: origin

inventory/dynamic/gcp/group_vars/all/00_defaults.yml

@@ -20,6 +20,9 @@ openshift_master_cluster_hostname: "internal-openshift-master.{{ public_hosted_z
 openshift_master_cluster_public_hostname: "openshift-master.{{ public_hosted_zone }}"
 openshift_master_default_subdomain: "{{ wildcard_zone }}"
 
+mcd_port: 22623
+mcd_endpoint: "https://{{ openshift_master_cluster_public_hostname }}:{{ mcd_port }}"
+
 # Cloud specific settings
 openshift_cloudprovider_kind: gce
 openshift_hosted_registry_storage_provider: gcs

inventory/install-config-example.yml

@@ -0,0 +1,30 @@
+---
+baseDomain: example.com
+machines:
+- name: master
+  replicas: 1
+- name: worker
+  # This should always be zero for openshift-ansible
+  replicas: 0
+metadata:
+  name: mycluster
+networking:
+  clusterNetworks:
+  - cidr: 10.128.0.0/14
+    hostSubnetLength: 9
+  serviceCIDR: 172.30.0.0/16
+  type: OpenShiftSDN
+platform:
+  libvirt:
+    # This URI is not actually used
+    URI: null
+    defaultMachinePlatform:
+      image: file:///unused
+    masterIPs: null
+    network:
+      if: null
+      ipRange: null
+pullSecret: |
+  < paste your pullSecret here >
+sshKey: |
+  < paster your pubkey here >

playbooks/adhoc/README.md

@@ -1,5 +0,0 @@
-# _Ad hoc_ playbooks
-
-This directory holds playbooks and tasks that really don't have a better home.
-Existing playbooks living here are community supported and not officially
-maintained.

playbooks/adhoc/bootstrap-fedora.yml

@@ -1,6 +0,0 @@
----
-- hosts: OSEv3
-  gather_facts: false
-  tasks:
-    - name: install python and deps for ansible modules
-      raw: dnf install -y python2 python2-dnf libselinux-python libsemanage-python python2-firewall pyOpenSSL python-cryptography

playbooks/adhoc/contiv/delete_contiv.yml

@@ -1,29 +0,0 @@
----
-- name: Uninstall contiv
-  hosts: all
-  gather_facts: False
-  tasks:
-    - systemd:
-        name: "{{ item }}"
-        state: stopped
-      with_items:
-        - contiv-etcd
-        - netmaster
-        - netplugin
-        - openvswitch
-      ignore_errors: True
-    - file:
-        path: "{{ item }}"
-        state: absent
-      with_items:
-        - /opt/cni
-        - /opt/contiv
-        - /etc/systemd/system/netmaster.service
-        - /etc/systemd/system/netplugin.service
-        - /etc/systemd/system/contiv-etcd.service
-        - /etc/systemd/system/contiv-etcd.service.d
-        - /var/lib/contiv-etcd
-        - /etc/default/netmaster
-        - /etc/default/netplugin
-        - /etc/openvswitch/conf.db
-    - command: systemctl daemon-reload

playbooks/adhoc/create_pv/create_pv.yaml

@@ -1,160 +0,0 @@
----
-#example run:
-# ansible-playbook -e "cli_volume_size=1" \
-#                  -e "cli_device_name=/dev/xvdf" \
-#                  -e "cli_hosttype=master" \
-#                  -e "cli_clusterid=ops" \
-#                  create_pv.yaml
-#
-- name: Create a volume and attach it to master
-  hosts: localhost
-  connection: local
-  become: no
-  gather_facts: no
-  vars:
-    cli_volume_type: gp2
-    cli_volume_iops: ''
-    oo_name: "{{ groups['tag_host-type_' ~ cli_hosttype] |
-                 intersect(groups['oo_clusterid_' ~ cli_clusterid]) |
-                 first }}"
-  pre_tasks:
-  - fail:
-      msg: "This playbook requires {{item}} to be set."
-    when: item is not defined or item == ''
-    with_items:
-    - cli_volume_size
-    - cli_device_name
-    - cli_hosttype
-    - cli_clusterid
-
-  - name: set oo_name fact
-    set_fact:
-      oo_name: "{{ oo_name }}"
-
-
-  - name: Select a single master to run this on
-    add_host:
-      hostname: "{{ oo_name }}"
-      ansible_ssh_host: "{{ hostvars[oo_name].ec2_public_dns_name }}"
-      groups: oo_master
-
-  - name: Create a volume and attach it
-    ec2_vol:
-      state: present
-      instance: "{{ hostvars[oo_name]['ec2_id'] }}"
-      region: "{{ hostvars[oo_name]['ec2_region'] }}"
-      volume_size: "{{ cli_volume_size }}"
-      volume_type: "{{ cli_volume_type }}"
-      device_name: "{{ cli_device_name }}"
-      iops: "{{ cli_volume_iops }}"
-    register: vol
-
-  - debug: var=vol
-
-  - name: tag the vol with a name
-    ec2_tag: region={{ hostvars[oo_name]['ec2_region'] }} resource={{vol.volume_id}}
-    args:
-      tags:
-        Name: "pv-{{ hostvars[oo_name]['ec2_tag_Name'] }}"
-        clusterid: "{{cli_clusterid}}"
-    register: voltags
-
-  - debug: var=voltags
-
-- name: Configure the drive
-  gather_facts: no
-  hosts: oo_master
-  user: root
-  connection: ssh
-  vars:
-    pv_tmpdir: /tmp/persistentvolumes
-
-  post_tasks:
-  - name: Setting facts for template
-    set_fact:
-      pv_name: "pv-{{cli_volume_size}}-{{ hostvars[hostvars.localhost.oo_name]['ec2_tag_Name'] }}-{{hostvars.localhost.vol.volume_id }}"
-      vol_az: "{{ hostvars[hostvars.localhost.oo_name]['ec2_placement'] }}"
-      vol_id: "{{ hostvars.localhost.vol.volume_id }}"
-      vol_size: "{{ cli_volume_size }}"
-      pv_mntdir: "{{ pv_tmpdir }}/mnt-{{ 1000 | random }}"
-
-  - set_fact:
-      pv_template: "{{ pv_tmpdir }}/{{ pv_name }}.yaml"
-
-  - name: "Mkdir {{ pv_tmpdir }}"
-    file:
-      state: directory
-      path: "{{ pv_tmpdir }}"
-      mode: '0750'
-
-  - name: "Mkdir {{ pv_mntdir }}"
-    file:
-      state: directory
-      path: "{{ pv_mntdir }}"
-      mode: '0750'
-
-  - name: Create pv file from template
-    template:
-      src: ./pv-template.j2
-      dest: "{{ pv_template }}"
-      owner: root
-      mode: '0640'
-
-  - name: mkfs
-    filesystem:
-      dev: "{{ cli_device_name }}"
-      fstype: ext4
-
-  - name: Mount the dev
-    mount:
-      name: "{{ pv_mntdir }}"
-      src: "{{ cli_device_name }}"
-      fstype: ext4
-      state: mounted
-
-  - name: chgrp g+rwXs
-    file:
-      path: "{{ pv_mntdir }}"
-      mode: 'g+rwXs'
-      recurse: yes
-      seuser: system_u
-      serole: object_r
-      setype: svirt_sandbox_file_t
-      selevel: s0
-
-  - name: umount
-    mount:
-      name: "{{ pv_mntdir }}"
-      src: "{{ cli_device_name }}"
-      state: unmounted
-      fstype: ext4
-
-  - name: remove from fstab
-    mount:
-      name: "{{ pv_mntdir }}"
-      src: "{{ cli_device_name }}"
-      state: absent
-      fstype: ext4
-
-  - name: detach drive
-    delegate_to: localhost
-    ec2_vol:
-      region: "{{ hostvars[hostvars.localhost.oo_name].ec2_region }}"
-      id: "{{ hostvars.localhost.vol.volume_id }}"
-      instance: None
-
-  - name: "Remove {{ pv_mntdir }}"
-    file:
-      state: absent
-      path: "{{ pv_mntdir }}"
-
-  # We have to use the shell module because we can't set env vars with the command module.
-  - name: "Place PV into oc"
-    shell: "KUBECONFIG=/etc/origin/master/admin.kubeconfig oc create -f {{ pv_template | quote }}"
-    register: oc_output
-
-  - debug: var=oc_output
-
-  - fail:
-      msg: "Failed to add {{ pv_template }} to master."
-    when: oc_output.rc != 0

playbooks/adhoc/create_pv/pv-template.j2

@@ -1,16 +0,0 @@
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: {{ pv_name }}
-  labels:
-    type: ebs
-spec:
-  capacity:
-    storage: {{ vol_size }}Gi
-  accessModes:
-    - ReadWriteOnce
-  persistentVolumeReclaimPolicy: Retain
-  awsElasticBlockStore:
-    volumeID: aws://{{ vol_az }}/{{ vol_id }}
-    fsType: ext4

playbooks/adhoc/docker_loopback_to_lvm/docker-storage-setup

@@ -1,2 +0,0 @@
-DEVS=/dev/xvdb
-VG=docker_vg

playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml

@@ -1,141 +0,0 @@
----
-# This playbook coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker)
-#  in AWS.  This adds an additional EBS volume and creates the Volume Group on this EBS volume to use.
-#
-#  To run:
-#  1. Source your AWS credentials (make sure it's the corresponding AWS account) into your environment
-#    export AWS_ACCESS_KEY_ID='XXXXX'
-#    export AWS_SECRET_ACCESS_KEY='XXXXXX'
-#
-# 2. run the playbook:
-#   ansible-playbook -e 'cli_tag_name=<tag-name>' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml
-#
-#  Example:
-#   ansible-playbook -e 'cli_tag_name=ops-master-12345' -e "cli_volume_size=30" docker_loopback_to_direct_lvm.yml
-#
-#  Notes:
-#  * By default this will do a 30GB volume.
-#  * iops are calculated by Disk Size * 30.  e.g ( 30GB * 30) = 900 iops
-#  * This will remove /var/lib/docker!
-#  * You may need to re-deploy docker images after this is run (like monitoring)
-#
-
-- name: Fix docker to have a provisioned iops drive
-  hosts: "tag_Name_{{ cli_tag_name }}"
-  user: root
-  connection: ssh
-  gather_facts: no
-
-  vars:
-    cli_volume_type: gp2
-    cli_volume_size: 30
-
-  pre_tasks:
-  - fail:
-      msg: "This playbook requires {{item}} to be set."
-    when: item is not defined or item == ''
-    with_items:
-    - cli_tag_name
-    - cli_volume_size
-
-  - debug:
-      var: hosts
-
-  - name: start docker
-    service:
-      name: docker
-      state: started
-
-  - name: Determine if loopback
-    shell: docker info | grep 'Data file:.*loop'
-    register: loop_device_check
-    ignore_errors: yes
-
-  - debug:
-      var: loop_device_check
-
-  - name: fail if we don't detect loopback
-    fail:
-      msg: loopback not detected! Please investigate manually.
-    when: loop_device_check.rc == 1
-
-  - name: stop zagg client monitoring container
-    service:
-      name: oso-rhel7-zagg-client
-      state: stopped
-    ignore_errors: yes
-
-  - name: stop pcp client monitoring container
-    service:
-      name: oso-f22-host-monitoring
-      state: stopped
-    ignore_errors: yes
-
-  - name: stop docker
-    service:
-      name: docker
-      state: stopped
-
-  - name: delete /var/lib/docker
-    command: rm -rf /var/lib/docker
-
-  - name: remove /var/lib/docker
-    command: rm -rf /var/lib/docker
-
-  - name: check to see if /dev/xvdb exists
-    command: test -e /dev/xvdb
-    register: xvdb_check
-    ignore_errors: yes
-
-  - debug: var=xvdb_check
-
-  - name: fail if /dev/xvdb already exists
-    fail:
-      msg: /dev/xvdb already exists.  Please investigate
-    when: xvdb_check.rc == 0
-
-  - name: Create a volume and attach it
-    delegate_to: localhost
-    ec2_vol:
-      state: present
-      instance: "{{ ec2_id }}"
-      region: "{{ ec2_region }}"
-      volume_size: "{{ cli_volume_size | default(30, True)}}"
-      volume_type: "{{ cli_volume_type }}"
-      device_name: /dev/xvdb
-    register: vol
-
-  - debug: var=vol
-
-  - name: tag the vol with a name
-    delegate_to: localhost
-    ec2_tag: region={{ ec2_region }} resource={{ vol.volume_id }}
-    args:
-      tags:
-        Name: "{{ ec2_tag_Name }}"
-        clusterid: "{{ ec2_tag_clusterid }}"
-    register: voltags
-
-  - name: Wait for volume to attach
-    pause:
-      seconds: 30
-
-  - name: copy the docker-storage-setup config file
-    copy:
-      src: docker-storage-setup
-      dest: /etc/sysconfig/docker-storage-setup
-      owner: root
-      group: root
-      mode: 0664
-
-  - name: docker storage setup
-    command: docker-storage-setup
-    register: setup_output
-
-  - debug: var=setup_output
-
-  - name: start docker
-    command: systemctl start docker.service
-    register: dockerstart
-
-  - debug: var=dockerstart

playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml

@@ -1,115 +0,0 @@
-#!/usr/bin/ansible-playbook
----
-# This playbook coverts docker to go from loopback to direct-lvm (the Red Hat recommended way to run docker).
-#
-# It requires the block device to be already provisioned and attached to the host. This is a generic playbook,
-# meant to be used for manual conversion. For AWS specific conversions, use the other playbook in this directory.
-#
-#  To run:
-#   ./ops-docker-loopback-to-direct-lvm.yml -e cli_host=<host to run on> -e cli_docker_device=<path to device>
-#
-#  Example:
-#   ./ops-docker-loopback-to-direct-lvm.yml -e cli_host=twiesttest-master-fd32 -e cli_docker_device=/dev/sdb
-#
-#  Notes:
-#  * This will remove /var/lib/docker!
-#  * You may need to re-deploy docker images after this is run (like monitoring)
-
-- name: Fix docker to have a provisioned iops drive
-  hosts: "{{ cli_host }}"
-  user: root
-  connection: ssh
-  gather_facts: no
-
-  pre_tasks:
-  - fail:
-      msg: "This playbook requires {{item}} to be set."
-    when: item is not defined or item == ''
-    with_items:
-    - cli_docker_device
-
-  - name: start docker
-    service:
-      name: docker
-      state: started
-
-  - name: Determine if loopback
-    shell: docker info | grep 'Data file:.*loop'
-    register: loop_device_check
-    ignore_errors: yes
-
-  - debug:
-      var: loop_device_check
-
-  - name: fail if we don't detect loopback
-    fail:
-      msg: loopback not detected! Please investigate manually.
-    when: loop_device_check.rc == 1
-
-  - name: stop zagg client monitoring container
-    service:
-      name: oso-rhel7-zagg-client
-      state: stopped
-    ignore_errors: yes
-
-  - name: stop pcp client monitoring container
-    service:
-      name: oso-f22-host-monitoring
-      state: stopped
-    ignore_errors: yes
-
-  - name: "check to see if {{ cli_docker_device }} exists"
-    command: "test -e {{ cli_docker_device }}"
-    register: docker_dev_check
-    ignore_errors: yes
-
-  - debug: var=docker_dev_check
-
-  - name: "fail if {{ cli_docker_device }} doesn't exist"
-    fail:
-      msg: "{{ cli_docker_device }} doesn't exist. Please investigate"
-    when: docker_dev_check.rc != 0
-
-  - name: stop docker
-    service:
-      name: docker
-      state: stopped
-
-  - name: delete /var/lib/docker
-    command: rm -rf /var/lib/docker
-
-  - name: remove /var/lib/docker
-    command: rm -rf /var/lib/docker
-
-  - name: copy the docker-storage-setup config file
-    copy:
-      content: >
-        DEVS={{ cli_docker_device }}
-        VG=docker_vg
-      dest: /etc/sysconfig/docker-storage-setup
-      owner: root
-      group: root
-      mode: 0664
-
-  - name: docker storage setup
-    command: docker-storage-setup
-    register: setup_output
-
-  - debug: var=setup_output
-
-  - name: extend the vg
-    command: lvextend -l 90%VG /dev/docker_vg/docker-pool
-    register: extend_output
-
-  - debug: var=extend_output
-
-  - name: start docker
-    service:
-      name: docker
-      state: restarted
-
-  - name: docker info
-    command: docker info
-    register: dockerinfo
-
-  - debug: var=dockerinfo

playbooks/adhoc/docker_storage_cleanup/docker_storage_cleanup.yml

@@ -1,69 +0,0 @@
----
-# This playbook attempts to cleanup unwanted docker files to help alleviate docker disk space issues.
-#
-#  To run:
-#
-#  1. run the playbook:
-#
-#   ansible-playbook -e 'cli_tag_name=<tag-name>' docker_storage_cleanup.yml
-#
-#  Example:
-#
-#   ansible-playbook -e 'cli_tag_name=ops-node-compute-12345' docker_storage_cleanup.yml
-#
-#  Notes:
-#  *  This *should* not interfere with running docker images
-#
-
-- name: Clean up Docker Storage
-  gather_facts: no
-  hosts: "tag_Name_{{ cli_tag_name }}"
-  user: root
-  connection: ssh
-
-  pre_tasks:
-
-  - fail:
-      msg: "This playbook requires {{item}} to be set."
-    when: item is not defined or item == ''
-    with_items:
-    - cli_tag_name
-
-  - name: Ensure docker is running
-    service:
-      name: docker
-      state: started
-      enabled: yes
-
-  - name: Get docker info
-    command: docker info
-    register: docker_info
-
-  - name: Show docker info
-    debug:
-      var: docker_info.stdout_lines
-
-  - name: Remove exited and dead containers
-    shell: "docker ps -a | awk '/Exited|Dead/ {print $1}' | xargs --no-run-if-empty docker rm"
-    ignore_errors: yes
-
-  - name: Remove dangling docker images
-    shell: "docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi"
-    ignore_errors: yes
-
-  - name: Remove non-running docker images
-    shell: "docker images | grep -v -e registry.redhat.io -e registry.access.redhat.com -e docker-registry.usersys.redhat.com -e docker-registry.ops.rhcloud.com | awk '{print $3}' | xargs --no-run-if-empty docker rmi 2>/dev/null"
-    ignore_errors: yes
-
-  # leaving off the '-t' for docker exec.  With it, it doesn't work with ansible and tty support
-  - name: update zabbix docker items
-    command: docker exec -i oso-rhel7-host-monitoring /usr/local/bin/cron-send-docker-metrics.py
-
-  # Get and show docker info again.
-  - name: Get docker info
-    command: docker info
-    register: docker_info
-
-  - name: Show docker info
-    debug:
-      var: docker_info.stdout_lines

playbooks/adhoc/grow_docker_vg/filter_plugins/grow_docker_vg_filters.py

@@ -1,28 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-'''
-Custom filters for use in openshift-ansible
-'''
-
-
-class FilterModule(object):
-    ''' Custom ansible filters '''
-
-    @staticmethod
-    def translate_volume_name(volumes, target_volume):
-        '''
-            This filter matches a device string /dev/sdX to /dev/xvdX
-            It will then return the AWS volume ID
-        '''
-        for vol in volumes:
-            translated_name = vol["attachment_set"]["device"].replace("/dev/sd", "/dev/xvd")
-            if target_volume.startswith(translated_name):
-                return vol["id"]
-
-        return None
-
-    def filters(self):
-        ''' returns a mapping of filters to methods '''
-        return {
-            "translate_volume_name": self.translate_volume_name,
-        }

playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml

@@ -1,206 +0,0 @@
----
-# This playbook grows the docker VG on a node by:
-#  * add a new volume
-#  * add volume to the existing VG.
-#  * pv move to the new volume.
-#  * remove old volume
-#  * detach volume
-#  * mark old volume in AWS with "REMOVE ME" tag
-#  * grow docker LVM to 90% of the VG
-#
-#  To run:
-#  1. Source your AWS credentials (make sure it's the corresponding AWS account) into your environment
-#    export AWS_ACCESS_KEY_ID='XXXXX'
-#    export AWS_SECRET_ACCESS_KEY='XXXXXX'
-#
-# 2. run the playbook:
-#   ansible-playbook -e 'cli_tag_name=<tag-name>' grow_docker_vg.yml
-#
-#  Example:
-#   ansible-playbook -e 'cli_tag_name=ops-compute-12345' grow_docker_vg.yml
-#
-#  Notes:
-#  * By default this will do a 200GB GP2 volume.  The can be overidden with the "-e 'cli_volume_size=100'" variable
-#  * This does a GP2 by default.  Support for Provisioned IOPS has not been added
-#  * This will assign the new volume to /dev/xvdc. This is not variablized, yet.
-#  * This can be done with NO downtime on the host
-#  * This playbook assumes that there is a Logical Volume that is installed and called "docker-pool".  This is
-#      the LV that gets created via the "docker-storage-setup" command
-#
-
-- name: Grow the docker volume group
-  hosts: "tag_Name_{{ cli_tag_name }}"
-  user: root
-  connection: ssh
-  gather_facts: no
-
-  vars:
-    cli_volume_type: gp2
-    cli_volume_size: 200
-    #cli_volume_iops: "{{ 30 * cli_volume_size }}"
-
-  pre_tasks:
-  - fail:
-      msg: "This playbook requires {{item}} to be set."
-    when: item is not defined or item == ''
-    with_items:
-    - cli_tag_name
-    - cli_volume_size
-
-  - debug:
-      var: hosts
-
-  - name: start docker
-    service:
-      name: docker
-      state: started
-
-  - name: Determine if Storage Driver (docker info) is devicemapper
-    shell: docker info | grep 'Storage Driver:.*devicemapper'
-    register: device_mapper_check
-    ignore_errors: yes
-
-  - debug:
-      var: device_mapper_check
-
-  - name: fail if we don't detect devicemapper
-    fail:
-      msg: The "Storage Driver" in "docker info" is not set to "devicemapper"! Please investigate manually.
-    when: device_mapper_check.rc == 1
-
-  # docker-storage-setup creates a docker-pool as the lvm.  I am using docker-pool lvm to test
-  # and find the volume group.
-  - name: Attempt to find the Volume Group that docker is using
-    shell: lvs | grep docker-pool | awk '{print $2}'
-    register: docker_vg_name
-    ignore_errors: yes
-
-  - debug:
-      var: docker_vg_name
-
-  - name: fail if we don't find a docker volume group
-    fail:
-      msg: Unable to find docker volume group. Please investigate manually.
-    when: docker_vg_name.stdout_lines|length != 1
-
-  # docker-storage-setup creates a docker-pool as the lvm.  I am using docker-pool lvm to test
-  # and find the physical volume.
-  - name: Attempt to find the Phyisical Volume that docker is using
-    shell: "pvs | grep {{ docker_vg_name.stdout }} | awk '{print $1}'"
-    register: docker_pv_name
-    ignore_errors: yes
-
-  - debug:
-      var: docker_pv_name
-
-  - name: fail if we don't find a docker physical volume
-    fail:
-      msg: Unable to find docker physical volume. Please investigate manually.
-    when: docker_pv_name.stdout_lines|length != 1
-
-
-  - name: get list of volumes from AWS
-    delegate_to: localhost
-    ec2_vol:
-      state: list
-      instance: "{{ ec2_id }}"
-      region: "{{ ec2_region }}"
-    register: attached_volumes
-
-  - debug: var=attached_volumes
-
-  - name: get volume id of current docker volume
-    set_fact:
-      old_docker_volume_id: "{{ attached_volumes.volumes | translate_volume_name(docker_pv_name.stdout) }}"
-
-  - debug: var=old_docker_volume_id
-
-  - name: check to see if /dev/xvdc exists
-    command: test -e /dev/xvdc
-    register: xvdc_check
-    ignore_errors: yes
-
-  - debug: var=xvdc_check
-
-  - name: fail if /dev/xvdc already exists
-    fail:
-      msg: /dev/xvdc already exists.  Please investigate
-    when: xvdc_check.rc == 0
-
-  - name: Create a volume and attach it
-    delegate_to: localhost
-    ec2_vol:
-      state: present
-      instance: "{{ ec2_id }}"
-      region: "{{ ec2_region }}"
-      volume_size: "{{ cli_volume_size | default(30, True)}}"
-      volume_type: "{{ cli_volume_type }}"
-      device_name: /dev/xvdc
-    register: create_volume
-
-  - debug: var=create_volume
-
-  - name: Fail when problems creating volumes and attaching
-    fail:
-      msg: "Failed to create or attach volume msg: {{ create_volume.msg }}"
-    when: create_volume.msg is defined
-
-  - name: tag the vol with a name
-    delegate_to: localhost
-    ec2_tag: region={{ ec2_region }} resource={{ create_volume.volume_id }}
-    args:
-      tags:
-        Name: "{{ ec2_tag_Name }}"
-        clusterid: "{{ ec2_tag_clusterid }}"
-    register: voltags
-
-  - name: check for attached drive
-    command: test -b /dev/xvdc
-    register: attachment_check
-    until: attachment_check.rc == 0
-    retries: 30
-    delay: 2
-
-  - name: partition the new drive and make it lvm
-    command: parted /dev/xvdc --script -- mklabel msdos mkpart primary 0% 100% set 1 lvm
-
-  - name: pvcreate /dev/xvdc
-    command: pvcreate /dev/xvdc1
-
-  - name: Extend the docker volume group
-    command: vgextend "{{ docker_vg_name.stdout }}" /dev/xvdc1
-
-  - name: pvmove onto new volume
-    command: "pvmove {{ docker_pv_name.stdout }} /dev/xvdc1"
-    async: 43200
-    poll: 10
-
-  - name: Remove the old docker drive from the volume group
-    command: "vgreduce {{ docker_vg_name.stdout }} {{ docker_pv_name.stdout }}"
-
-  - name: Remove the pv from the old drive
-    command: "pvremove {{ docker_pv_name.stdout }}"
-
-  - name: Extend the docker lvm
-    command: "lvextend -l '90%VG' /dev/{{ docker_vg_name.stdout }}/docker-pool"
-
-  - name: detach  old docker volume
-    delegate_to: localhost
-    ec2_vol:
-      region: "{{ ec2_region }}"
-      id: "{{ old_docker_volume_id }}"
-      instance: None
-
-  - name: tag the old vol valid label
-    delegate_to: localhost
-    ec2_tag: region={{ ec2_region }} resource={{old_docker_volume_id}}
-    args:
-      tags:
-        Name: "{{ ec2_tag_Name }} REMOVE ME"
-    register: voltags
-
-  - name: Update the /etc/sysconfig/docker-storage-setup with new device
-    lineinfile:
-      dest: /etc/sysconfig/docker-storage-setup
-      regexp: ^DEVS=
-      line: DEVS=/dev/xvdc

playbooks/adhoc/sdn_restart/oo-sdn-restart.yml

@@ -1,52 +0,0 @@
-#!/usr/bin/ansible-playbook
----
-#example run:
-# ansible-playbook -e "host=ops-node-compute-abcde" oo-sdn-restart.yml
-#
-
-- name: Check vars
-  hosts: localhost
-  gather_facts: false
-
-  pre_tasks:
-  - fail:
-      msg: "Playbook requires host to be set"
-    when: host is not defined or host == ''
-
-- name: Restart openshift/docker (and monitoring containers)
-  hosts: oo_version_3:&oo_name_{{ host }}
-  gather_facts: false
-  user: root
-
-  tasks:
-  - name: stop openshift/docker
-    service:
-      name: "{{ item }}"
-      state: stopped
-    with_items:
-    - atomic-openshift-node
-    - docker
-
-  - name: restart openvswitch
-    service:
-      name: openvswitch
-      state: restarted
-
-  - name: wait 5 sec
-    pause:
-      seconds: 5
-
-  - name: start openshift/docker
-    service:
-      name: "{{ item }}"
-      state: started
-    with_items:
-    - atomic-openshift-node
-    - docker
-
-  - name: start monitoring containers
-    service:
-      name: "{{ item }}"
-      state: restarted
-    with_items:
-    - oso-rhel7-host-monitoring

playbooks/adhoc/setupnfs.yml

@@ -1,21 +0,0 @@
----
-### This playbook is old and we are currently not using NFS.
-- hosts: tag_Name_nfs-v3-stg
-  become: no
-  remote_user: root
-  gather_facts: no
-  roles:
-  - role: openshift_storage_nfs_lvm
-    mount_dir: /exports/stg-black
-    volume_prefix: "kwoodsontest"
-    volume_size: 5
-    volume_num_start: 222
-    number_of_volumes: 3
-  tasks:
-  - fetch:
-    dest: json/
-    src: /root/"{{ item }}"
-  with_items:
-  - persistent-volume.kwoodsontest5g0222.json
-  - persistent-volume.kwoodsontest5g0223.json
-  - persistent-volume.kwoodsontest5g0224.json

playbooks/adhoc/uninstall.yml

@@ -1,4 +0,0 @@
----
-- import_playbook: uninstall_openshift.yml
-- import_playbook: uninstall_docker.yml
-  when: openshift_uninstall_docker | default(False) | bool

playbooks/adhoc/uninstall_docker.yml

@@ -1,35 +0,0 @@
-# This deletes *ALL* Origin and OpenShift Container Platform content installed by
-# ansible.  This includes:
-#
-#    configuration
-#    containers
-#    example templates and imagestreams
-#    images
-#    RPMs
----
-- hosts: nodes:masters
-  become: yes
-  tasks:
-
-  - name: Stop docker service
-    service:
-      name: docker
-      state: stopped
-      enabled: no
-    failed_when: false
-    register: l_docker_restart_docker_in_pb_result
-    until: not (l_docker_restart_docker_in_pb_result is failed)
-    retries: 3
-    delay: 30
-
-  - name: Reset docker-storage-setup
-    shell: docker-storage-setup --reset
-    failed_when: False
-
-  - name: rm -rf docker config files
-    shell: "rm {{ item }} -rf"
-    failed_when: False
-    with_items:
-    - /etc/docker*
-    - /etc/sysconfig/docker*
-    - /etc/systemd/system/docker*

playbooks/adhoc/uninstall_openshift.yml

@@ -1,483 +0,0 @@
-# This deletes *ALL* Origin and OpenShift Container Platform content installed by
-# ansible.  This includes:
-#
-#    configuration
-#    containers
-#    example templates and imagestreams
-#    images
-#    RPMs
----
-# Stop services on all hosts prior to removing files.
-- hosts: nodes
-  become: yes
-  tasks:
-  - name: Remove dnsmasq dispatcher
-    file:
-      path: "{{ item }}"
-      state: absent
-    with_items:
-    - /etc/dnsmasq.d/origin-dns.conf
-    - /etc/dnsmasq.d/origin-upstream-dns.conf
-    - /etc/dnsmasq.d/openshift-ansible.conf
-    - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
-  - service:
-      name: NetworkManager
-      state: restarted
-  - name: Stop services
-    service: name={{ item }} state=stopped
-    with_items:
-    - atomic-openshift-node
-    - openshift-node
-    - origin-node
-    failed_when: false
-  - name: Stop OVS service
-    service: name=openvswitch state=stopped
-    failed_when: false
-    when: openshift_use_openshift_sdn | default(True) | bool
-
-- hosts: etcd
-  become: yes
-  tasks:
-  - name: Stop services
-    service: name={{ item }} state=stopped
-    with_items:
-    - etcd
-    failed_when: false
-
-- hosts: lb
-  become: yes
-  tasks:
-  - name: Stop services
-    service: name={{ item }} state=stopped
-    with_items:
-    - haproxy
-    failed_when: false
-
-- hosts: nodes
-  become: yes
-  vars:
-    node_dirs:
-    - "/etc/origin"
-    - "/var/lib/origin"
-  tasks:
-  - name: unmask services
-    command: systemctl unmask "{{ item }}"
-    changed_when: False
-    failed_when: False
-    with_items:
-    - firewalld
-
-  - when: openshift_remove_all | default(true) | bool
-    block:
-
-    - name: Remove packages
-      package:
-        name: "{{ pkg_list | join(',') }} "
-        state: absent
-      vars:
-        pkg_list:
-        - atomic-openshift
-        - atomic-openshift-clients
-        - atomic-openshift-excluder
-        - atomic-openshift-docker-excluder
-        - atomic-openshift-node
-        - atomic-openshift-sdn-ovs
-        - atomic-openshift-hyperkube
-        - cockpit-bridge
-        - cockpit-docker
-        - cockpit-system
-        - cockpit-ws
-        - kubernetes-client
-        - openshift
-        - openshift-node
-        - openshift-sdn
-        - openshift-sdn-ovs
-        - origin
-        - origin-excluder
-        - origin-docker-excluder
-        - origin-clients
-        - origin-node
-        - origin-sdn-ovs
-        - origin-hyperkube
-        - tuned-profiles-atomic-openshift-node
-        - tuned-profiles-origin-node
-      register: result
-      until: result is succeeded
-
-    - name: Remove OVS package
-      package:
-        name: openvswitch
-        state: absent
-      register: result
-      until: result is succeeded
-      when: openshift_use_openshift_sdn | default(True) | bool
-
-    - name: Remove flannel package
-      package:
-        name: flannel
-        state: absent
-      when: openshift_use_flannel | default(false) | bool
-      register: result
-      until: result is succeeded
-
-    - shell: systemctl reset-failed
-      changed_when: False
-
-    - shell: systemctl daemon-reload
-      changed_when: False
-
-    - name: Remove br0 interface
-      shell: ovs-vsctl del-br br0
-      changed_when: False
-      failed_when: False
-      when: openshift_use_openshift_sdn | default(True) | bool
-
-    - name: Remove linux interfaces
-      shell: ip link del "{{ item }}"
-      changed_when: False
-      failed_when: False
-      with_items:
-      - lbr0
-      - vlinuxbr
-      - vovsbr
-      when: openshift_use_openshift_sdn | default(True) | bool
-
-    - name: Remove virtual devices
-      command: nmcli delete device "{{ item }}"
-      failed_when: False
-      with_items:
-      - tun0
-      when: openshift_use_openshift_sdn | default(True) | bool
-
-  - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
-    changed_when: False
-
-  - shell: docker rm -f "{{ item }}"-master "{{ item }}"-node
-    changed_when: False
-    failed_when: False
-    with_items:
-    - openshift-enterprise
-    - origin
-
-  - shell: docker ps -a | grep Exited | egrep "{{ item }}" | awk '{print $1}'
-    changed_when: False
-    failed_when: False
-    register: exited_containers_to_delete
-    with_items:
-    - openshift3/ose
-    - openshift3/node
-    - openshift3/openvswitch
-    - openshift/origin
-
-  - shell: "docker rm {{ item.stdout_lines | join(' ') }}"
-    changed_when: False
-    failed_when: False
-    with_items: "{{ exited_containers_to_delete.results }}"
-
-  - name: Remove k8s_ containters
-    shell: docker ps -a -q -f name=k8s_ | xargs docker rm -f
-    failed_when: False
-
-  - block:
-    - block:
-      - shell: docker images | egrep {{ item }} | awk '{ print $3 }'
-        changed_when: False
-        failed_when: False
-        register: images_to_delete
-        with_items:
-        - registry\.access\..*redhat\.com/openshift3
-        - registry\.qe\.openshift\.com/.*
-        - registry\.access\..*redhat\.com/rhel7/etcd
-        - docker.io/openshift
-
-      - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}"
-        changed_when: False
-        failed_when: False
-        with_items: "{{ images_to_delete.results }}"
-      when: openshift_uninstall_images | default(True) | bool
-
-    - name: remove sdn drop files
-      file:
-        path: /run/openshift-sdn
-        state: absent
-
-    - name: Remove files owned by RPMs
-      file: path={{ item }} state=absent
-      with_items:
-      - /etc/sysconfig/openshift-node
-      - /run/openshift-sdn
-
-    - name: Remove files owned by OVS RPM
-      file: path=/etc/sysconfig/openvswitch state=absent
-      when: openshift_use_openshift_sdn | default(True) | bool
-
-    when: openshift_remove_all | default(True) | bool
-
-  - find: path={{ item }} file_type=file
-    register: files
-    with_items:
-    - "{{ node_dirs }}"
-
-  - find: path={{ item }} file_type=directory
-    register: directories
-    with_items:
-    - "{{ node_dirs }}"
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ files.results | default([]) }}"
-    - files
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ directories.results | default([]) }}"
-    - files
-
-  - shell: systemctl daemon-reload
-    changed_when: False
-
-  - name: Remove remaining files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/ansible/facts.d/openshift.fact
-    - /etc/openshift
-    - /etc/openshift-sdn
-    - /etc/pki/ca-trust/source/anchors/openshift-ca.crt
-    - /etc/sysconfig/atomic-openshift-node
-    - /etc/sysconfig/atomic-openshift-node-dep
-    - /etc/sysconfig/openshift-node-dep
-    - /etc/sysconfig/origin-node
-    - /etc/sysconfig/origin-node
-    - /etc/sysconfig/origin-node-dep
-    - /etc/systemd/system/atomic-openshift-node-dep.service
-    - /etc/systemd/system/atomic-openshift-node.service
-    - /etc/systemd/system/atomic-openshift-node.service.wants
-    - /etc/systemd/system/origin-node-dep.service
-    - /etc/systemd/system/origin-node.service
-    - /etc/systemd/system/origin-node.service.wants
-
-  - name: Remove remaining OVS files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/systemd/system/openvswitch.service
-    when: openshift_use_openshift_sdn | default(True) | bool
-
-  - name: Rebuild ca-trust
-    command: update-ca-trust
-
-- hosts: masters
-  become: yes
-  vars:
-    master_dirs:
-    - "/etc/origin"
-    - "/var/lib/origin"
-  tasks:
-  - name: unmask services
-    command: systemctl unmask "{{ item }}"
-    changed_when: False
-    failed_when: False
-    with_items:
-    - firewalld
-    - atomic-openshift-master
-
-  - name: Remove packages
-    package:
-      name: "{{ pkg_list | join(',') }}"
-      state: absent
-    when:
-    - openshift_remove_all | default(True) | bool
-    vars:
-      pkg_list:
-      - atomic-openshift
-      - atomic-openshift-clients
-      - atomic-openshift-excluder
-      - atomic-openshift-docker-excluder
-      - atomic-openshift-master
-      - cockpit-bridge
-      - cockpit-docker
-      - cockpit-system
-      - cockpit-ws
-      - corosync
-      - kubernetes-client
-      - openshift
-      - openshift-master
-      - origin
-      - origin-clients
-      - origin-excluder
-      - origin-docker-excluder
-      - origin-master
-    register: result
-    until: result is succeeded
-
-  - shell: systemctl reset-failed
-    changed_when: False
-
-  - shell: systemctl daemon-reload
-    changed_when: False
-
-  - name: Remove files owned by RPMs
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/sysconfig/atomic-openshift-master
-    when: openshift_remove_all | default(True) | bool
-
-  - name: Remove files owned by OVS RPM
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/sysconfig/openvswitch
-    when:
-    - openshift_remove_all | default(True) | bool
-    - openshift_use_openshift_sdn | default(True) | bool
-
-  - find: path={{ item }} file_type=file
-    register: files
-    with_items:
-    - "{{ master_dirs }}"
-
-  - find: path={{ item }} file_type=directory
-    register: directories
-    with_items:
-    - "{{ master_dirs }}"
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ files.results | default([]) }}"
-    - files
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ directories.results | default([]) }}"
-    - files
-
-  - set_fact:
-      client_users: "{{ [ansible_ssh_user, 'root'] | unique }}"
-
-  - name: Remove client kubeconfigs
-    file:
-      path: "~{{ item }}/.kube"
-      state: absent
-    with_items:
-    - "{{ client_users }}"
-
-  - name: Remove remaining files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/ansible/facts.d/openshift.fact
-    - /etc/corosync
-    - /usr/share/openshift/examples
-    - /usr/local/bin/openshift
-    - /usr/local/bin/oadm
-    - /usr/local/bin/oc
-    - /usr/local/bin/kubectl
-    - /etc/flannel
-
-  - name: Remove remaining OVS files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/systemd/system/openvswitch.service
-    when: openshift_use_openshift_sdn | default(True) | bool
-
-- hosts: etcd
-  become: yes
-  vars:
-    etcd_dirs:
-    - "/etc/etcd"
-    - "/var/lib/etcd"
-  tasks:
-  - name: unmask services
-    command: systemctl unmask "{{ item }}"
-    changed_when: False
-    failed_when: False
-    with_items:
-    - etcd
-    - etcd3
-    - firewalld
-
-  - name: Remove packages
-    package:
-      name: "{{ pkg_list | join(',') }}"
-      state: absent
-    when:
-    - openshift_remove_all | default(True) | bool
-    vars:
-      pkg_list:
-      - etcd
-      - etcd3
-    register: result
-    until: result is succeeded
-
-  - shell: systemctl reset-failed
-    changed_when: False
-
-  - shell: systemctl daemon-reload
-    changed_when: False
-
-  - find: path={{ item }} file_type=file
-    register: files
-    with_items:
-    - "{{ etcd_dirs }}"
-
-  - find: path={{ item }} file_type=directory
-    register: directories
-    with_items:
-    - "{{ etcd_dirs }}"
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ files.results | default([]) }}"
-    - files
-
-  - file: path={{ item.1.path }} state=absent
-    with_subelements:
-    - "{{ directories.results | default([]) }}"
-    - files
-
-  # Intenationally using rm command over file module because if someone had mounted a filesystem
-  # at /var/lib/etcd then the contents was not removed correctly
-  - name: Remove etcd data
-    shell: rm -rf /var/lib/etcd/*
-    args:
-      warn: no
-    failed_when: false
-
-  - name: Remove remaining files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/ansible/facts.d/openshift.fact
-    - /etc/systemd/system/etcd_container.service
-    - /etc/profile.d/etcdctl.sh
-
-- hosts: lb
-  become: yes
-  tasks:
-  - name: unmask services
-    command: systemctl unmask "{{ item }}"
-    changed_when: False
-    failed_when: False
-    with_items:
-    - firewalld
-
-  - name: Remove packages
-    package:
-      name: haproxy
-      state: absent
-    when:
-    - openshift_remove_all | default(True) | bool
-    register: result
-    until: result is succeeded
-
-  - shell: systemctl reset-failed
-    changed_when: False
-
-  - shell: systemctl daemon-reload
-    changed_when: False
-
-  - name: Remove remaining files
-    file: path={{ item }} state=absent
-    with_items:
-    - /etc/ansible/facts.d/openshift.fact
-    - /var/lib/haproxy/stats
-    # Here we remove only limits.conf rather than directory, as users may put their files.
-    # - /etc/systemd/system/haproxy.service.d
-    - /etc/systemd/system/haproxy.service.d/limits.conf
-    - /etc/systemd/system/haproxy.service

playbooks/aws/BUILD_AMI.md

@@ -1,21 +0,0 @@
-# Build AMI
-
-When seeking to deploy a working openshift cluster using these plays, a few
-items must be in place.
-
-These are:
-
-1. Create an instance, using a specified ssh key.
-2. Run openshift-ansible setup roles to ensure packages and services are correctly configured.
-3. Create the AMI.
-4. If encryption is desired
-  - A KMS key is created with the name of $clusterid
-  - An encrypted AMI will be produced with $clusterid KMS key
-5. Terminate the instance used to configure the AMI.
-
-More AMI specific options can be found in ['openshift_aws/defaults/main.yml'](../../roles/openshift_aws/defaults/main.yml).  When creating an encrypted AMI please specify use_encryption:
-```
-# openshift_aws_ami_encrypt: True  # defaults to false
-```
-
-**Note**:  This will ensure to take the recently created AMI and encrypt it to be used later.  If encryption is not desired then set the value to false (defaults to false). The AMI id will be fetched and used according to its most recent creation date.

playbooks/aws/OWNERS

@@ -1,16 +0,0 @@
-# approval == this is a good idea /approve
-approvers:
-  - kwoodson
-  - abutcher
-  - michaelgugino
-  - mtnbikenc
-  - sdodson
-  - vrutkovs
-# review == this code is good /lgtm
-reviewers:
-  - kwoodson
-  - abutcher
-  - michaelgugino
-  - mtnbikenc
-  - sdodson
-  - vrutkovs

playbooks/aws/PREREQUISITES.md

@@ -1,40 +0,0 @@
-# Prerequisites
-
-When seeking to deploy a working openshift cluster using these plays, a few
-items must be in place.
-
-These are:
-
-1) vpc
-2) security group to build the AMI in.
-3) ssh keys to log into instances
-
-These items can be provisioned ahead of time, or you can utilize the plays here
-to create these items.
-
-If you wish to provision these items yourself, or you already have these items
-provisioned and wish to utilize existing components, please refer to
-provisioning_vars.yml.example.
-
-If you wish to have these items created for you, continue with this document.
-
-# Running prerequisites.yml
-
-Warning:  Running these plays will provision items in your AWS account (if not
-present), and you may incur billing charges.  These plays are not suitable
-for the free-tier.
-
-## Step 1:
-Ensure you have specified all the necessary provisioning variables.  See
-provisioning_vars.example.yml and README.md for more information.
-
-## Step 2:
-```
-$ ansible-playbook -i inventory.yml prerequisites.yml -e @provisioning_vars.yml
-```
-
-This will create a VPC, security group, and ssh_key.  These plays are idempotent,
-and multiple runs should result in no additional provisioning of these components.
-
-You can also verify that you will successfully utilize existing components with
-these plays.

playbooks/aws/README.md

@@ -1,217 +0,0 @@
-# AWS playbooks
-
-## Provisioning
-
-With recent desire for provisioning from customers and developers alike, the AWS
- playbook directory now supports a limited set of ansible playbooks to achieve a
- complete cluster setup. These playbooks bring into alignment our desire to
- deploy highly scalable Openshift clusters utilizing AWS auto scale groups and
- custom AMIs.
-
-To speed in the provisioning of medium and large clusters, openshift-node
-instances are created using a pre-built AMI.  A list of pre-built AMIs will
-be available soon.
-
-If the deployer wishes to build their own AMI for provisioning, instructions
-to do so are provided here.
-
-### Where do I start?
-
-Before any provisioning may occur, AWS account credentials must be present in the environment.  This can be done in two ways:
-
-- Create the following file `~/.aws/credentials` with the contents (substitute your access key and secret key):
-   ```
-   [myaccount]
-   aws_access_key_id = <Your access_key here>
-   aws_secret_access_key = <Your secret acces key here>
-   ```
-   From the shell:
-   ```
-   $ export AWS_PROFILE=myaccount
-   ```
- ---
-- Alternatively to using a profile you can export your AWS credentials as environment variables.
-   ```
-  $ export AWS_ACCESS_KEY_ID=AKIXXXXXX
-  $ export AWS_SECRET_ACCESS_KEY=XXXXXX
-   ```
-
-### Let's Provision!
-
-Warning:  Running these plays will provision items in your AWS account (if not
-present), and you may incur billing charges.  These plays are not suitable
-for the free-tier.
-
-#### High-level overview
-- prerequisites.yml - Provision VPC, Security Groups, SSH keys, if needed.  See PREREQUISITES.md for more information.
-- build_ami.yml - Builds a custom AMI.  See BUILD_AMI.md for more information.
-- provision.yml - Create a vpc, elbs, security groups, launch config, asg's, etc.
-- install.yml - Calls the openshift-ansible installer on the newly created instances
-- provision_nodes.yml - Creates the infra and compute node scale groups
-- accept.yml - This is a playbook to accept infra and compute nodes into the cluster
-- provision_install.yml - This is a combination of all 3 of the above playbooks. (provision, install, and provision_nodes as well as accept.yml)
-
-The current expected work flow should be to provide an AMI with access to Openshift repositories.  There should be a repository specified in the `openshift_additional_repos` parameter of the inventory file. The next expectation is a minimal set of values in the `provisioning_vars.yml` file to configure the desired settings for cluster instances.  These settings are AWS specific and should be tailored to the consumer's AWS custom account settings.
-
-Values specified in provisioning_vars.yml may instead be specified in your inventory group_vars
-under the appropriate groups.  Most variables can exist in the 'all' group.
-
-```yaml
----
-# Minimum mandatory provisioning variables.  See provisioning_vars.yml.example.
-# for more information.
-openshift_deployment_type: # 'origin' or 'openshift-enterprise'
-openshift_aws_clusterid: # example: example
-openshift_aws_ssh_key_name: # example: myuser_key
-openshift_aws_base_ami: # example: ami-12345678
-# These are required when doing SSL on the ELBs
-openshift_aws_iam_cert_path: # example: '/path/to/wildcard.<clusterid>.example.com.crt'
-openshift_aws_iam_cert_key_path: # example: '/path/to/wildcard.<clusterid>.example.com.key'
-```
-
-If customization is required for the instances, scale groups, or any other configurable option please see the ['openshift_aws/defaults/main.yml'](../../roles/openshift_aws/defaults/main.yml) for variables and overrides. These overrides can be placed in the `provisioning_vars.yml`, `inventory`, or `group_vars`.
-
-In order to create the bootstrap-able AMI we need to create a basic openshift-ansible inventory.  This enables us to create the AMI using the openshift-ansible node roles.  This inventory should not include any hosts, but certain variables should be defined in the appropriate groups, just as deploying a cluster
-using the normal openshift-ansible method.  See provisioning-inventory.example.ini for an example.
-
-There are more examples of cluster inventory settings [`here`](../../inventory/).
-
-#### Step 0 (optional)
-
-You may provision a VPC, Security Group, and SSH keypair to build the AMI.
-
-```
-$ ansible-playbook -i inventory.yml prerequisites.yml -e @provisioning_vars.yml
-```
-
-See PREREQUISITES.md for more information.
-
-#### Step 1
-
-Once the `inventory` and the `provisioning_vars.yml` file has been updated with the correct settings for the desired AWS account then we are ready to build an AMI.
-
-```
-$ ansible-playbook -i inventory.yml build_ami.yml -e @provisioning_vars.yml
-```
-
-#### Step 2
-
-Now that we have created an AMI for our Openshift installation, there are two ways to use the AMI.
-
-1. In the default behavior, the AMI id will be found and used in the last created fashion.
-2. The `openshift_aws_ami` option can be specified.  This will allow the user to override the behavior of the role and use a custom AMI specified in the `openshift_aws_ami` variable.
-
-We are now ready to provision and install the cluster.  This can be accomplished by calling all of the following steps at once or one-by-one.  The all in one can be called like this:
-```
-$ ansible-playbook -i inventory.yml provision_install.yml -e @provisioning_vars.yml
-```
-
-If this is the first time running through this process, please attempt the following steps one-by-one and ensure the setup works correctly.
-
-#### Step 3
-
-We are ready to create the master instances.
-
-```
-$ ansible-playbook provision.yml -e @provisioning_vars.yml
-```
-
-This playbook runs through the following steps:
-1. Creates an s3 bucket for the registry named $clusterid-docker-registry
-2. Create master security groups.
-3. Create a master launch config.
-4. Create the master auto scaling groups.
-5. If certificates are desired for ELB, they will be uploaded.
-6. Create internal and external master ELBs.
-7. Add newly created masters to the correct groups.
-8. Set a couple of important facts for the masters.
-
-At this point we have successfully created the infrastructure including the master nodes.
-
-#### Step 4
-
-Now it is time to install Openshift using the openshift-ansible installer.  This can be achieved by running the following playbook:
-
-```
-$ ansible-playbook -i inventory.yml install.yml -e @provisioning_vars.yml
-```
-This playbook accomplishes the following:
-1. Builds a dynamic inventory file by querying AWS.
-2. Runs the [`deploy_cluster.yml`](../deploy_cluster.yml)
-
-Once this playbook completes, the cluster masters should be installed and configured.
-
-#### Step 5
-
-Now that we have the cluster masters deployed, we need to deploy our infrastructure and compute nodes:
-
-```
-$ ansible-playbook provision_nodes.yml -e @provisioning_vars.yml
-```
-
-Once this playbook completes, it should create the compute and infra node scale groups.  These nodes will attempt to register themselves to the cluster.  These requests must be approved by an administrator in Step 6.
-
-#### Step 6
-
-To facilitate the node registration process, nodes may be registered by running the following script `accept.yml`.  This script can register in a few different ways.
-- approve_all - **Note**: this option is for development and test environments.  Security is bypassed
-- nodes - A list of node names that will be accepted into the cluster
-
-```yaml
- oc_adm_csr:
-   #approve_all: True
-   nodes: < list of nodes here >
-   timeout: 0
-```
-
-Once the desired accept method is chosen, run the following playbook `accept.yml`:
-1. Run the following playbook.
-```
-$ ansible-playbook accept.yml -e @provisioning_vars.yml
-```
-
-Login to a master and run the following command:
-```
-ssh root@<master ip address>
-$ oc --config=/etc/origin/master/admin.kubeconfig get csr
-node-bootstrapper-client-ip-172-31-49-148-ec2-internal   1h       system:serviceaccount:openshift-infra:node-bootstrapper   Approved,Issued
-node-bootstrapper-server-ip-172-31-49-148-ec2-internal   1h       system:node:ip-172-31-49-148.ec2.internal                 Approved,Issued
-```
-
-Verify the `CONDITION` is `Approved,Issued` on the `csr` objects.  There are two for each node required.
-1. `node-bootstrapper-client` is a request to access the api/controllers.
-2. `node-bootstrapper-server` is a request to join the cluster.
-
-Once this is complete, verify the nodes have joined the cluster and are `ready`.
-
-```
-$ oc --config=/etc/origin/master/admin.kubeconfig get nodes
-NAME                            STATUS                     AGE       VERSION
-ip-172-31-49-148.ec2.internal   Ready                      1h       v1.6.1+5115d708d7
-```
-
-### Ready To Work!
-
-At this point your cluster should be ready for workloads.  Proceed to deploy applications on your cluster.
-
-### Still to come
-
-There are more enhancements that are arriving for provisioning.  These will include more playbooks that enhance the provisioning capabilities.
-
-## Uninstall / Deprovisioning
-
-To undo the work done by the prerequisites playbook, simply call the uninstall_prerequisites.yml playbook. You will have needed to remove any of the other objects (ie ELBs, instances, etc) before attempting. You should use the same inventory file and provisioning_vars.yml file that was used during provisioning.
-
-```
-ansible-playbook -i <previous inventory file> -e @<previous provisioning_vars file> uninstall_prerequisites.yml
-```
-
-This should result in removal of the security groups and VPC that were created.
-
-Cleaning up the S3 bucket contents can be accomplished with:
-
-```
-ansible-playbook -i <previous inventory file> -e @<previous provisioning_vars file> uninstall_s3.yml
-```
-
-NOTE: If you want to also remove the ssh keys that were uploaded (**these ssh keys would be shared if you are running multiple clusters in the same AWS account** so we don't remove these by default) then you should add 'openshift_aws_enable_uninstall_shared_objects: True' to your provisioning_vars.yml file.

playbooks/aws/openshift-cluster/accept.yml

@@ -1,22 +0,0 @@
-#!/usr/bin/ansible-playbook
----
-- name: Accept nodes
-  hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: Alert user to variables needed - clusterid
-    debug:
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid | default('default') }}"
-
-  - name: Alert user to variables needed - region
-    debug:
-      msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-
-  - name: bring lib_openshift into scope
-    import_role:
-      name: lib_openshift
-
-  - name: accept nodes
-    import_role:
-      name: openshift_aws
-      tasks_from: accept_nodes.yml

playbooks/aws/openshift-cluster/build_ami.yml

@@ -1,45 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: Require openshift_aws_base_ami
-    fail:
-      msg: "A base AMI is required for AMI building.  Please ensure  `openshift_aws_base_ami` is defined."
-    when: openshift_aws_base_ami is undefined
-
-  - name: "Alert user to variables needed and their values - {{ item.name }}"
-    debug:
-      msg: "{{ item.msg }}"
-    with_items:
-    - name: openshift_aws_clusterid
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid | default('default') }}"
-    - name: openshift_aws_region
-      msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-
-- import_playbook: provision_instance.yml
-  vars:
-    openshift_aws_node_group_type: compute
-
-- hosts: nodes
-  gather_facts: False
-  tasks:
-  - name: set the user to perform installation
-    set_fact:
-      ansible_ssh_user: "{{ openshift_aws_build_ami_ssh_user | default(ansible_ssh_user) }}"
-      openshift_node_image_prep_packages:
-      - cloud-init
-      - cloud-utils-growpart
-  - import_role:
-      name: openshift_version
-      tasks_from: first_master.yml
-
-# This is the part that installs all of the software and configs for the instance
-# to become a node.
-- import_playbook: ../../openshift-node/private/image_prep.yml
-  vars:
-    openshift_node_reboot_instance_before_cleanup: true
-
-- import_playbook: seal_ami.yml
-  vars:
-    openshift_aws_ami_name: "openshift-gi-{{ lookup('pipe', 'date +%Y%m%d%H%M')}}"

playbooks/aws/openshift-cluster/install.yml

@@ -1,24 +0,0 @@
----
-- name: Setup master instances
-  hosts: localhost
-  tasks:
-  - import_role:
-      name: openshift_aws
-      tasks_from: setup_master_group.yml
-
-- name: set the master facts for hostname to elb
-  hosts: masters
-  gather_facts: no
-  remote_user: root
-  tasks:
-  - import_role:
-      name: openshift_aws
-      tasks_from: master_facts.yml
-
-- name: run the init
-  import_playbook: ../../init/main.yml
-
-- import_playbook: ../../openshift-checks/private/install.yml
-
-- name: configure the control plane
-  import_playbook: ../../common/private/control_plane.yml

playbooks/aws/openshift-cluster/prerequisites.yml

@@ -1,8 +0,0 @@
----
-- import_playbook: provision_vpc.yml
-
-- import_playbook: provision_ssh_keypair.yml
-
-- import_playbook: provision_sec_group.yml
-
-- import_playbook: provision_iam_role.yml

playbooks/aws/openshift-cluster/provision.yml

@@ -1,25 +0,0 @@
----
-- name: Alert user to variables needed
-  hosts: localhost
-  tasks:
-  - name: Alert user to variables needed - clusterid
-    debug:
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid | default('default') }}"
-
-  - name: Alert user to variables needed - region
-    debug:
-      msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-
-- import_playbook: provision_s3.yml
-
-- import_playbook: provision_elb.yml
-
-- name: Create the master instances
-  hosts: localhost
-  tasks:
-  - name: provision instances
-    import_role:
-      name: openshift_aws
-      tasks_from: provision_masters.yml
-
-- import_playbook: provision_dns.yml

playbooks/aws/openshift-cluster/provision_dns.yml

@@ -1,9 +0,0 @@
----
-- name: provision dns
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: provision dns
-    import_role:
-      name: openshift_aws
-      tasks_from: provision_dns.yml

playbooks/aws/openshift-cluster/provision_elb.yml

@@ -1,9 +0,0 @@
----
-- name: Create elb
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: provision elb
-    include_role:
-      name: openshift_aws
-      tasks_from: provision_elb.yml

playbooks/aws/openshift-cluster/provision_iam_role.yml

@@ -1,10 +0,0 @@
----
-- name: Create iam role
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: create iam role
-    include_role:
-      name: openshift_aws
-      tasks_from: iam_role.yml
-    when: openshift_aws_create_iam_role | default(true) | bool

playbooks/aws/openshift-cluster/provision_install.yml

@@ -1,19 +0,0 @@
----
-# Once an AMI is built then this script is used for
-# the one stop shop to provision and install a cluster
-# this playbook is run with the following parameters:
-# ansible-playbook -i openshift-ansible-inventory provision_install.yml
-- name: Include the provision.yml playbook to create cluster
-  import_playbook: provision.yml
-
-- name: Include the install.yml playbook to install cluster on masters
-  import_playbook: install.yml
-
-- name: provision the infra/compute playbook to install node resources
-  import_playbook: provision_nodes.yml
-
-- name: Include the accept.yml playbook to accept nodes into the cluster
-  import_playbook: accept.yml
-
-- name: Include the components playbook to finish the hosted configuration
-  import_playbook: ../../common/private/components.yml

playbooks/aws/openshift-cluster/provision_instance.yml

@@ -1,12 +0,0 @@
----
-# If running this play directly, be sure the variable
-# 'openshift_aws_node_group_type' is set correctly for your usage.
-# See build_ami.yml for an example.
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: create an instance and prepare for ami
-    import_role:
-      name: openshift_aws
-      tasks_from: provision_instance.yml

playbooks/aws/openshift-cluster/provision_nodes.yml

@@ -1,18 +0,0 @@
----
-- name: create the node scale groups
-  hosts: localhost
-  connection: local
-  gather_facts: yes
-  tasks:
-  - name: Alert user to variables needed - clusterid
-    debug:
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid | default('default') }}"
-
-  - name: Alert user to variables needed - region
-    debug:
-      msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-
-  - name: create the node groups
-    import_role:
-      name: openshift_aws
-      tasks_from: provision_nodes.yml

playbooks/aws/openshift-cluster/provision_s3.yml

@@ -1,10 +0,0 @@
----
-- name: Create s3 bucket
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: create s3 bucket
-    include_role:
-      name: openshift_aws
-      tasks_from: s3.yml
-    when: openshift_aws_create_s3 | default(true) | bool

playbooks/aws/openshift-cluster/provision_sec_group.yml

@@ -1,13 +0,0 @@
----
-# If running this play directly, be sure the variable
-# 'openshift_aws_node_group_type' is set correctly for your usage.
-# See build_ami.yml for an example.
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: create security groups
-    import_role:
-      name: openshift_aws
-      tasks_from: security_group.yml
-    when: openshift_aws_create_security_groups | default(True) | bool

playbooks/aws/openshift-cluster/provision_ssh_keypair.yml

@@ -1,12 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: create an instance and prepare for ami
-    import_role:
-      name: openshift_aws
-      tasks_from: ssh_keys.yml
-    vars:
-      openshift_aws_node_group_type: compute
-    when: openshift_aws_users | default([]) | length  > 0

playbooks/aws/openshift-cluster/provision_vpc.yml

@@ -1,10 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: create a vpc
-    import_role:
-      name: openshift_aws
-      tasks_from: vpc.yml
-    when: openshift_aws_create_vpc | default(True) | bool

playbooks/aws/openshift-cluster/roles

@@ -1 +0,0 @@
-../../../roles

playbooks/aws/openshift-cluster/seal_ami.yml

@@ -1,12 +0,0 @@
----
-# If running this play directly, be sure the variable
-# 'openshift_aws_ami_name' is set correctly for your usage.
-# See build_ami.yml for an example.
-- hosts: localhost
-  connection: local
-  become: no
-  tasks:
-  - name: seal the ami
-    import_role:
-      name: openshift_aws
-      tasks_from: seal_ami.yml

playbooks/aws/openshift-cluster/uninstall.yml

@@ -1,10 +0,0 @@
----
-- import_playbook: uninstall_nodes.yml
-
-- import_playbook: uninstall_masters.yml
-
-- import_playbook: uninstall_s3.yml
-
-- import_playbook: uninstall_elb.yml
-
-- import_playbook: uninstall_prerequisites.yml

playbooks/aws/openshift-cluster/uninstall_elb.yml

@@ -1,9 +0,0 @@
----
-- name: Delete elb
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: deprovision elb
-    include_role:
-      name: openshift_aws
-      tasks_from: uninstall_elb.yml

playbooks/aws/openshift-cluster/uninstall_masters.yml

@@ -1,19 +0,0 @@
----
-- name: Alert user to variables needed
-  hosts: localhost
-  tasks:
-  - name: Alert user to variables needed - clusterid
-    debug:
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid }}"
-
-  - name: Alert user to variables needed - region
-    debug:
-      msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}"
-
-- name: Delete the master instances
-  hosts: localhost
-  tasks:
-  - name: delete masters
-    import_role:
-      name: openshift_aws
-      tasks_from: uninstall_masters.yml

playbooks/aws/openshift-cluster/uninstall_nodes.yml

@@ -1,18 +0,0 @@
----
-- name: delete the node scale groups
-  hosts: localhost
-  connection: local
-  gather_facts: yes
-  tasks:
-  - name: Alert user to variables needed - clusterid
-    debug:
-      msg: "openshift_aws_clusterid={{ openshift_aws_clusterid }}"
-
-  - name: Alert user to variables needed - region
-    debug:
-      msg: "openshift_aws_region={{ openshift_aws_region }}"
-
-  - name: delete the node groups
-    import_role:
-      name: openshift_aws
-      tasks_from: uninstall_nodes.yml

playbooks/aws/openshift-cluster/uninstall_prerequisites.yml

@@ -1,6 +0,0 @@
----
-- import_playbook: uninstall_sec_group.yml
-
-- import_playbook: uninstall_vpc.yml
-
-- import_playbook: uninstall_ssh_keypair.yml

playbooks/aws/openshift-cluster/uninstall_s3.yml

@@ -1,10 +0,0 @@
----
-- name: Empty/delete s3 bucket
-  hosts: localhost
-  connection: local
-  tasks:
-  - name: empty/delete s3 bucket
-    include_role:
-      name: openshift_aws
-      tasks_from: uninstall_s3.yml
-    when: openshift_aws_create_s3 | default(true) | bool

playbooks/aws/openshift-cluster/uninstall_sec_group.yml

@@ -1,10 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: delete security groups
-    include_role:
-      name: openshift_aws
-      tasks_from: uninstall_security_group.yml
-    when: openshift_aws_create_security_groups | default(True) | bool

playbooks/aws/openshift-cluster/uninstall_ssh_keypair.yml

@@ -1,10 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: remove ssh keypair(s)
-    include_role:
-      name: openshift_aws
-      tasks_from: uninstall_ssh_keys.yml
-    when: openshift_aws_users | default([]) | length  > 0

playbooks/aws/openshift-cluster/uninstall_vpc.yml

@@ -1,10 +0,0 @@
----
-- hosts: localhost
-  connection: local
-  gather_facts: no
-  tasks:
-  - name: delete vpc
-    include_role:
-      name: openshift_aws
-      tasks_from: uninstall_vpc.yml
-    when: openshift_aws_create_vpc | default(True) | bool

playbooks/aws/provisioning-inventory.example.ini

@@ -1,26 +0,0 @@
-[OSEv3:children]
-masters
-nodes
-etcd
-
-[OSEv3:vars]
-################################################################################
-# Ensure these variables are set for bootstrap
-################################################################################
-# openshift_deployment_type is required for installation
-openshift_deployment_type=origin
-openshift_cloudprovider_kind=aws
-
-openshift_master_api_port=443
-
-openshift_hosted_router_wait=False
-openshift_hosted_registry_wait=False
-
-################################################################################
-# cluster specific settings maybe be placed here
-
-[masters]
-
-[etcd]
-
-[nodes]

playbooks/aws/provisioning_vars.yml.example

@@ -1,143 +0,0 @@
----
-# Variables that are commented in this file are optional; uncommented variables
-# are mandatory.
-
-# Default values for each variable are provided, as applicable.
-# Example values for mandatory variables are provided as a comment at the end
-# of the line.
-
-# ------------------------ #
-# Common/Cluster Variables #
-# ------------------------ #
-# Variables in this section affect all areas of the cluster
-
-# Deployment type must be specified.
-openshift_deployment_type: # 'origin' or 'openshift-enterprise'
-
-# This will be dependent on the version provided by the yum repository
-#openshift_pkg_version: # -3.10.0
-
-# OpenShift api port
-# Fulfills a chicken/egg scenario with how Ansible treats host inventory file
-# and extra_vars.  This is used for SecurityGroups, ELB Listeners as well as
-# an override to installer inventory openshift_master_api_port key
-# openshift_master_api_port: 8443
-
-# specify a clusterid
-# This value is also used as the default value for many other components.
-#openshift_aws_clusterid: default
-
-# AWS region
-# This value will instruct the plays where all items should be created.
-# Multi-region deployments are not supported using these plays at this time.
-#openshift_aws_region: us-east-1
-
-#openshift_aws_create_launch_config: true
-#openshift_aws_create_scale_group: true
-
-# --- #
-# VPC #
-# --- #
-
-# openshift_aws_create_vpc defaults to true.  If you don't wish to provision
-# a vpc, set this to false.
-#openshift_aws_create_vpc: true
-
-# when openshift_aws_create_vpc is true (the default), the VPC defined in
-# openshift_aws_vpc will be created
-#openshift_aws_vpc:
-#  name: "{{ openshift_aws_vpc_name }}"
-#  cidr: 172.31.0.0/16
-#  subnets:
-#    us-east-1:
-#    - cidr: 172.31.48.0/20
-#      az: "us-east-1c"
-#      default_az: true
-#    - cidr: 172.31.32.0/20
-#      az: "us-east-1e"
-#    - cidr: 172.31.16.0/20
-#      az: "us-east-1a"
-
-# Name of the vpc.  Needs to be set if using a pre-existing vpc.
-#openshift_aws_vpc_name: "{{ openshift_aws_clusterid }}"
-
-# Name of the subnet in the vpc to use.  Needs to be set if using a pre-existing
-# vpc + subnet. Otherwise will use the subnet with 'default_az' set (see above
-# example VPC structure)
-#openshift_aws_subnet_az:
-
-# -------------- #
-# Security Group #
-# -------------- #
-
-# openshift_aws_create_security_groups defaults to true.  If you wish to use
-# an existing security group, set this to false.
-#openshift_aws_create_security_groups: true
-
-# openshift_aws_build_ami_group is the name of the security group to build the
-# ami in.  This defaults to the value of openshift_aws_clusterid.
-#openshift_aws_build_ami_group: "{{ openshift_aws_clusterid }}"
-
-# openshift_aws_launch_config_security_groups specifies the security groups to
-# apply to the launch config.  The launch config security groups will be what
-# the cluster actually is deployed in.
-#openshift_aws_launch_config_security_groups: see roles/openshift_aws/defaults.yml
-
-# openshift_aws_node_security_groups are created when
-# openshift_aws_create_security_groups is set to true.
-#openshift_aws_node_security_groups: see roles/openshift_aws/defaults.yml
-
-# -------- #
-# ssh keys #
-# -------- #
-
-# Specify the key pair name here to connect to the provisioned instances.  This
-# can be an existing key, or it can be one of the keys specified in
-# openshift_aws_users
-openshift_aws_ssh_key_name: # myuser_key
-
-# This will ensure these user and public keys are created.
-#openshift_aws_users:
-#- key_name: myuser_key
-#  username: myuser
-#  pub_key: |
-#         ssh-rsa AAAA
-
-# When building the AMI, specify the user to ssh to the instance as.
-# openshift_aws_build_ami_ssh_user: root
-
-# --------- #
-# AMI Build #
-# --------- #
-# Variables in this section apply to building a node AMI for use in your
-# openshift cluster.
-# openshift-ansible will perform the container runtime storage setup when specified
-# The current storage setup with require a drive if using a separate storage device
-# for the container runtime.
-container_runtime_docker_storage_type: overlay2
-container_runtime_docker_storage_setup_device: /dev/xvdb
-
-# must specify a base_ami when building an AMI
-openshift_aws_base_ami: # ami-12345678
-
-# when creating an encrypted AMI please specify use_encryption
-#openshift_aws_ami_encrypt: False
-
-# -- #
-# S3 #
-# -- #
-
-# Create an s3 bucket.
-#openshift_aws_create_s3: True
-
-# --- #
-# ELB #
-# --- #
-
-# openshift_aws_elb_name will be the base-name of the ELBs.
-#openshift_aws_elb_name: "{{ openshift_aws_clusterid }}"
-
-# custom certificates are required for the ELB
-openshift_aws_iam_cert_path: # '/path/to/wildcard.<clusterid>.example.com.crt'
-openshift_aws_iam_cert_key_path: # '/path/to/wildcard.<clusterid>.example.com.key'
-openshift_aws_iam_cert_chain_path: # '/path/to/cert.ca.crt'

playbooks/azure/BRANCH.md

@@ -1,3 +0,0 @@
-When a release branch is cut we need to perform the following actions:
-- update the playbooks/azure/openshift-cluster/groups_vars/all/yum_repos.yml to reflect the new package location.
-- update the playbooks/azure/openshift-cluster/launch.yml to update the acs-engine's openshift.json parameters to match $release.

playbooks/azure/OWNERS

@@ -1,8 +0,0 @@
-reviewers:
-- jim-minter
-- kwoodson
-- pweil-
-approvers:
-- jim-minter
-- kwoodson
-- pweil-

playbooks/azure/README.md

@@ -1,2 +0,0 @@
-The playbooks and tasks under this directory are not supported for end-customer
-use.

playbooks/azure/openshift-cluster/build_base_image.yml

@@ -1,52 +0,0 @@
----
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: calculate input image
-    command: az image list -g "{{ openshift_azure_input_image_ns }}" --query "[?starts_with(name, '{{ openshift_azure_input_image_prefix }}-') && tags.valid=='true'] | sort_by(@, &name) | [-1]"
-    register: input_image
-
-  - name: provision resource group
-    import_tasks: tasks/provision_instance.yml
-
-- hosts: nodes
-  tasks:
-  - name: calculate yum repositories
-    set_fact:
-      openshift_additional_repos: "{{ azure_base_repos[ansible_distribution] }}"
-
-  - name: configure yum repositories
-    import_tasks: tasks/yum_certs.yml
-
-  - name: update rpms
-    import_role:
-      name: os_update_latest
-    vars:
-      os_update_latest_reboot: True
-
-  - name: deconfigure yum repositories
-    import_tasks: tasks/remove_yum.yml
-
-  - name: run waagent deprovision
-    command: waagent -deprovision+user -force
-    args:
-      chdir: /
-
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: create image
-    import_tasks: tasks/create_image_from_vm.yml
-    vars:
-      image_resource_group: "{{ openshift_azure_output_image_ns }}"
-      image_name: "{{ openshift_azure_output_image_name }}"
-      image_tags:
-        root_image: "{{ (input_image.stdout | from_json).name }}"
-        kernel: "{{ hostvars[groups['nodes'][0]]['ansible_kernel'] }}"
-        valid: "true"
-
-  - name: create blob
-    import_tasks: tasks/create_blob_from_vm.yml
-    vars:
-      image_name: "{{ openshift_azure_output_image_name }}"
-    when: openshift_azure_storage_account is defined and openshift_azure_storage_account

playbooks/azure/openshift-cluster/build_node_image.yml

@@ -1,134 +0,0 @@
----
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: calculate input image
-    command: az image list -g "{{ openshift_azure_input_image_ns }}" --query "[?starts_with(name, '{{ openshift_azure_input_image_prefix }}-') && tags.valid=='true'] | sort_by(@, &name) | [-1]"
-    register: input_image
-
-  - name: provision resource group
-    import_tasks: tasks/provision_instance.yml
-    vars:
-      create_args: --data-disk-sizes-gb 128
-
-- hosts: nodes
-  tasks:
-  - set_fact:
-      openshift_deployment_type: "{{ 'openshift-enterprise' if ansible_distribution == 'RedHat' else 'origin' }}"
-      openshift_enable_origin_repo: False
-      skip_node_svc_handlers: True
-      openshift_additional_repos: "{{ azure_node_repos[ansible_distribution] }}"
-      openshift_node_include_control_plane: True
-      openshift_control_plane_static_pod_location: /etc/origin/node/disabled/
-      openshift_node_group_cloud_provider: azure
-      openshift_node_image_prep_packages:
-      - strace
-      - tcpdump
-      - skopeo
-      - crio
-      etcd_ip: ETCD_IP_REPLACE
-      etcd_hostname: ETCD_HOSTNAME_REPLACE
-      etcdctlv2: ETCD_CTL2_REPLACE
-      openshift_use_crio: True
-
-  - name: add insights-client to package installs when on rhel
-    set_fact:
-      openshift_node_image_prep_packages: "{{ openshift_node_image_prep_packages | union(['insights-client']) }}"
-    when: openshift_deployment_type == 'openshift-enterprise'
-
-  - set_fact:
-      openshift_additional_repos: "{{ openshift_additional_repos + [{'name': 'install_repo', 'baseurl': openshift_azure_install_repo, 'enabled': true, 'gpgcheck': false}] }}"
-    when: openshift_azure_install_repo is defined and openshift_azure_install_repo
-
-  - name: install centos-release-paas-common rpm
-    yum:
-      name: centos-release-paas-common
-      state: present
-    when: ansible_distribution == "CentOS"
-
-  - name: configure yum repositories
-    import_tasks: tasks/yum_certs.yml
-
-  - name: update rpms
-    include_role:
-      name: os_update_latest
-    vars:
-      os_update_latest_reboot: True
-
-- name: install openshift
-  import_playbook: ../../openshift-node/private/image_prep.yml
-  vars:
-    etcd_image: "{{ etcd_image_dict[openshift_deployment_type] }}"
-
-- hosts: nodes
-  tasks:
-  - name: deconfigure yum repositories
-    import_tasks: tasks/remove_yum.yml
-
-  - name: add get-node-logs script
-    copy:
-      src: files/get-node-logs
-      dest: /usr/local/bin/get-node-logs
-      owner: root
-      group: root
-      mode: 0755
-
-  - name: record installed rpms
-    yum:
-      list: installed
-    register: yum
-
-  - name: disable waagent data disk management
-    lineinfile:
-      path: /etc/waagent.conf
-      regexp: "{{ item.regexp }}"
-      line: "{{ item.line }}"
-    with_items:
-    - { regexp: '^ResourceDisk\.Format=', line: 'ResourceDisk.Format=n' }
-
-  - name: persist oreg_url
-    copy:
-      dest: "/etc/origin/oreg_url"
-      content: "{{ oreg_url }}"
-    when:
-    - oreg_url is defined
-    - oreg_url != ""
-
-  - name: create a file with image name
-    copy:
-      content: |
-        ---
-        image_name: {{ openshift_azure_output_image_name }}
-        base_image: {{ (hostvars['localhost'].input_image.stdout | from_json).name }}
-        subscription: {{ lookup('env', 'AZURE_SUBSCRIPTION_ID') }}
-        resource_group: {{ openshift_azure_output_image_ns }}
-      dest: /etc/origin/image.yml
-      owner: root
-      group: root
-      mode: '0440'
-
-  - name: run waagent deprovision
-    shell: sleep 2 && waagent -deprovision+user -force
-    async: 1
-    poll: 0
-
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - set_fact:
-      openshift_rpm: "{{ hostvars[groups['nodes'][0]]['yum'].results | selectattr('name', 'match', '^(origin-hyperkube|atomic-openshift-hyperkube)$') | first }}"
-  - name: create image
-    import_tasks: tasks/create_image_from_vm.yml
-    vars:
-      image_resource_group: "{{ openshift_azure_output_image_ns }}"
-      image_name: "{{ openshift_azure_output_image_name }}"
-      image_tags:
-        base_image: "{{ (input_image.stdout | from_json).name }}"
-        kernel: "{{ hostvars[groups['nodes'][0]]['ansible_kernel'] }}"
-        openshift: "{{ openshift_rpm.version }}-{{ openshift_rpm.release }}.{{ openshift_rpm.arch }}"
-
-  - name: create blob
-    import_tasks: tasks/create_blob_from_vm.yml
-    vars:
-      image_name: "{{ openshift_azure_output_image_name }}"
-    when: openshift_azure_storage_account is defined and openshift_azure_storage_account

playbooks/azure/openshift-cluster/deprovision.yml

@@ -1,12 +0,0 @@
----
-# Warning, use with caution, this will remove all resources
-# from the group.
-
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: delete resource group
-    azure_rm_resourcegroup:
-      name: "{{ openshift_azure_resource_group_name }}"
-      state: absent
-      force: yes  # removes all resources within the group

playbooks/azure/openshift-cluster/files/get-node-logs

@@ -1,46 +0,0 @@
-#!/bin/bash
-set -x
-
-LOG_DIR=$(mktemp -d)
-
-trap "{ rm -rf $LOG_DIR }" EXIT
-
-SYSTEMD_SERVICES=("dnsmasq NetworkManager atomic-openshift-node origin-node")
-
-since_docker="24h"
-since_systemd="24 hour ago"
-
-# Dump systemd services logs
-for name in ${SYSTEMD_SERVICES} ; do
-  dump_file_path=${LOG_DIR}/${name}.log
-  journalctl -u ${name}.service --since "${since_systemd}" > $dump_file_path
-done
-
-# Dump command output
-ip a > ${LOG_DIR}/ip_a.log
-netstat -antu > ${LOG_DIR}/netstat_antu.log
-dmesg > ${LOG_DIR}/dmesg.log
-route -n > ${LOG_DIR}/route_n.log
-ss -ntpl > ${LOG_DIR}/ss_ntpl.log
-cat /etc/resolv.conf > ${LOG_DIR}/resolve_conf.log
-df -h > ${LOG_DIR}/df_h.log
-vmstat 2 20 > ${LOG_DIR}/vmstat_2_20.log
-mount > ${LOG_DIR}/mount.log
-
-for table in filter nat; do
-    iptables -t $table -nvL > ${LOG_DIR}/iptables_$table.log
-done
-
-# Dump system journal
-journalctl --since "${since_systemd}" > ${LOG_DIR}/journalctl.log
-
-# Dump sdn container logs
-uid=$(docker ps -l -a --filter "label=io.kubernetes.container.name=sdn" --format '{{ .Label "io.kubernetes.pod.uid" }}')
-if [[ ! -z "${uid}" ]]; then
-  container=$(docker ps -l -a -q --filter "label=io.kubernetes.pod.uid=${uid}" --filter "label=io.kubernetes.container.name=sdn")
-  docker logs --since ${since_docker} "${container}" >& ${LOG_DIR}/sdn.log
-fi
-
-prefix=osa_node_$(hostname)_$(date +%Y%m%d%H%M%S)
-tar -czPf $prefix.tar.gz  --xform="s|^$LOG_DIR|$prefix|" $LOG_DIR
-echo $prefix.tar.gz

playbooks/azure/openshift-cluster/group_vars/all/yum_repos.yml

@@ -1,58 +0,0 @@
----
-azure_base_repos:
-  RedHat:
-  - name: rhel-server-7-releases
-    baseurl: https://mirror.openshift.com/libra/rhui-rhel-server-7-releases/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  - name: rhel-server-7-extras
-    baseurl: https://mirror.openshift.com/libra/rhui-rhel-server-7-extras/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  CentOS: []
-
-azure_node_repos:
-  RedHat:
-  - name: rhel-server-7-releases
-    baseurl: https://mirror.openshift.com/libra/rhui-rhel-server-7-releases/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  - name: rhel-server-7-extras
-    baseurl: https://mirror.openshift.com/libra/rhui-rhel-server-7-extras/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  - name: rhel-7-server-ansible-2.6-rpms
-    baseurl: https://mirror.openshift.com/enterprise/rhel/rhel-7-server-ansible-2.6-rpms/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  # TODO: Replace me post GA with https://mirror.openshift.com/libra/rhui-rhel-server-7-ose-3.11/
-  - name: rhel-server-7-ose-3.11
-    baseurl: https://mirror.openshift.com/enterprise/all/3.11/latest/x86_64/os
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
-    # TODO: Remove me post GA
-    gpgcheck: false
-    sslclientcert: /var/lib/yum/client-cert.pem
-    sslclientkey: /var/lib/yum/client-key.pem
-    enabled: yes
-
-  CentOS:
-  # TODO: should be using a repo which only provides prerequisites
-  - name: openshift-origin
-    baseurl: http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
-    gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
-    enabled: yes

playbooks/azure/openshift-cluster/provisioning_vars.yml.example

@@ -1,59 +0,0 @@
----
-# resource group where temporary resources associated with playbook will be
-# placed
-openshift_azure_resource_group_name:
-
-# azure region where resource group will be created
-openshift_azure_resource_location: eastus
-
-# input image resource group
-openshift_azure_input_image_ns: images
-
-# input image prefix, needed by base and node image building playbooks,
-# e.g. centos7-root or centos7-base
-openshift_azure_input_image_prefix:
-
-# complete name of input image, needed by launch.yml playbook,
-# e.g. centos7-3.10-201806071434
-openshift_azure_input_image_name:
-
-# output image resource group
-openshift_azure_output_image_ns: images
-
-# complete name of output image, e.g. centos7-base-201806071412 or centos7-3.10-201806071434
-openshift_azure_output_image_name:
-
-# azure vm image size, defaults to Standard_D4s_v3
-openshift_azure_vm_size:
-
-# ssh public key for VMs created by playbook; private key must be accessible to
-# ansible
-openshift_azure_vm_ssh_public_key: ssh-rsa ...
-
-# additional yum repo containing origin rpms, used for PR testing
-#openshift_azure_install_repo: http://...
-
-# yum client certificate and key, used if building RHEL images
-#yum_client_cert_contents: |
-#  -----BEGIN CERTIFICATE-----
-#  ...
-#  -----END CERTIFICATE-----
-#yum_client_key_contents: |
-#  -----BEGIN RSA PRIVATE KEY-----
-#  ...
-#  -----END RSA PRIVATE KEY-----
-
-# alternative image registry, used if building OCP pre-release images
-#oreg_url: "registry.reg-aws.openshift.com:443/openshift3/ose-${component}:${version}"
-#oreg_auth_user: <USERNAME>
-#oreg_auth_password: <TOKEN>
-
-# optional storage account in which to place image blob
-#openshift_azure_storage_account:
-
-# resource group of storage account
-#openshift_azure_storage_account_ns:
-
-# container within storage account to hold image blob
-#openshift_azure_container:
-

playbooks/azure/openshift-cluster/roles

@@ -1 +0,0 @@
-../../../roles

playbooks/azure/openshift-cluster/tag_image_as_valid.yml

@@ -1,9 +0,0 @@
----
-- hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: add valid tag to the image
-    shell: >
-      jsonrtag=$(az resource show -g '{{ openshift_azure_input_image_ns }}' -n '{{ openshift_azure_input_image_name }}' --resource-type 'Microsoft.Compute/images' --query tags);
-      rt=$(echo $jsonrtag | tr -d '"{},' | sed 's/: /=/g');
-      az resource tag --tags $rt 'valid=true' -g '{{ openshift_azure_input_image_ns }}' -n '{{ openshift_azure_input_image_name }}' --resource-type 'Microsoft.Compute/images'

playbooks/azure/openshift-cluster/tasks/create_blob_from_vm.yml

@@ -1,48 +0,0 @@
----
-- name: get vm details
-  command: >
-    az vm show
-    -g "{{ openshift_azure_resource_group_name }}"
-    -n vm
-  register: vm
-
-- name: get storage account key
-  command: >
-    az storage account keys list
-    -g "{{ openshift_azure_storage_account_ns }}"
-    -n "{{ openshift_azure_storage_account }}"
-  register: keys
-
-- name: get disk sas url
-  command: >
-    az disk grant-access
-    --ids "{{ (vm.stdout | from_json).storageProfile.osDisk.managedDisk.id }}"
-    --duration-in-seconds 3600
-  register: sas
-
-- name: start copy
-  command: >
-    az storage blob copy start
-    --source-uri "{{ (sas.stdout | from_json).properties.output.accessSAS }}"
-    --account-name "{{ openshift_azure_storage_account }}"
-    --account-key "{{ (keys.stdout | from_json)[0].value }}"
-    --destination-container "{{ openshift_azure_container }}"
-    --destination-blob "{{ image_name }}.vhd"
-
-- name: get copy status
-  command: >
-    az storage blob show
-    --account-name "{{ openshift_azure_storage_account }}"
-    --account-key "{{ (keys.stdout | from_json)[0].value }}"
-    --container-name "{{ openshift_azure_container }}"
-    --name "{{ image_name }}.vhd"
-    --query "properties.copy.status"
-  register: status
-  until: status.stdout | from_json == "success"
-  retries: 120
-  delay: 30
-
-- name: revoke disk sas url
-  command: >
-    az disk revoke-access
-    --ids "{{ (vm.stdout | from_json).storageProfile.osDisk.managedDisk.id }}"

playbooks/azure/openshift-cluster/tasks/create_image_from_vm.yml

@@ -1,66 +0,0 @@
----
-- name: deallocate vm
-  command: >
-    az vm deallocate
-    -g "{{ openshift_azure_resource_group_name }}"
-    -n vm
-
-- name: generalize vm
-  command: >
-    az vm generalize
-    -g "{{ openshift_azure_resource_group_name }}"
-    -n vm
-
-- name: get vm details
-  command: >
-    az vm show
-    -g "{{ openshift_azure_resource_group_name }}"
-    -n vm
-  register: vm
-
-- name: create image resource group
-  azure_rm_resourcegroup:
-    name: "{{ image_resource_group }}"
-    location: "{{ openshift_azure_resource_location }}"
-
-- name: create image
-  command: >
-    az image create
-    -g "{{ image_resource_group }}"
-    -n "{{ image_name }}"
-    --source "{{ (vm.stdout | from_json).storageProfile.osDisk.managedDisk.id }}"
-    --os-type Linux
-
-- name: get input image tags
-  command: az image show -g "{{ openshift_azure_input_image_ns }}" -n "{{ (input_image.stdout | from_json).name }}"
-  register: input_image_tags
-
-- name: remove valid tag from input image tags
-  set_fact:
-    input_image_tags_no_valid: "{{ {} | combine({item.key: item.value}) }}"
-  when: item.key not in ['valid']
-  with_dict: "{{ (input_image_tags.stdout | from_json).tags }}"
-
-- name: calculate final tags
-  set_fact:
-    final_tags: "{{ input_image_tags_no_valid | default({}) | combine(image_tags) }}"
-
-- name: tag image
-  command: >
-    az resource tag
-    --resource-type Microsoft.Compute/images
-    -g "{{ image_resource_group }}"
-    -n "{{ image_name }}"
-    --tags {% for k in final_tags %}{{ k }}={{ final_tags[k] }} {% endfor %}
-
-- name: log image resource group and name
-  debug:
-    msg: "{{ item }}"
-  with_items:
-  - "Resource group: {{ image_resource_group }}"
-  - "Image name: {{ image_name }}"
-
-- name: log image tag information
-  debug:
-    msg: "{{ item.key }}: {{ item.value }}"
-  with_dict: "{{ final_tags }}"

playbooks/azure/openshift-cluster/tasks/provision_instance.yml

@@ -1,42 +0,0 @@
----
-- name: create resource group
-  azure_rm_resourcegroup:
-    name: "{{ openshift_azure_resource_group_name }}"
-    location: "{{ openshift_azure_resource_location }}"
-    tags:
-      now: "{{ lookup('pipe', 'date +%s') }}"
-
-- name: create vnet
-  azure_rm_virtualnetwork:
-    name: vnet
-    resource_group: "{{ openshift_azure_resource_group_name }}"
-    address_prefixes:
-    - 192.168.0.0/16
-
-- name: create subnet
-  azure_rm_subnet:
-    name: subnet
-    resource_group: "{{ openshift_azure_resource_group_name }}"
-    virtual_network: vnet
-    address_prefix: 192.168.0.0/24
-
-- name: create vm
-  command: >
-    az vm create
-    -n vm
-    -g "{{ openshift_azure_resource_group_name }}"
-    --size "{{ openshift_azure_vm_size | default('Standard_D4s_v3') }}"
-    --image "{{ (input_image.stdout | from_json).id }}"
-    --storage-sku Premium_LRS
-    --admin-username cloud-user
-    --ssh-dest-key-path /home/cloud-user/.ssh/authorized_keys
-    --ssh-key-value "{{ openshift_azure_vm_ssh_public_key }}"
-    {% if create_args is defined %}{{ create_args }}{% endif %}
-  register: vm
-
-- name: add vm to inventory
-  add_host:
-    groups: nodes
-    name: "{{ (vm.stdout | from_json).publicIpAddress }}"
-    ansible_ssh_user: cloud-user
-    ansible_become: True

playbooks/azure/openshift-cluster/tasks/remove_yum.yml

@@ -1,15 +0,0 @@
----
-- name: remove yum client certificate
-  file:
-    state: absent
-    path: "/var/lib/yum/{{ item.name }}"
-  with_items:
-  - name: client-cert.pem
-  - name: client-key.pem
-  when: ansible_distribution == "RedHat"
-
-- name: remove yum repositories
-  yum_repository:
-    state: absent
-    name: "{{ item.name }}"
-  with_items: "{{ openshift_additional_repos }}"

playbooks/azure/openshift-cluster/tasks/yum_certs.yml

@@ -1,19 +0,0 @@
----
-- name: copy yum client certificate
-  copy:
-    content: "{{ item.content }}"
-    dest: "/var/lib/yum/{{ item.name }}"
-    mode: '0600'
-  with_items:
-  - name: client-cert.pem
-    content: "{{ yum_client_cert_contents }}"
-  - name: client-key.pem
-    content: "{{ yum_client_key_contents }}"
-  no_log: True
-  when: ansible_distribution == "RedHat"
-
-- name: add yum repositories
-  include_role:
-    name: openshift_repos
-  vars:
-    r_openshift_repos_has_run: True

playbooks/byo/README.md

@@ -1,11 +0,0 @@
-# Bring Your Own hosts playbooks
-
-This directory has the most actively used, maintained and supported set of
-playbooks for installing, upgrading and performing others tasks on OpenShift
-clusters.
-
-Usage is documented in the official OpenShift documentation pages, under the
-Advanced Installation topic:
-
-- [OpenShift Origin: Advanced Installation](https://docs.okd.io/latest/install_config/install/advanced_install.html)
-- [OpenShift Container Platform: Advanced Installation](https://docs.openshift.com/container-platform/latest/install_config/install/advanced_install.html)

playbooks/byo/calico/legacy_upgrade.yml

@@ -1,118 +0,0 @@
----
-- name: Calico Upgrade | Validate
-  hosts: nodes
-  tasks:
-  - name: Check legacy upgrade exists
-    stat:
-      path: /lib/systemd/system/calico.service
-      get_checksum: false
-      get_attributes: false
-      get_mime: false
-    register: sym
-  - fail:
-      msg: No service to upgrade
-    when: not sym.stat.exists
-  - include_tasks: upgrade_versions.yml
-
-- import_playbook: ../../init/evaluate_groups.yml
-- import_playbook: ../../init/basic_facts.yml
-- import_playbook: ../../init/cluster_facts.yml
-
-- name: Calico Upgrade | Gather Facts
-  hosts: oo_first_master
-  gather_facts: no
-  pre_tasks:
-  - set_fact:
-      openshift_master_etcd_hosts: "{{ hostvars
-                                     | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([]))
-                                     | lib_utils_oo_collect('openshift.common.hostname')
-                                     | default(none, true) }}"
-      openshift_master_etcd_port: "{{ (etcd_client_port | default('2379')) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else none }}"
-  roles:
-  - role: openshift_facts
-  - role: openshift_master_facts
-  - role: lib_openshift
-  tasks:
-  - include_tasks: ../roles/calico_master/tasks/certs.yml
-
-- name: Calico Upgrade | Prepare Nodes
-  hosts: nodes
-  gather_facts: no
-  tasks:
-  - name: Prepull Images
-    command: "{{ openshift_container_cli }} pull {{ calico_node_image }}"
-
-- name: Calico Upgrade | Initiate
-  hosts: oo_first_master
-  roles:
-  - role: openshift_facts
-  tasks:
-  - name: Calico Master | Create temp directory
-    command: mktemp -d /tmp/openshift-ansible-XXXXXXX
-    register: mktemp
-    changed_when: False
-
-  - name: Calico Master | Write Calico install yaml
-    template:
-      dest: "{{ mktemp.stdout }}/calico.yml"
-      src: ../roles/calico_master/templates/calico.yml.j2
-
-  - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node
-    oc_adm_policy_user:
-      user: system:serviceaccount:kube-system:calico-node
-      resource_kind: scc
-      resource_name: privileged
-      state: present
-
-  - name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers
-    oc_adm_policy_user:
-      user: system:serviceaccount:kube-system:calico-kube-controllers
-      resource_kind: scc
-      resource_name: privileged
-      state: present
-
-  - name: Apply Calico manifest
-    command: >
-      {{ openshift_client_binary }} apply
-      -f {{ mktemp.stdout }}/calico.yml
-      --config={{ openshift.common.config_base }}/master/admin.kubeconfig
-    register: calico_create_output
-    failed_when: "('already exists' not in calico_create_output.stderr) and ('created' not in calico_create_output.stdout) and calico_create_output.rc != 0"
-    changed_when: ('created' in calico_create_output.stdout)
-
-  - name: Delete old policy controller
-    oc_obj:
-      name: calico-policy-controller
-      kind: deployment
-      state: absent
-      namespace: kube-system
-
-- name: Calico Upgrade | Upgrade nodes
-  hosts: nodes
-  serial: 1
-  any_errors_fatal: true
-  tasks:
-  - name: Stop legacy service
-    become: yes
-    systemd:
-      name: calico
-      state: stopped
-  - name: Apply node label
-    delegate_to: "{{ groups.oo_first_master.0 }}"
-    command: >
-      {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig label node {{ l_kubelet_node_name | lower }} --overwrite projectcalico.org/ds-ready=true
-  - name: Wait for node running
-    uri:
-      url: http://localhost:9099/readiness
-      status_code: 204
-    delay: 3
-    retries: 10
-    register: result
-    until: result.status == 204
-  - name: Disable legacy service
-    become: yes
-    systemd:
-      name: calico
-      enabled: no
-  - name: Rename legacy service
-    command: mv /lib/systemd/system/calico.service /lib/systemd/system/calico-legacy.service.bak

playbooks/byo/calico/roles

@@ -1 +0,0 @@
-../../../roles

playbooks/byo/calico/upgrade_versions.yml

@@ -1,25 +0,0 @@
----
-# Default variables for the Calico self-hosted upgrade.
-- set_fact:
-    calico_node_image: quay.io/calico/node:v2.6.7
-  when: calico_node_image is not defined
-- set_fact:
-    calico_url_policy_controller: "quay.io/calico/kube-controllers:v1.0.3"
-  when: calico_url_policy_controller is not defined
-- set_fact:
-    calico_cni_image: "quay.io/calico/cni:v1.11.2"
-  when: calico_cni_image is not defined
-- set_fact:
-    calico_ipv4pool_ipip: "always"
-  when: calico_ipv4pool_ipip is not defined
-
-# TODO: move these variables into a calico_common role which only has default values
-- set_fact:
-    calico_ipv4pool_ipip: "always"
-  when: calico_ipv4pool_ipip is not defined
-- set_fact:
-    cni_conf_dir: "/etc/cni/net.d/"
-  when: cni_conf_dir is not defined
-- set_fact:
-    cni_bin_dir: "/opt/cni/bin/"
-  when: cni_bin_dir is not defined

playbooks/byo/openshift-cluster/roles

@@ -1 +0,0 @@
-../../../roles

playbooks/byo/openshift-cluster/upgrades/README.md

@@ -1,7 +0,0 @@
-# Upgrade playbooks
-The playbooks provided in this directory can be used for upgrading an existing
-cluster. Additional notes for the associated upgrade playbooks are
-provided in their respective directories.
-
-# Upgrades available
-- [OpenShift Container Platform 3.11 to 4.0](v4_0/README.md) (upgrade OpenShift Origin from 3.11.x to 4.0.x)

playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml

@@ -1,2 +0,0 @@
----
-- import_playbook: ../../../../common/openshift-cluster/upgrades/docker/docker_upgrade.yml

playbooks/byo/openshift-cluster/upgrades/v4_0/README.md

@@ -1,20 +0,0 @@
-# v3.11 Major and Minor Upgrade Playbook
-
-## Overview
-This playbook currently performs the following steps.
-
- * Upgrade and restart master services
- * Unschedule node
- * Upgrade and restart docker
- * Upgrade and restart node services
- * Modifies the subset of the configuration necessary
- * Applies the latest cluster policies
- * Updates the default router if one exists
- * Updates the default registry if one exists
- * Updates image streams and quickstarts
-
-## Usage
-
-```
-ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml
-```

playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml

@@ -1,5 +0,0 @@
----
-#
-# Full Control Plane + Nodes Upgrade
-#
-- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade.yml

playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml

@@ -1,16 +0,0 @@
----
-#
-# Control Plane Upgrade Playbook
-#
-# Upgrades masters and Docker (only on standalone etcd hosts)
-#
-# This upgrade does not include:
-# - node service running on masters
-# - docker running on masters
-# - node service running on dedicated nodes
-#
-# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
-#
-- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml
-
-- import_playbook: ../../../../openshift-master/private/restart.yml

playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml

@@ -1,7 +0,0 @@
----
-#
-# Node Upgrade Playbook
-#
-# Upgrades nodes only, but requires the control plane to have already been upgraded.
-#
-- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml

playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_scale_groups.yml

@@ -1,7 +0,0 @@
----
-#
-# Node Scale Group Upgrade Playbook
-#
-# Upgrades scale group nodes only.
-#
-- import_playbook: ../../../../common/openshift-cluster/upgrades/upgrade_scale_group.yml

playbooks/byo/openshift_facts.yml

@@ -1,12 +0,0 @@
----
-- import_playbook: ../init/main.yml
-
-- name: Gather Cluster facts
-  hosts: oo_all_hosts
-  roles:
-  - openshift_facts
-  tasks:
-  - openshift_facts: {}
-    register: result
-  - debug:
-      var: result

playbooks/byo/rhel_subscribe.yml

@@ -1,13 +0,0 @@
----
-- import_playbook: ../init/evaluate_groups.yml
-
-- name: Subscribe hosts, update repos and update OS packages
-  hosts: oo_all_hosts
-  roles:
-  - role: rhel_subscribe
-    when:
-    - openshift_deployment_type == 'openshift-enterprise'
-    - ansible_distribution == "RedHat"
-    - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined)
-  - role: openshift_repos
-  - role: os_update_latest

playbooks/byo/roles

@@ -1 +0,0 @@
-../../roles