Cleanup stale version bits

This commit cleans up various pieces of code related
to detecting older versions of openshift.  This current
branch will not be able to support releases older than 3.10,
so much of the version boolean code is removed.

playbooks/common/openshift-cluster/upgrades/post_control_plane.yml

@@ -8,7 +8,6 @@
   - role: openshift_web_console
     when:
     - openshift_web_console_install | default(true) | bool
-    - openshift_upgrade_target is version_compare('3.9','>=')
 
 # upgrade registry and router pods; we defer waiting for these pods
 # until after the next play to hopefully save some time polling.

playbooks/openshift-logging/private/config.yml

@@ -48,15 +48,6 @@
   roles:
   - openshift_logging
 
-# TODO: Remove when master config property is removed
-- name: Update Master configs
-  hosts: oo_masters:!oo_first_master
-  tasks:
-  - include_role:
-      name: openshift_logging
-      tasks_from: update_master_config
-    when: not openshift_version_gte_3_9
-
 - name: Logging Install Checkpoint End
   hosts: all
   gather_facts: false

playbooks/openshift-master/private/upgrade.yml

@@ -64,7 +64,6 @@
     when:
     - openshift_cloudprovider_kind is defined
     - openshift_cloudprovider_kind == 'vsphere'
-    - openshift_version | version_compare('3.9', '>=')
 
 # The main master upgrade play. Should handle all changes to the system in one pass, with
 # support for optional hooks to be defined.
@@ -92,7 +91,6 @@
     when:
     - openshift_cloudprovider_kind is defined
     - openshift_cloudprovider_kind == 'vsphere'
-    - openshift_version | version_compare('3.9', '>=')
 
   # Run the upgrade hook prior to restarting services/system if defined:
   - debug: msg="Running master upgrade hook {{ openshift_master_upgrade_hook }}"
@@ -119,20 +117,6 @@
   - include_tasks: "{{ openshift_master_upgrade_post_hook }}"
     when: openshift_master_upgrade_post_hook is defined
 
-  - name: Post master upgrade - Upgrade clusterpolicies storage
-    command: >
-      {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
-      migrate storage --include=clusterpolicies --confirm
-    register: l_pb_upgrade_control_plane_post_upgrade_storage
-    when:
-    - openshift_upgrade_post_storage_migration_enabled | default(true) | bool
-    - openshift_version is version_compare('3.7','<')
-    failed_when:
-    - l_pb_upgrade_control_plane_post_upgrade_storage.rc != 0
-    - openshift_upgrade_post_storage_migration_fatal | default(false) | bool
-    run_once: true
-    delegate_to: "{{ groups.oo_first_master.0 }}"
-
   - set_fact:
       master_update_complete: True
 
@@ -165,87 +149,6 @@
   vars:
     __master_shared_resource_viewer_file: "shared_resource_viewer_role.yaml"
   tasks:
-  - name: Reconcile Cluster Roles
-    command: >
-      {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
-      policy reconcile-cluster-roles --additive-only=true --confirm -o name
-    register: reconcile_cluster_role_result
-    when: openshift_version is version_compare('3.7','<')
-    changed_when:
-    - reconcile_cluster_role_result.stdout != ''
-    - reconcile_cluster_role_result.rc == 0
-    run_once: true
-
-  - name: Reconcile Cluster Role Bindings
-    command: >
-      {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
-      policy reconcile-cluster-role-bindings
-      --exclude-groups=system:authenticated
-      --exclude-groups=system:authenticated:oauth
-      --exclude-groups=system:unauthenticated
-      --exclude-users=system:anonymous
-      --additive-only=true --confirm -o name
-    when: openshift_version is version_compare('3.7','<')
-    register: reconcile_bindings_result
-    changed_when:
-    - reconcile_bindings_result.stdout != ''
-    - reconcile_bindings_result.rc == 0
-    run_once: true
-
-  - name: Reconcile Jenkins Pipeline Role Bindings
-    command: >
-      {{ openshift_client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-role-bindings system:build-strategy-jenkinspipeline --confirm -o name
-    run_once: true
-    register: reconcile_jenkins_role_binding_result
-    changed_when:
-    - reconcile_jenkins_role_binding_result.stdout != ''
-    - reconcile_jenkins_role_binding_result.rc == 0
-    when:
-    - openshift_version is version_compare('3.7','<')
-
-  - when: openshift_upgrade_target is version_compare('3.7','<')
-    block:
-    - name: Retrieve shared-resource-viewer
-      oc_obj:
-        state: list
-        kind: role
-        name: "shared-resource-viewer"
-        namespace: "openshift"
-      register: objout
-
-    - name: Determine if shared-resource-viewer is protected
-      set_fact:
-        __shared_resource_viewer_protected: true
-      when:
-      - "'results' in objout"
-      - "'results' in objout['results']"
-      - "'annotations' in objout['results']['results'][0]['metadata']"
-      - "'openshift.io/reconcile-protect' in objout['results']['results'][0]['metadata']['annotations']"
-      - "objout['results']['results'][0]['metadata']['annotations']['openshift.io/reconcile-protect'] == 'true'"
-    - copy:
-        src: "{{ item }}"
-        dest: "/tmp/{{ item }}"
-      with_items:
-      - "{{ __master_shared_resource_viewer_file }}"
-      when: __shared_resource_viewer_protected is not defined
-
-    - name: Fixup shared-resource-viewer role
-      oc_obj:
-        state: present
-        kind: role
-        name: "shared-resource-viewer"
-        namespace: "openshift"
-        files:
-        - "/tmp/{{ __master_shared_resource_viewer_file }}"
-        delete_after: true
-      when: __shared_resource_viewer_protected is not defined
-      register: result
-      retries: 3
-      delay: 5
-      until: result.rc == 0
-      ignore_errors: true
-
-
   - name: Reconcile Security Context Constraints
     command: >
       {{ openshift_client_binary }} adm policy --config={{ openshift.common.config_base }}/master/admin.kubeconfig reconcile-sccs --confirm --additive-only=true -o name

playbooks/openshift-metrics/private/config.yml

@@ -16,17 +16,6 @@
   roles:
   - role: openshift_metrics
 
-# TODO: Remove when master config property is removed
-- name: OpenShift Metrics
-  hosts: oo_masters:!oo_first_master
-  serial: 1
-  tasks:
-  - name: Setup the non-first masters configs
-    import_role:
-      name: openshift_metrics
-      tasks_from: update_master_config.yaml
-    when: not openshift_version_gte_3_9
-
 - name: Metrics Install Checkpoint End
   hosts: all
   gather_facts: false

playbooks/openshift-web-console/private/config.yml

@@ -16,10 +16,8 @@
   vars:
     first_master: "{{ groups.oo_first_master[0] }}"
   tasks:
-  - debug: msg="{{ openshift_version | version_compare('3.9', '>=') }}"
   - import_role:
       name: openshift_web_console
-    when: openshift_version | version_compare('3.9', '>=')
 
 - name: Web Console Install Checkpoint End
   hosts: all

roles/ansible_service_broker/tasks/upgrade.yml

@@ -1,16 +1,13 @@
 ---
+- name: retrieve broker configmap
+  oc_configmap:
+    state: list
+    name: broker-config
+    namespace: openshift-ansible-service-broker
+  register: broker_configmap_raw
 
-- when: openshift_upgrade_target is version_compare('3.10', '>=')
-  block:
-    - name: retrieve broker configmap
-      oc_configmap:
-        state: list
-        name: broker-config
-        namespace: openshift-ansible-service-broker
-      register: broker_configmap_raw
-
-    - name: Migrate from etcd to CRDs
-      import_tasks: migrate.yml
-      when: broker_configmap.dao.get('type') != 'crd'
-      vars:
-        broker_configmap: '{{ (broker_configmap_raw.results.results.0.data | from_yaml)["broker-config"] | from_yaml }}'
+- name: Migrate from etcd to CRDs
+  import_tasks: migrate.yml
+  when: broker_configmap.dao.get('type') != 'crd'
+  vars:
+    broker_configmap: '{{ (broker_configmap_raw.results.results.0.data | from_yaml)["broker-config"] | from_yaml }}'

roles/container_runtime/defaults/main.yml

@@ -86,7 +86,7 @@ openshift_use_crio_only: False
 
 l_openshift_image_tag: "{{ openshift_image_tag | string }}"
 
-l_required_docker_version: '1.12'
+l_required_docker_version: '1.13'
 
 # --------------------- #
 # systemcontainers_crio #
@@ -157,8 +157,7 @@ l_docker_image: "{{ openshift_docker_systemcontainer_image_override | default(l_
 
 l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers | default(false)) | bool) }}"
 
-l_crio_use_new_var_sock: "{{  (l_openshift_image_tag == 'latest') or (l_openshift_image_tag | version_compare('3.9', '>='))  | bool }}"
-l_crio_var_sock: "{{ l_crio_use_new_var_sock | ternary('/var/run/crio/crio.sock', '/var/run/crio.sock') }}"
+l_crio_var_sock: "/var/run/crio/crio.sock"
 
 container_runtime_oci_umounts:
 - '/var/lib/containers/storage/*'

roles/container_runtime/tasks/docker_sanity.yml

@@ -4,39 +4,16 @@
 
 - name: Error out if Docker pre-installed but too old
   fail:
-    msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= 1.9.1 is required."
+    msg: "Docker {{ curr_docker_version.stdout }} is installed, but >= {{ l_required_docker_version }} is required."
   when:
   - not (curr_docker_version is skipped)
   - curr_docker_version.stdout != ''
-  - curr_docker_version.stdout is version_compare('1.9.1', '<')
+  - curr_docker_version.stdout is version_compare(l_required_docker_version, '<')
   - not (docker_version is defined)
 
 - name: Error out if requested Docker is too old
   fail:
-    msg: "Docker {{ docker_version }} requested, but >= 1.9.1 is required."
+    msg: "Docker {{ docker_version }} requested, but >= {{ l_required_docker_version }} is required."
   when:
   - docker_version is defined
-  - docker_version is version_compare('1.9.1', '<')
-
-# If a docker_version was requested, sanity check that we can install or upgrade to it, and
-# no downgrade is required.
-- name: Fail if Docker version requested but downgrade is required
-  fail:
-    msg: "Docker {{ curr_docker_version.stdout }} is installed, but version {{ docker_version }} was requested."
-  when:
-  - not (curr_docker_version is skipped)
-  - curr_docker_version.stdout != ''
-  - docker_version is defined
-  - curr_docker_version.stdout is version_compare(docker_version, '>')
-
-# This involves an extremely slow migration process, users should instead run the
-# Docker 1.10 upgrade playbook to accomplish this.
-- name: Error out if attempting to upgrade Docker across the 1.10 boundary
-  fail:
-    msg: "Cannot upgrade Docker to >= 1.10, please upgrade or remove Docker manually, or use the Docker upgrade playbook if OpenShift is already installed."
-  when:
-  - not (curr_docker_version is skipped)
-  - curr_docker_version.stdout != ''
-  - curr_docker_version.stdout is version_compare('1.10', '<')
-  - docker_version is defined
-  - docker_version is version_compare('1.10', '>=')
+  - docker_version is version_compare(l_required_docker_version, '<')

roles/lib_utils/action_plugins/set_version_facts.py

@@ -20,34 +20,19 @@ def set_version_facts_if_unset(version):
     facts = {}
     if version and version != "latest":
         version = LooseVersion(version)
-        version_gte_3_7 = version >= LooseVersion('3.7')
-        version_gte_3_8 = version >= LooseVersion('3.8')
-        version_gte_3_9 = version >= LooseVersion('3.9')
         version_gte_3_10 = version >= LooseVersion('3.10')
         version_gte_3_11 = version >= LooseVersion('3.11')
     else:
         # 'Latest' version is set to True, 'Next' versions set to False
-        version_gte_3_7 = True
-        version_gte_3_8 = True
-        version_gte_3_9 = True
         version_gte_3_10 = True
         version_gte_3_11 = False
-    facts['openshift_version_gte_3_7'] = version_gte_3_7
-    facts['openshift_version_gte_3_8'] = version_gte_3_8
-    facts['openshift_version_gte_3_9'] = version_gte_3_9
     facts['openshift_version_gte_3_10'] = version_gte_3_10
     facts['openshift_version_gte_3_11'] = version_gte_3_11
 
     if version_gte_3_11:
         examples_content_version = 'v3.11'
-    elif version_gte_3_10:
-        examples_content_version = 'v3.10'
-    elif version_gte_3_9:
-        examples_content_version = 'v3.9'
-    elif version_gte_3_8:
-        examples_content_version = 'v3.8'
     else:
-        examples_content_version = 'v3.7'
+        examples_content_version = 'v3.10'
 
     facts['openshift_examples_content_version'] = examples_content_version
 

roles/openshift_ca/README.md

@@ -18,7 +18,6 @@ From this role:
 | openshift_ca_cert       | `{{ openshift_ca_config_dir }}/ca.crt`        | CA certificate path including CA certificate filename.                      |
 | openshift_ca_key        | `{{ openshift_ca_config_dir }}/ca.key`        | CA key path including CA key filename.                                      |
 | openshift_ca_serial     | `{{ openshift_ca_config_dir }}/ca.serial.txt` | CA serial path including CA serial filename.                                |
-| openshift_version       | `{{ openshift_pkg_version }}`                 | OpenShift package version.                                                  |
 | openshift_master_cert_expire_days | `730` (2 years)                     | Validity of the certificates in days. Works only with OpenShift version 1.5 (3.5) and later. |
 | openshift_ca_cert_expire_days     | `1825` (5 years)                    | Validity of the CA certificates in days. Works only with OpenShift version 1.5 (3.5) and later. |
 

roles/openshift_ca/defaults/main.yml

@@ -7,5 +7,3 @@ openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
 openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
 openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
 openshift_master_loopback_config: "{{ openshift_ca_config_dir }}/openshift-master.kubeconfig"
-
-openshift_version: "{{ openshift_pkg_version | default('') }}"

roles/openshift_control_plane/tasks/upgrade/rpm_upgrade.yml

@@ -9,23 +9,7 @@
 # TODO: If the sdn package isn't already installed this will install it, we
 # should fix that
 - name: Upgrade master packages - yum
-  command:
-    yum install -y {{ master_pkgs | join(' ') }} \
-    {{ ' --exclude *' ~ openshift_service_type ~ '*3.9*' if openshift_upgrade_target | version_compare('3.9','<') else '' }}
-  vars:
-    master_pkgs:
-      - "{{ openshift_service_type }}{{ openshift_pkg_version | default('') }}"
-      - "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') }}"
-      - "{{ openshift_service_type }}-node{{ openshift_pkg_version | default('') }}"
-      - "{{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }}"
-  register: result
-  until: result is succeeded
-  when: ansible_pkg_mgr == 'yum'
-
-- name: Upgrade master packages - dnf
-  dnf:
-    name: "{{ master_pkgs | join(',') }}"
-    state: present
+  command: "{{ ansible_pkg_mgr }} install -y {{ master_pkgs | join(' ') }}"
   vars:
     master_pkgs:
       - "{{ openshift_service_type }}{{ openshift_pkg_version }}"
@@ -34,4 +18,3 @@
       - "{{ openshift_service_type }}-clients{{ openshift_pkg_version }}"
   register: result
   until: result is succeeded
-  when: ansible_pkg_mgr == 'dnf'

roles/openshift_control_plane/templates/master.yaml.v1.j2

@@ -113,11 +113,9 @@ masterPublicURL: {{ openshift.master.public_api_url }}
 networkConfig:
   clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }}
   hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }}
-{% if openshift_version_gte_3_7 | bool %}
   clusterNetworks:
   - cidr: {{ openshift.master.sdn_cluster_network_cidr }}
     hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }}
-{% endif %}
 {% if r_openshift_master_use_openshift_sdn or r_openshift_master_use_nuage or r_openshift_master_use_contiv or r_openshift_master_use_kuryr or r_openshift_master_sdn_network_plugin_name == 'cni' %}
   networkPluginName: {{ r_openshift_master_sdn_network_plugin_name_default }}
 {% endif %}

roles/openshift_logging/tasks/delete_logging.yaml

@@ -144,4 +144,3 @@
         value: ""
   when:
     - openshift_web_console_install | default(true) | bool
-    - openshift_version_gte_3_9

roles/openshift_logging/tasks/install_logging.yaml

@@ -337,10 +337,6 @@
   when:
     openshift_logging_install_eventrouter | default(false) | bool
 
-
-- include_tasks: update_master_config.yaml
-  when: not openshift_version_gte_3_9
-
 # Update asset config in openshift-web-console namespace
 - name: Add Kibana route information to web console asset config
   include_role:
@@ -352,4 +348,3 @@
       value: "https://{{ openshift_logging_kibana_hostname }}"
   when:
   - openshift_web_console_install | default(true) | bool
-  - openshift_version_gte_3_9

roles/openshift_logging/tasks/update_master_config.yaml

@@ -1,12 +0,0 @@
----
-# TODO: Remove when asset config is removed from master-config.yaml
-- name: Adding Kibana route information to loggingPublicURL
-  modify_yaml:
-    dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
-    yaml_key: assetConfig.loggingPublicURL
-    yaml_value: "https://{{ openshift_logging_kibana_hostname }}"
-  notify:
-  - restart master api
-  - restart master controllers
-  tags:
-  - update_master_config

roles/openshift_metrics/tasks/install_metrics.yaml

@@ -68,9 +68,6 @@
   with_items: "{{ hawkular_agent_object_defs.results }}"
   when: openshift_metrics_install_hawkular_agent | bool
 
-- include_tasks: update_master_config.yaml
-  when: not openshift_version_gte_3_9
-
 # Update asset config in openshift-web-console namespace
 - name: Add metrics route information to web console asset config
   include_role:
@@ -82,7 +79,6 @@
         value: "https://{{ openshift_metrics_hawkular_hostname}}/hawkular/metrics"
   when:
     - openshift_web_console_install | default(true) | bool
-    - openshift_version_gte_3_9
 
 - command: >
     {{openshift_client_binary}}

roles/openshift_metrics/tasks/uninstall_metrics.yaml

@@ -30,4 +30,3 @@
         value: ""
   when:
     - openshift_web_console_install | default(true) | bool
-    - openshift_version_gte_3_9

roles/openshift_metrics/tasks/update_master_config.yaml

@@ -1,12 +0,0 @@
----
-# TODO: Remove when asset config is removed from master-config.yaml
-- name: Adding metrics route information to metricsPublicURL
-  modify_yaml:
-    dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
-    yaml_key: assetConfig.metricsPublicURL
-    yaml_value: "https://{{ openshift_metrics_hawkular_hostname}}/hawkular/metrics"
-  notify:
-  - restart master api
-  - restart master controllers
-  tags:
-  - update_master_config

roles/openshift_named_certificates/defaults/main.yml

@@ -3,4 +3,3 @@ openshift_ca_config_dir: "{{ openshift.common.config_base }}/master"
 openshift_ca_cert: "{{ openshift_ca_config_dir }}/ca.crt"
 openshift_ca_key: "{{ openshift_ca_config_dir }}/ca.key"
 openshift_ca_serial: "{{ openshift_ca_config_dir }}/ca.serial.txt"
-openshift_version: "{{ openshift_pkg_version | default('') }}"

roles/openshift_node/defaults/main.yml

@@ -175,8 +175,7 @@ oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker"
 oreg_auth_credentials_replace: False
 l_bind_docker_reg_auth: False
 openshift_use_crio: False
-l_crio_use_new_var_sock: "{{ openshift_version | version_compare('3.9', '>=') }}"
-l_crio_var_sock: "{{ l_crio_use_new_var_sock | ternary('/var/run/crio/crio.sock', '/var/run/crio.sock') }}"
+l_crio_var_sock: "/var/run/crio/crio.sock"
 openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False) | bool) or (openshift_use_crio_only | default(False) | bool) }}"
 
 openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False) | bool) else 'docker' }}"

roles/openshift_node/tasks/upgrade.yml

@@ -23,8 +23,6 @@
 
 - name: install pre-pulled rpms.
   import_tasks: upgrade/rpm_upgrade_install.yml
-  vars:
-    openshift_version: "{{ openshift_pkg_version | default('') }}"
   when: not openshift_is_containerized | bool
 
 - include_tasks: "{{ node_config_hook }}"

roles/openshift_node/tasks/upgrade_pre.yml

@@ -35,6 +35,4 @@
   - l_docker_upgrade | bool
 
 - import_tasks: upgrade/rpm_upgrade.yml
-  vars:
-    openshift_version: "{{ openshift_pkg_version | default('') }}"
   when: not openshift_is_containerized | bool

roles/openshift_node_group/defaults/main.yml

@@ -20,8 +20,7 @@ openshift_node_group_namespace: openshift-node
 openshift_node_group_labels: []
 
 openshift_use_crio: False
-l_crio_use_new_var_sock: "{{ openshift_version | version_compare('3.9', '>=') }}"
-l_crio_var_sock: "{{ l_crio_use_new_var_sock | ternary('/var/run/crio/crio.sock', '/var/run/crio.sock') }}"
+l_crio_var_sock: "/var/run/crio/crio.sock"
 
 openshift_node_group_cloud_provider: "{{ openshift_cloudprovider_kind | default(None) }}"
 openshift_node_group_network_plugin_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"