okd/roles/openshift_node/tasks/config.yml

---
- name: Install the systemd units
  include: systemd_units.yml

- name: Start and enable openvswitch service
  systemd:
    name: openvswitch.service
    enabled: yes
    state: started
    daemon_reload: yes
  when:
    - openshift.common.is_containerized | bool
    - openshift_node_use_openshift_sdn | default(true) | bool
  register: ovs_start_result
  until: not ovs_start_result | failed
  retries: 3
  delay: 30

- set_fact:
    ovs_service_status_changed: "{{ ovs_start_result | changed }}"

- file:
    dest: "{{ (openshift_node_kubelet_args|default({'config':None})).config}}"
    state: directory
  when: openshift_node_kubelet_args is defined and 'config' in openshift_node_kubelet_args

# TODO: add the validate parameter when there is a validation command to run
- name: Create the Node config
  template:
    dest: "{{ openshift.common.config_base }}/node/node-config.yaml"
    src: node.yaml.v1.j2
    backup: true
    owner: root
    group: root
    mode: 0600
  notify:
    - restart node

- name: Configure Node Environment Variables
  lineinfile:
    dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
    regexp: "^{{ item.key }}="
    line: "{{ item.key }}={{ item.value }}"
    create: true
  with_dict: "{{ openshift.node.env_vars | default({}) }}"
  notify:
    - restart node

- name: Configure AWS Cloud Provider Settings
  lineinfile:
    dest: /etc/sysconfig/{{ openshift.common.service_type }}-node
    regexp: "{{ item.regex }}"
    line: "{{ item.line }}"
    create: true
  with_items:
    - regex: '^AWS_ACCESS_KEY_ID='
      line: "AWS_ACCESS_KEY_ID={{ openshift_cloudprovider_aws_access_key | default('') }}"
    - regex: '^AWS_SECRET_ACCESS_KEY='
      line: "AWS_SECRET_ACCESS_KEY={{ openshift_cloudprovider_aws_secret_key | default('') }}"
  no_log: True
  when: openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined
  notify:
    - restart node

# Necessary because when you're on a node that's also a master the master will be
# restarted after the node restarts docker and it will take up to 60 seconds for
# systemd to start the master again
- when: openshift.common.is_containerized | bool
  block:
    - name: Wait for master API to become available before proceeding
      # Using curl here since the uri module requires python-httplib2 and
      # wait_for port doesn't provide health information.
      command: >
        curl --silent --tlsv1.2 --cacert {{ openshift.common.config_base }}/node/ca.crt
        {{ openshift_node_master_api_url }}/healthz/ready
      args:
        # Disables the following warning:
        # Consider using get_url or uri module rather than running curl
        warn: no
      register: api_available_output
      until: api_available_output.stdout == 'ok'
      retries: 120
      delay: 1
      changed_when: false

    - name: Start and enable node dep
      systemd:
        daemon_reload: yes
        name: "{{ openshift.common.service_type }}-node-dep"
        enabled: yes
        state: started

- name: Start and enable node
  systemd:
    name: "{{ openshift.common.service_type }}-node"
    enabled: yes
    state: started
    daemon_reload: yes
  register: node_start_result
  until: not node_start_result | failed
  retries: 1
  delay: 30
  ignore_errors: true

- name: Dump logs from node service if it failed
  command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-node
  when: node_start_result | failed

- name: Abort if node failed to start
  fail:
    msg: Node failed to start please inspect the logs and try again
  when: node_start_result | failed

- set_fact:
    node_service_status_changed: "{{ node_start_result | changed }}"