shixiong
/
okd


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329
							---
- name: Gather OpenShift Logging Facts
  openshift_logging_facts:
    oc_bin: "{{openshift_client_binary}}"
    openshift_logging_namespace: "{{openshift_logging_namespace}}"

## This is include vs import because we need access to group/inventory variables
- include_tasks: set_defaults_from_current.yml

- name: Set logging project
  oc_project:
    state: present
    name: "{{ openshift_logging_namespace }}"
    node_selector: "{{ openshift_logging_nodeselector | default(null) }}"

- name: Labeling logging project
  oc_label:
    state: present
    kind: namespace
    name: "{{ openshift_logging_namespace }}"
    labels:
    - key: "{{ item.key }}"
      value: "{{ item.value }}"
  with_dict: "{{ openshift_logging_labels | default({}) }}"
  when:
  - openshift_logging_labels is defined
  - openshift_logging_labels is dict

- name: Labeling logging project
  oc_label:
    state: present
    kind: namespace
    name: "{{ openshift_logging_namespace }}"
    labels:
    - key: "{{ openshift_logging_label_key }}"
      value: "{{ openshift_logging_label_value }}"
  when:
  - openshift_logging_label_key is defined
  - openshift_logging_label_key != ""
  - openshift_logging_label_value is defined

- name: Annotate Logging Project to allow overcommit
  oc_edit:
    kind: ns
    name: "{{ openshift_logging_namespace }}"
    separator: '#'
    content:
      metadata#annotations#quota.openshift.io/cluster-resource-override-enabled: "false"

- name: Create logging cert directory
  file:
    path: "{{ openshift.common.config_base }}/logging"
    state: directory
    mode: 0755
  changed_when: False
  check_mode: no

- include_tasks: generate_certs.yaml
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"

## Elasticsearch

- set_fact: es_indices={{ es_indices | default([]) + [item | int - 1] }}
  with_sequence: count={{ openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count }}
  when: openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count > 0

- set_fact: es_indices=[]
  when: openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count == 0

- set_fact: openshift_logging_es_pvc_prefix="logging-es"
  when: openshift_logging_es_pvc_prefix == ""

- set_fact:
    elasticsearch_storage_type: "{{ openshift_logging_elasticsearch_storage_type | default('pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs' or openshift_logging_es_pvc_size | length > 0)  else 'emptydir') }}"

# We don't allow scaling down of ES nodes currently
- include_role:
    name: openshift_logging_elasticsearch
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_elasticsearch_deployment_name: "{{ outer_item.0.name }}"
    openshift_logging_elasticsearch_pvc_name: "{{ outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim.claimName if outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim is defined else openshift_logging_es_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
    openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
    openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"

    openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
    openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
    openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_pvc_storage_class_name | default() }}"
    openshift_logging_elasticsearch_nodeselector: "{{ openshift_logging_es_nodeselector if outer_item.0.nodeSelector | default(None) is none else outer_item.0.nodeSelector }}"
    openshift_logging_elasticsearch_storage_group: "{{ [openshift_logging_es_storage_group] if outer_item.0.storageGroups | default([]) | length == 0 else outer_item.0.storageGroups }}"
    _es_containers: "{{ outer_item.0.containers}}"
    _es_configmap: "{{ openshift_logging_facts | walk('elasticsearch#configmaps#logging-elasticsearch#elasticsearch.yml', '{}', delimiter='#') | from_yaml }}"

  with_together:
  - "{{ openshift_logging_facts.elasticsearch.deploymentconfigs.values() | list }}"
  - "{{ openshift_logging_facts.elasticsearch.pvcs }}"
  - "{{ es_indices }}"
  loop_control:
    loop_var: outer_item
  when:
  - openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count > 0

# Create any new DC that may be required
- include_role:
    name: openshift_logging_elasticsearch
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ outer_item | int + openshift_logging_facts.elasticsearch.deploymentconfigs | count - 1 }}"
    openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
    openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"

    openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
    openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
    openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_pvc_storage_class_name | default() }}"

  with_sequence: count={{ openshift_logging_es_cluster_size | int - openshift_logging_facts.elasticsearch.deploymentconfigs.keys() | count }}
  loop_control:
    loop_var: outer_item

- set_fact: es_ops_indices={{ es_ops_indices | default([]) + [item | int - 1] }}
  with_sequence: count={{ openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count }}
  when:
  - openshift_logging_use_ops | bool
  - openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count > 0

- set_fact: es_ops_indices=[]
  when: openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count == 0

- set_fact: openshift_logging_es_ops_pvc_prefix="logging-es-ops"
  when: openshift_logging_es_ops_pvc_prefix == ""

- set_fact:
    elasticsearch_storage_type: "{{ openshift_logging_elasticsearch_storage_type | default('pvc' if ( openshift_logging_es_ops_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs' or openshift_logging_es_ops_pvc_size | length > 0)  else 'emptydir') }}"
  when:
  - openshift_logging_use_ops | bool

- include_role:
    name: openshift_logging_elasticsearch
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_elasticsearch_deployment_name: "{{ outer_item.0.name }}"
    openshift_logging_elasticsearch_pvc_name: "{{ outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim.claimName if outer_item.0.volumes['elasticsearch-storage'].persistentVolumeClaim is defined else openshift_logging_es_ops_pvc_prefix ~ '-' ~ outer_item.2 if outer_item.1 is none else outer_item.1 }}"
    openshift_logging_elasticsearch_ops_deployment: true
    openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"

    openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
    openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
    openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
    openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
    openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_ops_pvc_storage_class_name | default() }}"
    openshift_logging_elasticsearch_memory_limit: "{{ openshift_logging_es_ops_memory_limit }}"
    openshift_logging_elasticsearch_cpu_limit: "{{ openshift_logging_es_ops_cpu_limit }}"
    openshift_logging_elasticsearch_cpu_request: "{{ openshift_logging_es_ops_cpu_request }}"
    openshift_logging_elasticsearch_nodeselector: "{{ openshift_logging_es_ops_nodeselector if outer_item.0.nodeSelector | default(None) is none else outer_item.0.nodeSelector }}"
    openshift_logging_elasticsearch_storage_group: "{{ [openshift_logging_es_ops_storage_group] if outer_item.0.storageGroups | default([]) | length == 0 else outer_item.0.storageGroups }}"
    openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
    openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
    openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
    openshift_logging_es_hostname: "{{ openshift_logging_es_ops_hostname }}"
    openshift_logging_es_edge_term_policy: "{{ openshift_logging_es_ops_edge_term_policy | default('') }}"
    openshift_logging_es_allow_external: "{{ openshift_logging_es_ops_allow_external }}"
    openshift_logging_es_number_of_shards: "{{ openshift_logging_es_ops_number_of_shards | default(None) }}"
    openshift_logging_es_number_of_replicas: "{{ openshift_logging_es_ops_number_of_replicas | default(None) }}"
    _es_containers: "{{ outer_item.0.containers}}"
    _es_configmap: "{{ openshift_logging_facts | walk('elasticsearch_ops#configmaps#logging-elasticsearch-ops#elasticsearch.yml', '{}', delimiter='#') | from_yaml }}"

  with_together:
  - "{{ openshift_logging_facts.elasticsearch_ops.deploymentconfigs.values() | list }}"
  - "{{ openshift_logging_facts.elasticsearch_ops.pvcs }}"
  - "{{ es_ops_indices }}"
  loop_control:
    loop_var: outer_item

  when:
  - openshift_logging_use_ops | bool
  - openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count > 0

# Create any new DC that may be required
- include_role:
    name: openshift_logging_elasticsearch
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix }}-{{ outer_item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}"
    openshift_logging_elasticsearch_ops_deployment: true
    openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"

    openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
    openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
    openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
    openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
    openshift_logging_elasticsearch_pvc_storage_class_name: "{{ openshift_logging_es_ops_pvc_storage_class_name | default() }}"
    openshift_logging_elasticsearch_memory_limit: "{{ openshift_logging_es_ops_memory_limit }}"
    openshift_logging_elasticsearch_cpu_limit: "{{ openshift_logging_es_ops_cpu_limit }}"
    openshift_logging_elasticsearch_cpu_request: "{{ openshift_logging_es_ops_cpu_request }}"
    openshift_logging_elasticsearch_nodeselector: "{{ openshift_logging_es_ops_nodeselector }}"
    openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
    openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
    openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
    openshift_logging_es_hostname: "{{ openshift_logging_es_ops_hostname }}"
    openshift_logging_es_edge_term_policy: "{{ openshift_logging_es_ops_edge_term_policy | default('') }}"
    openshift_logging_es_allow_external: "{{ openshift_logging_es_ops_allow_external }}"

  with_sequence: count={{ openshift_logging_es_ops_cluster_size | int - openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count }}
  loop_control:
    loop_var: outer_item
  when:
  - openshift_logging_use_ops | bool


## Kibana
- import_role:
    name: openshift_logging_kibana
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
    openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_replica_count }}"
    openshift_logging_kibana_es_host: "{{ openshift_logging_es_host }}"
    openshift_logging_kibana_es_port: "{{ openshift_logging_es_port }}"
    openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"


- import_role:
    name: openshift_logging_kibana
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_kibana_ops_deployment: true
    openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
    openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
    openshift_logging_kibana_es_host: "{{ openshift_logging_es_ops_host }}"
    openshift_logging_kibana_es_port: "{{ openshift_logging_es_ops_port }}"
    openshift_logging_kibana_nodeselector: "{{ openshift_logging_kibana_ops_nodeselector }}"
    openshift_logging_kibana_cpu_limit: "{{ openshift_logging_kibana_ops_cpu_limit }}"
    openshift_logging_kibana_cpu_request: "{{ openshift_logging_kibana_ops_cpu_request }}"
    openshift_logging_kibana_memory_limit: "{{ openshift_logging_kibana_ops_memory_limit }}"
    openshift_logging_kibana_hostname: "{{ openshift_logging_kibana_ops_hostname }}"
    openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_ops_replica_count }}"
    openshift_logging_kibana_proxy_debug: "{{ openshift_logging_kibana_ops_proxy_debug }}"
    openshift_logging_kibana_proxy_cpu_limit: "{{ openshift_logging_kibana_ops_proxy_cpu_limit }}"
    openshift_logging_kibana_proxy_cpu_request: "{{ openshift_logging_kibana_ops_proxy_cpu_request }}"
    openshift_logging_kibana_proxy_memory_limit: "{{ openshift_logging_kibana_ops_proxy_memory_limit }}"
    openshift_logging_kibana_cert: "{{ openshift_logging_kibana_ops_cert }}"
    openshift_logging_kibana_key: "{{ openshift_logging_kibana_ops_key }}"
    openshift_logging_kibana_ca: "{{ openshift_logging_kibana_ops_ca}}"
  when:
  - openshift_logging_use_ops | bool

- include_tasks: annotate_ops_projects.yaml

## Curator
- import_role:
    name: openshift_logging_curator
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_curator_es_host: "{{ openshift_logging_es_host }}"
    openshift_logging_curator_es_port: "{{ openshift_logging_es_port }}"
    openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"

- import_role:
    name: openshift_logging_curator
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_curator_ops_deployment: true
    openshift_logging_curator_es_host: "{{ openshift_logging_es_ops_host }}"
    openshift_logging_curator_es_port: "{{ openshift_logging_es_ops_port }}"
    openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
    openshift_logging_curator_cpu_limit: "{{ openshift_logging_curator_ops_cpu_limit }}"
    openshift_logging_curator_cpu_request: "{{ openshift_logging_curator_ops_cpu_request }}"
    openshift_logging_curator_memory_limit: "{{ openshift_logging_curator_ops_memory_limit }}"
    openshift_logging_curator_nodeselector: "{{ openshift_logging_curator_ops_nodeselector }}"
  when:
  - openshift_logging_use_ops | bool

## Mux
- import_role:
    name: openshift_logging_mux
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_mux_ops_host: "{{ ( openshift_logging_use_ops | bool ) | ternary('logging-es-ops', 'logging-es') }}"
    openshift_logging_mux_namespace: "{{ openshift_logging_namespace }}"
    openshift_logging_mux_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_mux_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
  when:
  - openshift_logging_use_mux | bool


## Fluentd
- import_role:
    name: openshift_logging_fluentd
  vars:
    generated_certs_dir: "{{openshift.common.config_base}}/logging"
    openshift_logging_fluentd_ops_host: "{{ ( openshift_logging_use_ops | bool ) | ternary('logging-es-ops', 'logging-es') }}"
    openshift_logging_fluentd_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
    openshift_logging_fluentd_master_url: "{{ openshift_logging_master_url }}"
    openshift_logging_fluentd_namespace: "{{ openshift_logging_namespace }}"


## EventRouter
- import_role:
    name: openshift_logging_eventrouter
  when:
    openshift_logging_install_eventrouter | default(false) | bool


- include_tasks: update_master_config.yaml
  when: not openshift.common.version_gte_3_9

# Update asset config in openshift-web-console namespace
- name: Add Kibana route information to web console asset config
  include_role:
    name: openshift_web_console
    tasks_from: update_console_config.yml
  vars:
    console_config_edits:
    - key: clusterInfo#loggingPublicURL
      value: "https://{{ openshift_logging_kibana_hostname }}"
  when: openshift_web_console_install | default(true) | bool