shixiong
/
okd


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
							---
- name: Ensure proxies are in the atomic.conf
  include_role:
    name: openshift_atomic
    tasks_from: proxy

- name: Pull etcd system container
  command: atomic pull --storage=ostree {{ etcd_image }}
  register: pull_result
  changed_when: "'Pulling layer' in pull_result.stdout"

- name: Set initial Etcd cluster
  set_fact:
    etcd_initial_cluster: >-
      {% for host in etcd_peers | default([]) -%}
      {% if loop.last -%}
      {{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }}
      {%- else -%}
      {{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }},
      {%- endif -%}
      {% endfor -%}
  when: etcd_initial_cluster is undefined

- name: Check etcd system container package
  command: >
    atomic containers list --no-trunc -a -f container=etcd -f backend=ostree
  register: etcd_result

- name: Unmask etcd service
  systemd:
    name: etcd
    state: stopped
    enabled: no
    masked: no
    daemon_reload: yes
  register: task_result
  failed_when: task_result|failed and 'could not' not in task_result.msg|lower
  when: "'etcd' not in etcd_result.stdout"

- name: Disable etcd_container
  systemd:
    name: etcd_container
    state: stopped
    enabled: no
    daemon_reload: yes
  register: task_result
  failed_when: task_result|failed and 'could not' not in task_result.msg|lower

- name: Remove etcd_container.service
  file:
    path: /etc/systemd/system/etcd_container.service
    state: absent

- name: Systemd reload configuration
  systemd: name=etcd_container daemon_reload=yes

- name: Install or Update Etcd system container package
  oc_atomic_container:
    name: etcd
    image: "{{ etcd_image }}"
    state: latest
    values:
      - ETCD_DATA_DIR=/var/lib/etcd
      - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
      - ETCD_NAME={{ etcd_hostname }}
      - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }}
      - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
      - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
      - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
      - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
      - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
      - ETCD_CA_FILE={{ etcd_ca_file }}
      - ETCD_CERT_FILE={{ etcd_cert_file }}
      - ETCD_KEY_FILE={{ etcd_key_file }}
      - ETCD_PEER_CA_FILE={{ etcd_peer_ca_file }}
      - ETCD_PEER_CERT_FILE={{ etcd_peer_cert_file }}
      - ETCD_PEER_KEY_FILE={{ etcd_peer_key_file }}
      - ETCD_TRUSTED_CA_FILE={{ etcd_ca_file }}
      - ETCD_PEER_TRUSTED_CA_FILE={{ etcd_peer_ca_file }}
      - 'ADDTL_MOUNTS=,{"type":"bind","source":"/etc/","destination":"/etc/","options":["rbind","rw","rslave"]},{"type":"bind","source":"/var/lib/etcd","destination":"/var/lib/etcd/","options":["rbind","rw","rslave"]}'

- name: Ensure etcd datadir ownership for the system container
  file:
    path: "{{ etcd_data_dir }}"
    state: directory
    mode: 0700
    owner: root
    group: root
    recurse: True