shixiong
/
okd


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
							---
- fail:
    msg: Interface {{ etcd_interface }} not found
  when: "'ansible_' ~ etcd_interface not in hostvars[inventory_hostname]"

- fail:
    msg: IPv4 address not found for {{ etcd_interface }}
  when: "'ipv4' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface] or 'address' not in hostvars[inventory_hostname]['ansible_' ~ etcd_interface].ipv4"

- name: Install etcd
  action: "{{ ansible_pkg_mgr }} name=etcd state=present"
  when: not openshift.common.is_containerized | bool

- name: Pull etcd container
  command: docker pull {{ openshift.etcd.etcd_image }}
  when: openshift.common.is_containerized | bool

- name: Install etcd container service file
  template:
    dest: "/etc/systemd/system/etcd_container.service"
    src: etcd.docker.service
  register: install_etcd_result
  when: openshift.common.is_containerized | bool

- name: Ensure etcd datadir exists
  when: openshift.common.is_containerized | bool
  file:
    path: "{{ etcd_data_dir }}"
    state: directory
    mode: 0700

- name: Disable system etcd when containerized
  when: openshift.common.is_containerized | bool
  service:
    name: etcd
    state: stopped
    enabled: no

- name: Reload systemd units
  command: systemctl daemon-reload
  when: openshift.common.is_containerized | bool and ( install_etcd_result | changed )

- name: Validate permissions on the config dir
  file:
    path: "{{ etcd_conf_dir }}"
    state: directory
    owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
    group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
    mode: 0700

- name: Validate permissions on certificate files
  file:
    path: "{{ item }}"
    mode: 0600
    owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
    group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
  when: etcd_url_scheme == 'https'
  with_items:
  - "{{ etcd_ca_file }}"
  - "{{ etcd_cert_file }}"
  - "{{ etcd_key_file }}"

- name: Validate permissions on peer certificate files
  file:
    path: "{{ item }}"
    mode: 0600
    owner: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
    group: "{{ 'etcd' if not openshift.common.is_containerized | bool else omit }}"
  when: etcd_peer_url_scheme == 'https'
  with_items:
  - "{{ etcd_peer_ca_file }}"
  - "{{ etcd_peer_cert_file }}"
  - "{{ etcd_peer_key_file }}"

- name: Write etcd global config file
  template:
    src: etcd.conf.j2
    dest: /etc/etcd/etcd.conf
    backup: true
  notify:
    - restart etcd

- name: Enable etcd
  service:
    name: "{{ etcd_service }}"
    state: started
    enabled: yes
  register: start_result

- set_fact:
    etcd_service_status_changed: "{{ start_result | changed }}"