Domů Procházet Nápověda
Registrovat se Přihlásit se
shixiong
/
okd
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: b1ce2cc880
Větve Značky
okd
/
roles
/
openshift_metrics
/
tasks
/
install.yml

install.yml 4.4 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114 
  1. ---
    2. 

  2. 

  3. - name: Test if metrics-deployer service account exists
    4. 

  4.   command: >
    5. 

  5.     {{ openshift.common.client_binary }}
    6. 

  6.     --config={{ openshift_metrics_kubeconfig }}
    7. 

  7.     --namespace=openshift-infra
    8. 

  8.     get serviceaccount metrics-deployer -o json
    9. 

  9.   register: serviceaccount
    10. 

  10.   changed_when: false
    11. 

  11.   failed_when: false
    12. 

  12. 

  13. - name: Create metrics-deployer Service Account
    14. 

  14.   shell: >
    15. 

  15.     echo {{ metrics_deployer_sa | to_json | quote }} |
    16. 

  16.     {{ openshift.common.client_binary }}
    17. 

  17.     --config={{ openshift_metrics_kubeconfig }}
    18. 

  18.     --namespace openshift-infra
    19. 

  19.     create -f -
    20. 

  20.   when: serviceaccount.rc == 1
    21. 

  21. 

  22. - name: Test edit permissions
    23. 

  23.   command: >
    24. 

  24.     {{ openshift.common.client_binary }}
    25. 

  25.     --config={{ openshift_metrics_kubeconfig }}
    26. 

  26.     --namespace openshift-infra
    27. 

  27.     get rolebindings -o jsonpath='{.items[?(@.metadata.name == "edit")].userNames}'
    28. 

  28.   register: edit_rolebindings
    29. 

  29.   changed_when: false
    30. 

  30. 

  31. - name: Add edit permission to the openshift-infra project to metrics-deployer SA
    32. 

  32.   command: >
    33. 

  33.     {{ openshift.common.admin_binary }}
    34. 

  34.     --config={{ openshift_metrics_kubeconfig }}
    35. 

  35.     --namespace openshift-infra
    36. 

  36.     policy add-role-to-user edit
    37. 

  37.     system:serviceaccount:openshift-infra:metrics-deployer
    38. 

  38.   when: "'system:serviceaccount:openshift-infra:metrics-deployer' not in edit_rolebindings.stdout"
    39. 

  39. 

  40. - name: Test cluster-reader permissions
    41. 

  41.   command: >
    42. 

  42.     {{ openshift.common.client_binary }}
    43. 

  43.     --config={{ openshift_metrics_kubeconfig }}
    44. 

  44.     --namespace openshift-infra
    45. 

  45.     get clusterrolebindings -o jsonpath='{.items[?(@.metadata.name == "cluster-reader")].userNames}'
    46. 

  46.   register: cluster_reader_clusterrolebindings
    47. 

  47.   changed_when: false
    48. 

  48. 

  49. - name: Add cluster-reader permission to the openshift-infra project to heapster SA
    50. 

  50.   command: >
    51. 

  51.     {{ openshift.common.admin_binary }}
    52. 

  52.     --config={{ openshift_metrics_kubeconfig }}
    53. 

  53.     --namespace openshift-infra
    54. 

  54.     policy add-cluster-role-to-user cluster-reader
    55. 

  55.     system:serviceaccount:openshift-infra:heapster
    56. 

  56.   when: "'system:serviceaccount:openshift-infra:heapster' not in cluster_reader_clusterrolebindings.stdout"
    57. 

  57. 

  58. - name: Create metrics-deployer secret
    59. 

  59.   command: >
    60. 

  60.     {{ openshift.common.client_binary }}
    61. 

  61.     --config={{ openshift_metrics_kubeconfig }}
    62. 

  62.     --namespace openshift-infra
    63. 

  63.     secrets new metrics-deployer nothing=/dev/null
    64. 

  64.   register: metrics_deployer_secret
    65. 

  65.   changed_when: metrics_deployer_secret.rc == 0
    66. 

  66.   failed_when: "metrics_deployer_secret.rc == 1 and 'already exists' not in metrics_deployer_secret.stderr"
    67. 

  67. 

  68. # TODO: extend this to allow user passed in certs or generating cert with
    69. 

  69. # OpenShift CA
    70. 

  70. - name: Build metrics deployer command
    71. 

  71.   set_fact:
    72. 

  72.     deployer_cmd: "{{ openshift.common.client_binary }} process -f \
    73. 

  73.       {{ metrics_template_dir }}/metrics-deployer.yaml -v \
    74. 

  74.       HAWKULAR_METRICS_HOSTNAME={{ metrics_hostname }},USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }},METRIC_DURATION={{ openshift.hosted.metrics.duration }},METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }},IMAGE_PREFIX={{ openshift.hosted.metrics.deployer_prefix }},IMAGE_VERSION={{ openshift.hosted.metrics.deployer_version }},MODE={{ deployment_mode }} \
    75. 

  75.         | {{ openshift.common.client_binary }} --namespace openshift-infra \
    76. 

  76.         --config={{ openshift_metrics_kubeconfig }} \
    77. 

  77.         create -f -"
    78. 

  78. 

  79. - name: Deploy Metrics
    80. 

  80.   shell: "{{ deployer_cmd }}"
    81. 

  81.   register: deploy_metrics
    82. 

  82.   failed_when: "'already exists' not in deploy_metrics.stderr and deploy_metrics.rc != 0"
    83. 

  83.   changed_when: deploy_metrics.rc == 0
    84. 

  84. 

  85. - set_fact:
    86. 

  86.     deployer_pod: "{{ deploy_metrics.stdout[1:2] }}"
    87. 

  87. 

  88. # TODO: re-enable this once the metrics deployer validation issue is fixed
    89. 

  89. # when using dynamically provisioned volumes
    90. 

  90. - name: "Wait for image pull and deployer pod"
    91. 

  91.   shell: >
    92. 

  92.     {{ openshift.common.client_binary }}
    93. 

  93.     --namespace openshift-infra
    94. 

  94.     --config={{ openshift_metrics_kubeconfig }}
    95. 

  95.     get {{ deploy_metrics.stdout }}
    96. 

  96.   register: deploy_result
    97. 

  97.   until: "{{ 'Completed' in deploy_result.stdout }}"
    98. 

  98.   failed_when: "{{ 'Completed' not in deploy_result.stdout }}"
    99. 

  99.   retries: 60
    100. 

  100.   delay: 10
    101. 

  101. 

  102. - name: Configure master for metrics
    103. 

  103.   modify_yaml:
    104. 

  104.     dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
    105. 

  105.     yaml_key: assetConfig.metricsPublicURL
    106. 

  106.     yaml_value: "https://{{ metrics_hostname }}/hawkular/metrics"
    107. 

  107.   notify: restart master
    108. 

  108. 

  109. - name: Store metrics public_url
    110. 

  110.   openshift_facts:
    111. 

  111.     role: master
    112. 

  112.     local_facts:
    113. 

  113.       metrics_public_url: "https://{{ metrics_hostname }}/hawkular/metrics"
    114. 

  114.   when: deploy_result | changed
    115.