okd/roles/openshift_node/tasks/main.yml

---
# TODO: allow for overriding default ports where possible
# TODO: trigger the external service when restart is needed
# TODO: work with upstream to fix naming of 'master-client.crt/master-client.key'

- name: Set node OpenShift facts
  openshift_facts:
    role: 'node'
    local_facts:
      debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}"

- name: Test if node certs and config exist
  stat: path={{ item }}
  failed_when: not result.stat.exists
  register: result
  with_items:
  - "{{ openshift_node_cert_dir }}"
  - "{{ openshift_node_cert_dir }}/ca.crt"
  - "{{ openshift_node_cert_dir }}/master-client.crt"
  - "{{ openshift_node_cert_dir }}/master-client.key"
  - "{{ openshift_node_cert_dir }}/node.kubeconfig"
  - "{{ openshift_node_cert_dir }}/node-config.yaml"
  - "{{ openshift_node_cert_dir }}/server.crt"
  - "{{ openshift_node_cert_dir }}/server.key"

- name: Install OpenShift Node package
  yum: pkg=openshift-node state=installed
  register: install_result

- name: Reload systemd units
  command: systemctl daemon-reload
  when: install_result | changed

# --create-certs=false is a temporary workaround until
# https://github.com/openshift/origin/pull/1361 is merged upstream and it is
# the default for nodes
- name: Configure OpenShift Node settings
  lineinfile:
    dest: /etc/sysconfig/openshift-node
    regexp: '^OPTIONS='
    line: "OPTIONS=\"--loglevel={{ openshift.node.debug_level }} --config={{ openshift_node_cert_dir }}/node-config.yaml\""
  notify:
  - restart openshift-node

- name: Allow NFS access for VMs
  seboolean: name=virt_use_nfs state=yes persistent=yes

- name: Start and enable openshift-node
  service: name=openshift-node enabled=yes state=started
  when: not openshift.common.use_openshift_sdn|bool

- name: Disable openshift-node if openshift-node is managed externally
  service: name=openshift-node enabled=false
  when: openshift.common.use_openshift_sdn|bool