| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 |
- ---
- - name: Set node sdn OpenShift facts
- openshift_facts:
- role: 'node_sdn'
- local_facts:
- debug_level: "{{ openshift_node_sdn_debug_level | default(openshift.common.debug_level) }}"
- - name: Install openshift-sdn-node
- yum:
- pkg: openshift-sdn-node
- state: installed
- register: install_result
- - name: Reload systemd units
- command: systemctl daemon-reload
- when: install_result | changed
- # TODO: we are specifying -hostname= for OPTIONS as a workaround for
- # openshift-sdn-node not properly detecting the hostname.
- # TODO: we should probably generate certs specifically for sdn
- - name: Configure openshift-sdn-node settings
- lineinfile:
- dest: /etc/sysconfig/openshift-sdn-node
- regexp: "{{ item.regex }}"
- line: "{{ item.line }}"
- backrefs: yes
- with_items:
- - regex: '^(OPTIONS=)'
- line: '\1"-v={{ openshift.node_sdn.debug_level }} -hostname={{ openshift.common.hostname }}
- -etcd-cafile={{ openshift_node_cert_dir }}/ca.crt
- -etcd-certfile={{ openshift_node_cert_dir }}/master-client.crt
- -etcd-keyfile={{ openshift_node_cert_dir }}/master-client.key\"'
- - regex: '^(MASTER_URL=)'
- line: '\1"{{ openshift_sdn_master_url }}"'
- - regex: '^(MINION_IP=)'
- line: '\1"{{ openshift.common.ip }}"'
- notify: restart openshift-sdn-node
- - name: Ensure we aren't setting DOCKER_OPTIONS in /etc/sysconfig/openshift-sdn-node
- lineinfile:
- dest: /etc/sysconfig/openshift-sdn-node
- regexp: '^DOCKER_OPTIONS='
- state: absent
- notify: restart openshift-sdn-node
- # TODO lock down the insecure-registry config to a more sane value than
- # 0.0.0.0/0
- - name: Configure docker insecure-registry setting
- lineinfile:
- dest: /etc/sysconfig/docker
- regexp: INSECURE_REGISTRY=
- line: INSECURE_REGISTRY='--insecure-registry=0.0.0.0/0'
- notify: restart openshift-sdn-node
- - name: Start and enable openshift-sdn-node
- service:
- name: openshift-sdn-node
- enabled: yes
- state: started
|
