shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
							---
- name: Pre-migrate checks
  hosts: localhost
  tasks:
  # Check there is only one etcd host
  - assert:
      that: groups.oo_etcd_to_config | default([]) | length == 1
      msg: "[etcd] group must contain only one host"
  # Check there is only one master
  - assert:
      that: groups.oo_masters_to_config | default([]) | length == 1
      msg: "[master] group must contain only one host"

# 1. stop a master
- name: Prepare masters for etcd data migration
  hosts: oo_first_master
  roles:
  - role: openshift_facts
  tasks:
  - name: Check the master API is ready
    import_role:
      name: openshift_master
      tasks_from: check_master_api_is_ready.yml
  - set_fact:
      master_service: "{{ openshift_service_type + '-master' }}"
      embedded_etcd_backup_suffix: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
  - debug:
      msg: "master service name: {{ master_service }}"
  - name: Stop master
    service:
      name: "{{ master_service }}"
      state: stopped
  # 2. backup embedded etcd
  # Can't use with_items with import_role: https://github.com/ansible/ansible/issues/21285
  - import_role:
      name: etcd
      tasks_from: backup.yml
    vars:
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_embedded_etcd: "{{ true }}"
      r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"

  - import_role:
      name: etcd
      tasks_from: backup.archive.yml
    vars:
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_embedded_etcd: "{{ true }}"
      r_etcd_common_backup_sufix_name: "{{ embedded_etcd_backup_suffix }}"

# 3. deploy certificates (for etcd and master)
- import_playbook: ca.yml

- import_playbook: server_certificates.yml

- name: Backup etcd client certificates for master host
  hosts: oo_first_master
  tasks:
  - import_role:
      name: etcd
      tasks_from: backup_master_etcd_certificates.yml

- name: Redeploy master etcd certificates
  import_playbook: master_etcd_certificates.yml
  vars:
    etcd_certificates_redeploy: "{{ true }}"

# 4. deploy external etcd
- import_playbook: config.yml

# 5. stop external etcd
- name: Cleanse etcd
  hosts: oo_etcd_to_config[0]
  gather_facts: no
  pre_tasks:
  - import_role:
      name: etcd
      tasks_from: disable_etcd.yml
  - import_role:
      name: etcd
      tasks_from: clean_data.yml

# 6. copy the embedded etcd backup to the external host
# TODO(jchaloup): if the etcd and first master are on the same host, just copy the directory
- name: Copy embedded etcd backup to the external host
  hosts: localhost
  tasks:
  - name: Create local temp directory for syncing etcd backup
    local_action: command mktemp -d /tmp/etcd_backup-XXXXXXX
    register: g_etcd_client_mktemp
    changed_when: False
    become: no

  - import_role:
      name: etcd
      tasks_from: backup.fetch.yml
    vars:
      etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_embedded_etcd: "{{ true }}"
      r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
    delegate_to: "{{ groups.oo_first_master[0] }}"

  - import_role:
      name: etcd
      tasks_from: backup.copy.yml
    vars:
      etcd_backup_sync_directory: "{{ g_etcd_client_mktemp.stdout }}"
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
    delegate_to: "{{ groups.oo_etcd_to_config[0] }}"

  - debug:
      msg: "etcd_backup_dest_directory: {{ g_etcd_client_mktemp.stdout }}"

  - name: Delete temporary directory
    local_action: file path="{{ g_etcd_client_mktemp.stdout }}" state=absent
    changed_when: False
    become: no

# 7. force new cluster from the backup
- name: Force new etcd cluster
  hosts: oo_etcd_to_config[0]
  tasks:
  - import_role:
      name: etcd
      tasks_from: backup.unarchive.yml
    vars:
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"

  - import_role:
      name: etcd
      tasks_from: backup.force_new_cluster.yml
    vars:
      r_etcd_common_backup_tag: pre-migrate
      r_etcd_common_backup_sufix_name: "{{ hostvars[groups.oo_first_master.0].embedded_etcd_backup_suffix }}"
      etcd_peer: "{{ openshift.common.ip }}"
      etcd_url_scheme: "https"
      etcd_peer_url_scheme: "https"

# 8. re-configure master to use the external etcd
- name: Configure master to use external etcd
  hosts: oo_first_master
  tasks:
  - import_role:
      name: openshift_master
      tasks_from: configure_external_etcd.yml
    vars:
      etcd_peer_url_scheme: "https"
      etcd_ip: "{{ hostvars[groups.oo_etcd_to_config.0].openshift.common.ip }}"
      etcd_peer_port: 2379

  # 9. start the master
  - name: Start master
    service:
      name: "{{ master_service }}"
      state: started
    register: service_status
    until: service_status.state is defined and service_status.state == "started"
    retries: 5
    delay: 10