updatd to 3.3, added port 443 in firewall loadbalancer, chnaged inven…

…tory file to autodeploy metrics and logging, removed metric and logging from playbook

.gitignore

@@ -1,4 +1,5 @@
 group_vars/all
+playbooks/inventory
 ansible-azure.iml
 .idea/
 *.retry

README.md

@@ -59,9 +59,7 @@ http://docs.ansible.com/ansible/intro_installation.html
 
 ## run script 
 Update the group_vars/all variable. The following params exist. The script will support more masters  in the future. For now the script installs 1 master, 1 infra, x number of nodes. the nodes and infra are get labels which corrospond the tags in azure (consistent)
- - ansible-playbook -i inventory playbooks/setup.yml (warning, this may have been broken since the multi.master setup)
- - ansible-playbook  --forks=50 -i playbooks/setup_multimaster.new.yml
-
+ - ansible-playbook --forks=50 -i inventory playbooks/setup_multimaster.avail.yml
 ## configuration of nodes 
 Under the groups/all there is a  list of vms that will get created. This list also has a attribute called tag which. The values get set to azure tags and also openshift node labels  
   - jump node : this is required. all actions are performed via this node. This node needs to come up first before any of the other nodes can be created. this is because we generate a key on the jump node which is distributed to all subsequent nodes. For convience sake the LB infront of the master is also placed on this node.(opens port 8443 and 22). In the future this will be a azure loadbalancer

inventory

@@ -1,3 +1,6 @@
+
+
+
 [azure_vms]
 [azure_vms2]
 

inventory.ivan

@@ -0,0 +1,23 @@
+[all:vars]
+adminUsername=ivan
+publicjumpip=13.94.154.186
+publicjumpdns=master-osems3124.westeurope.cloudapp.azure.com
+routerpublicip=13.94.210.29
+publicjumpip=13.94.154.186
+[azure_vms]
+13.94.154.186
+
+[gatewayed-masters]
+[masters]
+master1
+master3
+master2
+[gatewayed-nodes]
+## nodes 
+node1
+## infra
+infranode1
+## nodes 
+master1
+master3
+master2

loadbalancers.json

@@ -168,7 +168,7 @@
           }
         ],
         "loadBalancingRules": [
-          {
+   {
             "name": "Http",
             "properties": {
               "frontendIPConfiguration": {
@@ -187,6 +187,26 @@
                 "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/probes/TCP-Probe')]"
               }
             }
+          },      
+    {
+            "name": "Https",
+            "properties": {
+              "frontendIPConfiguration": {
+                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/frontendIPConfigurations/LoadBalancerFrontEnd')]"
+              },
+              "frontendPort": 443,
+              "backendPort": 443,
+              "enableFloatingIP": false,
+              "idleTimeoutInMinutes": 4,
+              "protocol": "Tcp",
+              "loadDistribution": "Default",
+              "backendAddressPool": {
+                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/backendAddressPools/', variables('backend-address-pool-nameRouter'))]"
+              },
+              "probe": {
+                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/probes/TCP-Probehttps')]"
+              }
+            }
           }
         ],
         "probes": [
@@ -198,6 +218,15 @@
               "intervalInSeconds": 5,
               "numberOfProbes": 2
             }
+          },
+   {
+            "name": "TCP-Probehttps",
+            "properties": {
+              "protocol": "Tcp",
+              "port": 443,
+              "intervalInSeconds": 5,
+              "numberOfProbes": 2
+            }
           }
         ],
         "inboundNatRules": [ ],

playbooks/gen.yml

@@ -0,0 +1,4 @@
+- hosts: localhost
+  connection: localhost
+  roles:
+     - { role: generateinventory }

playbooks/roles/generateinventory/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: Create Inventory file based on dynamic hosts 
+  template:
+    src: inventory.j2
+    dest: ./inventory
+  tags: ose

playbooks/roles/generateinventory/templates/inventory.j2

@@ -0,0 +1,26 @@
+[all:vars]
+publicjumpip: {{ publicjumpip }}
+publicjumpdns: {{ publicjumpdns }}
+routerpublicip: {{ routerpublicip }}
+publicjumpip: {{  publicjumpip  }}
+[azure_vms]
+${{ publicjumpip }}
+
+[gatewayed-masters]
+[masters]
+{% for key, value in masters.iteritems() %}
+{{ value.name }}
+{% endfor %}
+[gatewayed-nodes]
+## nodes 
+{% for key, value in nodes.iteritems() %}
+{{ value.name }}
+{% endfor %}
+## infra
+{% for key, value in infranodes.iteritems() %}
+{{ value.name }}
+{% endfor %}
+## nodes 
+{% for key, value in masters.iteritems() %}
+{{ value.name }}
+{% endfor %}

playbooks/roles/metrics/tasks/main.yml

@@ -12,7 +12,7 @@
   shell: "oc patch ns/openshift-infra --api-version=v1 -p '{\"metadata\": {\"annotations\": {\"openshift.io/node-selector\":\"zone=infra\"}}}'"
 
 - name: Create service account for metrics deployer
-  action: command oc create -n openshift-infra -f metrics-service-account.yaml
+  action: command oc create serviceaccount  metrics-deployer -n openshift-infra 
   ignore_errors: yes
   tags: hawkular-metrics
 

playbooks/roles/prepare_multi_avail/templates/hosts.j2

@@ -6,7 +6,7 @@ nfs
 [OSEv3:vars]
 # SSH user, this user should allow ssh based auth without requiring a password
 ansible_ssh_user={{ adminUsername }}
-
+openshift_release=v3.3
 # If ansible_ssh_user is not root, ansible_sudo must be set to true
 ansible_become=yes
 os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
@@ -37,8 +37,53 @@ openshift_master_cluster_hostname={{ publicjumpdns }}
 openshift_master_cluster_public_hostname={{ publicjumpdns }}
 
 ### 
+### metrics 
+# Metrics deployment
+# See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html
+#
+# By default metrics are not automatically deployed, set this to enable them
+openshift_hosted_metrics_deploy=true
+#
+# Storage Options
+# If openshift_hosted_metrics_storage_kind is unset then metrics will be stored
+# in an EmptyDir volume and will be deleted when the cassandra pod terminates.
+# Storage options A & B currently support only one cassandra pod which is
+# generally enough for up to 1000 pods. Additional volumes can be created
+# manually after the fact and metrics scaled per the docs.
+#
+# Option A - NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group.  For example, the volume
+# path using these options would be "/exports/metrics"
+openshift_hosted_metrics_storage_kind=nfs
+openshift_hosted_metrics_storage_access_modes=['ReadWriteOnce']
+openshift_hosted_metrics_storage_nfs_directory=/exports
+openshift_hosted_metrics_storage_nfs_options='*(rw,root_squash)'
+openshift_hosted_metrics_storage_volume_name=metrics
+openshift_hosted_metrics_storage_volume_size=10Gi
+
 
 openshift_master_metrics_public_url=https://hawkular.apps.{{ routerpublicip }}.xip.io/hawkular/metrics
+
+##### logging 
+# Logging deployment
+#
+# Currently logging deployment is disabled by default, enable it by setting this
+openshift_hosted_logging_deploy=true
+#
+# Logging storage config
+# Option A - NFS Host Group
+# An NFS volume will be created with path "nfs_directory/volume_name"
+# on the host within the [nfs] host group.  For example, the volume
+# path using these options would be "/exports/logging"
+openshift_hosted_logging_storage_kind=nfs
+openshift_hosted_logging_storage_access_modes=['ReadWriteOnce']
+openshift_hosted_logging_storage_nfs_directory=/exports
+openshift_hosted_logging_storage_nfs_options='*(rw,root_squash)'
+openshift_hosted_logging_storage_volume_name=logging
+openshift_hosted_logging_storage_volume_size=10Gi
+#
+
 openshift_master_logging_public_url=https://kibana.apps.{{ routerpublicip }}.xip.io
 
 #osm_cluster_network_cidr=172.29.210.0/24
@@ -63,6 +108,8 @@ openshift_hosted_registry_storage_volume_size=20Gi
 
 openshift_master_audit_config={"basicAuditEnabled": true}
 
+openshift_router_selector='zone=infra,stage=dev'
+openshift_registry_selector='zone=infra,stage=dev'
 [nfs]
 jumphost1
 #[etcd:vars]

playbooks/roles/subscribe/tasks/main.yml

@@ -14,5 +14,5 @@
 - name: disable
   command: subscription-manager repos --disable="*"
 - name: enable
-  command:  subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.2-rpms"
+  command:  subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms"
 

playbooks/setup_multimaster.avail.yml

@@ -18,6 +18,7 @@
         state: present
         ad_user: "{{ ad_username }}"
         password: "{{ ad_password }}"
+        tenant: "72f988bf-86f1-41af-91ab-2d7cd011db47"
         subscription_id: "{{ subscriptionID }}"
         resource_group_name: "{{ resource_group_name }}"
         template_link: 'https://raw.githubusercontent.com/ivanthelad/ansible-azure/master/infra-avail.json'
@@ -363,7 +364,10 @@
     - debug: msg="the value of (NODES)azurenodes {{ azurenodes }}"
     - debug: msg="the value of (INFRA)azureinfranodes {{ azureinfranodes }}"
 
-
+- hosts: localhost
+  connection: localhost
+  roles: 
+     - { role: generateinventory } 
 
 ################################################
 #### Subscribe the jump hosts. need to install bits like ansible and "atomic-openshift-utils"
@@ -506,7 +510,8 @@
     publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}"
     publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}"
     ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}"
-
+  tags:
+   - subscribemynodes 
   user: "{{ adminUsername }}"
   sudo: true
   tasks:
@@ -743,20 +748,19 @@
   roles:
      - { role: postinstall }
 
-- hosts: gatewayed-masters[0]
-  name: postinstall-log-metrics
-  user: "{{ adminUsername }}"
-  sudo: true
-  tags:
-    - postinstall
-  vars:
-    publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}"
-    publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}"
-    ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}"
-    routerpublicip: "{{ hostvars['localhost']['routerpublicip']}}"
-  roles:
-     - { role: metrics,run_once: true, image_version: "latest", master_url: "https://{{ publicjumpdns }}:8443", hawkular_metrics_hostname: "hawkular.apps.{{ routerpublicip }}.xip.io", persistent: "false" }
-     - { role: logging,run_once: true, master_url: "https://{{ publicjumpdns }}:8443", kibana_hostname: "kibana.apps.{{ routerpublicip }}.xip.io", image_version: "latest", public_master_url: "https://{{ publicjumpdns }}:8443" }
+#- hosts: gatewayed-masters[0]
+#  name: postinstall-log-metrics
+#  user: "{{ adminUsername }}"
+#  sudo: true
+#  tags:
+#    - postinstall
+#  vars:
+#    publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}"
+#    publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}"
+#    ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}"
+#    routerpublicip: "{{ hostvars['localhost']['routerpublicip']}}"
+#  roles:
+#     - { role: logging,run_once: true, master_url: "https://{{ publicjumpdns }}:8443", kibana_hostname: "kibana.apps.{{ routerpublicip }}.xip.io", image_version: "latest", public_master_url: "https://{{ publicjumpdns }}:8443" }