From 21970426c990bd6deeb9fdecdf2a8f1ead42e06d Mon Sep 17 00:00:00 2001 From: Ivan Mc Kinley Date: Thu, 27 Oct 2016 14:53:34 +0200 Subject: [PATCH] updatd to 3.3, added port 443 in firewall loadbalancer, chnaged inventory file to autodeploy metrics and logging, removed metric and logging from playbook --- .gitignore | 1 + README.md | 4 +- inventory | 3 ++ inventory.ivan | 23 +++++++++ loadbalancers.json | 31 +++++++++++- playbooks/gen.yml | 4 ++ .../roles/generateinventory/tasks/main.yml | 5 ++ .../generateinventory/templates/inventory.j2 | 26 ++++++++++ playbooks/roles/metrics/tasks/main.yml | 2 +- .../prepare_multi_avail/templates/hosts.j2 | 49 ++++++++++++++++++- playbooks/roles/subscribe/tasks/main.yml | 2 +- playbooks/setup_multimaster.avail.yml | 36 ++++++++------ playbooks/setupeverything.yml | 0 13 files changed, 163 insertions(+), 23 deletions(-) create mode 100644 inventory.ivan create mode 100644 playbooks/gen.yml create mode 100644 playbooks/setupeverything.yml diff --git a/.gitignore b/.gitignore index c1b9990..37ce77c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ group_vars/all +playbooks/inventory ansible-azure.iml .idea/ *.retry diff --git a/README.md b/README.md index 6705603..0b39573 100644 --- a/README.md +++ b/README.md @@ -59,9 +59,7 @@ http://docs.ansible.com/ansible/intro_installation.html ## run script Update the group_vars/all variable. The following params exist. The script will support more masters in the future. For now the script installs 1 master, 1 infra, x number of nodes. the nodes and infra are get labels which corrospond the tags in azure (consistent) - - ansible-playbook -i inventory playbooks/setup.yml (warning, this may have been broken since the multi.master setup) - - ansible-playbook --forks=50 -i playbooks/setup_multimaster.new.yml - + - ansible-playbook --forks=50 -i inventory playbooks/setup_multimaster.avail.yml ## configuration of nodes Under the groups/all there is a list of vms that will get created. This list also has a attribute called tag which. The values get set to azure tags and also openshift node labels - jump node : this is required. all actions are performed via this node. This node needs to come up first before any of the other nodes can be created. this is because we generate a key on the jump node which is distributed to all subsequent nodes. For convience sake the LB infront of the master is also placed on this node.(opens port 8443 and 22). In the future this will be a azure loadbalancer diff --git a/inventory b/inventory index 4742f45..215142e 100644 --- a/inventory +++ b/inventory @@ -1,3 +1,6 @@ + + + [azure_vms] [azure_vms2] diff --git a/inventory.ivan b/inventory.ivan new file mode 100644 index 0000000..64611fa --- /dev/null +++ b/inventory.ivan @@ -0,0 +1,23 @@ +[all:vars] +adminUsername=ivan +publicjumpip=13.94.154.186 +publicjumpdns=master-osems3124.westeurope.cloudapp.azure.com +routerpublicip=13.94.210.29 +publicjumpip=13.94.154.186 +[azure_vms] +13.94.154.186 + +[gatewayed-masters] +[masters] +master1 +master3 +master2 +[gatewayed-nodes] +## nodes +node1 +## infra +infranode1 +## nodes +master1 +master3 +master2 diff --git a/loadbalancers.json b/loadbalancers.json index a178113..4f1165d 100644 --- a/loadbalancers.json +++ b/loadbalancers.json @@ -168,7 +168,7 @@ } ], "loadBalancingRules": [ - { + { "name": "Http", "properties": { "frontendIPConfiguration": { @@ -187,6 +187,26 @@ "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/probes/TCP-Probe')]" } } + }, + { + "name": "Https", + "properties": { + "frontendIPConfiguration": { + "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/frontendIPConfigurations/LoadBalancerFrontEnd')]" + }, + "frontendPort": 443, + "backendPort": 443, + "enableFloatingIP": false, + "idleTimeoutInMinutes": 4, + "protocol": "Tcp", + "loadDistribution": "Default", + "backendAddressPool": { + "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/backendAddressPools/', variables('backend-address-pool-nameRouter'))]" + }, + "probe": { + "id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('LoadBalancer-nameRouter')), '/probes/TCP-Probehttps')]" + } + } } ], "probes": [ @@ -198,6 +218,15 @@ "intervalInSeconds": 5, "numberOfProbes": 2 } + }, + { + "name": "TCP-Probehttps", + "properties": { + "protocol": "Tcp", + "port": 443, + "intervalInSeconds": 5, + "numberOfProbes": 2 + } } ], "inboundNatRules": [ ], diff --git a/playbooks/gen.yml b/playbooks/gen.yml new file mode 100644 index 0000000..8313d46 --- /dev/null +++ b/playbooks/gen.yml @@ -0,0 +1,4 @@ +- hosts: localhost + connection: localhost + roles: + - { role: generateinventory } diff --git a/playbooks/roles/generateinventory/tasks/main.yml b/playbooks/roles/generateinventory/tasks/main.yml index e69de29..1003f47 100644 --- a/playbooks/roles/generateinventory/tasks/main.yml +++ b/playbooks/roles/generateinventory/tasks/main.yml @@ -0,0 +1,5 @@ +- name: Create Inventory file based on dynamic hosts + template: + src: inventory.j2 + dest: ./inventory + tags: ose diff --git a/playbooks/roles/generateinventory/templates/inventory.j2 b/playbooks/roles/generateinventory/templates/inventory.j2 index e69de29..560f876 100644 --- a/playbooks/roles/generateinventory/templates/inventory.j2 +++ b/playbooks/roles/generateinventory/templates/inventory.j2 @@ -0,0 +1,26 @@ +[all:vars] +publicjumpip: {{ publicjumpip }} +publicjumpdns: {{ publicjumpdns }} +routerpublicip: {{ routerpublicip }} +publicjumpip: {{ publicjumpip }} +[azure_vms] +${{ publicjumpip }} + +[gatewayed-masters] +[masters] +{% for key, value in masters.iteritems() %} +{{ value.name }} +{% endfor %} +[gatewayed-nodes] +## nodes +{% for key, value in nodes.iteritems() %} +{{ value.name }} +{% endfor %} +## infra +{% for key, value in infranodes.iteritems() %} +{{ value.name }} +{% endfor %} +## nodes +{% for key, value in masters.iteritems() %} +{{ value.name }} +{% endfor %} diff --git a/playbooks/roles/metrics/tasks/main.yml b/playbooks/roles/metrics/tasks/main.yml index a9ce009..0cf9380 100644 --- a/playbooks/roles/metrics/tasks/main.yml +++ b/playbooks/roles/metrics/tasks/main.yml @@ -12,7 +12,7 @@ shell: "oc patch ns/openshift-infra --api-version=v1 -p '{\"metadata\": {\"annotations\": {\"openshift.io/node-selector\":\"zone=infra\"}}}'" - name: Create service account for metrics deployer - action: command oc create -n openshift-infra -f metrics-service-account.yaml + action: command oc create serviceaccount metrics-deployer -n openshift-infra ignore_errors: yes tags: hawkular-metrics diff --git a/playbooks/roles/prepare_multi_avail/templates/hosts.j2 b/playbooks/roles/prepare_multi_avail/templates/hosts.j2 index 1c64bbe..60c1cdf 100644 --- a/playbooks/roles/prepare_multi_avail/templates/hosts.j2 +++ b/playbooks/roles/prepare_multi_avail/templates/hosts.j2 @@ -6,7 +6,7 @@ nfs [OSEv3:vars] # SSH user, this user should allow ssh based auth without requiring a password ansible_ssh_user={{ adminUsername }} - +openshift_release=v3.3 # If ansible_ssh_user is not root, ansible_sudo must be set to true ansible_become=yes os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -37,8 +37,53 @@ openshift_master_cluster_hostname={{ publicjumpdns }} openshift_master_cluster_public_hostname={{ publicjumpdns }} ### +### metrics +# Metrics deployment +# See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html +# +# By default metrics are not automatically deployed, set this to enable them +openshift_hosted_metrics_deploy=true +# +# Storage Options +# If openshift_hosted_metrics_storage_kind is unset then metrics will be stored +# in an EmptyDir volume and will be deleted when the cassandra pod terminates. +# Storage options A & B currently support only one cassandra pod which is +# generally enough for up to 1000 pods. Additional volumes can be created +# manually after the fact and metrics scaled per the docs. +# +# Option A - NFS Host Group +# An NFS volume will be created with path "nfs_directory/volume_name" +# on the host within the [nfs] host group. For example, the volume +# path using these options would be "/exports/metrics" +openshift_hosted_metrics_storage_kind=nfs +openshift_hosted_metrics_storage_access_modes=['ReadWriteOnce'] +openshift_hosted_metrics_storage_nfs_directory=/exports +openshift_hosted_metrics_storage_nfs_options='*(rw,root_squash)' +openshift_hosted_metrics_storage_volume_name=metrics +openshift_hosted_metrics_storage_volume_size=10Gi + openshift_master_metrics_public_url=https://hawkular.apps.{{ routerpublicip }}.xip.io/hawkular/metrics + +##### logging +# Logging deployment +# +# Currently logging deployment is disabled by default, enable it by setting this +openshift_hosted_logging_deploy=true +# +# Logging storage config +# Option A - NFS Host Group +# An NFS volume will be created with path "nfs_directory/volume_name" +# on the host within the [nfs] host group. For example, the volume +# path using these options would be "/exports/logging" +openshift_hosted_logging_storage_kind=nfs +openshift_hosted_logging_storage_access_modes=['ReadWriteOnce'] +openshift_hosted_logging_storage_nfs_directory=/exports +openshift_hosted_logging_storage_nfs_options='*(rw,root_squash)' +openshift_hosted_logging_storage_volume_name=logging +openshift_hosted_logging_storage_volume_size=10Gi +# + openshift_master_logging_public_url=https://kibana.apps.{{ routerpublicip }}.xip.io #osm_cluster_network_cidr=172.29.210.0/24 @@ -63,6 +108,8 @@ openshift_hosted_registry_storage_volume_size=20Gi openshift_master_audit_config={"basicAuditEnabled": true} +openshift_router_selector='zone=infra,stage=dev' +openshift_registry_selector='zone=infra,stage=dev' [nfs] jumphost1 #[etcd:vars] diff --git a/playbooks/roles/subscribe/tasks/main.yml b/playbooks/roles/subscribe/tasks/main.yml index 74b8d9e..dd50a18 100644 --- a/playbooks/roles/subscribe/tasks/main.yml +++ b/playbooks/roles/subscribe/tasks/main.yml @@ -14,5 +14,5 @@ - name: disable command: subscription-manager repos --disable="*" - name: enable - command: subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.2-rpms" + command: subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms" diff --git a/playbooks/setup_multimaster.avail.yml b/playbooks/setup_multimaster.avail.yml index 1185b7e..cf18a1d 100644 --- a/playbooks/setup_multimaster.avail.yml +++ b/playbooks/setup_multimaster.avail.yml @@ -18,6 +18,7 @@ state: present ad_user: "{{ ad_username }}" password: "{{ ad_password }}" + tenant: "72f988bf-86f1-41af-91ab-2d7cd011db47" subscription_id: "{{ subscriptionID }}" resource_group_name: "{{ resource_group_name }}" template_link: 'https://raw.githubusercontent.com/ivanthelad/ansible-azure/master/infra-avail.json' @@ -363,7 +364,10 @@ - debug: msg="the value of (NODES)azurenodes {{ azurenodes }}" - debug: msg="the value of (INFRA)azureinfranodes {{ azureinfranodes }}" - +- hosts: localhost + connection: localhost + roles: + - { role: generateinventory } ################################################ #### Subscribe the jump hosts. need to install bits like ansible and "atomic-openshift-utils" @@ -506,7 +510,8 @@ publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}" publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}" ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}" - + tags: + - subscribemynodes user: "{{ adminUsername }}" sudo: true tasks: @@ -743,20 +748,19 @@ roles: - { role: postinstall } -- hosts: gatewayed-masters[0] - name: postinstall-log-metrics - user: "{{ adminUsername }}" - sudo: true - tags: - - postinstall - vars: - publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}" - publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}" - ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}" - routerpublicip: "{{ hostvars['localhost']['routerpublicip']}}" - roles: - - { role: metrics,run_once: true, image_version: "latest", master_url: "https://{{ publicjumpdns }}:8443", hawkular_metrics_hostname: "hawkular.apps.{{ routerpublicip }}.xip.io", persistent: "false" } - - { role: logging,run_once: true, master_url: "https://{{ publicjumpdns }}:8443", kibana_hostname: "kibana.apps.{{ routerpublicip }}.xip.io", image_version: "latest", public_master_url: "https://{{ publicjumpdns }}:8443" } +#- hosts: gatewayed-masters[0] +# name: postinstall-log-metrics +# user: "{{ adminUsername }}" +# sudo: true +# tags: +# - postinstall +# vars: +# publicjumpdns: "{{ hostvars['localhost']['publicjumpdns']}}" +# publicjumpip: "{{ hostvars['localhost']['publicjumpip']}}" +# ansible_ssh_common_args: -o ProxyCommand="ssh -W %h:%p -q {{ adminUsername }}@{{ publicjumpip }}" +# routerpublicip: "{{ hostvars['localhost']['routerpublicip']}}" +# roles: +# - { role: logging,run_once: true, master_url: "https://{{ publicjumpdns }}:8443", kibana_hostname: "kibana.apps.{{ routerpublicip }}.xip.io", image_version: "latest", public_master_url: "https://{{ publicjumpdns }}:8443" } diff --git a/playbooks/setupeverything.yml b/playbooks/setupeverything.yml new file mode 100644 index 0000000..e69de29