Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable SC, ASB, TSB by default #5959

Merged
merged 3 commits into from Nov 3, 2017
Merged

Enable SC, ASB, TSB by default #5959

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
80a6839
Enable SC, ASB, TSB by default
sdodson Oct 31, 2017
c5a1fd2
Ensure install and remove are mutually exclusive via
sdodson Oct 31, 2017
324778a
Use client binary and well defined kubeconfig
sdodson Nov 2, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion playbooks/common/openshift-cluster/config.yml
View file
Open in desktop
Expand Up @@ -27,7 +27,7 @@
when: openshift_logging_install_logging | default(false) | bool

- include: service_catalog.yml
when: openshift_enable_service_catalog | default(false) | bool
when: openshift_enable_service_catalog | default(true) | bool

- include: ../openshift-management/config.yml
when: openshift_management_install_management | default(false) | bool
Expand Down
2 changes: 1 addition & 1 deletion roles/ansible_service_broker/tasks/main.yml
View file
Open in desktop
Expand Up @@ -2,7 +2,7 @@
# do any asserts here

- include: install.yml
when: ansible_service_broker_install | default(false) | bool
when: ansible_service_broker_install | default(true) | bool
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will cause the deployment to error if the catalog is not set to deploy, because the broker resource will fail on creation.


Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should add - not ansible_service_broker_remove | default(false) | bool?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 not sure how often someone would set both to true but sounds good to me..

though, what would be the priority if both ansible_service_broker_install=True and ansible_service_broker_remove=True?

- include: remove.yml
when: ansible_service_broker_remove | default(false) | bool
18 changes: 18 additions & 0 deletions roles/openshift_sanitize_inventory/tasks/main.yml
View file
Open in desktop
Expand Up @@ -69,3 +69,21 @@
- openshift_clusterid is not defined
- openshift_cloudprovider_kind is defined
- openshift_cloudprovider_kind == 'aws'

- name: Ensure ansible_service_broker_remove and ansible_service_broker_install are mutually exclusive
fail:
msg: >
Ensure ansible_service_broker_remove and ansible_service_broker_install are mutually exclusive,
do not set both to true. ansible_service_broker_install defaults to true.
when:
- ansible_service_broker_remove | default(false) | bool
- ansible_service_broker_install | default(true) | bool

- name: Ensure template_service_broker_remove and template_service_broker_install are mutually exclusive
fail:
msg: >
Ensure that template_service_broker_remove and template_service_broker_install are mutually exclusive,
do not set both to true. template_service_broker_remove defaults to true.
when:
- template_service_broker_remove | default(false) | bool
- template_service_broker_install | default(true) | bool
2 changes: 1 addition & 1 deletion roles/openshift_service_catalog/tasks/generate_certs.yml
View file
Open in desktop
Expand Up @@ -60,7 +60,7 @@
register: apiserver_ca

- shell: >
oc get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig get apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
register: get_apiservices
changed_when: no

Expand Down
8 changes: 4 additions & 4 deletions roles/openshift_service_catalog/tasks/install.yml
View file
Open in desktop
Expand Up @@ -38,7 +38,7 @@

- name: Make kube-service-catalog project network global
command: >
oc adm pod-network make-projects-global kube-service-catalog
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig adm pod-network make-projects-global kube-service-catalog

- include: generate_certs.yml

Expand Down Expand Up @@ -93,7 +93,7 @@
# only do this if we don't already have the updated role info
- name: update edit role for service catalog and pod preset access
command: >
oc replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
when:
- not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])

Expand All @@ -116,7 +116,7 @@
# only do this if we don't already have the updated role info
- name: update admin role for service catalog and pod preset access
command: >
oc replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
when:
- not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])

Expand All @@ -139,7 +139,7 @@
# only do this if we don't already have the updated role info
- name: update view role for service catalog access
command: >
oc replace -f {{ mktemp.stdout }}/view_sc_patch.yml
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig replace -f {{ mktemp.stdout }}/view_sc_patch.yml
when:
- not view_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['serviceinstances', 'servicebindings'], ['get', 'list', 'watch'])

Expand Down
6 changes: 3 additions & 3 deletions roles/openshift_service_catalog/tasks/remove.yml
View file
Open in desktop
@@ -1,7 +1,7 @@
---
- name: Remove Service Catalog APIServer
command: >
oc delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete apiservices.apiregistration.k8s.io/v1beta1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog

# TODO: this module doesn't currently remove this
#- name: Remove service catalog api service
Expand Down Expand Up @@ -48,7 +48,7 @@

- name: Remove Service Catalog kube-system Role Bindinds
shell: >
oc process kube-system-service-catalog-role-bindings -n kube-system | oc delete --ignore-not-found -f -
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process kube-system-service-catalog-role-bindings -n kube-system | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f -

- oc_obj:
kind: template
Expand All @@ -58,7 +58,7 @@

- name: Remove Service Catalog kube-service-catalog Role Bindinds
shell: >
oc process service-catalog-role-bindings -n kube-service-catalog | oc delete --ignore-not-found -f -
{{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig process service-catalog-role-bindings -n kube-service-catalog | {{ openshift.common.client_binary }} --config=/etc/origin/master/admin.kubeconfig delete --ignore-not-found -f -

- oc_obj:
kind: template
Expand Down
2 changes: 1 addition & 1 deletion roles/template_service_broker/tasks/main.yml
View file
Open in desktop
Expand Up @@ -2,7 +2,7 @@
# do any asserts here

- include: install.yml
when: template_service_broker_install | default(false) | bool
when: template_service_broker_install | default(true) | bool

- include: remove.yml
when: template_service_broker_remove | default(false) | bool