From 7bc3ffe3f589da7c09205b4406a32986dabf9532 Mon Sep 17 00:00:00 2001 From: Joel Pearson Date: Thu, 26 Oct 2017 10:27:49 +0000 Subject: [PATCH] Handful of patches to make openshift install at environment One of the patches https://github.com/kubernetes-incubator/kube-aws/pull/604 Add no proxy --- .../aws-ansible/ansible.cfg | 5 +++-- .../aws-ansible/inventory/aws/hosts/ec2.py | 22 +++++++++++++++++++ .../files/brownfield-byo-bastion.json.j2 | 6 +++-- .../cloudformation-infra/tasks/main.yaml | 6 ++--- 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/reference-architecture/aws-ansible/ansible.cfg b/reference-architecture/aws-ansible/ansible.cfg index 0373b808d..fc13b3036 100644 --- a/reference-architecture/aws-ansible/ansible.cfg +++ b/reference-architecture/aws-ansible/ansible.cfg @@ -5,14 +5,15 @@ forks = 50 host_key_checking = False inventory = inventory/aws/hosts/ec2.py -roles_path = /usr/share/ansible/openshift-ansible/roles:/opt/ansible/roles:./roles:../../roles +roles_path = /usr/share/ansible/openshift-ansible/roles:/opt/ansible/roles:./roles:../../roles:playbooks/roles remote_user = ec2-user +ansible_user = ec2-user gathering = smart retry_files_enabled = false nocows = true timeout = 30 #lookup_plugins = ./playbooks/lookup_plugins -#log_path = /tmp/ansible.log +log_path = /tmp/ansible.log [privilege_escalation] become = True diff --git a/reference-architecture/aws-ansible/inventory/aws/hosts/ec2.py b/reference-architecture/aws-ansible/inventory/aws/hosts/ec2.py index 21eba98d1..0af528037 100755 --- a/reference-architecture/aws-ansible/inventory/aws/hosts/ec2.py +++ b/reference-architecture/aws-ansible/inventory/aws/hosts/ec2.py @@ -1496,10 +1496,32 @@ def to_safe(self, word): regex += "\-" return re.sub(regex + "]", "_", word) + def atoi(self, text): + return int(text) if text.isdigit() else text + + def natural_keys(self, text): + ''' + alist.sort(key=natural_keys) sorts in human order + http://nedbatchelder.com/blog/200712/human_sorting.html + (See Toothy's implementation in the comments) + ''' + return [ self.atoi(c) for c in re.split('(\d+)', text) ] + + + def sortValues(self, od): + for k, v in od.items(): + if isinstance(v, dict): + self.sortValues(v) + elif isinstance(v, list): + # Use natural ordering so that ip address hostnames sort properly + v.sort(key=self.natural_keys) + def json_format_dict(self, data, pretty=False): ''' Converts a dict to a JSON object and dumps it as a formatted string ''' + # Maintain consistent ordering, to prevent ordering of hosts changing where possible + self.sortValues(data) if pretty: return json.dumps(data, sort_keys=True, indent=2) else: diff --git a/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/files/brownfield-byo-bastion.json.j2 b/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/files/brownfield-byo-bastion.json.j2 index 9fba1d922..936091cc9 100644 --- a/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/files/brownfield-byo-bastion.json.j2 +++ b/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/files/brownfield-byo-bastion.json.j2 @@ -578,6 +578,7 @@ "Protocol": "TCP" } ], + "Scheme": "internal", "SecurityGroups": [{"Ref": "MasterExtElbSG"}], "Subnets": [ {"Ref": "PublicSubnet1"}, @@ -617,6 +618,7 @@ "Protocol": "TCP" } ], + "Scheme": "internal", "SecurityGroups": [ { "Ref": "InfraElbSG" } ], "Subnets": [ {"Ref": "PublicSubnet1"}, @@ -751,7 +753,7 @@ "Type": "A", "AliasTarget": { "HostedZoneId": { "Fn::GetAtt" : ["MasterExtElb", "CanonicalHostedZoneNameID"] }, - "DNSName": { "Fn::GetAtt" : ["MasterExtElb","CanonicalHostedZoneName"] } + "DNSName": { "Fn::GetAtt" : ["MasterExtElb","DNSName"] } } }, { @@ -767,7 +769,7 @@ "Type": "A", "AliasTarget": { "HostedZoneId": { "Fn::GetAtt" : ["InfraElb", "CanonicalHostedZoneNameID"] }, - "DNSName": { "Fn::GetAtt" : ["InfraElb","CanonicalHostedZoneName"] } + "DNSName": { "Fn::GetAtt" : ["InfraElb","DNSName"] } } }, { diff --git a/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/tasks/main.yaml b/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/tasks/main.yaml index d370575a7..a074f779d 100644 --- a/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/tasks/main.yaml +++ b/reference-architecture/aws-ansible/playbooks/roles/cloudformation-infra/tasks/main.yaml @@ -22,7 +22,7 @@ Route53HostedZone: "{{ public_hosted_zone }}." PublicHostedZone: "{{ public_hosted_zone }}" MasterApiPort: "{{ console_port }}" - MasterHealthTarget: "TCP:{{ console_port }}" + MasterHealthTarget: "SSL:{{ console_port }}" MasterClusterHostname: "{{ openshift_master_cluster_hostname }}" MasterClusterPublicHostname: "{{ openshift_master_cluster_public_hostname }}" AppWildcardDomain: "*.{{ wildcard_zone }}" @@ -66,7 +66,7 @@ Route53HostedZone: "{{ public_hosted_zone }}." PublicHostedZone: "{{ public_hosted_zone }}" MasterApiPort: "{{ console_port }}" - MasterHealthTarget: "TCP:{{ console_port }}" + MasterHealthTarget: "SSL:{{ console_port }}" MasterClusterHostname: "{{ openshift_master_cluster_hostname }}" MasterClusterPublicHostname: "{{ openshift_master_cluster_public_hostname }}" AppWildcardDomain: "*.{{ wildcard_zone }}" @@ -121,7 +121,7 @@ Route53HostedZone: "{{ public_hosted_zone }}." PublicHostedZone: "{{ public_hosted_zone }}" MasterApiPort: "{{ console_port }}" - MasterHealthTarget: "TCP:{{ console_port }}" + MasterHealthTarget: "SSL:{{ console_port }}" MasterClusterHostname: "{{ openshift_master_cluster_hostname }}" MasterClusterPublicHostname: "{{ openshift_master_cluster_public_hostname }}" AppWildcardDomain: "*.{{ wildcard_zone }}"