Update osbs-namespace to latest upstream.

This is an update of the ansible-role-osbs-namespace role to the latest upstream available + PR16 not yet merged. https://github.com/projectatomic/ansible-role-osbs-namespace Signed-off-by: Clement Verna <cverna@tutanota.com>
2018-02-19 14:55:32 +01:00 · 2018-02-19 14:55:32 +01:00 · fb240ea470
commit fb240ea470
parent 65ef0a7240
22 changed files with 414 additions and 84 deletions
--- a/roles/osbs-namespace/operations/README.md
+++ b/roles/osbs-namespace/operations/README.md
@ -0,0 +1,73 @@
+ansible-role-osbs-namespace/operations
+======================================
+
+Collection of common maintenance operations for an OpenShift cluster.
+By default, all tasks in this sub-roles are disabled. Use the control
+booleans to enable the desired operations:
+
+Requirements
+------------
+
+A running instance of OpenShift.
+
+Role Variables
+--------------
+
+
+    # Update docker daemon on each OpenShift node.
+    # It's highly recommended to use `serial: 1` in your playbook.
+    osbs_upgrade_docker: false
+    # Docker version to update to.
+    osbs_docker_version: <default not set>
+
+    # Update OpenShift node labels.
+    osbs_update_node_labels: false
+    # A list of labels to be applied to each OpenShift node.
+    osbs_node_labels: []
+    # A list of all predefined node selector labels
+    osbs_managed_node_labels:
+        - "auto_build=true"
+
+    # Disable a node to make it safe to perform
+    # operations such as restarting docker daemon
+    # or any other risky maintenance
+    osbs_disable_node: true
+    # Then to re-enable node:
+    osbs_enable_node: true
+
+See `operations/defaults/main.yml` for a comprehensive list of all
+available variables.
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+    - name: update docker
+      hosts: nodes
+      roles:
+         - role: ansible-role-osbs-namespace/operations
+           osbs_upgrade_docker: true
+           osbs_docker_version: docker-1.12.6-61.git85d7426.el7
+
+    - name: node maintenance
+      hosts: nodes
+      roles:
+          - role: ansible-role-osbs-namespace/operations
+            osbs_disable_node: true
+          - role: my-maintenance-role
+          - role: ansible-role-osbs-namespace/operations
+            osbs_enable_node: true
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Luiz Carvalho <lui@redhat.com>
--- a/roles/osbs-namespace/operations/defaults/main.yml
+++ b/roles/osbs-namespace/operations/defaults/main.yml
@ -0,0 +1,24 @@
+---
+osbs_kubeconfig_path: /etc/origin/master/admin.kubeconfig
+osbs_environment:
+  KUBECONFIG: "{{ osbs_kubeconfig_path }}"
+
+osbs_disable_node: false
+osbs_enable_node: false
+osbs_upgrade_docker: false
+osbs_update_node_labels: false
+osbs_node_labels: []
+osbs_managed_node_labels:
+- "auto_build=true"
+
+# Retry for about 2 hours
+osbs_wait_active_pods_retries: 240
+osbs_wait_active_pods_delay: 30 # seconds
+
+# Wait for about 5 minutes
+osbs_wait_node_ready_retries: 30
+osbs_wait_node_ready_delay: 10
+
+osbs_buildroot_imagestream_live_tag: ''
+osbs_buildroot_imagestream: ''
+osbs_buildroot_imagestream_post_build_tag: ''
--- a/roles/osbs-namespace/operations/meta/main.yml
+++ b/roles/osbs-namespace/operations/meta/main.yml
@ -0,0 +1,12 @@
+# Standards: 1.8
+galaxy_info:
+  author: Luiz Carvalho
+  description: Collection of common maintenance operations for OpenShift
+  company: Red Hat, Inc.
+  license: BSD
+  min_ansible_version: 2.1
+  platforms:
+    name: EL
+    versions:
+    - 7
+dependencies: []
--- a/roles/osbs-namespace/operations/tasks/disable-node.yml
+++ b/roles/osbs-namespace/operations/tasks/disable-node.yml
@ -0,0 +1,25 @@
+---
+- name: Mark node as unschedulable
+  command: >
+    oadm manage-node {{ inventory_hostname }} --schedulable=false
+
+- name: Evacuate infra pods
+  command: >
+    oadm manage-node {{ inventory_hostname }} --evacuate
+    --pod-selector={{ item }}
+  with_items:
+  - "deploymentconfig=router"
+  - "deploymentconfig=registry-console"
+  - "deploymentconfig=docker-registry"
+
+- name: Wait until no more pods are running in node
+  register: active_pods_result
+  shell: >
+    oadm manage-node {{ inventory_hostname }} --list-pods |
+    grep -v 'READY' | awk '{print $2}' | grep -v '0/'
+  until: active_pods_result.rc == 1
+  failed_when: active_pods_result.rc > 1
+  changed_when: false # read-only command
+  environment: "{{ osbs_environment }}"
+  retries: "{{ osbs_wait_active_pods_retries }}"
+  delay: "{{ osbs_wait_active_pods_delay }}"
--- a/roles/osbs-namespace/operations/tasks/enable-node.yml
+++ b/roles/osbs-namespace/operations/tasks/enable-node.yml
@ -0,0 +1,15 @@
+---
+- name: Mark node as schedulable
+  command: >
+    oadm manage-node {{ inventory_hostname }} --schedulable=true
+
+- name: Wait for node to be Ready
+  register: node_status
+  shell: >
+    oc get node {{ inventory_hostname }} --no-headers=true |
+    awk '{print $2}'
+  until: "'Ready' in node_status.stdout_lines"
+  changed_when: false # read-only command
+  environment: "{{ osbs_environment }}"
+  retries: "{{ osbs_wait_node_ready_retries }}"
+  delay: "{{ osbs_wait_node_ready_delay }}"
--- a/roles/osbs-namespace/operations/tasks/main.yml
+++ b/roles/osbs-namespace/operations/tasks/main.yml
@ -0,0 +1,15 @@
+---
+- include: disable-node.yml
+  when: osbs_disable_node
+
+- include: upgrade-docker.yml
+  when: osbs_upgrade_docker
+
+- include: update-node-selector-labels.yml
+  when: osbs_update_node_labels
+
+- include: tag-buildroot.yml
+  when: osbs_buildroot_imagestream_live_tag != ''
+
+- include: enable-node.yml
+  when: osbs_enable_node
--- a/roles/osbs-namespace/operations/tasks/tag-buildroot.yml
+++ b/roles/osbs-namespace/operations/tasks/tag-buildroot.yml
@ -0,0 +1,9 @@
+---
+# Tag the desired build image with the post build tag (“staged” for stage, “released” for prod)
+- name: tag buildroot imagestream
+  command: >
+    oc tag {{ osbs_buildroot_imagestream }}:{{ osbs_buildroot_imagestream_live_tag }} {{ osbs_buildroot_imagestream }}:{{ osbs_buildroot_imagestream_post_build_tag }}
+  environment: "{{ osbs_environment }}"
+  when: osbs_buildroot_imagestream != '' and osbs_buildroot_imagestream_live_tag != '' and osbs_buildroot_imagestream_post_build_tag != ''
+  tags:
+  - oc
--- a/roles/osbs-namespace/operations/tasks/update-node-selector-labels.yml
+++ b/roles/osbs-namespace/operations/tasks/update-node-selector-labels.yml
@ -0,0 +1,23 @@
+---
+# delete all predefined node selector labels which are not needed anymore
+- name: Remove managed node labels
+  command: >
+    oc label node {{ inventory_hostname }} {{ item | regex_replace('=.+') }}-
+  with_items: "{{ osbs_managed_node_labels | difference(osbs_node_labels) }}"
+  register: delete_label
+  changed_when: ('not found' not in delete_label.stderr)
+  environment: "{{ osbs_environment }}"
+  tags:
+  - oc
+
+# set specified node selector labels
+- name: Apply node labels
+  command: >
+    oc label node {{ inventory_hostname }} {{ item }}
+  with_items: "{{ osbs_node_labels | intersect(osbs_managed_node_labels) }}"
+  register: add_label
+  changed_when: ('labeled' in add_label.stdout)
+  failed_when: (('labeled' not in add_label.stdout) and ('already has a value' not in add_label.stderr))
+  environment: "{{ osbs_environment }}"
+  tags:
+  - oc
--- a/roles/osbs-namespace/operations/tasks/upgrade-docker.yml
+++ b/roles/osbs-namespace/operations/tasks/upgrade-docker.yml
@ -0,0 +1,15 @@
+---
+- include: disable-node.yml
+
+- name: Update docker package
+  yum:
+    name: "{{ osbs_docker_version }}"
+    update_cache: true
+    state: present
+
+- name: Restart docker service
+  systemd:
+    state: restarted
+    name: docker
+
+- include: enable-node.yml