Cluster deployment

Author: leoluk

defaults/main.yml

@@ -17,11 +17,26 @@ openshift_clusterroles:
 # List of projects and rolebindings to create
 openshift_projects: []
 
-# Local storage config (this creates the additional objects beyond inventory config)
-openshift_localstorage_enabled: yes
+# Local storage creation (this creates the additional objects beyond inventory config)
+openshift_localstorage_enabled: yes  # make sure to modify openshift_localstorage_hosts as well
 openshift_localstorage_basedir: /volumes/local-storage
 openshift_localstorage_num_volumes: 100
 openshift_localstorage_capacity: 50Gi
 
+# List of hosts to create PV objects for.
+# Set to None if local storage is disabled.
+openshift_localstorage_hosts: ["{{ inventory_hostname }}"]
+
 # Set up custom volume paths like /volumes/hosted_volumes, with proper SELinux labelling.
 openshift_localstorage_custom_dirs: []
+
+# Distinguish between nodes and Ansible masters
+openshift_is_ansible_master: yes
+
+# Deploy SSH key for master host
+# TODO: collect the public key automatically - two step procedure for now
+openshift_ssh_public_key: 'ssh-rsa ...'
+
+# IP or FQDN of the Ansible master (used to restrict the SSH key)
+openshift_ssh_from: 0.0.0.0/0
+

tasks/ansible.yml

@@ -11,3 +11,8 @@
   file:
     state: directory
     path: "{{ openshift_ansible_tmp }}"
+
+- name: Generate SSH key
+  command: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
+  args:
+    creates: /root/.ssh/id_rsa

tasks/dependencies.yml

@@ -9,10 +9,7 @@
 - name: Install repositories for OpenShift master
   package:
     name:
-      # TODO: workaround needed until Ansible version and origin repos sorted out.
-      # https://github.com/openshift/openshift-ansible/issues/10445
       - centos-release-ansible26
-      - centos-release-openshift-origin{{ openshift_version.replace('.', '') }}
 
 - name: Install dependencies for OpenShift master
   package:

tasks/localstorage.yml tasks/localstorage-dirs.ymltasks/localstorage.yml renamed to tasks/localstorage-dirs.yml

@@ -17,25 +17,7 @@
     setype: container_file_t
   loop: "{{ openshift_localstorage_custom_dirs }}"
 
-- name: Template local-storage PV template
-  template:
-    src: pv.yaml.j2
-    dest: "{{ openshift_ansible_tmp }}/pv.yaml"
-
 - name: Create volumes
   shell: echo {0..{{ openshift_localstorage_num_volumes }}} | xargs -d ' ' -n 1 -I '{}' mkdir -p '{{ openshift_localstorage_basedir }}/vol{}'
   args:
     creates: "{{ openshift_localstorage_basedir }}/vol{{ openshift_localstorage_num_volumes - 1}}"
-
-- name: Create PVs
-  shell: echo {0..{{ openshift_localstorage_num_volumes }}} | xargs -d ' ' -n 1 -I '{}' sed 's/<name>/vol{}/' {{ openshift_ansible_tmp }}/pv.yaml | oc create -f -
-  # will fail when volumes already exist
-  failed_when: no
-
-- name: Template local-storage storage class
-  template:
-    src: storage-class.yaml.j2
-    dest: "{{ openshift_ansible_tmp }}/storage-class.yaml"
-
-- name: Apply local-storage storage class
-  shell: oc apply -f "{{ openshift_ansible_tmp }}/storage-class.yaml"

tasks/localstorage-master-pv.yaml.yml

@@ -0,0 +1,13 @@
+---
+
+# TODO: simplify this by rendering a single List object
+
+- name: Template local-storage PV template for {{ item }}
+  template:
+    src: pv.yaml.j2
+    dest: "{{ openshift_ansible_tmp }}/pv.yaml"
+
+- name: Create PVs for {{ item }}
+  shell: echo {0..{{ openshift_localstorage_num_volumes }}} | xargs -d ' ' -n 1 -I '{}' sed 's/<name>/vol{}/' {{ openshift_ansible_tmp }}/pv.yaml | oc create -f -
+  # will fail when volumes already exist
+  failed_when: no

tasks/localstorage-master.yml

@@ -0,0 +1,12 @@
+---
+
+- include_tasks: localstorage-master-pv.yaml
+  loop: "{{ openshift_localstorage_hosts }}"
+
+- name: Template local-storage storage class
+  template:
+    src: storage-class.yaml.j2
+    dest: "{{ openshift_ansible_tmp }}/storage-class.yaml"
+
+- name: Apply local-storage storage class
+  shell: oc apply -f "{{ openshift_ansible_tmp }}/storage-class.yaml"

tasks/main.yml

@@ -1,7 +1,17 @@
 ---
-- import_tasks: dependencies.yml
-- import_tasks: ansible.yml
-# TODO: run Ansible deployment on the host and wait for it to complete
-- import_tasks: users.yml
-- import_tasks: localstorage.yml
+
+- block:
+  - import_tasks: dependencies.yml
+  - import_tasks: ansible.yml
+    # TODO: run Ansible deployment on the host and wait for it to complete
+  - import_tasks: users.yml
+  - import_tasks: localstorage-master.yml
+    when: openshift_localstorage_hosts
+
+  when: openshift_is_ansible_master
+
+- import_tasks: localstorage-dirs.yml
   when: openshift_localstorage_enabled
+
+- import_tasks: node.yml
+  when: not openshift_is_ansible_master

tasks/node.yml

@@ -0,0 +1,7 @@
+---
+
+- name: SSH keys
+  authorized_key:
+    key: "{{ openshift_ssh_public_key }}"
+    user: root
+    key_options: 'from="{{ openshift_ssh_from }}"'

templates/pv.yaml.j2

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: PersistentVolume
 metadata:
-  name: local-{{ inventory_hostname }}-<name>
+  name: local-{{ item }}-<name>
 spec:
   capacity:
     storage: {{ openshift_localstorage_capacity }}
@@ -19,4 +19,4 @@ spec:
         - key: kubernetes.io/hostname
           operator: In
           values:
-          - {{ inventory_hostname }}
+          - {{ item }}