Hack hack hack

Author: smarterclayton

playbooks/common/openshift-cluster/upgrades/docker/tasks/restart.yml

@@ -6,13 +6,19 @@
   retries: 3
   delay: 30
 
+- name: Restart static master services
+  command: /usr/bin/master-restart "{{ item }}"
+  with_items:
+  - api
+  - controllers
+  - etcd
+  failed_when: false
+  when: openshift_is_containerized | bool
+
 - name: Restart containerized services
   service: name={{ item }} state=started
   with_items:
-    - etcd_container
     - openvswitch
-    - "{{ openshift_service_type }}-master-api"
-    - "{{ openshift_service_type }}-master-controllers"
     - "{{ openshift_service_type }}-node"
   failed_when: false
   when: openshift_is_containerized | bool

playbooks/common/openshift-cluster/upgrades/docker/tasks/upgrade.yml

@@ -4,14 +4,19 @@
 - name: Stop containerized services
   service: name={{ item }} state=stopped
   with_items:
-    - "{{ openshift_service_type }}-master-api"
-    - "{{ openshift_service_type }}-master-controllers"
     - "{{ openshift_service_type }}-node"
-    - etcd_container
     - openvswitch
   failed_when: false
   when: openshift_is_containerized | bool
 
+- name: Restart static master services
+  command: /usr/bin/master-restart "{{ item }}"
+  with_items:
+  - api
+  - controllers
+  - etcd
+  failed_when: false
+
 - name: Check Docker image count
   shell: "docker images -aq | wc -l"
   register: docker_image_count

playbooks/openshift-master/private/config.yml

@@ -178,6 +178,13 @@
     openshift_no_proxy_etcd_host_ips: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | default([]))
                                                 | lib_utils_oo_collect('openshift.common.ip') | default([]) | join(',')
                                                 }}"
+  pre_tasks:
+  - name: Prepare the bootstrap node config on masters for self-hosting
+    import_role:
+      name: openshift_node_group
+      tasks_from: bootstrap
+    when: openshift_master_bootstrap_enabled | default(false) | bool
+
   roles:
   - role: openshift_master_facts
   - role: openshift_clock

playbooks/openshift-master/private/scaleup.yml

@@ -16,19 +16,14 @@
       yaml_key: 'kubernetesMasterConfig.masterCount'
       yaml_value: "{{ openshift.master.master_count }}"
     notify:
-    - restart master api
-    - restart master controllers
+    - restart master
   handlers:
-  - name: restart master api
-    service: name={{ openshift_service_type }}-master-controllers state=restarted
+  - name: restart master
+    command: /usr/bin/master-restart "{{ item }}"
+    with_items:
+    - api
+    - controllers
     notify: verify api server
-  # We retry the controllers because the API may not be 100% initialized yet.
-  - name: restart master controllers
-    command: "systemctl restart {{ openshift_service_type }}-master-controllers"
-    retries: 3
-    delay: 5
-    register: result
-    until: result.rc == 0
   - name: verify api server
     command: >
       curl --silent --tlsv1.2

playbooks/openshift-master/private/tasks/wire_aggregator.yml

@@ -191,16 +191,11 @@
 #restart master serially here
 - when: yedit_output.changed or (yedit_asset_config_output is defined and yedit_asset_config_output.changed)
   block:
-  - name: restart master api
-    systemd: name={{ openshift_service_type }}-master-api state=restarted
-
-  # We retry the controllers because the API may not be 100% initialized yet.
-  - name: restart master controllers
-    command: "systemctl restart {{ openshift_service_type }}-master-controllers"
-    retries: 3
-    delay: 5
-    register: result
-    until: result.rc == 0
+  - name: restart master
+    command: /usr/bin/master-restart "{{ item }}"
+    with_items:
+    - api
+    - controllers
 
   - name: Verify API Server
     # Using curl here since the uri module requires python-httplib2 and

playbooks/openshift-node/private/restart.yml

@@ -22,10 +22,7 @@
       name: "{{ item }}"
       state: started
     with_items:
-    - etcd_container
     - openvswitch
-    - "{{ openshift_service_type }}-master-api"
-    - "{{ openshift_service_type }}-master-controllers"
     - "{{ openshift_service_type }}-node"
     failed_when: false
     when: openshift_is_containerized | bool

files/control-plane/etcd.yaml renamed to roles/etcd/etcd.yaml

@@ -9,104 +9,12 @@
 - name: setup firewall
   import_tasks: firewall.yml
 
-- name: Install etcd
-  package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
-  when: not etcd_is_containerized | bool
-  register: result
-  until: result is succeeded
-
-- include_tasks: drop_etcdctl.yml
-  when:
-  - openshift_etcd_etcdctl_profile | default(true) | bool
-
-- block:
-  - name: Pull etcd container
-    command: docker pull {{ etcd_image }}
-    register: pull_result
-    changed_when: "'Downloaded newer image' in pull_result.stdout"
-
-  - name: Install etcd container service file
-    template:
-      dest: "/etc/systemd/system/etcd_container.service"
-      src: etcd.docker.service
-  when:
-  - etcd_is_containerized | bool
-  - not l_is_etcd_system_container | bool
-
-# Start secondary etcd instance for third party integrations
-# TODO: Determine an alternative to using thirdparty variable
-- block:
-  - name: Create configuration directory
-    file:
-      path: "{{ etcd_conf_dir }}"
-      state: directory
-      mode: 0700
-
-  # TODO: retest with symlink to confirm it does or does not function
-  - name: Copy service file for etcd instance
-    copy:
-      src: /usr/lib/systemd/system/etcd.service
-      dest: "/etc/systemd/system/{{ etcd_service }}.service"
-      remote_src: True
-
-  - name: Create third party etcd service.d directory exists
-    file:
-      path: "{{ etcd_systemd_dir }}"
-      state: directory
-
-  - name: Configure third part etcd service unit file
-    template:
-      dest: "{{ etcd_systemd_dir }}/custom.conf"
-      src: custom.conf.j2
-  when: etcd_is_thirdparty
-
   # TODO: this task may not be needed with Validate permissions
 - name: Ensure etcd datadir exists
   file:
     path: "{{ etcd_data_dir }}"
     state: directory
     mode: 0700
-  when: etcd_is_containerized | bool
-
-- name: Ensure etcd datadir ownership for thirdparty datadir
-  file:
-    path: "{{ etcd_data_dir }}"
-    state: directory
-    mode: 0700
-    owner: etcd
-    group: etcd
-    recurse: True
-  when: etcd_is_thirdparty | bool
-
-  # TODO: Determine if the below reload would work here, for now just reload
-- name:
-  command: systemctl daemon-reload
-  when: etcd_is_thirdparty | bool
-
-- block:
-  - name: Disable system etcd when containerized
-    systemd:
-      name: etcd
-      state: stopped
-      enabled: no
-      masked: yes
-      daemon_reload: yes
-    when: not l_is_etcd_system_container | bool
-    register: task_result
-    failed_when:
-    - task_result is failed
-    - ('could not' not in task_result.msg|lower)
-
-  - name: Install etcd container service file
-    template:
-      dest: "/etc/systemd/system/etcd_container.service"
-      src: etcd.docker.service
-    when: not l_is_etcd_system_container | bool
-
-  - name: Install Etcd system container
-    include_tasks: system_container.yml
-    when: l_is_etcd_system_container | bool
-  when: etcd_is_containerized | bool
 
 - name: Validate permissions on the config dir
   file:
@@ -121,16 +29,9 @@
     src: etcd.conf.j2
     dest: "{{ etcd_conf_file }}"
     backup: true
-  notify:
-  - restart etcd
 
 - name: Enable etcd
-  systemd:
-    name: "{{ etcd_service }}"
-    state: started
-    enabled: yes
-  register: start_result
-
-- name: Set fact etcd_service_status_changed
-  set_fact:
-    etcd_service_status_changed: "{{ start_result is changed }}"
+  copy:
+    src: "etcd.yaml"
+    dest: "/etc/origin/node/pods/"
+    mode: 0700

roles/etcd/tasks/main.yml

@@ -1,18 +1,12 @@
 ---
-- name: restart master api
-  systemd: name={{ openshift_service_type }}-master-api state=restarted
+- name: restart master
+  command: /usr/bin/master-restart "{{ item }}"
+  with_items:
+  - api
+  - controllers
   when: (not (master_api_service_status_changed | default(false) | bool))
   notify: Verify API Server
 
-# We retry the controllers because the API may not be 100% initialized yet.
-- name: restart master controllers
-  command: "systemctl restart {{ openshift_service_type }}-master-controllers"
-  retries: 3
-  delay: 5
-  register: result
-  until: result.rc == 0
-  when: (not (master_controllers_service_status_changed | default(false) | bool))
-
 - name: Verify API Server
   # Using curl here since the uri module requires python-httplib2 and
   # wait_for port doesn't provide health information.

roles/openshift_logging/handlers/main.yml

@@ -11,10 +11,16 @@ spec:
   hostNetwork: true
   containers:
   - name: api
-    image: openshift/origin:v3.9.0-alpha.3
-    command: ["/usr/bin/openshift", "start", "master", "api"]
+    image: openshift/origin:v3.9.0-alpha.4
+    command: ["/bin/bash", "-c"]
     args:
-    - "--config=/etc/origin/master/master-config.yaml"
+    - |
+      #!/bin/bash
+      set -euo pipefail
+      if [[ -f /etc/origin/master/master.env ]]; then
+        source /etc/origin/master/master.env
+      fi
+      exec openshift start master api --config=/etc/origin/master/master-config.yaml
     securityContext:
       privileged: true
     volumeMounts:

files/control-plane/apiserver.yaml renamed to roles/openshift_master/files/apiserver.yaml

@@ -11,11 +11,16 @@ spec:
   hostNetwork: true
   containers:
   - name: controllers
-    image: openshift/origin:v3.9.0-alpha.3
-    command: ["/usr/bin/openshift", "start", "master", "controllers"]
+    image: openshift/origin:v3.9.0-alpha.4
+    command: ["/bin/bash", "-c"]
     args:
-    - "--config=/etc/origin/master/master-config.yaml"
-    - "--listen=https://0.0.0.0:8444"
+    - |
+      #!/bin/bash
+      set -euo pipefail
+      if [[ -f /etc/origin/master/master.env ]]; then
+        source /etc/origin/master/master.env
+      fi
+      exec openshift start master controllers --config=/etc/origin/master/master-config.yaml --listen=https://0.0.0.0:8444
     securityContext:
       privileged: true
     volumeMounts:

files/control-plane/controller.yaml renamed to roles/openshift_master/files/controller.yaml

@@ -0,0 +1,16 @@
+#!/bin/bash
+set -euo pipefail
+
+# Return the logs for a given static pod by component name and container name. Remaining arguments are passed to the
+# current container runtime.
+if [[ -z "${1-}" || -z "${2-}" ]]; then
+  echo "A component name like 'api', 'etcd', or 'controllers' must be specified along with the container name within that component." 1>&2
+  exit 1
+fi
+uid=$(docker ps -l -a --filter "label=openshift.io/component=${1}" --filter "label=io.kubernetes.container.name=POD" --format '{{ .Label "io.kubernetes.pod.uid" }}')
+if [[ -z "${uid}" ]]; then
+  echo "Component ${1} is stopped or not running" 1>&2
+  exit 0
+fi
+container=$(docker ps -l -a -q --filter "label=io.kubernetes.pod.uid=${uid}" --filter "label=io.kubernetes.container.name=${2}")
+exec docker logs "${@:3}" "${container}"

roles/openshift_master/files/scripts/docker/master-logs

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -euo pipefail
+
+# Restart the named component by stopping its base container.
+if [[ -z "${1-}" ]]; then
+  echo "A component name like 'api', 'etcd', or 'controllers' must be specified." 1>&2
+  exit 1
+fi
+container=$(docker ps -l -q --filter "label=openshift.io/component=${1}" --filter "label=io.kubernetes.container.name=POD")
+if [[ -z "${container}" ]]; then
+  echo "Component ${1} is already stopped" 1>&2
+  exit 0
+fi
+exec docker stop "${container}" --time 30 >/dev/null

roles/openshift_master/files/scripts/docker/master-restart

@@ -1,23 +1,14 @@
 ---
-- name: restart master api
-  systemd:
-    name: "{{ openshift_service_type }}-master-api"
-    state: restarted
+- name: restart master
+  command: /usr/bin/master-restart "{{ item }}"
+  with_items:
+  - api
+  - controllers
   when:
   - not (master_api_service_status_changed | default(false) | bool)
   notify:
   - Verify API Server
 
-# We retry the controllers because the API may not be 100% initialized yet.
-- name: restart master controllers
-  command: "systemctl restart {{ openshift_service_type }}-master-controllers"
-  retries: 3
-  delay: 5
-  register: result
-  until: result.rc == 0
-  when:
-  - not (master_controllers_service_status_changed | default(false) | bool)
-
 - name: Verify API Server
   # Using curl here since the uri module requires python-httplib2 and
   # wait_for port doesn't provide health information.