-
Notifications
You must be signed in to change notification settings - Fork 40
/
Copy pathopenshift_postinstall.yml
111 lines (92 loc) · 4.22 KB
/
openshift_postinstall.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
---
- hosts: masters
vars:
templates_query: '{range .items[*]}{.metadata.name}{"\n"}{end}'
image_streams_query: '{range .items[*]}{.metadata.name}{"\n"}{end}'
templates_to_keep: ['cakephp-mysql-persistent', 'metrics-deployer-template', 'registry-console']
image_streams_to_keep: ['python', 'php', 'mysql']
service_catalog_projects_to_annotate: ['kube-service-catalog']
default_node_selector: 'node-role.kubernetes.io/compute=true'
service_catalog_default_node_selector: 'openshift-infra=apiserver'
web_console_namespace: openshift-web-console
tmp_configmap_prometheus: /tmp/prometheus-configmap.yml
tmp_configmap_alertmanager: /tmp/alertmanager-configmap.yml
cfme_template: https://gist.githubusercontent.com/ruromero/c9616542f39311223e245074359cc607/raw/d81a3b1fd8b707a6a9dd7702998a1a6fb43feb99/cfme-template.yaml
tasks:
- name: Update {{ student_id }}-admin user to have cluster-admin privileges
command: >
oc adm policy add-cluster-role-to-user cluster-admin {{ student_id }}-admin
- name: Get templates
command: >
oc get templates -n openshift -o jsonpath='{{ templates_query }}'
register: templates
- name: Remove templates
command: >
oc delete templates -n openshift {{ item }}
when: item not in templates_to_keep
with_items:
- "{{ templates.stdout_lines }}"
- name: Get ImageStreams
command: >
oc get is -n openshift -o jsonpath='{{ image_streams_query }}'
register: image_streams
- name: Remove ImageStreams
command: >
oc delete is -n openshift {{ item }}
when: item not in image_streams_to_keep
with_items:
- "{{ image_streams.stdout_lines }}"
- name: Delete image stream tags not needed
command: >
oc tag {{ item }} -d
register: tag_delete
failed_when: tag_delete.rc != 0 and 'not found' not in tag_delete.stderr
changed_when: tag_delete.rc == 0
with_items:
- openshift/php:5.5
- openshift/php:5.6
- openshift/mysql:5.5
- openshift/mysql:5.6
- name: Setup CFME Template
command: >
oc apply -n openshift -f {{ cfme_template }}
- name: Join Prometheus and Web Console Networks
command: >
oc adm pod-network join-projects --to={{ openshift_prometheus_namespace }} {{ web_console_namespace }}
- name: Get Router Stats Password
command: >
oc get dc/router -n default -o jsonpath='{.spec.template.spec.containers[?(.name=="router")].env[?(.name=="STATS_PASSWORD")].value}'
register: router_password
- name: Export Prometheus ConfigMap
shell: oc export configmap/prometheus -n {{ openshift_prometheus_namespace }} > {{ tmp_configmap_prometheus }}
- name: Update Prometheus ConfigMap File
replace:
regexp: "^ alerting:$"
replace: " # OpenShift Router\n - job_name: openshift-routers\n scrape_interval: 30s\n scrape_timeout: 30s\n metrics_path: /metrics\n scheme: http\n static_configs:\n - targets:\n - router.default.svc.cluster.local:1936\n basic_auth:\n username: admin\n password: {{ router_password.stdout }}\n alerting: #"
path: "{{ tmp_configmap_prometheus }}"
- name: Update Prometheus ConfigMap
command: >
oc replace configmap -n {{ openshift_prometheus_namespace }} -f {{ tmp_configmap_prometheus }}
- name: Remove ConfigMap Exported File
file:
path: "{{ tmp_configmap_prometheus }}"
state: absent
- name: AlertManager Template
template:
src: templates/alertmanager.j2
dest: "{{ tmp_configmap_alertmanager }}"
- name: Delete Prometheus ConfigMap
command: >
oc delete configmap -n {{ openshift_prometheus_namespace }} alertmanager
- name: Update AlertManager ConfigMap
command: >
oc create configmap alertmanager -n {{ openshift_prometheus_namespace }} --from-file=alertmanager.yml={{ tmp_configmap_alertmanager }}
- name: Remove AlertManager ConfigMap File
file:
state: absent
path: "{{ tmp_configmap_alertmanager }}"
- name: Remove Prometheus Scrape Annotation
shell: oc annotate svc router -n default prometheus.io/scrape=false --overwrite
- name: Delete Prometheus Pod
command: >
oc delete pod -n {{ openshift_prometheus_namespace }} -l=app=prometheus