Created
May 5, 2015 15:17
-
-
Save FlorianOtel/cab952b01150df01d0dc to your computer and use it in GitHub Desktop.
OpenShift-v3 beta3 -- Ansible playbook run, 20150505-1710 (from master1)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@master1 src]# cat /etc/ansible/hosts | |
| # This is an example of a bring your own (byo) host inventory | |
| [OSEv3:children] | |
| masters | |
| nodes | |
| [OSEv3:vars] | |
| deployment_type=enterprise | |
| ansible_ssh_user=root | |
| # Pre-release registry URL | |
| #openshift_registry_url=docker-buildvm-rhose.usersys.redhat.com:5000/openshift3_beta/ose-${component}:${version} | |
| # Pre-release additional repo | |
| #openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] | |
| # host group for masters | |
| [masters] | |
| master1.nuage-vpc253.internal openshift_hostname=master1.nuage-vpc253.internal openshift_public_hostname=<Elastic IP of master1---edited> | |
| # host group for nodes | |
| [nodes] | |
| node1.nuage-vpc253.internal openshift_hostname=node1.nuage-vpc253.internal | |
| node2.nuage-vpc253.internal openshift_hostname=node2.nuage-vpc253.internal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat ansible-playbook-run-20150505-1710 | |
| PLAY [Populate oo_masters_to_config host group] ******************************* | |
| TASK: [add_host ] ************************************************************* | |
| hostname=master1.nuage-vpc253.internal | |
| ok: [localhost] => (item=master1.nuage-vpc253.internal) => {"item": "master1.nuage-vpc253.internal", "new_groups": ["oo_masters_to_config"], "new_host": "master1.nuage-vpc253.internal"} | |
| PLAY [Configure master instances] ********************************************* | |
| GATHERING FACTS *************************************************************** | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838538.61-36146231176790/setup; rm -rf /root/.ansible/tmp/ansible-tmp-1430838538.61-36146231176790/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Install firewalld packages] ****************************** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Check if iptables-services is installed] ***************** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Ensure iptables services are not enabled] **************** | |
| skipping: [master1.nuage-vpc253.internal] => (item=iptables) | |
| skipping: [master1.nuage-vpc253.internal] => (item=ip6tables) | |
| TASK: [os_firewall | Reload systemd units] ************************************ | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Start and enable firewalld service] ********************** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail] *** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Mask iptables services] ********************************** | |
| skipping: [master1.nuage-vpc253.internal] => (item=iptables) | |
| skipping: [master1.nuage-vpc253.internal] => (item=ip6tables) | |
| TASK: [os_firewall | Add firewalld allow rules] ******************************* | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '4001/tcp', 'service': 'etcd embedded'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8443/tcp', 'service': 'OpenShift api https'}) | |
| TASK: [os_firewall | Persist firewalld allow rules] *************************** | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '4001/tcp', 'service': 'etcd embedded'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8443/tcp', 'service': 'OpenShift api https'}) | |
| TASK: [os_firewall | Remove firewalld allow rules] **************************** | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8080/tcp', 'service': 'OpenShift api http'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8444/tcp', 'service': 'former OpenShift web console port'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '7001/tcp', 'service': 'former etcd peer port'}) | |
| TASK: [os_firewall | Persist removal of firewalld allow rules] **************** | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8080/tcp', 'service': 'OpenShift api http'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '8444/tcp', 'service': 'former OpenShift web console port'}) | |
| skipping: [master1.nuage-vpc253.internal] => (item={'port': '7001/tcp', 'service': 'former etcd peer port'}) | |
| TASK: [os_firewall | Install iptables packages] ******************************* | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> state=present name=iptables,iptables-services | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python -tt /root/.ansible/tmp/ansible-tmp-1430838540.55-2887234420307/yum; rm -rf /root/.ansible/tmp/ansible-tmp-1430838540.55-2887234420307/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item=iptables,iptables-services) => {"changed": false, "item": "iptables,iptables-services", "msg": "", "rc": 0, "results": ["iptables-1.4.21-13.el7.x86_64 providing iptables is already installed", "iptables-services-1.4.21-13.el7.x86_64 providing iptables-services is already installed"]} | |
| TASK: [os_firewall | Check if firewalld is installed] ************************* | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838542.77-64625117886010/command; rm -rf /root/.ansible/tmp/ansible-tmp-1430838542.77-64625117886010/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => {"changed": false, "cmd": ["rpm", "-q", "firewalld"], "delta": "0:00:00.044804", "end": "2015-05-05 11:09:03.107902", "failed": false, "failed_when_result": false, "rc": 1, "start": "2015-05-05 11:09:03.063098", "stderr": "", "stdout": "package firewalld is not installed", "stdout_lines": ["package firewalld is not installed"], "warnings": ["Consider using yum module rather than running rpm"]} | |
| TASK: [os_firewall | Ensure firewalld service is not enabled] ***************** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Reload systemd units] ************************************ | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Start and enable iptables service] *********************** | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> state=started name=iptables | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838543.19-41455690662673/service; rm -rf /root/.ansible/tmp/ansible-tmp-1430838543.19-41455690662673/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => {"changed": false, "enabled": true, "name": "iptables", "state": "started"} | |
| TASK: [os_firewall | need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail] *** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Mask firewalld service] ********************************** | |
| skipping: [master1.nuage-vpc253.internal] | |
| TASK: [os_firewall | Add iptables allow rules] ******************************** | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> action=add protocol=tcp port=4001 name=etcd embedded | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838543.89-161283833957572/os_firewall_manage_iptables; rm -rf /root/.ansible/tmp/ansible-tmp-1430838543.89-161283833957572/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item={'port': '4001/tcp', 'service': 'etcd embedded'}) => {"changed": false, "item": {"port": "4001/tcp", "service": "etcd embedded"}, "output": []} | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> action=add protocol=tcp port=8443 name=OpenShift api https | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838544.2-20012380676559/os_firewall_manage_iptables; rm -rf /root/.ansible/tmp/ansible-tmp-1430838544.2-20012380676559/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item={'port': '8443/tcp', 'service': 'OpenShift api https'}) => {"changed": false, "item": {"port": "8443/tcp", "service": "OpenShift api https"}, "output": []} | |
| TASK: [os_firewall | Remove iptables rules] *********************************** | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> action=remove protocol=tcp port=8080 name=OpenShift api http | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838544.51-58066877108824/os_firewall_manage_iptables; rm -rf /root/.ansible/tmp/ansible-tmp-1430838544.51-58066877108824/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item={'port': '8080/tcp', 'service': 'OpenShift api http'}) => {"changed": false, "item": {"port": "8080/tcp", "service": "OpenShift api http"}, "output": []} | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> action=remove protocol=tcp port=8444 name=former OpenShift web console port | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838544.84-268618040909235/os_firewall_manage_iptables; rm -rf /root/.ansible/tmp/ansible-tmp-1430838544.84-268618040909235/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item={'port': '8444/tcp', 'service': 'former OpenShift web console port'}) => {"changed": false, "item": {"port": "8444/tcp", "service": "former OpenShift web console port"}, "output": []} | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> action=remove protocol=tcp port=7001 name=former etcd peer port | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838545.14-243529809368051/os_firewall_manage_iptables; rm -rf /root/.ansible/tmp/ansible-tmp-1430838545.14-243529809368051/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| ok: [master1.nuage-vpc253.internal] => (item={'port': '7001/tcp', 'service': 'former etcd peer port'}) => {"changed": false, "item": {"port": "7001/tcp", "service": "former etcd peer port"}, "output": []} | |
| TASK: [openshift_facts | Gather OpenShift facts] ****************************** | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| <master1.nuage-vpc253.internal> | |
| <master1.nuage-vpc253.internal> ConnectTimeout=10 PasswordAuthentication=no 'LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts; rm -rf /root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/ >/dev/null 2>&1' KbdInteractiveAuthentication=no ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey ControlMaster=auto Port=22 ControlPersist=60s | |
| failed: [master1.nuage-vpc253.internal] => {"failed": true, "parsed": false} | |
| Traceback (most recent call last): | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 4981, in <module> | |
| main() | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 461, in main | |
| openshift_facts = OpenShiftFacts(role, fact_file, local_facts) | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 36, in __init__ | |
| self.facts = self.generate_facts(local_facts) | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 44, in generate_facts | |
| facts = self.apply_provider_facts(defaults, provider_facts, roles) | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 142, in apply_provider_facts | |
| facts['common'][h_var] = self.choose_hostname([provider_facts['network'].get(h_var)], facts['common'][ip_var]) | |
| File "/root/.ansible/tmp/ansible-tmp-1430838545.48-33979235548537/openshift_facts", line 164, in choose_hostname | |
| ips = [ i for i in hostnames if i is not None and re.match(r'\A\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\Z', i) ] | |
| File "/usr/lib64/python2.7/re.py", line 137, in match | |
| return _compile(pattern, flags).match(string) | |
| TypeError: expected string or buffer | |
| OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013 | |
| debug1: Reading configuration data /etc/ssh/ssh_config | |
| debug1: /etc/ssh/ssh_config line 56: Applying options for * | |
| debug1: auto-mux: Trying existing master | |
| debug2: fd 3 setting O_NONBLOCK | |
| debug2: mux_client_hello_exchange: master version 4 | |
| debug3: mux_client_forwards: request forwardings: 0 local, 0 remote | |
| debug3: mux_client_request_session: entering | |
| debug3: mux_client_request_alive: entering | |
| debug3: mux_client_request_alive: done pid = 2122 | |
| debug3: mux_client_request_session: session request sent | |
| debug1: mux_client_request_session: master session id: 2 | |
| debug3: mux_client_read_packet: read header failed: Broken pipe | |
| debug2: Received exit status from master 0 | |
| Shared connection to master1.nuage-vpc253.internal closed. | |
| FATAL: all hosts have already failed -- aborting | |
| PLAY RECAP ******************************************************************** | |
| to retry, use: --limit @/root/config.retry | |
| localhost : ok=1 changed=0 unreachable=0 failed=0 | |
| master1.nuage-vpc253.internal : ok=12 changed=0 unreachable=0 failed=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Host listing | |
| root@master1 openshift-ansible]# ansible-playbook -vvvv --syntax-check --list-hosts ./playbooks/byo/config.yml | |
| playbook: ./playbooks/byo/config.yml | |
| play #1 (Populate oo_masters_to_config host group): host count=1 | |
| localhost | |
| play #2 (Configure master instances): host count=0 | |
| play #3 (Additional instance config): host count=0 | |
| play #4 (Populate oo_nodes_to_config and oo_first_master host groups): host count=1 | |
| localhost | |
| play #5 (Gather and set facts for node hosts): host count=0 | |
| play #6 (Create temp directory for syncing certs): host count=1 | |
| localhost | |
| play #7 (Register nodes): host count=0 | |
| play #8 (Configure node instances): host count=0 | |
| play #9 (Delete the temporary directory on the master): host count=0 | |
| play #10 (Delete temporary directory on localhost): host count=1 | |
| localhost | |
| play #11 (Additional instance config): host count=0 | |
| #### Task list | |
| [root@master1 openshift-ansible]# ansible-playbook -vvvv --syntax-check --list-tasks ./playbooks/byo/config.yml | |
| playbook: ./playbooks/byo/config.yml | |
| play #1 (Populate oo_masters_to_config host group): | |
| add_host | |
| play #2 (Configure master instances): | |
| Install firewalld packages | |
| Check if iptables-services is installed | |
| Ensure iptables services are not enabled | |
| Reload systemd units | |
| Start and enable firewalld service | |
| need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail | |
| Mask iptables services | |
| Add firewalld allow rules | |
| Persist firewalld allow rules | |
| Remove firewalld allow rules | |
| Persist removal of firewalld allow rules | |
| Install iptables packages | |
| Check if firewalld is installed | |
| Ensure firewalld service is not enabled | |
| Reload systemd units | |
| Start and enable iptables service | |
| need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail | |
| Mask firewalld service | |
| Add iptables allow rules | |
| Remove iptables rules | |
| Gather OpenShift facts | |
| assert | |
| Ensure libselinux-python is installed | |
| Create any additional repos that are defined | |
| Remove the additional repos if no longer defined | |
| Remove any yum repo files for other deployment types | |
| Configure gpg keys if needed | |
| Configure yum repositories | |
| Set common OpenShift facts | |
| Set hostname | |
| Set master OpenShift facts | |
| Set dns OpenShift facts | |
| Install OpenShift Master package | |
| Reload systemd units | |
| Create certificate parent directory if it doesn't exist | |
| Create config parent directory if it doesn't exist | |
| Use enterprise default for openshift_registry_url if not set | |
| Use online default for openshift_registry_url if not set | |
| Create master config | |
| Configure OpenShift settings | |
| Start and enable openshift-master | |
| Create the OpenShift client config dir(s) | |
| Create the OpenShift client config(s) | |
| Update the permissions on the OpenShift client config(s) | |
| Set master sdn OpenShift facts | |
| Install openshift-sdn-master | |
| Reload systemd units | |
| Configure openshift-sdn-master settings | |
| Enable openshift-sdn-master | |
| Create group for deployment type | |
| play #3 (Additional instance config): | |
| Transfer the fedora_apache pod template | |
| Transfer the fedora_apache pod template | |
| Ensure irbrc is installed for user root | |
| Ensure vimrc is installed for user root | |
| Bash Completion | |
| play #4 (Populate oo_nodes_to_config and oo_first_master host groups): | |
| Evaluate oo_nodes_to_config | |
| Evaluate oo_first_master | |
| play #5 (Gather and set facts for node hosts): | |
| Gather OpenShift facts | |
| openshift_facts | |
| play #6 (Create temp directory for syncing certs): | |
| Create local temp directory for syncing certs | |
| play #7 (Register nodes): | |
| Gather OpenShift facts | |
| Use enterprise default for openshift_registry_url if not set | |
| Use online default for openshift_registry_url if not set | |
| Create node config | |
| Register unregistered nodes | |
| Create the temp directory on the master | |
| Create a tarball of the node config directories | |
| Retrieve the node config tarballs from the master | |
| play #8 (Configure node instances): | |
| Ensure certificate directory exists | |
| Unarchive the tarball on the node | |
| Install firewalld packages | |
| Check if iptables-services is installed | |
| Ensure iptables services are not enabled | |
| Reload systemd units | |
| Start and enable firewalld service | |
| need to pause here, otherwise the firewalld service starting can sometimes cause ssh to fail | |
| Mask iptables services | |
| Add firewalld allow rules | |
| Persist firewalld allow rules | |
| Remove firewalld allow rules | |
| Persist removal of firewalld allow rules | |
| Install iptables packages | |
| Check if firewalld is installed | |
| Ensure firewalld service is not enabled | |
| Reload systemd units | |
| Start and enable iptables service | |
| need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail | |
| Mask firewalld service | |
| Add iptables allow rules | |
| Remove iptables rules | |
| Gather OpenShift facts | |
| assert | |
| Ensure libselinux-python is installed | |
| Create any additional repos that are defined | |
| Remove the additional repos if no longer defined | |
| Remove any yum repo files for other deployment types | |
| Configure gpg keys if needed | |
| Configure yum repositories | |
| Set common OpenShift facts | |
| Set hostname | |
| Set node OpenShift facts | |
| Test if node certs and config exist | |
| Install OpenShift Node package | |
| Reload systemd units | |
| Configure OpenShift Node settings | |
| Start and enable openshift-node | |
| Disable openshift-node if openshift-node is managed externally | |
| Set node sdn OpenShift facts | |
| Install openshift-sdn-node | |
| Reload systemd units | |
| Configure openshift-sdn-node settings | |
| Ensure we aren't setting DOCKER_OPTIONS in /etc/sysconfig/openshift-sdn-node | |
| Configure docker insecure-registry setting | |
| Start and enable openshift-sdn-node | |
| Create group for deployment type | |
| play #9 (Delete the temporary directory on the master): | |
| file name={{ sync_tmpdir }} state=absent | |
| play #10 (Delete temporary directory on localhost): | |
| file name={{ mktemp.stdout }} state=absent | |
| play #11 (Additional instance config): | |
| Ensure irbrc is installed for user root | |
| Ensure vimrc is installed for user root | |
| Bash Completion | |
| Change root to be in the Docker group | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment