Add possibility to enable Persistent Local Storage using Ansible

openshift · Nov 30, 2017 · 1d3b498 · 1d3b498
1 parent 6b6b422
commit 1d3b498
Show file tree

Hide file tree

Showing 14 changed files with 249 additions and 4 deletions.
diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example
@@ -577,6 +577,11 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 # openshift_storageclass_name=gp2
 # openshift_storageclass_parameters={'type': 'gp2', 'encrypted': 'false'}
 #
+# PersistentLocalStorage
+# If Persistent Local Storage is wanted, this boolean can be defined to True.
+# This will create all necessary configuration to use persistent storage on nodes.
+#openshift_persistentlocalstorage_enabled=False
+#openshift_persistentlocalstorage_classes=[]
 
 # Logging deployment
 #

diff --git a/playbooks/openshift-hosted/private/create_persistent_volumes.yml b/playbooks/openshift-hosted/private/create_persistent_volumes.yml
@@ -7,3 +7,26 @@
   roles:
   - role: openshift_persistent_volumes
     when: persistent_volumes | length > 0 or persistent_volume_claims | length > 0
+
+- name: Create Hosted Resources - Persistent Local Storage Provider
+  hosts: oo_first_master
+  vars:
+    persistentlocalstorage_project: "{{ openshift_persistentlocalstorage_project | default('local-storage') }}"
+    persistentlocalstorage_classes: "{{ openshift_persistentlocalstorage_classes | default([]) }}"
+  roles:
+  - role: openshift_persistentlocalstorage
+    when: openshift_persistentlocalstorage_enabled | bool
+
+- name: Create Hosted Resources - Persistent Local Storage Classes
+  hosts: nodes
+  tasks:
+  - name: Create Persistent Local Storage Classes Directories
+    file:
+      path: "/mnt/local-storage/{{ item }}"
+      owner: root
+      group: root
+      mode: 770
+      state: directory
+      setype: svirt_sandbox_file_t
+    with_items: "{{ openshift_persistentlocalstorage_classes }}"
+    when: openshift_persistentlocalstorage_classes | default([]) | length > 0 and openshift_persistentlocalstorage_enabled | bool
diff --git a/roles/openshift_master/README.md b/roles/openshift_master/README.md
@@ -24,6 +24,7 @@ From this role:
 | openshift_master_console_port                     | UNDEF                 |                                                                               |
 | openshift_master_api_url                          | UNDEF                 |                                                                               |
 | openshift_master_console_url                      | UNDEF                 |                                                                               |
+| openshift_persistentlocalstorage_enabled          | false                 | Enable the persistent local storage                                           |
 | openshift_master_public_api_url                   | UNDEF                 |                                                                               |
 | openshift_master_public_console_url               | UNDEF                 |                                                                               |
 | openshift_master_saconfig_limit_secret_references | false                 |                                                                               |

diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
@@ -73,6 +73,8 @@ r_openshift_master_data_dir: "{{ r_openshift_master_data_dir_default }}"
 r_openshift_master_sdn_network_plugin_name_default: "{{ os_sdn_network_plugin_name | default('redhat/openshift-ovs-subnet') }}"
 r_openshift_master_sdn_network_plugin_name: "{{ r_openshift_master_sdn_network_plugin_name_default }}"
 
+openshift_master_use_persistentlocalvolumes: "{{ openshift_persistentlocalstorage_enabled | default(False) }}"
+
 openshift_master_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
 openshift_master_image_config_latest: "{{ openshift_master_image_config_latest_default }}"
 

diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -118,8 +118,16 @@ kubernetesMasterConfig:
     - etcd3
     storage-media-type:
     - application/vnd.kubernetes.protobuf
+{% endif %}
+{% if openshift_master_use_persistentlocalvolumes | bool %}
+    feature-gates:
+    - PersistentLocalVolumes=true
 {% endif %}
   controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }}
+{% if openshift_master_use_persistentlocalvolumes | bool %}
+    feature-gates:
+    - PersistentLocalVolumes=true
+{% endif %}
   masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }}
   masterIP: {{ openshift.common.ip }}
   podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }}

diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md
@@ -15,10 +15,11 @@ Role Variables
 --------------
 From this role:
 
-| Name                       | Default value         |                                                          |
-|----------------------------|-----------------------|----------------------------------------------------------|
-| oreg_url                   | UNDEF (Optional)      | Default docker registry to use                           |
-| oreg_url_node              | UNDEF (Optional)      | Default docker registry to use, specifically on the node |
+| Name                                     | Default value         |                                                          |
+|------------------------------------------|-----------------------|----------------------------------------------------------|
+| oreg_url                                 | UNDEF (Optional)      | Default docker registry to use                           |
+| oreg_url_node                            | UNDEF (Optional)      | Default docker registry to use, specifically on the node |
+| openshift_persistentlocalstorage_enabled | false                 | Enable the persistent local storage                      |
 
 Dependencies
 ------------

diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
@@ -133,4 +133,7 @@ openshift_node_config_dir: "{{ openshift_node_config_dir_default }}"
 openshift_node_image_config_latest_default: "{{ openshift_image_config_latest | default(False) }}"
 openshift_node_image_config_latest: "{{ openshift_node_image_config_latest_default }}"
 
+
 openshift_node_use_instance_profiles: False
+
+openshift_node_use_persistentlocalvolumes: "{{ openshift_persistentlocalstorage_enabled | default(False) }}"
diff --git a/roles/openshift_node_group/templates/node-config.yaml.j2 b/roles/openshift_node_group/templates/node-config.yaml.j2
@@ -26,6 +26,10 @@ kubeletArguments:
   cloud-provider:
   - {{ openshift_node_group_cloud_provider }}
   node-labels: {{ openshift_node_group_labels | to_json }}
+{% if openshift_node_use_persistentlocalvolumes | bool %}
+  feature-gates:
+  - PersistentLocalVolumes=true
+{% endif %}
 masterClientConnectionOverrides:
   acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
   burst: 40

diff --git a/roles/openshift_persistent_volumes/README.md b/roles/openshift_persistent_volumes/README.md
@@ -42,6 +42,7 @@ Example Playbook
       capacity: "5Gi"
       access_modes:
       - "ReadWriteMany"
+    openshift_persistentlocalstorage_enabled: True
   roles:
   - role: openshift_persistent_volumes
 ```

diff --git a/roles/openshift_persistentlocalstorage/README.md b/roles/openshift_persistentlocalstorage/README.md
@@ -0,0 +1,44 @@
+OpenShift Persistent Local Volumes
+==================================
+
+OpenShift Persistent Local Volumes
+
+Requirements
+------------
+
+Role Variables
+--------------
+
+| Name                           | Default value |                                                                           |
+|--------------------------------|---------------|---------------------------------------------------------------------------|
+| persistentlocalstorage_project | local-storage | The namespace where the Persistent Local Volume Provider will be deployed |
+| persistentlocalstorage_classes | []            | Storage classes that will be created                                      |
+
+Dependencies
+------------
+
+
+Example Playbook
+----------------
+
+```
+- name: Create persistent Local Storage Provider
+  hosts: oo_first_master
+  vars:
+    persistentlocalstorage_project: local-storage
+    persistentlocalstorage_classes:
+    - ssd
+    - hdd
+  roles:
+  - role: openshift_persistentlocalstorage
+```
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Diego Abelenda ([email protected])
diff --git a/roles/openshift_persistentlocalstorage/defaults/main.yml b/roles/openshift_persistentlocalstorage/defaults/main.yml
@@ -0,0 +1,2 @@
+persistentlocalstorage_project: local-storage
+persistentlocalstorage_classes: []
diff --git a/roles/openshift_persistentlocalstorage/meta/main.yml b/roles/openshift_persistentlocalstorage/meta/main.yml
@@ -0,0 +1,13 @@
+---
+galaxy_info:
+  author: Diego Abelenda
+  description: OpenShift Persistent Local Volumes
+  company: Camptocamp
+  license: Apache License, Version 2.0
+  min_ansible_version: 1.9
+  platforms:
+  - name: EL
+    versions:
+    - 7
+dependencies:
+- role: lib_openshift
diff --git a/roles/openshift_persistentlocalstorage/tasks/main.yml b/roles/openshift_persistentlocalstorage/tasks/main.yml
@@ -0,0 +1,128 @@
+---
+- name: Create Namespace for Persistent Local Storage
+  oc_project:
+    name: "{{ persistentlocalstorage_project }}"
+
+- name: Create temp directory for template
+  command: mktemp -d /tmp/openshift-ansible-XXXXXXX
+  register: g_persistentstorage_mktemp
+  changed_when: false
+
+- template:
+    src: local-persistent-volume-config.j2
+    dest: "{{g_persistentstorage_mktemp.stdout}}/local-persistent-volume-config"
+  changed_when: no
+
+- slurp:
+    src: "{{g_persistentstorage_mktemp.stdout}}/local-persistent-volume-config"
+  register: local_persistent_volume_config
+
+- name: Create ConfigMap for Persistent Local Storage Provisioner
+  oc_obj:
+    name: "local-volume-provisioner-config"
+    namespace: "{{ persistentlocalstorage_project }}"
+    kind: ConfigMap
+    content:
+      path: /tmp/cmplspout
+      data: "{{ local_persistent_volume_config.content | b64decode | from_yaml }}"
+
+- name: Create ServiceAccount for Persistent Local Storage Provisioner
+  oc_serviceaccount:
+    name: "local-volume-provisioner"
+    namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Add SecurityContextContraint for Local Storage Provisioner
+  oc_adm_policy_user:
+    user: "system:serviceaccount:{{ persistentlocalstorage_project }}:local-volume-provisioner"
+    namespace: "{{ persistentlocalstorage_project }}"
+    resource_kind: scc
+    resource_name: hostmount-anyuid
+    state: present
+
+- name: Give rights to local-volume-provisioner to manage volumes
+  oc_obj:
+    state: present
+    kind: ClusterRoleBinding
+    name: local-storage:provisioner-pv-binding
+    content:
+      path: /tmp/crblvpout
+      data:
+        apiVersion: v1
+        kind: ClusterRoleBinding
+        metadata:
+          name: local-storage:provisioner-pv-binding
+        roleRef:
+          apiGroup: rbac.authorization.k8s.io
+          kind: ClusterRole
+          name: system:persistent-volume-provisioner
+        subjects:
+        - kind: ServiceAccount
+          name: local-volume-provisioner
+          namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Give rights to local-volume-provisioner to list nodes
+  oc_obj:
+    state: present
+    kind: ClusterRoleBinding
+    name: local-storage:provisioner-node-binding
+    content:
+      path: /tmp/ls-provnode
+      data:
+        apiVersion: v1
+        kind: ClusterRoleBinding
+        metadata:
+          name: local-storage:provisioner-node-binding
+        roleRef:
+          apiGroup: rbac.authorization.k8s.io
+          kind: ClusterRole
+          name: system:node
+        subjects:
+        - kind: ServiceAccount
+          name: local-volume-provisioner
+          namespace: "{{ persistentlocalstorage_project }}"
+
+- name: Create Application Persistent Local Storage Provisioner
+  oc_obj:
+    kind: DaemonSet
+    namespace: "{{ persistentlocalstorage_project }}"
+    state: present
+    name: local-volume-provisioner
+    content:
+      path: /tmp/plsprovout
+      data:
+        apiVersion: extensions/v1beta1
+        kind: DaemonSet
+        metadata:
+          name: local-volume-provisioner
+        spec:
+          template:
+            metadata:
+              labels:
+                app: local-volume-provisioner
+            spec:
+              containers:
+              - env:
+                - name: MY_NODE_NAME
+                  valueFrom:
+                    fieldRef:
+                      apiVersion: v1
+                      fieldPath: spec.nodeName
+                - name: MY_NAMESPACE
+                  valueFrom:
+                    fieldRef:
+                      apiVersion: v1
+                      fieldPath: metadata.namespace
+                - name: VOLUME_CONFIG_NAME
+                  value: local-volume-provisioner-config
+                image: quay.io/external_storage/local-volume-provisioner:v1.0.1
+                name: provisioner
+                securityContext:
+                  runAsUser: 0
+                volumeMounts:
+                - mountPath: /mnt/local-storage
+                  name: local-storage
+              serviceAccountName: local-volume-provisioner
+              volumes:
+              - hostPath:
+                  path: /mnt/local-storage
+                name: local-storage
diff --git a/roles/openshift_persistentlocalstorage/templates/local-persistent-volume-config.j2 b/roles/openshift_persistentlocalstorage/templates/local-persistent-volume-config.j2
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+data:
+{% for class in persistentlocalstorage_classes %}
+  {{class}}: '{ "hostDir": "/mnt/local-storage/{{ class }}", "mountDir" : "/mnt/local-storage/{{ class }}" }'
+{% endfor %}
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: local-volume-provisioner-config
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		persistentlocalstorage_project: local-storage
		persistentlocalstorage_classes: []