From 81292a91afbf78c85f0394002de6533dde1223ec Mon Sep 17 00:00:00 2001
From: David Moreau-Simard <dmsimard@redhat.com>
Date: Fri, 3 Nov 2017 17:46:56 -0400
Subject: [PATCH] Add support for hostpath persistent volume definitions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

hostpath volumes [1] mount a file or directory from the host node’s
filesystem into a pod. This adds support for declaring a hostPath
volume as a persistent volume and do a persistent volume claim for
one for the hosted registry.

[1]: https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
---
 filter_plugins/oo_filters.py                  | 19 ++++++++++
 roles/openshift_hosted/tasks/registry.yml     |  6 +++-
 .../tasks/storage/hostpath.yml                | 36 +++++++++++++++++++
 3 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 roles/openshift_hosted/tasks/storage/hostpath.yml

diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py
index f9564499d88..35b1b38bf2b 100644
--- a/filter_plugins/oo_filters.py
+++ b/filter_plugins/oo_filters.py
@@ -802,6 +802,25 @@ def oo_component_persistent_volumes(hostvars, groups, component, subcomponent=No
                                     path=path,
                                     readOnly=read_only)))
 
+                    elif kind == 'hostpath':
+                        volume = params['volume']['name']
+                        size = params['volume']['size']
+                        if 'labels' in params:
+                            labels = params['labels']
+                        else:
+                            labels = dict()
+                        access_modes = params['access']['modes']
+                        path = params['hostpath']['path']
+                        persistent_volume = dict(
+                            name="{0}-volume".format(volume),
+                            capacity=size,
+                            labels=labels,
+                            access_modes=access_modes,
+                            storage=dict(
+                                hostPath=dict(
+                                    path=path,
+                                )))
+
                     elif not (kind == 'object' or kind == 'dynamic'):
                         msg = "|failed invalid storage kind '{0}' for component '{1}'".format(
                             kind,
diff --git a/roles/openshift_hosted/tasks/registry.yml b/roles/openshift_hosted/tasks/registry.yml
index f1aa9c5a8d0..438709d8e04 100644
--- a/roles/openshift_hosted/tasks/registry.yml
+++ b/roles/openshift_hosted/tasks/registry.yml
@@ -110,7 +110,7 @@
       type: persistentVolumeClaim
       claim_name: "{{ openshift.hosted.registry.storage.volume.name }}-claim"
   when:
-  - openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack', 'glusterfs']
+  - openshift.hosted.registry.storage.kind | default(none) in ['nfs', 'openstack', 'glusterfs', 'hostpath']
 
 - name: Create OpenShift registry
   oc_adm_registry:
@@ -140,3 +140,7 @@
 - include: storage/glusterfs.yml
   when:
   - openshift.hosted.registry.storage.kind | default(none) == 'glusterfs' or openshift.hosted.registry.storage.glusterfs.swap
+
+- include: storage/hostpath.yml
+  when:
+  - openshift.hosted.registry.storage.kind | default(none) == 'hostpath'
diff --git a/roles/openshift_hosted/tasks/storage/hostpath.yml b/roles/openshift_hosted/tasks/storage/hostpath.yml
new file mode 100644
index 00000000000..e532c7d3c1d
--- /dev/null
+++ b/roles/openshift_hosted/tasks/storage/hostpath.yml
@@ -0,0 +1,36 @@
+---
+- name: Get registry DeploymentConfig
+  oc_obj:
+    namespace: "{{ openshift_hosted_registry_namespace }}"
+    state: list
+    kind: dc
+    name: "{{ openshift_hosted_registry_name }}"
+  register: registry_dc
+
+- name: Wait for registry pods
+  oc_obj:
+    namespace: "{{ openshift_hosted_registry_namespace }}"
+    state: list
+    kind: pod
+    selector: "{% for label, value in registry_dc.results.results[0].spec.selector.iteritems() %}{{ label }}={{ value }}{% if not loop.last %},{% endif %}{% endfor %}"
+  register: registry_pods
+  until:
+  - "registry_pods.results.results[0]['items'] | count > 0"
+  # There must be as many matching pods with 'Ready' status True as there are expected replicas
+  - "registry_pods.results.results[0]['items'] | oo_collect(attribute='status.conditions') | oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == openshift_hosted_registry_replicas | int"
+  delay: 10
+  retries: "{{ (600 / 10) | int }}"
+
+- name: Determine registry fsGroup and runAsUser
+  set_fact:
+    openshift_hosted_registry_fsgroup: "{{ registry_pods.results.results[0]['items'][0].spec.securityContext.fsGroup }}"
+    openshift_hosted_registry_runasuser: "{{ registry_pods.results.results[0]['items'][0].spec.containers[0].securityContext.runAsUser }}"
+
+# https://docs.openshift.com/container-platform/3.6/install_config/registry/deploy_registry_existing_clusters.html#registry-non-production-use
+- name: Ensure permissions on the hostpath match the pod configuration
+  file:
+    path: "{{ openshift.hosted.registry.storage.hostpath.path }}"
+    state: directory
+    owner: "{{ openshift_hosted_registry_runasuser }}"
+    group: "{{ openshift_hosted_registry_fsgroup }}"
+    mode: "2750"